SSO Configuration for Windows Authentication
Applies to: Kyvos Enterprise Kyvos Cloud (SaaS on AWS) Kyvos AWS Marketplace
Kyvos Azure Marketplace Kyvos GCP Marketplace Kyvos Single Node Installation (Kyvos SNI)
There are mainly two authentication protocols for Windows Authentication, namely NTLM and Kerberos. Kerberos is the default protocol. For some Windows versions, NTLM is used instead.
Kyvos supports Jespa third-party jar files for SSO authentication. It also works on Tomcat on Linux and supports only NTLM protocol.
Prerequisites
For SSO using Windows authentication, the Windows user(s) must be imported into Kyvos.
Jespa configuration
To configure Jespa for Single-sign-on login to the Kyvos Manager using Admin credentials, perform the following steps.
Click Security > Kyvos Authentication.
Select the Single Sign On Configuration checkbox and enter details as:
Click the Validate JESPA Configuration button to verify that the JESPA settings mentioned are correct.
Click Kyvos and Ecosystem > Properties.
On the Properties page, in the kyvosclient.properties, set the value for SYSTEM_AUTH_ENABLED to YES. This will allow users to connect to the Kyvos Web using Windows authentication.
In the olapengine.properties file enter the CLIENT_URL in the http://tomcatUrl:port/AppName format.
Connecting to BI tools
To connect Kyvos to a third-party BI tool through SSO, use the URL as: http://tomcatUrl:port/AppName/xmlaKyvosSSO
Copyright Kyvos, Inc. All rights reserved.