PeopleSoft Kerberos Authentication (Desktop Single Signon) – Understanding Kerberos

Kerberos Background As I mentioned in my previous post, I have had the opportunity to implement Kerberos Desktop Single Signon (SSO) for PeopleSoft. When I started on this project I did not understand Kerberos very well, however to get SSO to work correctly I had to dig into the underlying technology to troubleshoot the implementation. Here I share some of the lessons that I learned. To get a background in Kerberos, Google is your friend. Here is one good primer. CNAMEs vs. A-Records The environment where I implemented PeopleSoft SSO uses a lot of DNS aliases for the environment URLs. […]

PeopleSoft Kerberos Authentication (Desktop Single Signon) – Overview

Overview I have recently had the opportunity of implement Kerberos Desktop Single Signon (SSO) for PeopleSoft. Some people may refer to this as Windows Integrated Authentication (WIA). Getting this to work was a bit of a challenge, and this blog post is the first in a series that documents how it was done in my environment. Desktop SSO in this context means that mutual authentication occurs between the user’s browser and the PeopleSoft application. The user’s domain credentials are used to create a secure ticket by the Key Distribution Center. This ticket is then used by the client to authenticate […]