Integrate Kerberos Authentication with Oracle EBS for Single Sign On

Oracle EBS and Kerberos Integration

Integrate Kerberos Authentication with Oracle EBS for Single Sign On

Kerberos Authentication can now be enabled for Oracle EBS with SSOGEN SSO Solution. Kerberos authentication is also known as Windows Native Authentication – WNA, Integrated Windows Authentication – IWA, Zero Sign-In SSO, Zero Touch SSO, SPNEGO, and Desktop Authentication. When Kerberos is enabled in the browser, a user can login to EBS with Zero Sign-On, i.e, EBS Login happens automatically (User doesn’t get a login challenge. Kerberos reads Windows Network Login in the Domain to read the user token. Keberos is enabled in Internet Explorer, Mozilla Firefox, Google Chrome, and Apple Safari Browsers in both Windows and Mac OS.

If your IT Security team does not allow Zero Sign-in Process in to EBS, you may want to use a company branded SSO Login Form with Network / Active Directory (AD) Credentials to Oracle e-Business Suite. For external users, a form based authentication would be configured, while internal, domain users use Kerberos Authentication.

Oracle Access Manager (OAM), Oracle Internet Directory (OID), and Oracle Unified Directory (OUD) are not required for the Keberos Authentication.

The end user experience would be similar to that of other applications that are configured to use Kerberos Authentication. SSOgen is completely transparent during the login process in this case.

Oracle APPS 11i, R12, and R12.2

Kerberos Authentication would be enabled for Oracle EBS – Oracle APPS 11i, R12, and R12.2. Oracle EBS integrations such as OBIEE, Hyperion/EPM Suite, ADF Applications, WebCenter, Agile would also be seamlessly SSO Integrated with Windows Native Authentication.

Peoplesoft, Siebel, and JD Edwards

Other Oracle Products such as Peoplesoft, Siebel, and JD Edwards can be SSO enabled with Windows Native Authentication through SSOgen Gateway.
 
 
 
 
 

OAM and OID are not necessary

With SSOGEN Gateway Solution, Oracle Access Manager – OAM and Oracle Internet Directory – OID are not required for Windows Native Authentication and Oracle Integrations.
 
 
 
 

How to enable SSO in Oracle EBS?

Please read more about Oracle EBS SSO Integration the following link.

Other SSO Integrations

Learn more about other SSO Integration options with Oracle EBS

Oracle EBS SSO Integrations

Read more about Oracle EBS SSO Integrations from the following links

2 Comments

  1. Hello, does your application support “ldap-proxy” type of approach: we plan to direct all ldap-connections through ldap-proxy/LB, which have been “single-DC-server-working-as-LDAP” type in EBS configuration, since you can not add several dc:s into the config. Solution would be use the ldap-proxy which is a LoadBalancer for LDAP/LDAPS. This is fine with ldap protocol, but how does this support “kerberos” world ? Can EBS also get all kerberos serivces through this service and it would work with SSOGEN ?

    Reply
  2. Yes, ldap-proxy is not a problem with our solution. However, if you have multiple domains in the AD Forest, the domain level trust should be in place for the kerberos ticket from one domain to be accepted by another domain in the forest.

    Reply

Submit a Comment

Your email address will not be published. Required fields are marked *

Completely Free POC

Contact us to inquire about our free proof of concept for 30 days

Learn More?

Learn more about product features, unique benefits, and cost savings