AnsweredAssumed Answered

client certificate based Single Sign On

Question asked by Boraxx1974 Boraxx1974 on Mar 3, 2014
My company has deployed client X509 certificates.
The username as we want to use it in SugarCRM equals the CN field in the X.509 client certificate.
Additionally the authorization role that each user has been assigned equals the OU field in the client X509 certificate.
The client certificate resides in the client OS certificate store and is thus available to at least the native browser used to access SugrCRM.

On the server OS level, running SugarCRM, the Primary and Signing CA are already trusted, and client certificates are enforced as required, allowing only users with a valid certifiate to access the SugarCRM login page.

That said, how can I enable client certificate based Single Sign On to Sugar CRM?

Many thanks in advance!