Jason, Unfortunately, it's not quite as simple as that. Kerberos /should/ work for everybody on a Windows network, but in practise you require Kerberos+NTLMv2.
What Axton is suggesting is challenging because there are multiple interactions between browser and acceptor (ie whatever is running on Midtier) when performing Integrated Windows Authentication, and you only get one attempt at authenticating through the AREA plugin. And that's only the starting point: SSO for AR System becomes challenging and difficult to support if all you have are a few open source tools thrown together. I have no idea why AtriumSSO was based on OpenSSO: there are other open source tools BMC could have selected as a starting point, and it's puzzling to discover they selected an open source tool that is too large for them to support, and was killed off by Oracle. John _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug11 www.wwrug.com ARSList: "Where the Answers Are"
