Configuring Knox SSO
Learn about the properties that you need to set for configuring Knox SSO.
Edge Flow Manager (EFM) supports Knox SSO for end user authentication with the
following limitations:
- Knox cannot be used as a gateway that forwards requests to EFM.
- Knox must be accessible using the same hostname as EFM (a different port is
fine). Otherwise, the authentication token issued by Knox, which is stored
in a browser cookie, cannot be passed to EFM and EFM authentication fails
with a
Credentials not present
error. This means the following:- For EFM clusters, Knox must be accessible through the same load balancer or reverse proxy used to access EFM nodes.
- For individual, non-clustered EFM instances, Knox must run on the same host as EFM on a different port.
- You have installed Knox.
- You have installed and secured the EFM server to use TLS. For more information on enabling TLS in EFM, see TLS configuration for EFM.