Hello,
In a new 4.2 SP5 Patch 3 install, I have RESTful deployed into Tomcat, not WACS. I enabled AD SSO in the environment and have it configured properly for the standard launchpad (/BOE/BI) This works fine. I took the settings for global.properties and replicated into biprs.properties for RESTful with the idm settings. When I configure the idm.allowNTLM=false which is how global.properties is configured, I get the following message when I navigate to http://URL/biprws
Message This server does not allow NTLM, but the client attempted NTLM anyway.
In addition, when I go to /BOE/BILaunchpad I get the logon page (so SSO doesn't work) and after I enter credentials, I get an Error: Logon failed for RESTful Web Services. contact system administrator.
So... I enabled the allowNTLM. idm.allowNTLM=true. Doing this throws an error in Tomcat:
javax.servlet.ServletException: KerberosFilter: Use of parameter 'idm.allowNTLM' is restricted. Filter will not load.
When I go to the /biprws/v1/logon/adsso test after enabling, I get:
<message>A java.lang.Exception occurred; original exception message VSJ authentication was not performed for this request</message>
However, going to just /biprws renders the json download and going to the /BOE/BLaunchpad works now and logs into the new Fiori Launchpad, but no AD SSO.
Has anyone been able to get AD SSO to work properly with the new Fiori Launchpad and RESTful both hosted in Tomcat, not using WACS.
Thank you.