Has anyone gotten single sign-on with Compliant User Provisioning to work? I've got my java stack authenticating kerberos tickets through SPNEGO with LDAP as the user data source. It works fine on every other application (RAR, SPM, ERM) except for CUP, which requires users to login. Is there anyway to force single sign-on inside of CUP or will my users always be required to type in their passwords for requesting and approving access?