SSO

Noodle can be setup for SSO with IWA directly or via onelogin / okta.

The service user specified in the AD settings of Noodle along with the URL is used for IWA. Note that:

  • Associate the service account with the SPN
    • setspn -U -S HTTP/noodle.domain.tld@DOMAIN.TLD service_account
  • Add the URL to the Intranet zone in IE settings
  • Use http[s]://noodle.domain.tld/SPNEGO.po for IWA
  • Logins from the AD Kerbose Server itself are not supported because Windows will attempt NTLM

For non managed users there is also an option to use a shortcut and a cookie:

  1. Add a web shortcut to the users startup
  2. Options:
    • Enable ┬áthe "Noodle>System Tools>Settings>User Settings>Remember my login information" feature
      • http[s]://YOUR.DOMAIN.TLD[:PORT]/[IntraNet.po|Noodle.po]
      • This option will ask for a password if the user ever clicks logout.
    • , or include the user/pass in the url:
      • http[s]://YOUR.DOMAIN.TLD[:PORT]/HandleLogin.po?user_name=YOURUSER&user_password=YOURPASS[&user_domain=YOURDOMAIN]
      • A link can be downloaded from the profile page.
      • The caveat┬áhere is having to update the link on password change.