Single sign-on types

NetScaler Authentication, authorization, and auditing features supports the following single sign-on types.

  • NetScaler kerberos single sign-on: NetScaler appliances now support single sign-on (SSO) using the Kerberos 5 protocol. Users log on to a proxy, the Application Delivery Controller (ADC), which then provides access to protected resources. For details, see NetScaler kerberos single sign-on.

  • SSO for Basic, Digest, and NTLM authentication: Single Sign-On (SSO) configuration in NetScaler and NetScaler Gateway can be enabled at global level and also per traffic level. By default the SSO configuration is OFF and an administrator can enable the SSO per traffic or globally. From a security point of view, Citrix recommends administrators to turn SSO globally OFF and enable per traffic basis. This enhancement is to make SSO configuration more secure by disabling certain type of SSO methods globally. For details, see SSO for Basic, Digest, and NTLM authentication.

Single sign-on types

In this article