Kantega SSO adds the ability of cloning to clone from HTTP using Kerberos authentication. This way, users can clone and push their code without having to type their password , and without managing SSH keys.
In the Kerberos configuration of the Kantega SSO Enterprise app, you find a page called Kerberos for Git. Users will find the cloning protocol option “HTTP "HTTP + SSO”SSO" when this feature is enabled. Bitbucket admins can decide if the HTTP+SSO should be set as default.
...
Most clients based on the stock git client, or clients using libcurl for their HTTP implementation should work.
Some clients which who are known to have worked in some version:
The native Git command-line client
IntelliJ IDEA
Eclipse
...
To re-enable support for Kerberos, you need to set the "http.emptyAuth" config switch to true.
...
| Info |
|---|
Not all Git clients support Kerberos. Git client which do not support clients will often not be able to understand the Kerberos-related HTTP headers , and will simply fail to communicate with a Kerberos-enabled Git HTTP server. We do support only Kerberos over the HTTP/HTTPS protocol, not over SSH. Also, the GIT LFS protocol does not support Kerberos at all. |
| Info |
|---|
If you are setting up Kerberos for Git and want to use a CNAME as your host name hostname of Bitbucket, please note the following: |