If a user visits a (non-webapp) URL that requires authentication in their browser, they receive a basic auth prompt instead of getting redirected to the SAML SSO logon. It would be nice to have an optional flag to automatically redirect to SSO for these URLs too.
For safety, API URLs (e.g. /api/npm) should continue to have the existing behavior.
Additionally, the realm can't be configured to deliver a better message: instead they only see "Artifactory Realm".