I need to do windows authentication(Intranet users) for LifeRay Login Portal. LifeRay Login uses same UID and PWD which is used for Windows Login. Both Windows Login and LifeRay login interacts with Active Directory for Authentication. So My requirement is to land user on HomePage instead of asking user credentials.
After Doing R&D I came to conclusion that I should use option provided in LifeRay Admin Portal(Authentication) - CAS SSO / NTLM SSO .
I am not clear which option will be correct for my requirement OR any other option you see fitting as solution for my requirement.
Kindly Help.
Related
We have built a portal in PHP(Laravel) + Angular for a client. User Authentication is done through LDAP.
Client also has a SAS solution for Analytics and it also has LDAP Authentication (SAS Viya).
We need to redirect the user from our portal to SAS portal and the user should get logged in automatically as both portals are authenticating the users through same LDAP.
We tried a few things, but it didn't help.
I am looking for some guidance on how to implement this and if there is any programming/configuration required on our side or on SAS side.
Hard to be specific without fully understanding your use case, but you could look to handle authentication to Viya using the SASjs Adapter (disclaimer - my team built it)
https://github.com/sasjs/adapter
Just set the LoginMechanism to REDIRECTED in the config object to support SSO or alternative login flows. If you need help, my team can be contact on https://sasapps.io/contact-us, else just raise an issue on the github.
We have an implementation on Angular that may help: https://github.com/sasjs/angular-seed-app
We have integrated a VIYA Visual Analytics report into a corporate web application, using the SDK (so not realy a redirect) with single sign on.
(I don't know all the details about how we did it. my roll was in the personalization of the report, where we went further than ordinary row level security.)
I have a Spring boot-angularjs. I have secured the the application using Spring Security. The problem I am facing now is , The home page (/home.html) is secured so the user has to login before he can see the home page. Now I want to add Google Plus Login to my application and I can't figure out how as the home page is secured and even if the user login's using google he/she cant access the home page as I am using jdbc authentication (username,password). Can anyone please tell how I can solve this?
You can use OAuth in combination with your JDBC login. If the user chooses to login using Google he will be redirected to Google Login page. This is absolutely possible.
Examples: https://github.com/spring-guides/tut-spring-boot-oauth2
https://github.com/Baeldung/spring-security-oauth
Is it possible to integrate CAS with the authentification and SSO from multiple applications ( let's say 2 in php and 1 in java) straight from the Windows' session, so the user don't have to auth from an other login form?
This can be achieved via CAS's SPNEGO module. You'll need a browser that supports Integrated Windows Authentication alone with the user and the computer have to be members of an Active Directory domain. Implementation details can be found at: https://wiki.jasig.org/display/CASUM/SPNEGO.
We have shell web application which shows different applications allowed to logged in user. We use Drupal/CAS server to authenticate/log in to this application. Once user is logged in, he/she does not have to login to other applications. Same credentials are passed to other applications. Now we want to integrate Magento in this application, say user1 logs into our shell web application, he/she will see link to magento store, when he clicks on it, it will automatically get logged into Magento site and don't have to enter user id/password.
Our authentication service uses CAS server under Drupal.
Thanks
It does not appear that Magento natively supports CAS nor that anyone as built a native library. Magento seems to be able to be connected to CAS only through an additional library: Magento Documentation
I am trying to understand concepts of windows authentication, forms authentication and their differences. I am confused. Can someone help me in clarifying this.
Thanks.
Windows Authentication provider is the default authentication provider for ASP.NET applications. When a user using this authentication logs in to an application, the credentials are matched with the Windows domain through IIS.
There are 4 types of Windows Authentication methods:
1) Anonymous Authentication - IIS allows any user
2) Basic Authentication - A windows username and password has to be sent across the network (in plain text format, hence not very secure).
3) Digest Authentication - Same as Basic Authentication, but the credentials are encrypted. Works only on IE 5 or above
4) Integrated Windows Authentication - Relies on Kerberos technology, with strong credential encryption
Forms Authentication - This authentication relies on code written by a developer, where credentials are matched against a database. Credentials are entered on web forms, and are matched with the database table that contains the user information.
Windows Authentication refers to authenticating against Windows user accounts on the box that the application is running on.
Forms authentication is a stand alone method of authenticating in .NET forms that you can hook up to some other system, such as a database.
It's pretty simple. Windows Authentication makes use of the Windows Login system.
http://en.wikipedia.org/wiki/Integrated_Windows_Authentication
And with Forms Authentication the user will need to provide a username and password manually.
http://www.asp.net/web-forms/tutorials/security/introduction/an-overview-of-forms-authentication-vb
The Forms Authentication also allows you to choose where you access the login data from. It could for example be stored in your own local database. While Windows Authentication is only going to use your Windows login data. This data usually comes from Active Directory, if your network is built using an enterprise/buisness/domain setup.
http://en.wikipedia.org/wiki/Active_Directory
Windows Authentication-- The user will be authenticated on the IIS server against the credentials he provided when logging into his system. If the authentication fails then a pop up form will be displayed in the Internet Explorer asking for his credentials i.e. username and password.
Forms Authentication-- A default Login Page will be available like Facebook login, where user will be authenticated instead of automatically getting the credentials from the system credentials i.e. the current user of the Windows system. If the user requests a secure page and has not logged in, then ASP.NET redirects him/her to the login page. Once the user is authenticated, he/she will be allowed to access the requested page. Here IIS does not come into effect for authentication, it completely depends on the web application.