AnsweredAssumed Answered

Authentication and Sign-On questions

Question asked by crittendonr on Nov 30, 2005


I attempted to switch login from the default dao to an LDAP-based one.  Using one of the acegi 0.9 sandbox implementations, but running acegi 0.8 as Alfresco 1.0 has  I got an LDAP authentication going.

The catch I encountered was that a user had to be in the database/repository before switching to LDAP authentication.  Is this stuff provided in the Enterprise version?  From what I saw at it looks like Person Service etc are requisite.  Is it the case that the authorityService is the fulcrum that drives that?

**LDAP via Active Directory**
If Alfresco supports LDAP does it support Active Directory over LDAP?
Is NTLM the recommended route in that case? 

**Single Sign On, CAS/SAML etc**
Another question I had was about the remote APIs and sign-on methods.  Is/will SAML or CAS+Acegi without SAML going to be supported?  I am curious because we might have custom UIs in a portal.  An alternative with username/password would be to capure the password, store it in the Session etc I suppose.

**One last question**
I guess I am not sure what sort of stuff gets done in the Enterprise version that would negate the need to customize as such.

Many thanks,