AnsweredAssumed Answered

Autenthication questions

Question asked by forumwebuser on Mar 3, 2011
Latest reply on Mar 3, 2011 by soop

Im trying to understand the authentication mechanism/pipeline used in Alfresco. So, any help is appreciated.

In a NTLM authentication environment, I expect that the web server or something in its side (IIS in a windows environment) will grab the user login and send it to the windows server that will validate the login. To get an SSO feature, we just need to set the browser to automatically send the data of the logged ion user. I think im not wrong so far…

In Alfresco we have AlfrescoNtlm. But does this has any relation with the NTLM scheme I described above? Because as far as i understood Alfresco will not use any windows server for the autentication in this scheme. Thus, in a sso approach, it is Alfresco that actually is validating the autoamtically sented data from the user against its database (and so, we must first add a user to the Alfresco database). Is this right?

Now, what if we configure another authentication mechanism in Alfresco, like ldap. If alfresco syncronizes with ldap it will get all the useres information from ldap server. In this way, will not users be automatically authenticated (because users information will alreday be inside alfresco database)? Or ldap syncronization will just import user information and not password, and thus we would need to set manually each password. If this is true, than I understand why passtru may be needed…

thank you