SiteVision Onlinehelp

Authentication configuration

Here you do the authentication configuration for the web site. These settings decide how information about the user should be fetched from the webrequest, and how it is used to authenticate the user.

The configuration consists of two parts. In the first part you set a number of filter, deciding how information about the user should be fetched. The most common is that user name and password is fetched from the request either through BASIC authentication or from the requests parameters. The last method is used for for instance form login.

The second part states how the user information should be authenticated towards different login systems. Most common is that user name and password is controlled towards a directory service through LDAP, but it is possible to use other system. It is also possible for the system's administrator to add custom settings through implementing plugins according to the JAAS standard.

Screenshot of authentication configuration
Click the plus sign in order to add a filter.
Screenshot of filter selection
The following filters can be used to fetch user information from requests to pages.
  • Form filter: Form login from SiteVision.
  • BASIC: Basic Authentication.
  • CAS: Central Authentication Service.
  • Client address: Get IP-address for the client
  • Custom filter: Custom setting where you decide on parameters and how, headers and cookies should be used for user information. This is primarily used when SiteVision is to be connected to an external security system.
  • Mobility Guard: Integrate with Mobility Guard.
  • PortWise: Integrate with PortWise.
  • NTLM: Microsoft Windows Challenge Response. Can be used for Single-Sign On.
  • Secure Cookie Authentication: Fetch user information from cookie. Can be used for automatic login.
  • Kerberos: Microsofts protocol SPNEGO enables login over Kerberos. Can be used for Single-Sign On.
Screenshot of selection of JAAS portlet
The following portlets can be used to authenticate users:
  • Client address: Enables the possibility to base roles on the visitors IP address.
  • LDAP: Authenticate users towards an LDAP directory.
  • System login: Authentication of a system user.
  • Secure Cookie: Authenticate users who log in with cookies.
  • Text output: Use this in order to type extra texts in the login form.
  • Simple math CAPTCHA question: The user have to answer a simple math question in order to login with the form. Is used to prevent automated login trials.
  • MobilityGuard: Authentication with MobilityGuard.
  • CAS: Central Authentication Service.
Permission right! This portlet/function requires the right "Site properties".
Developers can create custom filters and portlets and use these in SiteVision. More information about how to, you find on the page Custom JAAS modules.
help-cluster-3.sitevision.net