WINAP configuring a test application - SSO
This page shows how to create and configure a test application, which has been configured to use Windows Authentication Provider as an authentication method. An application is created in the Production Site, a group is created for all users that authenticate using Windows Authentication Provider, and these users are granted access to the application. It is assumed that the Windows Authentication Provider authentication method has already been configured.
- Ensure the windows.localdomain.1 authentication method is enabled for the Production site: Home → Production → Site Methods → Add… → Choose windows.localdomain.1 → OK
Authentication Methods must be enabled for each site or where they are used. New authentication methods become available only after first enabling them for the entire system, for each site where they are used and also for each agent. This is a safeguard against accidental misconfiguration.
|
|---|
Figure 1. Windows Authentication Provider is enabled for the Production site |
- Create a group for all users Authenticated by Windows AP. Home → Production → Groups → New… → Name group All Windows AP User
Ubisecure access control specified by groups.
|
|---|
Figure 2. Creating a new group for all users authenticated using Windows AP. |
- Select the windows.localdomain.1 authentication method in the group's method tab. Home → Production → Groups → All Windows AP Users → Allowed Methods → Tick windows.localdomain.1 → Press Update
All users who authenticate using a method in this view are a member of the group. Much finer grain control of group membership is also possible. For more information, please refer to Management user interface - SSO.
|
|---|
Figure 3. Because Windows Authentication Provider has been ticked for this group, all users who are authenticated with Windows Authentication Provider will belong to this group. |
- Create an application called Test Application in the Production site. Home → Production → Applications → Add… → Use name Test Application → Press Update → Press Activate → Save activator file
For more information on creating an activating an application, please refer to the document Management user interface - SSO pages and the subpage for the type of application in use.
|
|---|
Figure 4. An application called Test Application has been created in the Production site. |
- Enable the windows.localdomain.1 authentication method for the Application. Home → Production → Applications → Test Application → Allowed Methods → Tick windows.localdomain.1 → Press Update
Only applications which are ticked in this view will be shown as a choice for authentication. If only one application is ticked in this view, it will be chosen automatically during the authentication process. If more than one application is ticked in this view, the user will be presented with a menu to select a valid method during the authentication process. If a user has already authenticated using a method that has not been ticked, and attempts to access this application, they will be need to reauthenticate using a method selected in this view.
|
|---|
Figure 5. The method windows.localdomain.1 is ticked, which indicates that this method may be used to access the agent Test Application. |
- Add this group to Application's "Allowed To" list. Home → Production → Applications → Test Applications → Allowed To → Add… → Select All Windows AP Users group → Press OK
Only members of the groups shown in this view are authorized to access this application.
|
|---|
Figure 6. The application Test Application may be used by the members of the "All Windows AP Users" group. |
