Authentication type

Intrexx authentication

Regardless of membership in local domains, every user logs into the portal with the user name and password from the "Users" module. Select the user who will assume the role of anonymous user from the Anonymous user drop-down list. The anonymous user is the user who accesses the portal without logging on. This account will be used for all users before logging on. The authentication type can be changed from Intrexx authentication to authentication via web server at a later date. However, the change should only be made after the users have been imported.

Authentication via IIS / Windows domain

With this setting, the user account used for logging in to the NT or ADS domain will also be used to log in to the portal. All users must be able to log in to their corresponding domains, or a position of trust must exist in regard to the domain of the Intrexx portal server.

Standard authentication (Plain text)

This option is required when users access the portal with older browsers that do not support encrypted login (Integrated Windows Authentication). The password will be transmitted in plain text in this case. Please note that the password may be intercepted with this unencrypted transmission method.

Also allow via HTTP (not secure)

With this setting, passwords are transmitted unencrypted to the web server.

Integrated Windows Authentication

This setting allows you to log in without entering a password. The users will be authenticated when they log on to Windows.

Domain

Enter the Windows domain you would like to log in to here.

Domain controller

Enter the Windows domain controller for the domain of your choice.

WINS server for name resolution

Enter the server that is responsible for WINS name resolution.

LDAP authenticaion

Server name (FQDN) / port

Enter the server name (FQDN) and the port for authentication here.

The FQDN (Fully Qualified Domain Name) is composed of the host name and the domain and thus designates the complete and unique address of an Internet presence. It is used for locating specific hosts on the Internet to call them by name resolution.

Encryption

Here you can choose between LDAP and LDAPS.

When encrypting with LDAPS, the certificate must be included in the portal properties. A notification, which also explains the procedure, is displayed when LDAPS is selected.

Authentication

Select the authentication method of your LDAP server:

  • none

  • simple

  • strong

User

In an LDAP Bind Login three variables can be used, which will be expanded in run-time in the following order:

$[LOGIN_NAME] - Login name of the user
$[LOGIN_DOMAIN] - Login domain of the user
$[DN] - Distinguished name of the user (usually filled by replication)

Further information on LDAP authentication can be found here.

Exit the dialog

When the dialog is closed, a message is displayed if the selected port does not correspond to the usual standard. If you want to change the port immediately afterwards, close the message window by clicking on the close icon in the top right-hand corner. If you end the note by clicking on "OK", the dialog is also closed, unless further notes are displayed. The port can then be changed by opening the dialog again.

OAuth2 authentication

Detailed information on this option can be found in section Entering ID provider data in the user administration.

Generic authentication

Generic authentication allows the configuration of an authentication module for authentication via an LDAP server. In this case, the user name and the password will be transmitted in plain text. Please make sure that the login only is transferred via secure connections. To set up generic authentication, please contact the consulting team at INTREXX GmbH.

Other

Other authentication modules can be developed based on your needs. As examples, the authentication can be instituted here via X509 certificates, authentication to systems from third party providers, and so on. If you have any questions, please contact the consulting department at INTREXX GmbH.

Other

Other authentication modules can be developed based on your needs. As examples, the authentication can be instituted here via X509 certificates, authentication to systems from third party providers, and so on. If you have any questions, please contact the consulting department at INTREXX GmbH.

Apply authentication type for all authentication scopes

The settings made here are applied to all other authentication areas.