Community

Disconnecting LDAP

2140
3
10-12-2010 09:39 AM
AgatinoLa_Rosa
by
New Contributor
‎10-12-2010 09:39 AM
I am new of the topic, I am exploring the installation procedures. I am planning to install GP 9.3.1 sp1 using Tomcat 5.5.17. The geoportal would be initially configured in a Simple Authentication process, and perhaps later it could include more user-roles to the web access. According to the installation guide the Simple Authentication configuration does not require the LDAP???enabled Directory Server, while LDAP is required for user???based roles.

My question is: is it feasible to plan a single sign-on web access configuration (phase 2 of my configuration) skipping LDAP connection? is LDAP mandatory regardless the web access manager integrated to my web application?

Thanks
0 Kudos
3 Replies
CliveReece
by Esri Contributor
Esri Contributor
‎10-12-2010 12:16 PM
Migrating from a Simple Authentication to LDAP is straightforward (with a small LDAP learning curve if you're not familiar with that).

Single-sign on is a different animal.  It sounds like you want SSO.  I would recommend you have a look at http://help.arcgis.com/en/geoportal_extension/10.0/help/00t0/00t000000037000000.htm.  With SSO, there is a lot more configuration needed with regards to your web app server and the SSO provider.  Also, by default, geoportal will still need some LDAP mapping for users and groups.  If you are considering SSO with an authentication store that does not provide LDAP, then that would require some level of customization.
0 Kudos
AgatinoLa_Rosa
by
New Contributor
‎10-13-2010 02:07 AM
Thank you for the quick reply. After conversation with technical support team of CA Site Minder, which provides authentication to my Tomcat 5.5.17 using Site Minder Web Agent, I still have questions on the customization level of ESRI geoportal 9.3.1 SP1 in the following planned scenario:

    1. SSO providing both user and group information using HTTP headers
    2. inhibition of the LDAP connection

Is there a specific documentation describing the customization level for the above requirements? Thanks.
0 Kudos
CliveReece
by Esri Contributor
Esri Contributor
‎10-28-2010 05:41 AM
Hi Agatino,
If you are looking for customization advice beyond what is in the link provided above, you might want to consider purchasing a 20-hour Geoportal Technical Support package that can provide you with direct access to one of our developers to give you advice on how to accomplish what you want to do.  Feel free to contact me directly.
Clive

Clive Reece, PhD
Professional Services, SDI/Geoportal Solutions Team
ESRI | 880 Blue Gentian Road, Suite 200 | Saint Paul, MN  55121
Phone: 651.454.0600 x8376 | Fax: 651.454.0705
Mobile: 651.402.6029 | E-mail: creece@esri.com
0 Kudos