Defining Authentication Providers

Note: This operation can be performed by the system admin user only.

When creating a user, an authenticator provider must be set. By default, XMPie provides the basic and built-in Windows Domain authentication types. You can create an additional authentication provider as described below.

To create an authentication provider:

  1. Log in to uProduce as a system admin.

  2. In the Settings page, select Authentication Providers > New.

  3. Enter the name and description of the new authentication method.

  4. From the Context Type list, select the enumeration value specifying the type of store for the context.
    Available options are Domain, Machine, ApplicationDirectory.

  5. In the Context Name field, enter the name of the domain or server for Domain context types, the machine name for Machine context types, or the name of the server and port hosting the ApplicationDirectory instance.
    If the name is empty for a Domain context type, this context is a domain controller for the domain of the user under which the server is installed.
    If the name is empty for a Machine context type, this is the local machine name.
    This parameter cannot be empty for ApplicationDirectory context types.

  6. In the Context Container field, enter the container on the store to use as the root of the context.
    For Domain and ApplicationDirectory context types, this parameter is the distinguished name of a container object.
    For Machine context types, this parameter must be set to empty.

  7. In the Context Options field, enter a bitwise of one or more of the following:

    • 0x01 - Negotiate. The client is authenticated by using either Kerberos or NTLM. When the username and password are not provided, the security context of the installation user account is used.

    • 0x02 - SimpleBind. The client is authenticated by using the Basic authentication.

    • 0x04 - SecureSocketLayer. The channel is encrypted by using the Secure Sockets Layer (SSL). Active Directory requires that the Certificate Services be installed to support SSL.

    • 0x08 - Signing. The integrity of the data is verified. This flag can only be used with the Negotiate context option and is not available with the simple bind option.

    • 0x10 - Sealing. The data is encrypted by using Kerberos. This flag can only be used with the Negotiate context option and is not available with the simple bind option.

    • 0x20 - ServerBind. Specify this flag when you use the domain context type if the application is binding to a specific server name.

    If this parameter is zero, the default options are Negotiate | Signing | Sealing.

  8. In the Context User Name field, enter the username used to connect to the store. If the username and password parameters are both empty, the credentials of the installation user are used.

  9. In the Context User Password field, enter the password used to connect to the store. If the username and password parameters are both empty, the credentials of the installation user are used.