Authentication in Ingeniux CMS
The Dynamic Site Server (DSS) relies on IIS (Internet Information Services) with a Windows server to determine access to published content. Typically, this entails the use of anonymous access in conjunction with an account such as IUSR.
The user ID must match the user ID in the authenticating database in order to authorize individual users to work with content inside Ingeniux CMS.
All authentication methods generally use the same process. The CMS performs the following operations:
- Captures user credentials.
- Passes these credentials to the authenticating agent.
- Authorizes the user to access content based on successful authentication.
Note: System administrators can configure the CMS and DSS in IIS to use the SSL (Secure Sockets Layer) protocol. The web server application handles this security level and doesn't impact the CMS as long as client requests can reach the web server.
The CMS relies on one of several authentication methods:
- Single Domain Microsoft Active Directory Authentication: Enables Active Directory (AD) authentication for a single domain via the CMS. In a Windows Domain environment, the domain\user account syntax must be used when creating users in the Users and Groups manager.
- LDAP: Provides authentication services to the Ingeniux CMS site via a single non-Windows based LDAP service provider (e.g., OpenLDAP) that contains all users in a single section of the directory structure.
- Multi-Provider: Supports a combination of external authentication methods on a single authentication instance.
- Raven DB: By default, the CMS provides a local authentication mechanism implemented through RavenDB, which is at the core of the CMS.
- SAML: Provides single sign-on (SSO) authentication using the SAML protocol.
Note: Configuring SAML Authentication includes information about setting up SSO and single log-out (SLO) authentication with SAML and provides configuration details for organizations that authenticate via Okta.
See Creating CMS Site Instances for details to set up authentication during the installation of CMS sites.
This section includes: