PreparationPermanent link for this heading

Fabasoft Folio supports the following authentication methods in addition to those provided by the web server:

Authentication Method

Environment Variable Value

Default
Represents the configured web server authentication method (e.g. basic authentication).

DEFAULT

Kerberos (Basic, Cookie)

KERBEROS_BASIC

LDAP (Basic)

LDAP

LDAP (Basic, Cookie)

LDAP_COOKIE

SAML

SAML

External (REMOTE_USER)

REMOTE_USER

OAuth

OAUTH

Service Token

SERVICETOKEN

To change an authentication method, perform the following steps:

  1. Set the authentication method for a domain, a host, or a web service.
  2. Enable anonymous access for all affected web services.
  3. Configure the authentication method (see the next chapters for details).
  4. Restart all affected web services.

Set an Authentication Method for a DomainPermanent link for this heading

To set an authentication method for a domain, perform the following steps:

  1. Open the Virtual Application Configuration, which is referenced in the Current Domain or Domain Type.
  2. Click the “Authentication” tab.
  3. In the Authentication Method field define the desired authentication method.

Set an Authentication Method for a HostPermanent link for this heading

To set an authentication method for a host and all its web services, perform the following steps:

  1. Open the relevant update file.
    Microsoft Windows Environment: %ProgramData%\Fabasoft\coomk.upd
    Linux Environment: /var/opt/fabasoft/coo.upd
  2. Add the following entry to the file:
    HKEY_ENVIRONMENT\FSCVEXT_AUTHMETH=<environment-variable-value>

Other environment variables can be set in a similar manner.

Set an Authentication Method for a Web ServicePermanent link for this heading

In a Microsoft Windows environment, the service specific environment variable can be set by adding the following keys to the registry, where <id> represents the virtual directory of the web service:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Fabasoft\
FscWeb\Modules\<id>]
@="%ProgramFiles%\\Fabasoft\\Components\\Web\\<id>\\ASP\\content\\bin\\fscvext.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Fabasoft\FscWeb\Modules\<id>\FSCVEXT_AUTHMETH]

@="<environment-variable-value>"

<id> represents the directory name in %ProgramFiles%\Fabasoft\Components\Web that corresponds to the target web service.

In a Linux environment, the registry keys can be created as follows:

su – fscsrv
mkdir –p /etc/fabasoft/settings/machine/SOFTWARE/Fabasoft/FscWeb/Modules/<id>
cd /etc/fabasoft/settings/machine/SOFTWARE/Fabasoft/FscWeb/Modules/<id>
echo -n /opt/fabasoft/share/web/<id>/asp/content/bin/libfscvext.so > registry.default
mkdir FSCVEXT_AUTHMETH
echo -n "<environment-variable-value>" > FSCVEXT_AUTHMETH/registry.default

<id> represents the directory name in /var/opt/fabasoft/instances that corresponds to the target web service.

Enable Anonymous AccessPermanent link for this heading

Linux EnvironmentPermanent link for this heading

On Linux, install a Kerberos-enabled Fabasoft Folio Web Service. In case of existing web services with basic authentication, this can be done by commenting out the authentication relevant entries in the file /etc/fabasoft/web/WebService_<id>.conf like shown below. <id> is the number of the web service.

<Location /fsc>
  
SetHandler fscvext
  #
AuthName "Fabasoft Components"
  #Require valid-user

  #
AuthType Basic
  #
AuthUserFile /etc/fabasoft/web/htpasswd
  #
AuthGroupFile /etc/fabasoft/web/htgroups
</Location>

Microsoft Windows EnvironmentPermanent link for this heading

On Microsoft Windows environments, enable anonymous access to the Fabasoft Folio Web Service and disable all other authentication methods. Ensure that the Application pool identity is used for the Anonymous Authentication method.