Previous Topic

Next Topic

Book Contents

Book Index

Authentication Architecture

Connect Daily has a flexible authentication structure. You can pick the authentication method that makes the most sense for your organization.

Authentication Methods

Provider
Type

Requirements

Benefits

Drawbacks

Plain Text Password

Database

Users can have passwords sent via EMail.

Least secure. Passwords are visible in the database. If Users reuse passwords across applications, this can be an issue.

MD5 Hash (DEFAULT)

Database

More secure.

Not invulnerable. Passwords stored in database susceptible to dictionary attack.

See Implementation Notes on the MD5Sum Authenticator

Cookie Based Single Signon Authenticator

External Web Application

Users can signin to one web application and then be transparently logged into Connect Daily.

Somewhat complicated to configure.

LDAP Authentication

LDAP directory

(NDS, OpenLDAP, etc)

Centralized password repository. User has only one password for network and application. Optionally, directory can be used to control application security.

More complex to configure and setup.

LDAP Active Directory Authentication

Windows 2000 Server or higher w/ Active Directory.

MS Certificate Authority Installed

Same as LDAP.

Same as LDAP.

Container Authentication

Authentication Services provided by servlet container or Web Server

Single Sign-on between applications.

 

If your organization is large and has standardized on an LDAP directory service, then we recommend that you use this as the authentication provider for Connect Daily.

The source code for each authentication provider is also in the cdaily-4.0.0/WEB-INF/misc/security directory. If you wish, you can create your own authentication provider that provides login services to Users.

One final thing to note about the LDAP authentication providers: you will still have to add your Users to the Connect Daily database before they can login. If you want to eliminate this step, you will have to override the LDAP provider to create the Users if they do not exist.

In This Section

Implementation Notes on MD5 Authenticator

LDAP/Active Directory Authentication

Cookie Based Single-Signon Authentication

Configuring Container Authentication

Configuring Windows Integrated Authentication

Automatically Creating Users

See Also

Installation

Software Requirements

Hardware Requirements

Installation Overview

Unpacking the Application Files

SQL Database Setup

Configure the Application Server

Backing Up Your Calendar

Integrating Microsoft IIS with Connect Daily