Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Current »

To use Federated Authentication with Media Manager, some configuration is required. It is now enough to just add SSO configuration in the DAM Center web.config which will then be inherited to the LoginService - there is one exception to this which is for Azure Active Directory where it is required to add something to the loginservice web.config as described in 5.4.

5.1 Prerequisites

One of the Federated Authentication options should be configured for the Digizuite™ DAM Center. Follow setup guides there for the prefered authentication mechanism.

5.2 Configure MM for Federated Authentication

Open the web.config file for MM in a text editor like Notepad++.

Two values need up be updated, and a third might need to be changed, depending on requirements. 

In <appSettings>, change LoginServiceUrl's value to "#{DC_URL}/LoginService", e.g. "https://dam.digizuite.com/LoginService".

Change UseFederatedAuthentication to "true" instead of "false".


If you open MM now, you should automatically hit the selected federated authentication you configured for DC. 

5.3 Additional configuration options

If you want to use both normal DAM login and Federated Authentication, set AllowNormalLogin to "true" instead of "false".

This will cause MM to open like normal, but add a special button to the login dialog to login with SSO.


Important

If you set your MM5 to use AD, then it should still have the "UseFederatedAuthentication" be true

But, you must not have "AllowNormalLogin" be true. If you fail do do this, then people will be redirected into the MM5 without being prompted.

Also, you should not have "Windows authentication" enabled for the MM5, as this will result in the end user being prompted by two AD login prompts, instead of one.


5.4 Azure Active Directory in LoginService

In case you are using Azure Active Directory, it is required to add the following to the Webconfig which is placed in the LoginService folder in DAM Center web folder

Important is to try with an empty string in redirectUri or otherwise use 'https://dam.digizuite.com/LoginService/' (important with backslash at the end)

Web.config in LoginService
   <location inheritInChildApplications="false">
	  <azureActiveDirectory>
		<server enabled="true" templateMemberId="30021" />
		<client enabled="true" redirectUri="" clientId="99088367-86f5-4ec0-87a6-83f8cfc0b078" tenant="DZPOWERBI.onmicrosoft.com" />
	  </azureActiveDirectory>

	<system.web>   
		<authentication mode="None" />   
	</system.web>
    <system.webServer>
      <modules> 
        <remove name="Session" />
		<add name="Session" type="Heavysoft.Web.SessionState.HashTableSessionStateModule, Framework.WebLibrary" />
      </modules>
    </system.webServer>
  </location>
	

  • No labels