You are viewing limited content. For full access, please sign in.

Question

Question

Does the LFDSSTS 10.3.1 sign in page still have the blue "Log In with Windows Authentication" option?

Web Client Forms Version 10 Administration Directory Server
Updated November 27, 2018
asked on September 22, 2018 Show version history

In the past when setting up LFDS SSO for clients with Forms and Web Access I remember seeing the blue "LOG IN WITH WINDOWS AUTHENTICATION" option on the LFDS Sign In Page.  But I have recently set up LFDS SSO for use with Forms\LFDS\Web Access 10.3.1 for several clients; and I no longer see the blue "Windows Authentication" option at the bottom.  

 

Should this  blue "LOG IN WITH WINDOWS AUTHENTICATION" option still be available with LFDS 10.3.1?  (See screenshots for reference; I circled what I am talking about in red)  

Log in with Windows Authentication.png
LFDSSTS Sign In Page.PNG
Log in with Windows Authentication.png (53.12 KB)
Download
LFDSSTS Sign In Page.PNG (12.64 KB)
Download
0 0

Replies

replied on September 24, 2018 Show version history

The Windows Authentication option is still available, but it will be hidden in scenarios where Windows Authentication cannot be used. 

 

Are these installations with the WebSTS installed separate from the  Directory Server (e.g., to support Forms being in the DMZ)? In those setups, users must login by typing in credentials or via AD FS if it is configured.

0 0
replied on October 9, 2018

This particular set up has a primary Forms instance which is in the clients internal network, and a secondary Forms instance which is in the clients DMZ:

 

#1:  PRIMARY Forms instance:  The Forms and Web Access log in pages are hosted on the same server as LFDS is installed.  (Let's call this "SERVER A")  "Server A" hosts LFDS, the internal Web Access log in page, and the internal Forms primary log in page.

 

#2:  SECONDARY Forms instance:  The secondary Forms instance hosting the Forms log in page for users outside the internal network.  (Let's call this "SERVER B")

 

In this instance I would understand why "SERVER B" would not have the Windows Authentication option available, (because Windows authentication is not available in the DMZ) but I would think that "SERVER A" would still have the Windows Authentication option available.  (The primary Forms instance located on SERVER A and the secondary Forms instance located on SERVER B share the same Forms database)  

0 0
replied on November 27, 2018

A support case was created for this. If the STS endpoint utility that your primary Forms instance connects to was configured to use the alternate STS method, then the Windows Authentication option on that STS login page will not be available.

In a Forms DMZ scenario where SSO is being used, you would normally install a second STS on the DMZ server and configure that STS endpoint utility to use the alternate STS method while leaving the internal STS configured to not use alternate STS.

0 0
replied on October 2, 2018

The most recent installation was where the internal primary Forms instance and the secondary Forms DMZ instance are sharing the same Forms database located on the internal SQL instance.  In that scenario would the Windows Authentication option be hidden?  

0 0
replied on October 3, 2018

I was asking about where the login page is hosted. You can chose to install the STS (WebSTS, LFDSSTS are other words for the same thing) separately.

Basically, if you login using SSO, is the machine in the URL the same as the machine where you go to view the licensing site?

0 0
replied on October 3, 2018

This particular set up has a primary Forms instance which is in the clients internal network, and a secondary Forms instance which is in the clients DMZ:

 

#1:  PRIMARY Forms instance:  The Forms and Web Access log in pages are hosted on the same server as LFDS is installed.  (Let's call this "SERVER A")  "Server A" hosts LFDS, the internal Web Access log in page, and the internal Forms primary log in page.

 

#2:  SECONDARY Forms instance:  The secondary Forms instance hosting the Forms log in page for users outside the internal network.  (Let's call this "SERVER B")

 

In this instance I would understand why "SERVER B" would not have the Windows Authentication option available, (because Windows authentication is not available in the DMZ) but I would think that "SERVER A" would still have the Windows Authentication option available.  (The primary Forms instance located on SERVER A and the secondary Forms instance located on SERVER B share the same Forms database)  

0 0
replied on October 9, 2018

Hm, it might be best for you to open a support case so they can help troubleshoot why it's not appearing for your "SERVER A". 

As a note, this is a shared login page for all applications set up to use SSO; as such, if you have configured both Forms and Web Access to use SSO, they would be using the same login page (the one shown in your screenshot).

0 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Attachments
Related Posts
Loading ...