You are viewing limited content. For full access, please sign in.

Question

Question

2 DMZ Servers and 1 STS?

Version 10 Directory Server
Updated January 17, 2019
asked on January 16, 2019

In the documentation "Configuring Single Sign On For Laserfiche Web Products" on page 13 it states "SSO for the web client can be configured from the web client’s configuration page. The web client supports authenticating to an STS instance that is on a separate computer from the Directory Server.".

I would like to get clarification on this statement. Does this mean that If I have 2 servers in the DMZ, I can setup and configure STS on server 1 and have server 2 use the STS on server 1? Or do I have to have STS configured on both server 1 and server 2?

1 0

Answer

SELECTED ANSWER
replied on January 16, 2019

Web servers can authenticate to an STS instance on another computer. So you only need the STS on one computer in the DMZ.

2 0
View 2 previous replies
replied on January 16, 2019

Thank you for the clarification.

0 0
replied on January 16, 2019 Show version history

When Forms or the Web Client communicate with the STS, is it just over port 443?

0 0
replied on January 16, 2019

Yes

0 0
replied on January 17, 2019

And the STS is just for authentication to LFDS, correct? In other words Forms still needs to be able to communicate with the internal forms and SQL servers on its respective ports?

1 0
replied on January 17, 2019

Yes. The STS does nothing else. For details on a few possible configurations for Forms, see this white paper.

0 0

Replies

You are not allowed to reply in this post.
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Related Posts
Loading ...