You are viewing limited content. For full access, please sign in.

Question

Question

Is an external STS required for DMZ forms to work?

Laserfiche Forms Version 10 Directory Server How To
Updated June 24, 2019
asked on June 21, 2019

I have a scenario where Internal Forms is set to use LFDSSTS authentication. We want to configure the external forms portal so users can submit external forms. Do I have to install an external STS in order to do this? If not what portion of the DMZ forms configuration do I need to follow to get this working properly?

0 0

Replies

replied on June 21, 2019 Show version history

This depends on few things:

  1. Do you have a public portal license?
  2. Do you want your external users to be able to log in?

We used to use a reverse proxy for external, but there's a lot that doesn't work right when you do things that way (for example, you might not be able to load theme logos).

I'd say the "proper" way is to set up an external STS because that way you can disable automatic login externally while still having SSO internally.

They have white papers on the support site, but you may need to reach out to your vendor because the white paper(s) didn't seem to cover everything when our engineers did this.

(also make sure your external Forms site has the routing service disabled)

0 0
replied on June 24, 2019

Thanks, I was hoping to avoid the process of configuring the STS since this client just wants the portal to submit external forms without logging in. I have configured a few of them and the process can be long and challenging depending on Certificates and Network/firewall configurations.

1 0
replied on June 23, 2019

Hi Drew,

Recently I have configured Forms in DMZ, Installed STS internally and on the DMZ server.

Its important to verify the rights on the certificate used (refer white paper for the user requiring access)

Make sure all the required ports are opened.

Follow white paper to the "T" while modifying config files.

Make sure the forms configuration (user authentication) is done correctly.

Thank you.

 

0 0
replied on June 24, 2019

Thanks for the reply. My question was referring to if it was required to use an external STS to configure the portal with Forms just for submissions that is internally using STS authentication. I have configured a few external STS and I agree with your statement that you must follow the instructions precisely and implement the SSO DNS changes from the SSO documentation as well.

0 0
replied on June 24, 2019

Yes, spot on.

Regarding your question, I believe if you are having a domain disjoint DMZ, then STS is a must. This was kinda mentioned by LF support when I ran in to similar scenario. I would recheck with LF support and proceed.

Thanks

1 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Related Posts
Loading ...