You are viewing limited content. For full access, please sign in.

Question

Question

okta

Laserfiche Directory Server Version 10
Updated June 23, 2020
asked on June 19, 2020

Laserfiche Rio 10.4.2, on 6 environments, 2 testings, 2 stagings, 2 productions on 2 separated domains, but we only have 1 instance of LF Directory Server running on 1 testing environment. The SSO login works on 1 testing environment, but not on the staging in the same domain. 

Is there anyone who succeeded in the OKTA configuration on multiple environments with 1 instance of LFDS?

Is there any potential issue of 1 instance of LFDS in multiple environments, which we should know ahead?

Thanks in advance! 

0 0

Replies

replied on June 22, 2020

Hi Lina,

What behavior are you seeing when login fails to work? Are all the environments able to reach STS on the testing environment?

0 0
replied on June 22, 2020

when I click the OKTA of test, it will land at https://testServer/laserfiche;

when I click the OKTA of stage, it will land at the same page of https://testServer/laserfiche;

Because is in LFDS->general -> SAML Login Configration->default landing page is https://testServer/laserfiche
When I leave the default landing page to be blank,

when I click the OKTA of test, I got "SAML authentication success, however there is no landing page configured."

when I click the OKTA of stage, I got same error "SAML authentication success, however there is no landing page configured."

 

I think the SAML authentication reached STS but how can I have 2 different landing pages for 2 webclients on test and staging enviorments.

thanks

Lina

0 0
replied on June 23, 2020

Are you clicking the login buttons in the Okta console? If so, that is not supported. Try testing by visiting https://testServer/laserfiche and https://stageServer/laserfiche in your browser. You should then be taken to your STS instance (there's only one along with LFDS right?) and then to the URL you originally tried to reach.

If there is more than one STS instance (for example one per environment), then Brianna's comment comes into play and you will need several SAML IdP buttons on the STS for each environment to use.

0 0
replied on June 22, 2020

This previous post may be relevent: https://answers.laserfiche.com/questions/160976/SAML-Authentication-using-Multiple-STS-sites#161181

It's hard for me to tell if it's the exact same setup, but the previous post discusses a workaround for multiple environments using the same LFDS and using SAML authentication (create a different SAML identity provider for each environment).

0 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Related Posts
Loading ...