You are viewing limited content. For full access, please sign in.

Question

Question

WebLink Setup in DMZ Using an Alternate Service

WebLink
Updated December 2, 2021
asked on November 29, 2021

We have a customer who wants to install WebLink on their DMZ server (not on domain) and use LFDS to authenticate.  This server is currently working great for both Forms and WebClient to login via LFDS, as it uses the LFDSSTS on the same DMZ server routed to the internal LFDSSTS via an alternate service, to authenticate.  The issue that we've run into is that WebLink does not appear to support this same setup. 

  1. Is there a way to have WebLink installed on this same DMZ server authenticate users via the locally installed LFDSSTS without adding it to the domain?
  2. Is WebLink going to allow the same abilities that Forms & WebClient have to use an alternate service when authenticating from the DMZ?
0 0

Answer

APPROVED ANSWER
replied on November 29, 2021 Show version history

This is technically not supported "out of the box" in WebLink 10.x (bug 299819) due to some missing config options, though there's a semi-official workaround which I discuss below.

It is supported in WebLink 11 with UI/config utility support, which is releasing soon™.

I recall you can get WebLink 10.x to work with the LFDS Alternate Service by installing and configuring Web Client to use the Alternate Service on the same machine, copying the relevant config blocks out of Web Client's config file, and pasting them into WebLink's.

We have some documentation on this that you can follow: 

Configuring WebLink in a DMZ Environment

1 0
View 2 previous replies
replied on December 2, 2021

Thanks for the workaround info and the heads-up that WL 11 will resolve this.  Do we have a rough timeframe for when WL 11 will be available?

0 0
replied on December 2, 2021

It was released yesterday.

0 0
replied on December 2, 2021

Thanks Blake for the heads up on that.  What is weird is that I can't find anything in the release notes or list of changes, where it says that this functionality is now available. 

Samuel, can you please confirm that this functionality is available in the WebLink 11.0.2110.2592 that was released on 11/30?

0 0
replied on December 2, 2021 Show version history

Confirming the funtionality is available in that version of WebLink 11 that just released.

I noticed it was accidentally omitted from the release notes yesterday and the team should have them updated soon.

Important: Upgrading to WebLink 11 resets (wipes) your current WebLink site configuration. Please ensure you use the WebLink SettingsBundler utility to back up your configuration before upgrading, and then restore it post-upgrade. 

0 0
replied on December 2, 2021

Samuel, 

Thanks for confirming that.  I had noticed the Important portion in the release notes but appreciate you reminding about it since it could cause quite a headache if someone missed it.

0 0

Replies

replied on November 29, 2021

What version of WebLink are you installing in the DMZ?

2 0
replied on November 30, 2021

We were working with Weblink 10.2

0 0
replied on November 29, 2021

You should be able to set this up in the connection settings through the WebLink designer. We currently have a similar setup with Forms and WebLink instances on a DMZ server and they both use an STS page installed on the DMZ server for LFDS authentication like you described.

You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Related Posts
Loading ...