This might be a silly question to some but STS has been nothing but more trouble in my environment than helpful. When it's turned on, I have had more bugs than when it's turned off. My users can authenticate to the web client using Windows credentials without STS. I can get onto Forms without STS. My external server is configured to have folk type in their account name and password. What do I need STS for?
What is the Use Case of STS?
asked on February 28, 2022
replied on March 1, 2022
Laserfiche Single Sign (requires the STS) mainly brings the following benefits:
- If users access multiple Laserfiche applications, they only have to log in or out once
- Ability to use more advanced authentication options, such as multi-factor authentication and SAML and AD FS authentication
- Support for subscription users that have lower functionality licenses in Forms and the repository. These users cannot log into Forms without SSO
For example, you mentioned that your external server has users type in their (Windows?) username and password. A better security practice is to set up AD FS, which is a Windows feature designed to securely authenticate Windows users that are outside your internal network. This would only available through the STS.
However, for the use case you described, it's not strictly necessary. We do have further updates planned to reduce the difficulties with setup.
You are not allowed to follow up in this post.