Hello,
One of the solutions we commonly provide to certain customers involves two Forms instances, one in the DMZ, sharing the same database. This sometimes involves 3 machines - LFDS (internal), web server (internal), and web server (DMZ). What I've typically done in the past is install STS on the LFDS machine for internal use; so hitting a Laserfiche web app at https://internalwebserver.domain.com/forms/, for example, would redirect to https://lfdsmachine.domain.com/lfdssts/ for login. Is that a best practice, or does it make more sense to install STS on the internal web server for internal use? What should I be taking into consideration as far as where to install the internal instance of STS?
Thanks!
Question
Question
LFDS STS - Best practice regarding where to install STS
Answer
Things to consider for your STS internally. You can have more than one and each can be configured with different options. For example, you may have a Web Client installation that you want all users to sign in with Windows Authentication. That Web Client could be configured to use an STS that forces the Windows Authentication option, while another STS does not and is used for a different installation of the Web Client.
Replies
Having the STS on the LFDS server I believe is the preferred option. What I would add to your setup though is setting up an STS in your DMZ.
Yes, STS in the DMZ, as well. Not even sure why I mentioned the DMZ in my original post as it's not relevant to my question, lol.
Thanks for the input!
Things to consider for your STS internally. You can have more than one and each can be configured with different options. For example, you may have a Web Client installation that you want all users to sign in with Windows Authentication. That Web Client could be configured to use an STS that forces the Windows Authentication option, while another STS does not and is used for a different installation of the Web Client.