Question

LFDS STS - Best practice regarding where to install STS

Laserfiche Directory Server

Updated January 30, 2023

asked on January 30, 2023

Hello,

One of the solutions we commonly provide to certain customers involves two Forms instances, one in the DMZ, sharing the same database. This sometimes involves 3 machines - LFDS (internal), web server (internal), and web server (DMZ). What I've typically done in the past is install STS on the LFDS machine for internal use; so hitting a Laserfiche web app at https://internalwebserver.domain.com/forms/, for example, would redirect to https://lfdsmachine.domain.com/lfdssts/ for login. Is that a best practice, or does it make more sense to install STS on the internal web server for internal use? What should I be taking into consideration as far as where to install the internal instance of STS?

Thanks!

0 0

Answer

SELECTED ANSWER

replied on January 30, 2023

Things to consider for your STS internally. You can have more than one and each can be configured with different options. For example, you may have a Web Client installation that you want all users to sign in with Windows Authentication. That Web Client could be configured to use an STS that forces the Windows Authentication option, while another STS does not and is used for a different installation of the Web Client.

1 0

Replies

replied on January 30, 2023

Having the STS on the LFDS server I believe is the preferred option. What I would add to your setup though is setting up an STS in your DMZ.

1 0

replied on January 30, 2023

Yes, STS in the DMZ, as well. Not even sure why I mentioned the DMZ in my original post as it's not relevant to my question, lol.

Thanks for the input!

0 0

SELECTED ANSWER

replied on January 30, 2023

1 0

You are not allowed to follow up in this post.

Question

Question

LFDS STS - Best practice regarding where to install STS

Answer

Replies

Sign in to reply to this post.