IIS single sign on (SSO) - supporting non-LDAP users

This article is relevant if you use IIS as your web server and Asset Bank's WIASSOPlugin to enable Active Directory users to be logged in automatically, and want to also enable non-Active Directory users (i.e. local users, added directly in Asset Bank) to be able to login.

Asset Bank may give an 'Unauthorized' response if a non-windows user tries to access Asset Bank URLs other than the login page. This is likely to result in a popup login dialog in the browser.

To avoid this:

a) If internal users want to login to Asset Bank as a user different from the one with which they logged into their computer then they should go straight to 'http://yourassetbank/action/viewLogin' or 'http://yourassetbank/action/viewHome?nosso=true' rather than to the main URL of your Asset Bank (http://yourassetbank) or viewHome. They should then be able to log in as a local Asset Bank user.

b) If any user wants to access Asset Bank on the Tomcat port then they should also go to 'http://yourassetbank/action/viewLogin' or 'http://yourassetbank/action/viewHome?nosso=true'

c) If you have external users accessing Asset Bank via an external site (e.g. a different 'website' in IIS pointing at the same Asset Bank), which has only 'Anonymous access' enabled, and if network considerations allow, you may configure the external site to forward all requests to 'yourassetbank/action/viewHome?nosso=true' on the internal site (which will now allow anonymous users to the login page). To do this, go to the Home Directory tab on the properties dialog for your external site, and select 'A redirection to a URL' as the place where content should come from; fill this in is 'viewHome?nosso=true' on the internal site.

d) Otherwise you should change your Default.aspx file on your external site to forward to 'yourassetbank/action/viewHome?nosso=true' rather than 'viewHome'. You may also find it useful to install a custom 401 page into IIS. To do this copy the file WEB-INF/manager-config/iis/404-4.html to your IIS server and add it as a custom error to your Default Web Site (the Custom Error tab on the properties dialog).

Was this article helpful?

Yes No

Thanks for your feedback!