Home →
Using LincDoc 3.1+ →
Security →
Using Authentication Providers
13.5. Using Authentication Providers
Authentication providers allow you to create different ways to set up users and groups.
Two types of authentication providers are available in LincDoc:
- Internal. Included in LincDoc.
- LDAP. Can be configured to work with an existing LDAP (Active Directory) system.
Proceed to one of the following sections below for more information:
Viewing Existing Providers
You can view all of your client ID's currently defined providers by selecting client login providers from the system button.
Note: If you have been assigned the superuser permission, you can also view all login providers for all client IDs using the login providers option. For more information, see Configuring Login Providers (All Client IDs).
The Authentication providers dialog box appears, listing all of the currently defined providers. This dialog box provides access to all provider-based options including, but not limited to, enabling/disabling providers, making providers invisible to other users, and editing a provider's settings.
Proceed to one of the following topics for more information on the options available from this dialog box:
Creating a New Provider
You can create a new provider to control application access. This provider is created at the client ID level (it will be available to other users with access to your current client ID). There is no limit to the number of providers that you can create. However, one or two is the normal allotment.
- Access the Authentication providers dialog box.
- Click the new provider button.
The New provider dialog box appears.
- Select the type of provider you want to create. You can select db (internal LincDoc provider) or ldap (external LDAP-based provider).
- Type a name for the provider in the ID text box. This setting will appear in the type column of the Authentication providers dialog box.
- Click add.
The provider is added to the list of existing providers.
- Configure the provider. The configuration options differ based on if you have added an Internal LincDoc provider or an LDAP-based provider.
Adding an Existing Provider
You can add a provider that has been previously defined at the administrative level. Providers accessed in this way are considered global providers, and can be see by all users who are logged into the system.
Note: This option is not available when using the login providers option.
- Access the Authentication providers dialog box.
- Click the add provider button.
The New provider dialog box appears.
- Click the add button that corresponds to the provider you want to add.
You are returned to the Authentication providers dialog box, and the selected provider appears in your list of providers.
Enabling a Provider
Once a provider has been added to the list on the Authentication providers dialog box, you can activate it and deactivate it, as necessary, using the check box in the enabled column.
In the following example, the provider labeled default corporate provider has been disabled (the corresponding check box in the enabled column has been cleared (unchecked)).
This feature allows you to temporarily "turn off" defined providers, when you do not want them to be used, without having to completely delete them and then reconfigure them at a later date.
Important: Once you adjust the settings in the enabled column, be sure to click the save button at the top of the Authentication providers dialog box.
Controlling the Visibility of a Provider
Once a provider has been added to the list on the Authentication providers dialog box, you can determine whether or not it is visible on the LincDoc login page using the check box in the visible column. If the visible option is deactivated (if the provider is made invisible), the provider remains enabled (active), but it cannot be seen or selected by other users when they are accessing LincDoc.
Note: If you want to deactivate the provider, use the enabled column.
In the following example, the provider labeled default corporate provider has been made invisible (the corresponding check box in the visible column has been cleared (unchecked)). Notice that the provider is still active (checked in the enabled column).
You can also control the visibility of providers by editing the URL used to access LincDoc. For more information, see Configuring Your Login URL.
Important: Once you adjust the settings in the visible column, be sure to click the save button at the top of the Authentication providers dialog box.
Configuring an Internal Provider
You can configure an Internal-type provider to specifically control access to the LincDoc environment. This type of provider is included with LincDoc and is strictly designed to work with LincDoc.
- Access the Authentication providers dialog box.
- Click the arrow button that corresponds to the Internal provider you want to configure.
The Edit provider dialog box appears.
- In the General provider options area, enter information to create a custom link on the LincDoc login page for the specified provider, as shown below.
- Using the Help link label text box to specify the text that appears on the link. In the example above, this setting would contain the text "Acme Trailer Intranet".
- Using the Help link URL text box to specify the underlying web site address for the link.
Tip: You can also use these two text boxes to specify a user registration URL that can be easily accessed from the LincDoc login page. For more information, see Using a Registration Path on the Login Screen.
- If you want to specify after how many days a password must be changed, click the Password expire check box, when specify (in days) how long a password can be used.
You can also use the Lock after check box to specify a number of days after which accounts will automatically be frozen.
- If you want the system to not allow a user to log in after a certain number of authentication failures, click the Lock after authentication failures check box, and specify how many failed attempts will activate the lock-out option (Lock after option), and for how many minutes the lock-out will last (Lock for option).
- In the Password requirements area, alter any of the following settings, as necessary:
- Minimum length. Specify the minimum number of characters that a password can contain. The default setting is 6.
- Maximum length. Specify the maximum number of characters that a password can contain.
- Minimum letters. Specify the minimum number of letters that a password can contain.
- Minimum lowercase letters. If you want to force password to contain lowercase letters, specify the minimum number required.
- Minimum uppercase letters. If you want to force password to contain uppercase letters, specify the minimum number required.
- Minimum digits. If you want to force password to contain numbers, specify the minimum number required.
- Minimum non-alphanumeric. If you want to force password to contain letters, and not allow all-number passwords, specify the minimum number of non-numeric characters required.
- Maximum sequential letters. Specify the maximum number of alphabetically sequential letters that can appear in passwords (a,b,c,d,e,f,g, etc.). The default value is 3.
- Maximum sequential numbers. Specify the maximum number of numerically sequential numbers that can appear in passwords (1,2,3,4,5, etc.). The default value is 3.
- Maximum QWERTY sequence. Specify the maximum number of keyboard sequential letters that can appear in passwords (a,s,d,f,g, etc.). The default value is 3.
- History. Specify how many former passwords are saved by the system, which prevents users from re-using passwords until the number of new passwords defined by this setting is met.
- (optional) Click the test button at the top of the dialog box to verify that the provider is working correctly.
- Click the save button at the top of the dialog box.
Your configuration changes are saved, and you are returned to the Authentication providers dialog box.
Configuring an LDAP Provider
You can configure an LDAP-type provider to connect to your current LDAP system, allowing you to use existing usernames and passwords to log into LincDoc as well as other software systems in your environment.
Important: For complete details on the settings necessary for this type of provider, contact your local system or LDAP administrator.
- Access the Authentication providers dialog box.
- Click the arrow button that corresponds to the LDAP provider you want to configure.
The Edit provider dialog box appears.
- In the General provider options area, enter information to create a custom link on the LincDoc login page for the specified provider, as shown below.
- Using the Help link label text box to specify the text that appears on the link. In the example above, this setting would contain the text "Acme Trailer Intranet".
- Using the Help link URL text box to specify the underlying web site address for the link.
Tip: You can also use these two text boxes to specify a user registration URL that can be easily accessed from the LincDoc login page. For more information, see Using a Registration Path on the Login Screen.
- Click the Active Directory button to automatically populate some of the settings in the LDAP server and Users areas.
- Edit the remaining settings, as necessary, based on your current LDAP configuration.
Important: For complete details on the settings necessary for this type of provider, contact your local system or LDAP administrator. .
- (optional) Click the test button at the top of the dialog box to verify that the provider is working correctly.
- Click the save button at the top of the dialog box.
Your configuration changes are saved, and you are returned to the Authentication providers dialog box.
Deleting a Provider
You can delete an existing provider by clicking the delete icon on the far right side of the Authentication providers dialog box.
Note: You cannot delete the initial system provider. It is provided, by default, with the LincDoc installation. Access to other providers is based on your administration level.