Versions Compared

Old Version 8

changes.mady.by.user Olivier Michaut

Saved on

compared with

New Version Current

changes.mady.by.user Olivier Michaut

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • A service defines the target UDMG Server and the supported authentication mechanism or provider.
  • A provider define defines the type and the actual configuration for the related identity provider, for example the address of the LDAP server and the needed entity mapping.

...

NameDescription
localStandard UDMG Server authentication, usernames and passwords are stored in the database. 
samlSAML 2.0 Provider
googleGoogle OAuth2 Provider
ldapLDAP Server
oidcStandard OpenID Provider
oauthStandard OAuth2 Provider

By default, the local authentication is always enabled for all services.

Local Authentication

Local authentication is the standard authentication with usernames and passwords that are stored in the UDMG Server database. It is available for UDMG Admin UI, the REST API interface and the UDMG Client command line tool.


Note
titleNote

When the UDMG Server is first started, a single user named 'admin' is created with the password 'admin_password'. This user is only to be used to create other users to administer the UDMG Server. It is therefore strongly recommended that you create one or more users immediately, then change the "admin" account password.

Single Sign-On Settings

Before you begin

...

This is the identifier that is shared between UDMG and the Identity Provider

Image RemovedImage Added

Configuration


Please refer to the pages:

...

Code Block
languagetext
[service.ldap]
protocol = "http"
policy = "failover"

[service.ldap.credential]
username = "ldap_sync"
password = "ldap_password"

[[service.ldap.targets]]
hostname = "lblocalhost"
port = 808018080

[service.ldap.auth.ldap]
file = "udmg-ldap-config.json"

The details of the LDAP server are defined in the JSON file. 

User Provisioning

In case of successful authentication on the LDAP, the UDMG user is created with default read Read permission in the internal UDMG database if it does not exist. Otherwise the user credentials are updated in the database to allow for authentication on the REST and CLI interfaces.

...