MidVision RapidDeploy technical documentation site

Security providers

You can configure the framework server to use either Basic security or LDAP security as Form Login in combination with SAML or IWA Single Sign-On authentication which is an optional feature.

In the case of basic security , the security schema is stored in the framework server database. In the case of LDAP security , it is stored in an external LDAP repository (not supplied).

Framework can be configured as Service Provider and authenticate against a Identifier Providers for Single Sign-On operation based on SAML 2.0.

In the case of Single Sign-On for Integrated Windows Authentication the framework can be set for SPNEGO / Kerberos protocols.

There are multiple spring security context configurations available to be set in the framework property.

Here's the default security context file in %MV_HOME%/bin/rapiddeploy.properties.

#-----------------------------------------------
# Spring Security Context
#-----------------------------------------------
rapiddeploy.security.context.filename=applicationContext-security.xml
#-----------------------------------------------

The default context file does not include Single Sign-On feature configuration.

#-----------------------------------------------
# External Authentication configuration 
#-----------------------------------------------
rapiddeploy.security.authentication.add.new.user=true
rapiddeploy.security.authentication.username.regexValue=.*
#-----------------------------------------------

rapiddeploy.security.authentication.add.new.user* This configuration is for enable / disable the addition feature of a new user when an external authentication method is configured like LDAP or SSO. By default the value is true.
rapiddeploy.security.authentication.username.regexValue* This is the regular expression value for used ID extraction from the original ID. This is useful when the user ID retrieved by a SSO service is "jdoe@server" and the real username should be "jdoe". By default the regex value is ".*" which matches and uses the entire user ID as username. For SSO authentication, example value: ^[\w._%+-]+
```
#-------------------------------------------------
# Security Defaults
#-----------------------------------------------
security.default.groups.name=unknown
security.default.groups.desc=Unknown
security.default.users.username=unknown
security.default.users.firstname=Unkown
security.default.users.lastname=Unkown
security.default.users.desc=Unkown
security.default.users.email=notknown@rapiddeploy.com
#-------------------------------------------------
```
These values are used as default fields for new users and/or groups automatically created on first successfully login.

External Links:
Spring Security SAML Extension
Spring Security Kerberos / SPNEGO Extension