How to Configure the Authentication
From Business Process Management, BPM and Workflow Automation Wiki | BizAgi BPMS
<keywords content="keywords"> authenticate, authenticate users, application security, include authentication, authentication, Bizagi authentication, windows authentication, anonymous, integrated </keywords>
Contents |
How to Configure the Authentication
In a new project, a default user is defined so that the web application may work without authentication, using the included user admon (by default this user's password is blank). The moment the first user is created, the application starts to ask for the authentication credentials. The default type of authentication used is Bizagi Authentication.
Windows Authentication
1. In the Bizagi Menu select the Security component, click on Authentication and in the work area select Windows Authentication as the authentication type.
2. Then click on the Update button and wait for the update confirmation window to appear. Then click OK.
To be able to use this authentication, Windows domain users have to be created as Bizagi users also (learn how to create users here).
3. Run the web application, type the same username and password used to authenticate the Windows domain. Select the domain and click on Login.
Optional configuration in IIS for Windows authentication to avoid Bizagi login page
To avoid the login page for Bizagi work portal access, configure the web application's Authentication options in the IIS 6 or 7 as described below.
Configuration in IIS 6
Ensure that Integrated Windows authentication is checked for your site, and that Anonymous access is unchecked:
Configuration in IIS 7
Ensure that this configuration is done for your project's specific web site. Double click on Authentication to review/set its options for that site.
Ensure Windows authentication is enabled for your site, and that Anonymous access is disabled:
|
Note: Please take into account that the previous recommendations work for Internet Explorer. If the final users work with Firefox, additional configurations are required. In order to get more information about those configurations, please follow the link |
Additional browser configuration to review
Once the configuration in IIS is set up as described in the previous section, Bizagi's login page will not be shown.
However and according to some security policies, the browser may still prompt for credentials to access the project's work portal.
In order to ensure that your project's work portal is treated as a secure site in your browser (so that complete automatic logon is taken and no credentials are needed), review the following in your browser's settings:
For Internet Explorer, go to the Internet Options menu item of the Tools Menu.Locate the Security tab and ensure that the work portal's URL is added as a local intranet site.
This way, the browser will take the work portal as a secure site to work with the automatic logon settings.
Notice that this works for Intranet sites, mainly because the security default settings for Internet explorer have this configuration:
Bizagi Authentication
1. In the Bizagi Menu select the Security component, click on Authentication and in the work area select Bizagi Authentication as the authentication type.
2. Then click on the Update button and wait for the update confirmation window to appear. Then click OK.
When this type of authentication is used, all previously created users have to be edited to configure a password and other properties. New users will be asked for this information too.
Additionally for this type of authentication other options can be configured. Learn about these options here.
3. Run the web application, type the username and password configured as a Bizagi user. Select the domain and click on Login.
It is possible to log in as a user that was created in a Windows domain, but bear in mind that the password utilized is the one created in Bizagi, not the Windows password.
|
Note: Authentication configuration will only be taken to production in the first deployment. Henceforth, every environment will have independent configurations. |
Advanced and Related Topics
- For further information on the types of authentication click here.
- For information about Users' creation click here .
- To Log final users to the Web Application click here
<comments />
