Manualshelf

User Guide

ManualsBrandsMacromedia ManualsOtherCONTRIBUTE 4
41424344454647484950
Configuring Contribute Publishing Server (CPS only) 49
Understanding Contribute user authentication models
Contribute provides two user authentication models that you can use:
File-based authentication lets you use either a password stored in an XML file, or Windows
domain authentication.
When using the Contribute file-based authentication system, CPS looks up the user’s credentials
in an XML file located on the server.
When using Windows domain authentication, CPS validates the user’s identity against the
Windows domain in which CPS operates.
Note: Windows domain authentication uses the winNT.dll library for authentication. You must ensure
that this file’s path (usually c:\windows\system32) is placed in the java.library.path environment
variable.
User directory service-based authentication
lets you integrate Contribute with user directory
services such as Lightweight Directory Access Protocol (LDAP) or Active Directory.
About Contribute and LDAP or Active Directory
Lightweight Directory Access Protocol (LDAP) is a protocol for accessing information directories.
Microsoft Active Directory and LDAP are types of directory services. In the case of directory
services, a directory is like a telephone book and not like a directory (folder) on your computer.
You can integrate the User Directory service of CPS with your directory service. The User
Directory is an application service that enables you to centrally manage users.
When you integrate with your LDAP directory, you control who can access your website and how
they are authenticated.
LDAP branches Using the User Directory service, you can add your entire LDAP user directory
for your website, or you can indicate specific branches to search.
You have the following options:
Add the root node of your LDAP tree to the user directory, and enable search for users or
groups in any of the branches.
Add specific branches to the user directory and determine the scope of the search—whether
you want to search only the branch or the branch and any subbranches. This way, you can
exclude certain branches of your LDAP tree from the search.
For each branch you add, you can define a user search only or you can define a user and a group
search.
For example, suppose your LDAP directory has three branches: East, Central, and West. You
want to integrate with the LDAP directory your entire company, so in the following example, you
add one branch for a user search to the user directory:
User branch with baseDN:o=MyCompany, Search Scope:SUBTREE_LEVEL,
filter:(objectClass=organizationalPerson)