Macromedia breeze 5 ユーザーガイド
Implementing single sign-on
61
Integrating Breeze with learning management systems
All LMS integration occurs through Breeze Presenter. For more information, see Breeze Presenter
User Guide.
User Guide.
Implementing single sign-on
Single sign-on (SSO) is a mechanism whereby a single action of user authentication allows a user
to access all computers and applications where they have access permission without the need to
enter multiple passwords. Single sign-on reduces human error, a major component of systems
failure.
to access all computers and applications where they have access permission without the need to
enter multiple passwords. Single sign-on reduces human error, a major component of systems
failure.
You can manage users and authenticate their access to multiple applications in several ways.
Breeze 5 supports the following:
Breeze 5 supports the following:
•
NTLM authentication
Microsoft uses Windows NTLM to pass information that authenticates users. After a user is
logged in, they can access intranet sites or applications that require valid access without being
prompted each time for their login and password. Only Internet Explorer on Microsoft
Windows can silently negotiate NTLM authentication without prompting the user for
credentials. Breeze checks the browser type of a request and only requests NTLM
authentication for browsers that support NTLM.
logged in, they can access intranet sites or applications that require valid access without being
prompted each time for their login and password. Only Internet Explorer on Microsoft
Windows can silently negotiate NTLM authentication without prompting the user for
credentials. Breeze checks the browser type of a request and only requests NTLM
authentication for browsers that support NTLM.
NTLM authentication uses the jCIFS library. A servlet or filter servlet interacts with the client
and implements the appropriate handshake with the server that hosts Breeze.
and implements the appropriate handshake with the server that hosts Breeze.
Note: jCIFS supports only NTLM authentication. This implementation will not work for customers
who use NTLM2 or Kerberos.
who use NTLM2 or Kerberos.
•
HTTP-header based authentication
HTTP-header based authentication inspects the HTTP header to extract the user ID for the
authenticated user.
authenticated user.
If Breeze Server is not installed behind an authentication proxy, the standard login page
appears to Breeze users.
appears to Breeze users.
Netegrity Siteminder uses HTTP-header based authentication. Siteminder provides a software
developer’s kit (SDK) that implements a servlet or filter servlet that acts as the authentication
proxy.
developer’s kit (SDK) that implements a servlet or filter servlet that acts as the authentication
proxy.
Configuring SSO
You need to configure the following variables in the custom.ini configuration file to implement
the SSO feature:
the SSO feature:
Variable
Type
Description
NTLM_DOMAIN
NT Domain Name
The NT domain users authenticate against
NTLM_SERVER
IP address
The IP address of one or more WINS servers on the network,
separated by a comma (“,”)
separated by a comma (“,”)