Macromedia breeze 5 User Guide
14
Chapter 1: Before You Begin
Directory services integration
In an LDAP schema, all directory entries are arranged in a hierarchical tree-like structure that
reflects the organization’s political, geographic, or administrative regions. For example, the IT
administrator at a company with multiple worksites wants to let everybody in the organization
use Breeze. In this scenario, the company's directory structure consists of multiple organizational
units, and these are represented by four directory branches: San Francisco, Boston, Singapore, and
Paris. Everyone in the organization has a Windows domain account listed in the Microsoft Active
Directory. The IT administrator would like to offer Windows users a single sign-on, or at a
minimum, the ability to use their domain login to access Breeze.
reflects the organization’s political, geographic, or administrative regions. For example, the IT
administrator at a company with multiple worksites wants to let everybody in the organization
use Breeze. In this scenario, the company's directory structure consists of multiple organizational
units, and these are represented by four directory branches: San Francisco, Boston, Singapore, and
Paris. Everyone in the organization has a Windows domain account listed in the Microsoft Active
Directory. The IT administrator would like to offer Windows users a single sign-on, or at a
minimum, the ability to use their domain login to access Breeze.
The administrator synchronizes the organization’s directory with Active Directory using the four
branches to perform an initial synchronization. The administrator may in the future employ a
solution accelerator to integrate the Breeze login screen with Windows authentication, and
configure the Windows NT LAN Manager (NTLM) authentication to allow users to skip the
Breeze login screen.
branches to perform an initial synchronization. The administrator may in the future employ a
solution accelerator to integrate the Breeze login screen with Windows authentication, and
configure the Windows NT LAN Manager (NTLM) authentication to allow users to skip the
Breeze login screen.
The NTLM protocol is the default protocol for network authentication in many different
versions of Windows. NTLM uses a challenge-response mechanism for authentication, in which
clients are able to prove their identities without sending a password to the server. This procedure
retrieves the user's Windows credentials to validate the user's access to Breeze.
versions of Windows. NTLM uses a challenge-response mechanism for authentication, in which
clients are able to prove their identities without sending a password to the server. This procedure
retrieves the user's Windows credentials to validate the user's access to Breeze.
The IT group schedules synchronization to begin every day at 2:00 A.M. when the demand on
system resources is low and to incorporate any changes since the previous synchronization. The
administrator routinely checks the synchronization logs to monitor the status of the scheduled
synchronization.
system resources is low and to incorporate any changes since the previous synchronization. The
administrator routinely checks the synchronization logs to monitor the status of the scheduled
synchronization.
Planning for SSL
SSL, or Secure Socket Layer, is a technology that allows web browsers and web servers to
communicate over a secured connection. This means that the data being sent is encrypted by one
side, transmitted, and then decrypted by the other side before processing. This is a two-way
process, meaning that both the server and the client’s browser encrypt all traffic before sending
out the data.
communicate over a secured connection. This means that the data being sent is encrypted by one
side, transmitted, and then decrypted by the other side before processing. This is a two-way
process, meaning that both the server and the client’s browser encrypt all traffic before sending
out the data.
An important aspect of the SSL protocol is authentication. During your initial attempt to
communicate with a web server over a secure connection, that server will present your web
browser with a set of credentials in the form of a certificate as proof the site is who and what it
claims to be. In certain cases, the server may also request a certificate from your web browser,
asking for proof that you are who you claim to be. This procedure is known as client
authentication.
communicate with a web server over a secure connection, that server will present your web
browser with a set of credentials in the form of a certificate as proof the site is who and what it
claims to be. In certain cases, the server may also request a certificate from your web browser,
asking for proof that you are who you claim to be. This procedure is known as client
authentication.
Breeze can be configured to use SSL, a secure protocol for transmitting private documents over
the Internet. SSL does not provide any inherent encryption capabilities, but instead performs the
appropriate URL and data mapping to allow HTTPS URLs to access Breeze and the desired
content.
the Internet. SSL does not provide any inherent encryption capabilities, but instead performs the
appropriate URL and data mapping to allow HTTPS URLs to access Breeze and the desired
content.