Access Server Intranet public

Author Message

thomas BAILLEUL

Tuesday 05 September 2006 8:01:45 am

Hi,
I have made a knowledge database with ezpublish for my partners and customers, it will be filled by intranet's user but my partners can make comments. I want to know in which server I must install it.

my first choice is to install ezpublish on our intranet server(freebsd) and synchronize(rsync) files from intranet to our public server (freebsd also) and do a Sql replication but in this case, my partners couldn't post comments as the SQL server(on the web public server) will be slave.

so my second choice is to install ezpublish on the web server and to make a link on our Intranet server but we don't want a double authentification as we have already to authentificate(LDAP) on the Intranet, we could send login and password by url but it's may be unsafe(even if it's encoded with a password_hash)

sorry for my poor english

Xavier Dutoit

Wednesday 06 September 2006 3:35:58 am

Salut,

I'd suggest you to dig a little bit around single sign on. There is a patch (or is that already on the 3.9 ?).

It should do it.

Please post the result of your investigation.

X+

http://www.sydesy.com

Norman Leutner

Thursday 07 September 2006 7:31:09 am

You can create your own SSO module as an extension and
send the encrypted login data in combination with a timestamp
through the header.

Within your SSO extension you can compare the timestamp within the header with the current timestamp and check for a timeout of 30 second.

This would reduce the sucurity issues...

Mit freundlichen Grüßen
Best regards

Norman Leutner

____________________________________________________________
eZ Publish Platinum Partner - http://www.all2e.com
http://ez.no/partners/worldwide_partners/all2e_gmbh

Norman Leutner

Thursday 07 September 2006 7:34:07 am

We are currently working on a solution with RSA Secure Authentification
in combination with ez 3.8, a reverse proxy and a SSO module.

We'll also write an article about how we implemented the solution within the customers intranet. Maybe this will be helpfull...

Mit freundlichen Grüßen
Best regards

Norman Leutner

____________________________________________________________
eZ Publish Platinum Partner - http://www.all2e.com
http://ez.no/partners/worldwide_partners/all2e_gmbh

thomas BAILLEUL

Tuesday 12 September 2006 6:47:06 am

Thx for your very helpful advice for solving my problem,
the problem is our boss seem to prefer solution 1 as it would be less unsafe(articles posted are very confidential) even if it can trigger problems (it's an sql replication so external users can't logged in without modified database'tables)
Nevertheless, Im tryin' thinking about the SSO module
Im looking forward to hearing from your articles.

Powered by eZ Publish™ CMS Open Source Web Content Management. Copyright © 1999-2014 eZ Systems AS (except where otherwise noted). All rights reserved.