Forums / Install & configuration / Access Server Intranet public
thomas BAILLEUL
Tuesday 05 September 2006 8:01:45 am
Hi,I have made a knowledge database with ezpublish for my partners and customers, it will be filled by intranet's user but my partners can make comments. I want to know in which server I must install it.
my first choice is to install ezpublish on our intranet server(freebsd) and synchronize(rsync) files from intranet to our public server (freebsd also) and do a Sql replication but in this case, my partners couldn't post comments as the SQL server(on the web public server) will be slave.
so my second choice is to install ezpublish on the web server and to make a link on our Intranet server but we don't want a double authentification as we have already to authentificate(LDAP) on the Intranet, we could send login and password by url but it's may be unsafe(even if it's encoded with a password_hash)
sorry for my poor english
Xavier Dutoit
Wednesday 06 September 2006 3:35:58 am
Salut,
I'd suggest you to dig a little bit around single sign on. There is a patch (or is that already on the 3.9 ?).
It should do it.
Please post the result of your investigation.
X+
http://www.sydesy.com
Norman Leutner
Thursday 07 September 2006 7:31:09 am
You can create your own SSO module as an extension and send the encrypted login data in combination with a timestamp through the header.
Within your SSO extension you can compare the timestamp within the header with the current timestamp and check for a timeout of 30 second.
This would reduce the sucurity issues...
Mit freundlichen Grüßen Best regards Norman Leutner ____________________________________________________________ eZ Publish Platinum Partner - http://www.all2e.com http://ez.no/partners/worldwide_partners/all2e_gmbh
Thursday 07 September 2006 7:34:07 am
We are currently working on a solution with RSA Secure Authentification in combination with ez 3.8, a reverse proxy and a SSO module.
We'll also write an article about how we implemented the solution within the customers intranet. Maybe this will be helpfull...
Tuesday 12 September 2006 6:47:06 am
Thx for your very helpful advice for solving my problem, the problem is our boss seem to prefer solution 1 as it would be less unsafe(articles posted are very confidential) even if it can trigger problems (it's an sql replication so external users can't logged in without modified database'tables) Nevertheless, Im tryin' thinking about the SSO moduleIm looking forward to hearing from your articles.