Configuring Authentication

The iGrafx platform supports a variety of authentication schemes, providing multiple methods for recognizing which users are currently logged in.

How you configure your authentication scheme depends on which type of installation you are using.

Predeployed Tomcat on Windows

When running your install_service.bat file, you can pass in the authentication scheme as a parameter.

If you have already installed the iGrafx Platform via this command, you can use the manage_service.bat command in in the Windows directory of your iGrafx Base directory to edit the service settings. On the Java tab, modify the authentication scheme (e.g. change -Dspring.profiles.active=defaultsecurity to -Dspring.profiles.active=samlsecurity). 

Restart your iGrafx Platform service after making any changes.

Other application servers

To enable a specific authentication scheme, start your iGrafx Platform service with the following system variable:

-Dspring.profiles.active=yourauthschemename

Replace yourauthschemename with the actual name of the profile (the profile names are mentioned in each article).

If no profile is specified, the default security profile will be used, which requires a login via a login dialog box when the user starts a new session. Depending on the profile, a few additional configuration variables need to be set. The authentication scheme you select will affect the way you can log in to the application through the web as well as through the client.

In all scenarios, it is assumed that the user that is authenticated also exists in one of the configured User Directories within the iGrafx platform. For example, if you configure SPNEGO/Negotiate, but do not add your Active Directory as a User Directory within the application, the authenticated user will see a 403 Forbidden error page.

For the available authentication schemes please see: