LDAP for Publish Instances

Question

Hello,

I've read the following documentation:

http://dev.day.com/docs/en/crx/current/administering/ldap_authentication.html#Configuring

http://helpx.adobe.com/cq/kb/LdapConfig.html

But they seem to only pertain to Author instances. I'm looking to use SSO and ActiveDirectory for users to log into an extranet site on CQ and be able to move freely between 3 different "sites" without having to log in again....what is needed to make this happen on a publish instance? Can I do the same configurations and then use CQ's OOTB login functionality, or am I going to have to write my own custom login module?

Yogesh_Upadhyay · Accepted Answer

You can use LDAP on publish same way you are using in author. If you are planning to use SSO then based on SSO product you are using (for example siteminder etc) you can configure your publish instance accordingly. You can also use SAML2.0 authentication (CQ5.6 onward) to authenticate against multiple systems across your org. Based on requirement you have, you might have to extend authentication handler and authentication module. Here is information about all of this,

1) SSO -- http://dev.day.com/docs/en/cq/current/deploying/single_sign_on.html

2) SSO with LDAP -- http://dev.day.com/docs/en/crx/current/administering/ldap_authentication.html#LDAP with Single Sign On

3) SMAL2.0 -- http://helpx.adobe.com/cq/kb/saml-demo.html OR http://dev.day.com/content/docs/en/cq/current/core/administering/saml-2-0-authenticationhandler.html

4) Extend auth handler and module -- http://www.wemblog.com/2013/03/how-to-create-custom-authentication.html

Yogesh

JustinEd3 · Answer

You can use LDAP in publish. It's far less common than for LDAP to be used in author, but it is certainly possible and would be configured the same way.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded