Article

jimgoodall's picture
article
Reads:

3859

Score:
0
0
 
Comments:

0

Using iChain to Protect a Sharepoint Site

Author Info

21 February 2007 - 6:40am
Submitted by: jimgoodall

Author Blog
Author Profile

Tags

Tags Map

(View Disclaimer)

Problem

Can I use iChain to protect a Sharepoint site?

Solution

Yes! If you want documents to open in MS office directly from the Sharepoint server however (not save a copy, work on it then upload it) you will need to configure iChain as follows:

1. On your iChain server, configure your authentication profile to "allow authentication through HTTP authorization header".

2. Check the "Use basic / proxy authentication" option. You need this so that the MS Office suite can authenticate to iChain; it is not possible for Office to authenticate using a web form.

3. Configure your IIS website that is hosting the Sharepoint site to allow basic authentication.

4. Pass the Sharepoint server a username it recognizes - either username@dominname or domainname\username.

I have achieved this by adding a userPrincipalName attribute to our iChain authentication eDirectory, and syncing the value over from Active Directory using DirXML. We then pass this by configuring OLAC for this accelerator as follows:

  • Name = iChain_UID
  • Data Source = LDAP
  • Value = userPrincipalName
  • Check the "http header" box

This will allow MS Office to authenticate. What you will notice is that because iChain uses a session cookie for authentication, you can open a Word document, for example, and you will be prompted to authenticate. On opening subsequent Word documents, you will not be asked to authenticate. Once you close Word, then open a new document, you will be prompted to authenticate again, as the session cookie has been destroyed.

Environment

  • iChain 2.3
  • Windows 2003 Domain (tested version)
  • Sharepoint 2003 (tested version)

Disclaimer: As with everything else at Cool Solutions, this content is definitely not supported by Novell (so don't even think of calling Support if you try something and it blows up).

It was contributed by a community member and is published "as is." It seems to have worked for at least one person, and might work for you. But please be sure to test, test, test before you do anything drastic with it.



Related Articles


User Comments

© 2013 Novell