Online demo
Download
Contact

Because information matters

  • External Authentication?

  • OpenKM has many interesting features, but requires some configuration process to show its full potential.
It is currently Fri Apr 17, 2026 7:17 am

External Authentication?

OpenKM has many interesting features, but requires some configuration process to show its full potential.
Forum rules: Please, before asking something see the documentation wiki or use the search feature of the forum. And remember we don't have a crystal ball or mental readers, so if you post about an issue tell us which OpenKM are you using and also the browser and operating system version. For more info read How to Report Bugs Effectively.
 Reply

External Authentication?

 #14854  by kingcu
 
Greetings, everyone! Just came across OpenKM and played with the online demo for a while, it looks and works great. But before we invest in OpenKM, we want to make sure that the external authentication could work the way we are expecting:

1. A user (Tom) logs into his PC (running Windows XP) using his Windows domain account;
2. When Tom opens OpenKM in Firefox, he is automatically logged into OpenKM using his Windows domain account;
3. Once Tom is in OpenKM, there is no way for him to logout.

So at the very end, what we need is this: once a Windows PC is logged on using a Windows domain account, access to OpenKM from this PC is restricted only to this specific Windows domain account. Is this possible with OpenKM?

Re: External Authentication?

 #14882  by pavila
 
OpenKM is a J2EE application which runs inside a Application Server called JBoss. Authentication is performed by JBoss, so this question is more related to JBoss than OpenKM.

In any case, I don't know any login module which works as you describe, so should be implemented.

Re: External Authentication?

 #14893  by kingcu
 
I found this article, Obtaining Client-Specific Information with a Web Application, which is exactly what I am looking for. Now that I can (step 1) put a piece of JavaScript code in the web page to obtain the client user name/computer name/domain, the next step I need to do is to (step 2) query against the Windows AD and if the user/comptuer/domain combination exists in AD, (step 3) authenticate the user to OpenKM. I have no clue how to perform step 2 and 3 at the moment. Can someone shed a light?

Also, the above technique to obtain client information only works with IE, is there any way this could work under FireFox and Chrome? Thanks.

Re: External Authentication?

 #14909  by jllort
 
You can not doing it, will be a security break in AD. You can not get the pass from your AD simply you will not able to complete the authentication process.

You need configure CAS for doing something like you propose.
 Reply
 Return to “Configuration”

Favorites

About Us

OpenKM is part of the management software. A management software is a program that facilitates the accomplishment of administrative tasks. OpenKM is a document management system that allows you to manage business content and workflow in a more efficient way. Document managers guarantee data protection by establishing information security for business content.

Powered By phpBB -
 ©OpenKM 2021
 - All times are UTC -