WebOffice usermanagement was designed in a way that it is able to use already existing authentication systems. This is accomplished by configuring the WebOffice usermanagement module according to your specific needs. Using already existing authentication systems is important to avoid redundancies and is essential for implementing centralized rights control for several applications in a company network. In the following chapters you will find the different supported authentication systems.

 

icon_comment

WebOffice usermanagement is an additional module to WebOffice 10.9 R3. In the following chapters only the configuration options regarding the connection between WebOffice usermanagement and WebOffice 10.9 R3 are described.

icon_cross-reference

For information about the installation of WebOffice usermanagement, please see chapter WebOffice User Management (Application Server).

For general information about WebOffice usermanagement and configuration workflows in the UserManagement Admin Web, please see chapter WebOffice User Management and its subsequent chapters.

 

Configuration of User Management

Configuration of User Management

 

Property

Description

Use UserManagement?

Activate (true) the parameter to take the WebOffice usermanagement configuration into account or ignore it (false).

icon_comment

If the application configuration gets changed then you must reload the application (either via Reload Application button in WebOffice author standalone or in the Application Tab of SynAdmin) in order to let the configuration change take effect!

User name display

When using option Username then only the user name of the logged in user gets displayed. If using option Username (Login) then user name and user login (in brackets) will be displayed.

Display role description

true
Using the value of the field Description from the user management database.

false
Using the technical identifier (from the field Name).

icon_cross-reference

See chapter Groups for the configuration in UserManagement Admin Web.

Aggregate the rights (restrictions) of multiple role membership?

false
Both rights and restrictions are not to be aggregated (combined) when the user is member of more than 1 user group (role). User group (role) choice follows and the user must select the group (role) which rights (restrictions) are applied of.

icon_cross-reference

You will find more details about selection of usergroups at project start in chapter No Selection of Usergroups at Project Start, if a User is Member of Several Groups.

Notify upon near expiry?

Yes
User will get a warning on the client if the field value of Expiration for warning the user will be go below the value.

Example: The user will get an information about password expiration 14 days before deactivation of the user account.

Expiration for warning the user

Field to configure the time in days to receive a warning until the password expire and the user account will be disabled.

icon_comment

Within the WebOffice core Client a user specific warning will be shown in the upper section of the map window.

Contact email address

The configured E-Mail address is used to inform the user about the expiration of the users password.

icon_comment

The email is sent if the defined days for deactivation of the user will go below the time in the field value expiration for warning the user.

User Management configuration

 

If you use WebOffice usermanagement for controlling access to resources within WebOffice 10.9 R3 like map service access, layer access, tool availability etc. then you need to configure at least the properties:

DB Connection Information for Read Access (mandatory)

Editing Configuration for User Management (mandatory in case your WebOffice 10.9 R3 project includes editing functionality)

DB Connection Information for Write Access (mandatory in case you want to provide the tool Change Password in your WebOffice 10.9 R3 project)

 

In case you want to use any existing authentication system, choose a configuration type of the following list:

Authentication Type User Management Database

Authentication Type LDAP

Authentication Type NTLM

Authentication Type SSO

Authentication Type HTTP

Authentication Type BASIC

Authentication Type DIGEST

Authentication Type Portalverbundprotokoll

Authentication Type OAuth2