Skip to content

Custom integration with authentication environments

MetaKarta can support three authentication methods:

  • Native Authentication, where the password is managed by the software and stored within the database.

  • LDAP Authentication, where the software does not manage or store the LDAP passwords at all. Instead, it is simply passed it through to LDAP in order to authenticate.

  • External Authentication such as Single Sign On (SSO), where the software does not perform any authentication, and leaves that responsibility to a local single sign on service managed by the customer.

Administrators can use MANAGE > Users to specify either:

  • Mixed Native and LDAP authentication where users may be authenticated either as native users or LDAP users.

  • External authentication where the system does not perform any authentication, leaving it up to a local Single Sign On environment.

Native Authentication Configuration Issues

There are no specific configuration steps for Native Authentication.

LDAP Authentication Configuration Issues

There are no special server configuration issues for LDAP Authentication. LDAP connectivity configuration is documented in the online help.

Windows Authentication Issues

It is also possible to enable the Application Server to obtain authentication for users from Windows authentication via the browser (client). This way, users will automatically be authenticated if they are running from a Windows session.

To do so, one must install a third-party product named Waffle (Windows Authentication Functional Framework) as an addon (see here):

  1. Please ensure that all LDAP settings are correct and users are able to log into the product via LDAP authentication. LDAP connectivity configuration is documented in the online help.

  2. Unzip the Waffle zip.

  3. Copy all the jar files from it to $MM_HOME/tomcat/lib

  4. Open $MM_HOME/tomcat/conf/web.xml. Search for "Windows authentication support". Uncomment the block following that.

  5. Restart MetaKarta

  6. You should have windows authentication enabled now. Any valid windows user will be logged in as guest by default as long as licensing allows it. If you need to get an administrator interface, you can access: http://host:port/MM/Auth?nativeLogin (optionally you can force a redirect to &redirectTo=/MM/)

  7. Provide connection information for the database you created above.

Note: Waffle is designed around Windows libraries and thus it is recommended that you use a Windows OS based machine as the Application Server. While it is possible to use Waffle on a Linux based machine, it will require a great deal of manual setup and compilation. Please follow the Waffle documentation for such an implementation (see here).

Note: When using Waffle on a Windows based Application Server (as is recommended) you must run as run the MetaKarta software as a Windows service (not as an Application) in order for Waffle to work properly.

Note: Automatic Windows authentication will not allow one to use the browser refresh (f5) with IE 8.x when used as the client browser. Refresh will force a re-authentication on IE 8.x browsers and will not be automatically authenticated. If this occurs, the user must close all instances of the browser and start again. To avoid this issue, one must use IE 9.x or later or another approved browser (see System requirements) In addition, for Firefox, you must configure the browser at each client to support automatic Windows authentication. Please refer to the Waffle web site here.