Live Forms v6.3 is no longer supported. Click here for information about upgrading to our latest GA Release.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

 

 has a plugable security framework and offers a variety of built-in Security Managers. If you use the  Default Security Manager, a tenant admin can create users and roles directly in your  tenants. See the Manage Users and the Manage Roles for instructions on creating users and roles. Note that with LDAP Security Manager and Delegating Security Manager, groups are the equivalent of  roles.

 also supports two types of LDAP Security Managers that pulls users and groups from your external Active Directory or Open LDAP system; a Delegating Security Manager when you are integrating with Confluence ; a Database Container Security Manager that pulls users and groups from your external users database; a SAML Security manager that allows enterprises to take advantage of Internet Single sign On and custom security managers that lets you integrate with a security manager that you build yourself.

On This Page:

 

  • frevvo Default Security Manager -  is responsible for authentication/authorization and managing users/roles. This is the default option. Your tenant will be created with this security manager if no other choice is selected. 
  • LDAP Active Directory Security Manager - The user is authenticated outside . Typically, SSO or  performs the authentication using LDAP directly.
  • SAML Security Manager - This security manager allows the exchange of authentication and authorization data between an identity provider of your choice (ex:Shiboleth) and a service provider (frevvo). SSO is supported. Although this security manager can be used on-premise it is primarily meant for cloud tenants who use LDAP but do not want to expose it over the internet.
  • Azure SAML Security Manager - This security manager uses SAML in Authentication Only mode and the Active Directory available in the Microsoft Cloud solution, Azure. Integration with the Azure API enables  queries. On-premise AD services can be exposed via Azure providing a clean way to integrate with the frevvo cloud. 
  • Delegating Security Manager - this is the Security Manger needed for Confluence integration.
  • DB Container Security Manager - Authentication is the container's responsibility, but  provides a database interface to fetch users/roles for design time functionality from an external database.   
  • LDAP Container Security Manager - This is exactly the same as the DB Container Security Manager but LDAP instead of DB. Authentication is the container's responsibility. 
  • Custom - Container managed security manager used when there is a requirement for a container to handle authentication.

Changing the Security Manager for your Tenant

trial tenants are configured with the default security manager. The security manager could not be changed for existing tenants in prior releases. A new tenant had to be created if you wanted to change the Security Manager of your tenant for your production environment. Submissions would be lost and you would have to use a new tenant name.

Once you have purchased a license for your tenant the original security manager can be changed. This allows you to keep the submissions and the name of your existing tenant.

Tenants using the Default Security Manager can be migrated to:

  • Default Security Manager → LDAP
  • Default Security Manager → SAML
  • LDAP → SAML

Cloud customers, planning to switch the Security Manager of your tenant to the LDAP Security Manager or a tenant using the SAML security manager on a trial basis should contact sales@frevvo.com to initiate the process.

 If you are are using LDAP for authentication, here's what we recommend:

  • Make sure the users created in the default security manager tenant have the same user names as the users in your LDAP server..
  • Users need the frevvo.User role to access . This should be configured in Active Directory on your LDAP server.

customers should be aware that changing the Security Manager of your tenant is a ONE-WAY operation. Once completed you cannot change it back to the original security manager.

 

 

 

  • No labels