Live Forms v6.3 is no longer supported. Click here for information about upgrading to our latest GA Release.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 8 Next »

 

Authentication and Authorization of users/roles is a major issue of concern to most companies.  has a plugable security framework and offers a variety of built-in Security Managers.  Selecting one of the available  Security Managers for your tenant, can help. The Security Managers supported by are listed below:

On This Page:

 

  • frevvo Default Security Manager -  is responsible for authentication/authorization and managing users/roles. This is the default option. Your tenant will be created with this security manager if no other choice is selected. If you use the  Default Security Manager, a tenant admin can create users and roles directly in your  tenant.
  • LDAP Active Directory Security Manager - The user is authenticated outside  using LDAP directly. This Security Manager by itself does not provide SSO. For Live Forms In-house customers using Microsoft IIS, SSO is available.

      When using the  LDAP Security Manager, groups are the equivalent of Live Forms roles.

  • SAML Security Manager - This security manager allows the exchange of authentication and authorization data between an identity provider of your choice (ex:Shiboleth, Okta, ADFS, etc...) and a service provider (frevvo). SSO is supported. Although this security manager can be used on-premise it is primarily meant for cloud tenants who use LDAP but do not want to expose it over the internet.
  • Azure SAML Security Manager - This security manager uses SAML in Authentication Only mode and the Active Directory available in the Microsoft Cloud solution, Azure. Azure AD can integrate with Microsoft AD providing a simple and secure way to access identity managment in the frevvo cloud.
  • Delegating Security Manager - this is the Security Manger needed for Confluence integration.

    When using the Delegating Security Manager, groups are the equivalent of Live Forms roles.

  • DB Container Security Manager - Authentication is the container's responsibility, but  provides a database interface to fetch users/roles for design time functionality from an external database.   
  • LDAP Container Security Manager - This is exactly the same as the DB Container Security Manager but LDAP instead of DB. Authentication is the container's responsibility. 
  • Custom - Container managed security manager used when there is a requirement for a container to handle authentication.

Changing the Security Manager for your Tenant

trial tenants are configured with the default security manager. Once you have purchased a license for your tenant the “Change Security Manager” feature becomes enabled. 

The following Security Manager changes are currently supported:

  • Default Security Manager → LDAP
  • Default Security Manager → SAML
  • LDAP → SAML
  • LDAP → Azure

If you are still evaluating  and want to switch the Security Manager of your tenant to the LDAP, SAML or Azure Security Managers on a trial basis, contact sales@frevvo.com to initiate the process.

If you know that you will be changing from the frevvo Default Security Manager to one of the other types after your trial period, we strongly recommend:

  • Create users in the default security manager with the same user names as the users in your target identity provider. For Example if you plan to switch to LDAP, make sure your users have the same names as those in your AD server. After you switch from the Default Security Manager to one of the other Security Managers any users that do not exist in the target IDP will no longer be accessible.

  • If you fail to follow this recommendation don’t stress all is not lost. :) You can still download your frevvo applications from those users and upload them into the new users that are created via your IDP.
customers should be aware that changing the Security Manager of your tenant is a ONE-WAY operation. Once completed you cannot change it back to the original security manager.

 

 

 

  • No labels