If the company decided to use Alfresco ECM, then certainly raises an issue of choice of the users authorization mechanism. In addition, the large and serious companies already have standards for intra-authorization. This article discusses the basic mechanisms of authentication, which provides Alfresco.
Below is a chart which displayed the basic mechanisms of Alfresco user authentication:
alfrescoNTLM — involves storing password hashes in Alfresco itself. While authorization there is no refer to the domain server, this is essentially the method of simulation domain authentication. Instead the domain, user refers to Alfresco itself. This is bad.
Passthru — due to the peculiarities of Alfresco, it can be done only NTLM v1, which cuts off all systems with NTLM v2 (Windows 7 and Vista). This is bad.
Kerberos — to use it you have to add the Alfresco server to the trusted zone of client web browsers. This is bad.
External method can give the process of identifying to third-party application, such as Apache. In this method, there is a bug that was fixed in Alfresco 4.0a. In versions of Alfresco 3.4a-e this method does not work. With this method you can later attach load balancing mechanism. But at the same authorization for CIFS will be carried by another method.
0 comments:
Post a Comment