CE Authentication profile settings (FsSvcCore/Web.config)
The authentication profile is made up of a combination of IIS, FsSvcCore/Web.config, and FsOptivaWeb/Web.config settings.
When applying the CE authentication profile, the AuthenticationType in
FsSvcCore/Web.config is set to WSFederation and FsOptivaWeb/Web.config includes the details of the identity provider.
Many values are used by the server to look up information about an IFS CE user. Or, to authenticate an IFS CE user when provided a set of credentials. This information comes from idp.properties.
Finally, a set of values are used to control the behavior of Optiva. These values inform the application about the environment in which it is running.
Other sets of default values are used when applying other authentication profiles. It should not be necessary to change the default values set by applying the CE authentication profile.
Sample values after applying the CE authentication profile:
<!--Set AuthenticationType to the value matching the Optiva
authentication type in use. Possible values are
Password|IWA|AD|WSFederation.--> <add key="AuthenticationType"
value="WSFederation" />
<!--Set ifsCEWSTrustSTSTUrl to the URL of the WS-Trust
Security Token Service--> <add key="ifsCEWSTrustSTSTUrl"
value="https://mingleinteg01-sso.mingledev.infor.com:443/idp/sts.wst"
/>
<!--Set wsFederationRealm to the WS-Federation Realm value
which normally is the URL of the relying party--> <add
key="wsFederationRealm" value="https://optivadev.infor.com/FsOptivaWeb/"
/>
<!--Set Deployment to match the deployment environment. Possible
values are Undefined|OnPremise|Cloud|Hybrid--> <add key="Deployment" value="Cloud"
/>
<!--Set Multitenant to true if the client is running in a
multitenant environment--> <add key="Multitenant" value="true"
/>
<!--Set DatabaseSelectionMode to List if you want the client
to be able to retrieve a list of databases or Tenant if the client must provide
the database name itself--> <add key="DatabaseSelectionMode"
value="Tenant" />
<!--Set ElectronicSignatureMode to the authentication method to
use for electronic signature. Possible values are none|Password|IWA|AD|IfsCE|Okta-->
<add key="ElectronicSignatureMode" value="IfsCE" />
<!--Set AutoProvisionUsersFromClaims to true if you wish to
create and update user information based on incoming claims in a WS-Federation
environment--> <add key="AutoProvisionUsersFromClaims" value="true"
/>
<!--Set LockAutoProvisionedUsers to true if you wish to lock
certain user fields and prevent users from being deleted if the users have been
auto-provisioned--> <add key="LockAutoProvisionedUsers" value="true"
/>