Login using SSO (Single sign-on)

Use the IIS manager to switch to SSO authentication. It is very important for the user accounts used for logging in to be also created on the Windows server. Enable the following keys in section ADMINISTRATION  System parameters  FormFlow configuration:

  • set XMLGW_AUTO_AUTH_ENABLED to 1
    1 – enable, 0 – disable.

  • set XMLGW_AUTO_AUTH_URL to ./sso/auth602fs.php

Login using SSO

The following permissions must be also set in the IIS manager as needed:

  1. SSO login to FormFlow

    Open this site/application and a make the same changes on /soap/ subfolders as well:

    • Using the right mouse button, switch Anonymous access to “Disable”

    • Using the right mouse button, switch Windows system authentication to “Enable”

    • Using the right mouse button, switch Basic authentication to “Disable”

  2. SSO login to FormFlow

    Use the location bar above to enter the path to index2.php. This file is located in the htdocs folder, the path may be the following:

    Sites\Default web Site\ffs01\index2.php

    • Using the right mouse button, switch Anonymous access to “Disable”

    • Using the right mouse button, switch Windows system authentication to “Enable”

    • Using the right mouse button, switch Basic authentication to “Disable”

  3. FormFlow Office Extension, authentication method setting for SSO

    Open this site/application and a make the same changes on /soap/ subfolders as well:

    • Using the right mouse button, switch Anonymous access to “Disable”

    • Using the right mouse button, switch Windows system authentication to “Enable”

    • Using the right mouse button, switch Basic authentication to “Disable”

    • In the /soap folder, use msoffice_authenticator for ws ServiceDG.

    If you are using web services for external system authentication, starting with FF version 10.2.0.0.10 you can also apply these settings to the /soap2 folder. Use ws_authenticator here, which can differ from msoffice_authenticator.

    • Using the right mouse button, switch Anonymous access to “Disable”

    • Using the right mouse button, switch Windows system authentication to “Disable”

    • Using the right mouse button, switch Basic authentication to “Enable”

    The following additional changes are needed: Create file config.local.neon in folder \htdocs\configs\DI\ with the following lines:

    msoffice_authenticator: FS\Auth\WindowsNTLMAuthenticator

    Restart the IIS or the application pool.

  4. Signer and remote sealing, setting up the authentication method for SSO

    The IIS setting is identical to step 3. The following additional changes are needed: Create file config.local.neon in folder \htdocs\configs\DI\ with the following lines:

    ws_authenticator: FS\Auth\WindowsNTLMAuthenticator

    Restart the IIS or the application pool.

    In Signer, you will only need to enter the alias and the path to FormFlow in the following form:

    formflow://[FormFlow address]/hsm/soap/signerInfo.php