Symmetric Token Type - Legacy Authentication Methods - Foundation 23.1 - Foundation 23.1 - Ready - OnBase - Essential - Premier - Standard - external - Standard - Essential - Premier

Legacy Authentication Methods

Platform
OnBase
Product
Legacy Authentication Methods
Release
Foundation 23.1
License
Standard
Essential
Premier

If the symmetric token type is selected, the OnBase Entrust Properties for symmetric keys dialog is displayed:

  1. Double click the white field under Symmetric Key and enter the Base64-encoded symmetric key generated by the application for which single sign-on is being configured.
  2. Enter an ASP.NET Identity in the corresponding field. Specify the identity of the user running ASP.NET or the application pool. This is the user that the service runs under. If the application is not impersonating, specify ASPNET as the user.
    CAUTION:

    It is highly recommended that the consuming application run under its own identity. By doing so, the private key is protected and other ASP.NET applications on the server are not able to use the same private key to send unauthorized messages to the web service.

  3. Select Enable MAC address based filtering to include the MAC address of the machine running the application with which single sign-on is authenticating. The Media Access Control address field is displayed:
  4. Double click the white field under Symmetric Key and enter the MAC address of the machine that is running the application for which single sign-on is being configured.
  5. Click OK. The information is saved and the OnBase Entrust Properties dialog is closed.
  6. Enter an ASP.NET Identity in the corresponding Web Server Config field.

    Specify the ASP.NET user that the authentication server impersonates. This is the user that the service runs under. If the application is not impersonating, specify ASPNET as the user.

    CAUTION:

    It is highly recommended that the consuming application run under its own identity. By doing so, the private key is protected and other ASP.NET applications on the server are not able to use the same private key to send unauthorized messages to the web service.

  7. Click Configure. A public key is generated and displayed in the Public Key Token field.
  8. Copy the Public Key Token to the Windows clipboard by right-clicking the Public Key Token value and selecting Copy. This value is required to complete the application server configuration.
    If the application server is on a different machine from the web server, you must save this value to a text file accessible from the application server.
  9. Immediately continue with configuring the OnBase application server.