arrow-down

ADFS ID Provider

Contents

ADFS ID Provider

Authenticate your users using your Active Directory Federation Services . This ID Provider uses the OAuth endpoint of your ADFS to authenticate users.

Usage

  • On your AD FS server, setup your Relying Party Trust & ADFS client

  • On Enonic XP

    • In the admin tool "Applications", install the application "ADFS ID Provider" .

    • In the admin tool "Users", create a user store and configure it to use the ADFS application.

      • clientId: AD FS Client ID

      • resource: Relying Party Trust identifier

Installation
  • In your Enonic VHost configuration, modify the approriate mappings so that your site or admin interface uses the user store you created.

    # Use ADFS for a site mysite
    mapping.mysite.host = example.com
    mapping.mysite.source = /
    mapping.mysite.target = /portal/master/mysite
    mapping.mysite.userStore = adfs-userstore

How to enable debug logging

Add the following to $XP_HOME/config/logback.xml and restart the server

<logger name="com.enonic.app.adfsidprovider" additivity="false">
    <level value="DEBUG" />
    <appender-ref ref="STDOUT"/>
    <appender-ref ref="FILE"/>
</logger>

Contents