Authentication¶
The Diagnostic & Monitoring Tool supports the following authentication methods:
Local authentication.
LDAP authentication.
Single sign-on with an Identity Provider (IdP).
Single sign-on with Kerberos.
If you have already configured the authentication in your installation, you will not need to configure it again in the Diagnostic & Monitoring Tool. It will reuse the current configuration.
In the Denodo Solution Manager installation, the authentication configuration is managed by Solution Manager. Remember that you can change this configuration in the menu Configuration > Authentication of the Solution Manager Administration Tool.
In the Denodo Platform installation, the Diagnostic & Monitoring Tool relies on the authentication configuration of Virtual DataPort for local authentication, LDAP authentication and single sign-on with Kerberos. This configuration is available in the option Administration > Server configuration > Server authentication of the Virtual DataPort Administration Tool.
If you want to configure single sign-on with an Identity Provider in a Denodo Platform installation, you need to:
Enable single sign-on with an Identity Provider in a Solution Manager.
Open the configuration of the Control Center in your Denodo Platform installation.
Configure the values under the section Denodo Security Token Authentication, taking into account that:
Host
is the hostname or IP address of the machine where the Solution Manager is installed.Port
is the port of the embedded web container in the Solution Manager installation. Its default value is 19090.If you have enabled SSL in the Solution Manager installation, you have to check the
Uses SSL/TLS
option.
Check the
Enable Denodo Single Sign On for web applications
option.Enable the Denodo Secutiry Token Authentication in the Virtual DataPort of your Denodo Platform installation.
Important
If you have configured single sign-on with Kerberos in your
installation, remember to access the Diagnostic & Monitoring Tool using
the Fully Qualified Domain Name of the Server Principal Name. For example,
if your Server Principal Name in a Denodo Platform installation is
HTTP/denodo-prod.subnet1.contoso.com@CONTOSO.COM
, you should access the
Diagnostic & Monitoring Tool through the URL
http://denodo-prod.subnet1.contoso.com:9090/diagnostic-monitoring-tool
or https://denodo-prod.subnet1.contoso.com:9443/diagnostic-monitoring-tool
.