Within the ADVANCED tab, you can enable the WINDOWS AUTHENTICATION and STRONG AUTHENTICATION options. To activate the WINDOWS AUTHENTICATION option:
- Click on the WINDOWS AUTHENTICATION checkbox.
- Accessing the BooleBox platform, thanks to Kerberos and NTLM integrations, will now be possible also inserting the same credentials used to access the company domain.
To enable the use of STRONG AUTHENTICATION certified systems (SiteMinder and DataPower):
- Select the desired STRONG AUTHENTICATION system from the drop-down menu.Note: if the DATAPOWER item is selected, the SHARED KEY field will appear, in which the key generated by the DataPower system and used to decrypt session cookies must be entered.
Note: to enable the WINDOWS AUTHENTICATION option successfully:
- The BooleBox WebApps servers must be added to the corporate domain.
- The WINDOWS AUTHENTICATION option must be enabled in the IIS of the BooleBox and RestApi sites.
To configure the integration between BooleBox and Splunk:
- Click on the checkbox SPLUNK INTEGRATION – HTTP EVENT COLLECTOR.
- Insert the HEC ADDRESS.
- Insert the HEC TOKEN.
Note: for details concerning Splunk configuration, please visit this link.
Note: By clicking on the WINDOWS AUTHENTICATION checkbox, the login page will show the link to access the BooleBox platform using the Windows credentials, that will be validated by IIS.
If the SSO option (Single Sign On) is not enabled, you will have to click on the WINDOWS AUTHENTICATION link also for logins subsequent to the first one; otherwise, credentials won’t be asked again and the Windows credentials shown will be automatically used to access the platform.
Note: in order to configure the Common Criteria EAL2+ certified version of BooleBox On-Premises, you must not use any of the STRONG AUTHENTICATION systems listed above and you must deactivate the flag associated to the WINDOWS AUTHENTICATION checkbox.