can a OTDS user connect to SAML 2.0 ID Broker after LDAP authentication

SreedharVaranasi · 2025-01-31T04:46:32+00:00

There was an error rendering this rich post.

SreedharVaranasi

We are integrating Documentum and OTDS. We are not using Azure AD.

The users and groups will be provisioned from LDAP into a synchronized partition in OTDS.

Normal users will be using username/password.

Admin users need to do 2FA to gain access to Webtop and DA.

We are having Red Hat SSO as a SAML 2.0 ID Broker, which has 2FA capability.

I would like to know whether it is possible for Admin users to login via their LDAP credentials and then redirect to RH SSO/SAML 2.0 ID Broker to do their 2FA.

Thanks,

Sreedhar

Find more posts tagged with

Documentum

OTDS

Note:

If there are Accepted Answers, those will be shown by default. You can switch to 'All Replies' by selecting the tab below.

Accepted answers

AlvaroDeAndresGomez

That sounds like a really bad approach (user/password should not be used as long as there's 2fa available, as it is way more secure).

This being said, the only thing you can do OOTB is configure you SSO as an external authentication handler in OTDS, and show both options on OTDS login screen (=either you login with user/password or with 2fa).

Other than that, you'll have to customize the login landing page of webtop/da to redirect some users again to your SSO after OTDS login (but again, from a security point of view, this is non-sense)

All comments

AlvaroDeAndresGomez

That sounds like a really bad approach (user/password should not be used as long as there's 2fa available, as it is way more secure).

Other than that, you'll have to customize the login landing page of webtop/da to redirect some users again to your SSO after OTDS login (but again, from a security point of view, this is non-sense)