can a OTDS user connect to SAML 2.0 ID Broker after LDAP authentication

SreedharVaranasi
SreedharVaranasi Member
in Documentum #1

Hi

We are integrating Documentum and OTDS. We are not using Azure AD.

The users and groups will be provisioned from LDAP into a synchronized partition in OTDS.

Normal users will be using username/password.

Admin users need to do 2FA to gain access to Webtop and DA.

We are having Red Hat SSO as a SAML 2.0 ID Broker, which has 2FA capability.

I would like to know whether it is possible for Admin users to login via their LDAP credentials and then redirect to RH SSO/SAML 2.0 ID Broker to do their 2FA.

Thanks,

Sreedhar

Tagged:

Best Answer

  • AlvaroDeAndresGomez
    AlvaroDeAndresGomez Member
    edited January 31 #2 Answer ✓

    That sounds like a really bad approach (user/password should not be used as long as there's 2fa available, as it is way more secure).

    This being said, the only thing you can do OOTB is configure you SSO as an external authentication handler in OTDS, and show both options on OTDS login screen (=either you login with user/password or with 2fa).

    Other than that, you'll have to customize the login landing page of webtop/da to redirect some users again to your SSO after OTDS login (but again, from a security point of view, this is non-sense)

Answers

  • AlvaroDeAndresGomez
    AlvaroDeAndresGomez Member
    edited January 31 #3 Answer ✓

    That sounds like a really bad approach (user/password should not be used as long as there's 2fa available, as it is way more secure).

    This being said, the only thing you can do OOTB is configure you SSO as an external authentication handler in OTDS, and show both options on OTDS login screen (=either you login with user/password or with 2fa).

    Other than that, you'll have to customize the login landing page of webtop/da to redirect some users again to your SSO after OTDS login (but again, from a security point of view, this is non-sense)

Categories