MACROMEDIA CONTRIBUTE 3 - DEPLOYING AND PUBLISHING SERVER Manual page 49

Understanding Contribute user authentication models
Contribute provides two user authentication models that you can use:
File-based authentication
domain authentication.
When using the Contribute file-based authentication system, CPS looks up the user's credentials
in an XML file located on the server.
When using Windows domain authentication, CPS validates the user's identity against the
Windows domain in which CPS operates.
Note: Windows domain authentication uses the winNT.dll library for authentication. You must ensure
that this file's path (usually c:\windows\system32) is placed within the java.library.path environment
variable.
User directory service-based authentication
services such as Lightweight Directory Access Protocol (LDAP) or Active Directory.
About Contribute and LDAP or Active Directory
Lightweight Directory Access Protocol (LDAP) is a protocol for accessing information directories.
Microsoft Active Directory and LDAP are types of directory services. In the case of directory
services, a directory is like a telephone book and not like a directory (folder) on your computer.
You can integrate the User Directory service of CPS with your directory service. The User
Directory is an application service that enables you to centrally manage users.
When you integrate with your LDAP directory, you control who can access your website and how
they are authenticated.
LDAP branches
for your website, or you can indicate specific branches to search.
You have the following options:
•
Add the root node of your LDAP tree to the user directory, and enable search for users or
groups in any of the branches.
•
Add specific branches to the user directory and determine the scope of the search—whether
you want to search only the branch or the branch and any subbranches. This way, you can
exclude certain branches of your LDAP tree from the search.
For each branch you add, you can define a user search only or you can define a user and a group
search.
For example, suppose your LDAP directory has three branches: East, Central, and West. You
want to integrate with the LDAP directory your entire company, so in the following example, you
add one branch for a user search to the user directory:
User branch with baseDN:o=MyCompany, Search Scope:SUBTREE_LEVEL,
filter:(objectClass=organizationalPerson)
Now, suppose you want to include only the Central and West branches and you want to define
user and group searches. You add the following four branches to the user directory:
lets you use either a password stored in an XML file, or Windows
Using the User Directory service, you can add your entire LDAP user directory
lets you integrate Contribute with user directory
Configuring Contribute Publishing Server (CPS only) 55