Documentation for installing xDI Analytics indicates that users should be configured in the tomcat-users.xml file. (Install Semarchy xDI Analytics :: Semarchy xDI Documentation).
The tomcat-users.xml file explicitly defines usernames and passwords. We are concerned about passwords being visible in this file.
Are there any ways around it? Does xDI support Single Sign On (SSO) for authentication?
Hi Sharon,
This is a legitimate concern, and as the authentication in xDI analytics is handled by tomcat, you can benefit from tomcat capabilities.
Indeed, tomcat has multiple solutions to avoid plain text passwords.
You can use an SSO, please refer to the following articles :
Authenticate with an LDAP server
Authenticate with SAML
Also, you can use a digest instead of clear password, the procedure is explained on this external article.
Please do not hesitate to reach us again as needed.
Thanks,
Guillaume
Sharon GEORGE
Documentation for installing xDI Analytics indicates that users should be configured in the tomcat-users.xml file. (Install Semarchy xDI Analytics :: Semarchy xDI Documentation).
The tomcat-users.xml file explicitly defines usernames and passwords. We are concerned about passwords being visible in this file.
Are there any ways around it? Does xDI support Single Sign On (SSO) for authentication?
Hi Sharon,
This is a legitimate concern, and as the authentication in xDI analytics is handled by tomcat, you can benefit from tomcat capabilities.
Indeed, tomcat has multiple solutions to avoid plain text passwords.
You can use an SSO, please refer to the following articles :
Authenticate with an LDAP server
Authenticate with SAML
Also, you can use a digest instead of clear password, the procedure is explained on this external article.
Please do not hesitate to reach us again as needed.
Thanks,
Guillaume
Guillaume RIVOLLIER
Hi Sharon,
This is a legitimate concern, and as the authentication in xDI analytics is handled by tomcat, you can benefit from tomcat capabilities.
Indeed, tomcat has multiple solutions to avoid plain text passwords.
You can use an SSO, please refer to the following articles :
Authenticate with an LDAP server
Authenticate with SAML
Also, you can use a digest instead of clear password, the procedure is explained on this external article.
Please do not hesitate to reach us again as needed.
Thanks,
Guillaume