Modifying the web.config File for Your Authentication Method

Archer enables you to modify the web.config file to authenticate your system for Windows integrated single sign-on (SSO).

Note: If you are configuring for Secure Socket Layer (SSL) only or for Single Sign-On integrated with Secure Socket Layer, please refer to the Archer Security Configuration Guide for complete instructions.

Modify the web.config file for Windows integrated SSO

1. Open the web.config file in a text editor.

2. Locate the <authentication mode> tag and change the authentication mode from None to Windows.

   <authentication mode=”Windows”

3. Locate the <authorization> and <allow users> tags and remove the comments.

   <authorization>

   <allow users="*" />

   </authorization>

4. Locate the <webHttpBinding> section.

5. Remove the comments in the <security mode> and <transport> tags identified for Windows Authentication and change the security mode as follows:

   <security mode="TransportCredentialOnly">

   <transport clientCredentialType="Windows" />

   </security>

6. Locate the <httpTransport> tag for the binaryHttpBinding.

7. Add the authenticationScheme="Negotiate" attribute to the tag.

   <httpTransport maxReceivedMessageSize="1024000000" maxBufferSize="1024000000" authenticationScheme="Negotiate" />

8. Locate the <httpTransport> tag for the binaryHttpBindingStreaming binding.

9. Add the authenticationScheme="Negotiate" attribute to the tag.

   <httpTransport transferMode="StreamedRequest" maxReceivedMessageSize="1024000000" maxBufferSize="1024000000" authenticationScheme="Negotiate" />

10. Locate the <location> tag and remove the comments.

    <!-- Uncomment this for Single Sign On with Windows Authentication -->

    <location path="default.aspx">

    <system.web>

    <authorization>

    <deny users="?"/>

    </authorization>

    </system.web>

    </location>

11. Save the web.config file.

12. Run an IISRESET in a command prompt.