Netmail Archive 5.2 and higher
Support for single sign-on in Netmail Search is possible with a simple configuration change in Netmail Archive. When single sign-on to Netmail Search is configured in Netmail Archive, users logged in to their local workstations will be able to access their archives using Netmail Search without being prompted for credentials; a proxy server such as the Microsoft Forefront United Access Gateway can provide the authentication mechanism. Login credentials will therefore be transparently applied to Netmail Search so that an active request for authentication will not be made when archive access is requested. This ensures that users will not have to actively enter their credentials more than once. This article will explain how to enable single sign-on for Netmail Search with Netmail Archive.
Before single sign-on can be implemented, a proxy server such as the Microsoft Forefront United Access Gateway that is not part of the Netmail Archive system must be in place. The proxy server should be configured to add the header Authentication-basic, followed by the user’s base64-encoded username:password. In the example below, the United Access Gateway has Single Sign-on configured with a 401 request and HTML form:
Once the proxy server is set up, enabling single sign-on in Netmail Archive is a simple process that requires one configuration change:
1) On the Master Archive server, locate the xgwxmlv.cfg configuration file. This file is located in <drive letter>:\Program Files (x86)\Messaging Architects\RemoteProvider.
2) Open the file for editing and locate the section responsible for enabling single sign-on, as shown in the example below:
3) By default, single sign-on is disabled (the ssoEnabled default setting will be set to false). Set this property to ssoEnabled=true to enable single sign-on to Netmail Search and save the file.
4) Restart the Netmail AWA Remote Provider service.
The system will now support single sign-on to Netmail Search.