Netmail Archive 5.2 and higher
Support for "single sign-on" experience in NetGovern Search is possible with a supported proxy server and a simple configuration change. With this enabled, users logged in to their local workstations will be able to access their archives without being prompted for credentials; a proxy server such as the Microsoft Forefront United Access Gateway can provide the authentication. Login credentials will therefore be transparently supplied to Search such that an interactive request for authentication will not be made when access is requested. This ensures that users will not have to actively enter their credentials more than once. This article will explain how to enable this experience in NetGovern Search.
Before single sign-on can be implemented, a proxy server such as the Microsoft Forefront United Access Gateway that is not part of the NetGoven system must be in place. The proxy server should be configured to add the header Authentication-basic, followed by the user’s base64-encoded username:password. In the example below, the United Access Gateway has Single Sign-on configured with a 401 request and HTML form:
Once the proxy server is set up, enabling single sign-on in NetGovern Search server is a simple process that requires one configuration change:
1) On the Search server, locate the xgwxmlv.cfg configuration file. This file is located in C:\Program Files (x86)\Messaging Architects\RemoteProvider.
2) Open the file for editing and locate the section responsible for enabling single sign-on, as shown in the example below:
3) By default, single sign-on is disabled (the ssoEnabled default setting will be set to false). Set this property to ssoEnabled=true to enable single sign-on to Netmail Search and save the file.
4) Restart the NetGovern Client Access service.
The system will now support single sign-on to Netmail Search.