Configuring AAD Authentication

• Configuring AAD Authentication
  • Overview
  • Process
    • Turning on AAD Authentication

Overview

CCLAS 6 can be configured to use Azure Active Directory (AAD) authentication instead of Windows Active Directory (AD) authentication.

Process

Turning on AAD Authentication

By default, CCLAS 6 uses AD authentication to validate the signon of a CCLAS 6 user. To enable AAD authentication, the environment must be deployed with the cclas.active.directory.enabled=true setting in the cclas.yml file in the Vars folder of the playbook, as follows:

-Dcclas.active.directory.enabled=true

Where this is configured, after a user enters their CCLAS 6 Username, Password and Laboratory, and then clicks Login, the user's User Principal Name and the entered Password is passed to AAD for authentication. After successful authentication, the CCLAS 6 session proceeds to use the user's Username, which equates to the user's User Code, to establish CCLAS 6 security rights.

A user's User Principal Name is configured when Maintaining Users.

Note: Calls to SOAP services apply case insensitivity to a User Code for authentication.