04-20-2020 10:20 AM
We implemented several geoportals (Geospatial Portal) inside the customer's network.
All geoportals has the following names:
https://VM_name/Application_Name, where application name is smth like "ecology" or "roads", etc.
Our customer doesn't want to have different portals for a number of user groups.
He wants one application, where access to the content is controlled by Active Directory policies.
And the question - is it possible to:
1) Create nice geoportal application name, smth like: https://gis.CompanyName.com in an internal network? And
2) When a user starts an application, passes ActiveDirectory-authorisation (AD), Geospatial Portal displays only the services, that are granted to such user by AD settings?
E.g. user form ecology user group (AD) will see only ecology services, maps, and not the roads.
Do we need to implement SDI for these tasks or it is possible to achieve such things by some workarounds?
04-21-2020 05:03 AM
I am afraid that the behavior requested isn't possible to do with our software offerings. This should be rather controlled on higher level, such as IIS and URL redirection. I'm not sure if it's possible to accomplish that with relation to Active Directory.
However it could be possible to develop a custom ASP.NET Web Application that would redirect users depending on their AD information.
04-22-2020 12:39 AM - edited 04-22-2020 12:40 AM
04-27-2020 10:22 AM
And is it possible to create several GPW and assign each of them to a certain user group (defined in AD)?
Is it possible to do with Geospatial Portal API / SDK?
Or is there any known workaround?
I think this functionality would be highly demanded in all corporate projects anywhere.
05-04-2020 02:17 AM
While it may be possible to work with Portal SDK and override some of the components to 'inject' a GPW to the Portal depending on the user authenticated, it doesn't sound like a simple task to me.
Although not so much integrated, it sounds much simpler to have something like a welcome page (with Windows Authentication), that will redirect the logged-in user to a GPW he has pre-assigned. The page can be empty and do just the authentication and redirection internally - the end users won't even notice that there's a wrapper.