By: Eng Chew Low user 28 Apr 2020 at 10:23 p.m. CDT

2 Responses
Eng Chew Low gravatar
Hi I am new to area. I am not sure is this the right channel to ask, Our environment has multiple authentication sever LDAP /ADs . My team wanted to have - Private network - A single point of entry to allow authentication against multiple authentication servers. - 2FA option - High availability - Single-Sign On Can Gluu server do all these? Thanks and regards, Eng Chew

By Aliaksandr Samuseu staff 29 Apr 2020 at 7:11 p.m. CDT

Aliaksandr Samuseu gravatar
Hi, Eng Chew. > Private network Sorry, not sure what you mean by that. Could you elaborate? >Single-Sign On Possible > A single point of entry to allow authentication against multiple authentication servers Would be better if you explain this as well, but if you need to delegate authentication to already existing legacy servers, Gluu Server can do this. LDAP authentication is available OOTB, and it also has a collection of person authentication custom scripts which allow you to utilize protocols like CAS, SAML or OIDC to authenticate your users at some other IDP (SAML and OIDC auth flows are handled by Passport sub-component). > 2FA option The mentioned custom auth scripts also include a few popular 2FA methods. You may need to extend the scripts that don't have 2FA option yourself, though. > High availability There are two main options for HA: clusters built with Cluster Manager, and scalable HA setups based on Kubernetes. Both require you to have a support contract with Gluu (there are not free to use). Hope this helps.

By Eng Chew Low user 29 Apr 2020 at 7:52 p.m. CDT

Eng Chew Low gravatar
Hi Aliaksandr, Thanks for the reply. > Private network On premise. Won't have any internet access. > A single point of entry to allow authentication against multiple authentication servers I have 2 to 3 LDAP/AD servers at (some same some different network) holding their own records. At a single point of entry, can Gluu authenticate the user against all of the authenticate servers. i.e Server A and Server B at network 1 , Server C at network 2 Can User A (whose record in Server A) be authenticate from a terminal in network 2? > There are two main options for HA: clusters built with Cluster Manager, and scalable HA setups based on Kubernetes. Both require you to have a support contract with Gluu (there are not free to use). Noted. So the cluster manager is part of Gluu?