[-]
  
  
 [-]
   
   
   
   
   
   
   
 [-]
   
   
   
   
   
  
  
  
 [-]
   
   
   
   
   
   
   
   
  
  
 
 
 
[-]
  
  
  
  
  
  
Updated on 1/17/2020
Version 2019.4
Authentication with FireStart IdentityServer
Direct link to topic in this publication:

FireStart IdentityServer is a .NET Core Application which is hosted in IIS and based on the open-source IdentityServer project. It handles user logins and searches for users and groups used in FireStart.

Currently, there are three authentication and corresponding search providers available:


WarningAttention!
FireStart needs to be able to find users logging in through the search provider, therefore it is important that the authentication and search provider match.


Warning Attention!
It's currently not supported to change search providers on an already running system. You can find more information in the corresponding article.


WarningAttention!
Windows authentication (NTLM/Kerberos/Negotiate) and HTTP/2 are not compatible and the fallback described here does not always work. So, to ensure authentication works, even when Windows with Active Directory is enabled, we disable HTTP/2 in the FireStart setup routine.


Where to find the FireStart IdentitiyServer:

  • on the IIS site: opening IIS Manager you can find it under the FireStart Process Portal site
  • in the application: on the FireStart server the application points to <INSTALL_FOLDER>\PROLOGICS Identity Server
  • in the configuration: the configuration is done via the appsettings.json file 
  • in the production data: data is stored in SQLite databases which can be <INSTALL_FOLDER>\PROLOGICS Resources\Database
  • in the logs: IS uses Serilog and the logging is configured in the Serilog section in the appsettings.json. The default location for log files is <INSTALL_FOLDER>\PROLOGICS Resources\Logs where the resource path defaults to <INSTALL_FOLDER>\PROLOGICS Resources or C:\Resources on a dev environment.

Information

Note:

Due to the fact that the IdentityServer is running within the FireStart AppPool, the IdentityServer needs access to the private key of the Host. You can check the status or add the connect as follows: In MMC Certificate Snap-in, click on Certificates -> Personal -> Certificates -> <Your Certificate> Right click -> All Tasks -> Manage private keys. If the FireStart AppPool is not listed here, add IIS AppPool\FireStart AppPool to the local computer.

Previous | Next