Granting permissions for the saml bridge log file – Google Search Appliance Enabling Windows Integrated Authentication version 6.8 User Manual
Page 15
Google Search Appliance: Enabling Windows Integrated Authentication
15
Verifying the Configuration of the SAML Bridge
Application Pool
This process verifies that the Application Pool identity for the SAML Bridge is Network Service.
1.
In the IIS Manager tree view, click to expand the Application Pools.
2.
Select the name of the application pool that was configured for the SAML Bridge and select
Advanced Setting from the Actions pane.
3.
Under Process Model, verify that the value of Identity is set to Network Service.
4.
Click OK to close the dialog box.
Configuring Authentication Requirements for the
Login.aspx File
The Login.aspx file is the component of the SAML Bridge that authenticates the user. When a user
makes a secure search request, the search appliance redirects the request to this Login.aspx file for
authentication.
You will now configure the Login.aspx file to require authentication, so that the user’s browser sends
Windows login credentials.
1.
In the IIS Manager under Web Sites, select saml-bridge.
2.
Select the Content view.
3.
Select Login.aspx.
4.
in the Actions pane, click Switch to Features view. You’ll be taken to Login.aspx Home.
5.
Double-click the Authentication icon.
6.
Select Anonymous Authentication and click Disable in the Actions pane.
7.
Select Windows Authentication and click Enable in the Actions pane.
This file is treated differently from other files in the saml-bridge website. This file requires
authentication, but the search appliance needs anonymous access to other files under the virtual
directory.
Granting Permissions for the SAML Bridge Log File
You will now ensure that all users can writer to the SAML Bridge log file.
1.
Select the saml-bridge web site in IIS.
2.
In the Actions panel, click Explore.
3.
Right-click the ac.log file and select Properties.
4.
On the Security tab click the Add... button. You see the Select Users, Computers or Groups dialog
box.
5.
Click Check Names.
6.
Click OK. The dialog box closes.