Solution |
This topic contains details about the main security aspects in SoftExpert Suite access to the persistence layer and used services.
DatabaseSoftExpert Suite connects to the database by using basic authentication, through user name and password. The database connection configurations are stored in encrypted configuration files by using the SoftExpert Suite encryption algorithm.
To send e-mail notifications, SoftExpert Suite is parameterized to connect to the e-mail server using basic authentication through user name and password, or OAuth authentication, through Microsoft or Google accounts. These data are stored in the database by means of the SoftExpert Suite encryption algorithm.
DirectorySoftExpert Suite may be configured to store documents in directories. For that, it is necessary to have permission to read and write to SoftExpert Suite (local user or domain user configured in IIS or NGinx) or for the File Manager Service, used only in remote directories. Users do not need to have access in these directories.
LDAPTo perform the LDAP service connection, either for authenticating or synchronizing the users data, SoftExpert Suite uses a valid AD user, entered in its parameterization. If using the LDAP synchronization and authentication functionality, make sure the rules to access the services in the company domain server are created in the firewall. The ports commonly used to make the connection with these services are listed below: ▪389/TCP
NTLMv2To perform the user authentication with the SoftExpert Suite using the NTLMV2 protocol, you must ensure that the rules for accessing the company domain server services are created in the firewall. The ports commonly used to make the connection with these services are listed below: ▪445 TCP ▪445 UDP
SAMLTo perform the user authentication with the SoftExpert Suite using the SAML protocol, you must ensure that the rules for accessing the company domain server services are created in the firewall. The ports commonly used to make the connection with these services are listed below: ▪443 TCP |