These customization keys are located in the ILLiad Customization Manager under Web Interface | Authentication, with the exception of UseLegacyRemoteAuthHandling which is located under System | System:
|RemoteAuthSupport||Determines if RemoteAuth is being used by one of the web directories. Example: Yes or No|
The name of the server variable containing the ILLiad username that is sent from the authenticating server. Example: HTTP_REMOTE_USER
The RemoteAuthUserVariable key is only applicable to ILLiad 9.0 and any previous versions. ILLiad 9.1 has replaced this key and added a Username entry to RemoteAuthValidation table. See Authentication Enhancements for more information.
|RemoteAuthWebLogoutURL||The URL to send a user to after logging out of an ILLiad web directory controlled by remote authentication. Example: http://www.abc.edu/logout or logon2.html|
|RemoteAuthWebPath||The web directory containing ILLiad web files and the DLL that's controlled by remote authentication. Example: C:\inetpub\wwwroot\illremoteauth|
|WebAuthType||Tells ILLiad which type of authentication is being used for web users.|
When set to Yes, ILLiad will retrieve remote authentication fields from HTTP headers in addition to server variables.
If you are configuring remote authentication using the ILLiad integrated SAML module, please ensure this key is set to No.
You can enable RemoteAuth authentication for a particular web directory while still keeping a separate web directory for users to register themselves via Basic ILLiad authentication. The RemoteAuthWebPath would be the directory controlled by remote authentication while the WebPath key (Web Interface | System | WebPath) would have the directory not controlled by remote authentication. RemoteAuthSupport being set to Yes would tell ILLiad to check the directory and then know if the user should be authenticated remotely or by ILLiad.
For RemoteAuth authentication, users who validate against the authenticating server can be cleared automatically by setting the AutoClearPreregisteredUsers customization key to Yes in the Customization Manager. If that key is set to Yes, those pre-cleared users can be sent a welcome email by turning on the AutoClearSendEMail key to Yes in the Customization Manager. The email template, autoclearcust.txt, can be edited in the Customization Manager on the Notification's tab by selecting the Auto Cleared User template from the Edit button.
During the ILLiad 9.0 update, any users who have the RemoteAuthSuppert customization key set to yes will need to set the WebAuthType key to RemoteAuth. This is because the new password enhancements use the WebAuthType to determine which sites require the password changes.
Because only the username is sent to ILLiad by default and users authenticate against the remote server each time, the password reset feature does not apply for RemoteAuth authentication.