Windows Authentication Issues
It is also possible to enable the Application Server to obtain authentication for users from Windows authentication via the browser (client). This way, users will automatically be authenticated if they are running from a Windows session.
To do so, one must install a third-party product named Waffle (Windows Authentication Functional Framework) as an addon (see here):
- Please ensure that all LDAP settings are correct and users are able to log into the product via LDAP authentication. LDAP connectivity configuration is documented in the online help.
- Unzip the Waffle zip.
- Copy all the jar files from it to $MM_HOME/tomcat/lib
- Open $MM_HOME/tomcat/conf/web.xml. Search for "Windows authentication support". Uncomment the block following that.
- Restart Talend Data Catalog .
- You should have windows authentication enabled now. Any valid windows user will be logged in as guest by default as long as licensing allows it. If you need to get an administrator interface, you can access: http://host:port/MM/Auth?nativeLogin (optionally you can force a redirect to &redirectTo=/MM/)
- Provide connection information for the database you created above.
Note: Waffle is designed around Windows libraries and thus it is recommended that you use a Windows OS based machine as the Application Server. While it is possible to use Waffle on a Linux based machine, it will require a great deal of manual setup and compilation. Please follow the Waffle documentation for such an implementation (see here).
Note: When using Waffle on a Windows based Application Server (as is recommended) you must run as run the Talend Data Catalog software as a Windows service (not as an Application) in order for Waffle to work properly.
Note: Automatic Windows authentication will not allow one to use the browser refresh (f5) with IE 8.x when used as the client browser. Refresh will force a re-authentication on IE 8.x browsers and will not be automatically authenticated. If this occurs, the user must close all instances of the browser and start again. To avoid this issue, one must use IE 9.x or later or another approved browser (see System requirements) In addition, for Firefox, you must configure the browser at each client to support automatic Windows authentication. Please refer to the Waffle web site here.