Provide the new connection with a Name here. You can give this connection a short description in the box below.
Enter the User and Password in the area Authentication, this is the user you want to use to access SharePoint. The user entered here is solely needed to access the service metadata in the Portal Manager.
OData
Authentication Types
In the Authentication area, select the Method required by the service: None
for anonymous access, Basic for basic HTTP, Intrexx for Intrexx OData Services,
Kerberos for services with integrated Windows authentication, Kerberos (HTTP Basic)
for services with Windows or standard authentication, or X.509 for X.509 client certificates.
Basic Authentication
If you select the Basic method, the login information will be requested.
The user entered here will only be needed to access the service metadata in the Portal Manager.
Intrexx Authentication
The Intrexx method is useful for services provided with the
Intrexx OData Provider. Login information will be transferred encrypted in this way.
For access to metadata, enter an Intrexx user and corresponding password here as well.
Integrated Windows Authentication
The options for Kerberos and Kerberos (HTTP Basic) are available for Windows
environments to use Windows Integrated Authentication for Single Sign-On.
The second option for HTTP Basic enables authentication for clients that do not support the Kerberos protocol.
Please note the following basic requirements for successful authentication with Kerberos:
The Intrexx portal must be run with integrated authentication.
You can enable this in the Users module via the Configuration menu.
The users from your Active Directory must be correspondingly created in Intrexx. You can quickly and
easily import these users in the Users module by selecting the menu item Users / Users and Groups Import.
Please make sure that at least one user is included in the Administrators group, so that the
system may continue to be managed.
The server on which Intrexx is installed requires the group policy Delegation.
All clients and servers must be members of the same domain.
In Internet Explorer, the security settings for the used zone must have the user authentication setting
of Automatic logon with current user name and password. Additionally, the option for
Enable integrated Windows authentication must be selected in the advanced settings.
Using Kerberos authentication provides you with true Single Sign-on for access by your users to the OData service that uses the integrated Windows authentication.
If a user cannot be authenticated, the second option will automatically use the standard login method.
For successful authentication, it is necessary to specify a Service Principal Name (SPN).
The SPN contains information about the service that requires a Kerberos ticket to be generated for it.
This ticket is required for the Internet Information Server used by the Intrexx portal server.
The SPN is generally constructed as follows: http/< computer-DNS-name>@<KERBEROS_REALM>
Computer-DNS-name: Fully qualified host name (such as mycomputer.mycompany.com)
KERBEROS_REALM: Generally the domain in uppercase letters (such as MYCOMPANY.COM).
The SPN would therefore look like the following using the sample data: http/mycomputer.mycompany.com@MYCOMPANY.COM
Authentication with X.509 Certificates
When you select the X.509 method, a certificate store in PKCS12 format can be uploaded. Later, each user can upload their own certificate store using a login form.
For authentication with X.509 certification, the root certificate of the authentication authority, which is responsible
for issuing the client certificates, must previously have been imported into Intrexx. The root certificate can be saved using the
Portal / Portal properties / Certificates menu. Restart the portal server afterwards.