Question
· Feb 19, 2019

Give external users access to a CSP-pages

Hi!

I have a qeustion if it possible to let Ensemble manage user rights from AD-user group?

What i want is to let external user have access to certain CPS-pages to read information. But not let them have access to Ensemble it self. And instead to set up individual accounts in Ensemble for each one of them i rather want to have dem in an AD-securitygroup.

Is that possible and also limit them only to choosen CSP-pages?

I'm not a administrator of our platform, i'm just develope productions so i would be greatful for information i could bring to our tech-guys and ask them to set it tup, if possible.

Regards,

Michael

Discussion (6)2
Log in or sign up to continue

You definitely can do this. These parts of the documentation might be useful. This is on configuring AD group based LDAP authentication:

https://docs.intersystems.com/latest/csp/docbook/DocBook.UI.Page.cls?KEY...

LDAP authentication is straightforward to set up, but does need specific group names. If you can't do it for some reason, you might want to look at delegated authentication:

https://docs.intersystems.com/latest/csp/docbook/DocBook.UI.Page.cls?KEY...

With delegated, you'll have to write code to handle the authentication and authorization. It can be more flexible, but is also more responsibility.

Either of those options will let your users get permissions based on their AD groups. You'll also need to make the CSP page check for the particular access granted by that role, probably by doing a check for a permission on a resource.