|
|
|
|
|
Integration of MOVEit DMZ with other existing web applications can be achieved using several of DMZ's available features. To offer seamless transitions between an existing web application and MOVEit DMZ, external authentication, single signon, and logo and color scheme customization all need to be combined. For MOVEit DMZ API based web applications that need to transfer users to the MOVEit DMZ server without requiring another signon, the session transfer capability can also be used.
To keep the user from having to remember multiple login accounts, and to ease maintenance of account databases, use DMZ's external authentication feature to tie DMZ into your existing user authentication facility. DMZ supports authenticating against both RADIUS and LDAP servers, along with its own internal user database. See the External Authentication section of the User Policy Settings page for more information.
To allow an existing web application to transfer a logged in user seamlessly to DMZ, DMZ accepts username and password information via HTML form fields, and even URL query string arguments. Optimally, the existing web application should provide a secure page with a button the user can click to transfer to the DMZ application. See the Simple Single Signon Support section of the URL Crafting page for more information.
To keep users from believing that they've left the confines of a corporation's existing web application, DMZ's custom logo and color scheme features can be used to make DMZ appear as similar to the existing web application as necessary. Use the custom logo and bullet features to add corporate logos and bullet images to a DMZ organization. Use the custom HTML header feature to add more advanced header code to a DMZ organization, such as flash logos or javascript menus. Select one of the many stock color schemes included with MOVEit DMZ to closely match the existing web application, or add a custom color scheme to match it exactly. See Brand Settings for more information about each of these features. Information about creating custom color schemes can be found in Custom Schemes.
Some customers use MOVEit DMZ API to provide some DMZ information and services inside their own web applications. Instead of logging on directly to MOVEit DMZ, visitors to these sites instead log on to the web application, which uses an internal copy of MOVEit DMZ API to do its own logon to DMZ. This way, companies can provide information from their DMZ server to visitors without having them leave the company website. However, for more advanced DMZ features, such as the MOVEit Wizard, it may become necessary to have the user move to the DMZ server itself. Normally, the existing session that the MOVEit DMZ API object has with DMZ cannot be transferred across servers, meaning the user would have to sign on again to access the DMZ directly. To avoid this problem, DMZ provides an mechanism for transferring an existing client session from the API-enabled server to the DMZ server. First, the host that the MOVEit DMZ API application resides on must be marked as Trusted (see the Trusted Hosts section of the System Remote Access Policy page for more information). Next, the API application must send the user to a special ASPX page provided by MOVEit DMZ, called apilink.aspx, and provide the current session ID as an argument. This page takes the session ID argument and sets the appropriate cookie information on the client's browser, then forwards the client on to MOVEit DMZ:
https://moveit.yourcompany.com/apilink.aspx?sessionid=<sessionID>
The session ID can be accessed from the MOVEit DMZ API object. See the MOVEit DMZ API documentation for more information.
MOVEit DMZ supports direct, secure uploads and downloads initiated by other web applications.
Using MOVEit DMZ in this manner allows customers to use MOVEit DMZ for secure storage of all their portal's sensitive files. It also allows customers to take advantage of MOVEit DMZ's buffered transfers; otherwise handling of large files is an issue with many portal applications because they attempt to work with files on disk or all at once in memory. Typically, MOVEit DMZ API is used to initiate a secure upload and download by performing a session transfer at the same time. Complete documentation about this procedure (and a sample application) is available in the MOVEit DMZ API Windows documentation set.
See also Direct Download in Advanced Topics - URL Crafting.