Enable user authentication

The Web Administrator interface enables you to segregate the Help content published on the server into protected and public areas. Only authenticated users can view the content published in protected areas, but no authentication is required to view content published in public areas.

Note: You do require authentication to publish content to public or protected areas.

By default, RoboHelp Server creates a public area, general.

Important: You cannot mark the general area as protected and it cannot be deleted.

To make an area protected, you can select the Protected area option in the Areas page of the Web Admin interface. For more information on Protected areas, see Managing areas. You can define several sets of privilege groups and assign different rights to different users. These rights include view only, publish, admin rights, and viewing reports. You can manage the groups and their privileges from RoboHelp Server Web Admin pages. RoboHelp Server 11 provides user authentication through both database and LDAP. You can also use HTTP request and response mechanism to authenticate users, see Authenticate users via HTTP request for more information.

Authenticate LDAP users

Important: The recommended way of configuring LDAP settings is through the Configuration Manager. See Specify LDAP settings.

You can use the <context-name>_server.properties file to authenticate an LDAP user or an administrator. Do the following:

Comment the authtype = db property, specify your LDAP user name in the DefaultAdminUid property, and do not specify your LDAP password in the DefAdminPwd property.

Uncomment and specify your organization LDAP details:

authtype = ldap 
ldapURL = ldap://ldapserver:389 
usersearchbase = ou=people,o=org 
rolesearchbase = ou=groups,o=org 
useridkey = uid 
rolename = cn 
rolesearch = uniqueMember

Restart the Tomcat service to log in as an LDAP user.

The following table lists the properties stored in the <context-name>_server.properties file:

Property Name	Description	Property Value	Required (Yes/No)
DatabaseType	Specifies the database used (supported types are oracle/sql)	oracle/sql (Apache derby by default)	Yes
authtype	Specifies the authentication mechanism used.	db/ldap	Yes
LDAP Server URL	The URL of your organization’s LDAP server		If authtype is ldap
usersearchbase	The LDAP base node within which you want to find users. For example, dc=company, dc=com.	URL of LDAP Server of the organization	If authtype is ldap
rolesearchbase	The LDAP base node within which you want to find groups. For example, dc=company, dc=com.		If authtype is ldap
useridkey	The LDAP node attribute that determines the user ID.	user ID key	If authtype is ldap
rolename	The LDAP node attribute that determines the group name.	role name key	If authtype is ldap
rolesearch	The attribute of the LDAP group node that determines the members of the group	role attribute name	If authtype is ldap
DefAdminUID	When server is started for the first time, server is not connected to the database. Therefore, access permissions for a given user cannot be verified. Provide a default user ID which has the admin rights and can access the web admin.	User ID which has admin access to RoboHelp Server by default.	Yes
DefAdminPwd	User ID which has admin access to RoboHelp Server by default. For LDAP authentication, password for the DefAdminUid is verified from the LDAP server. For database authentication, provide the default password for the default user ID.	Default Admin password	if authtype is db
maxload	Specifies maximum number of open concurrent database connections depending on the database used for report logging.	maximum number of open connections database can handle.
ProjectsURLBase	Context path of the Help projects on the Tomcat server.
ProjectsDirBase	Top-level directory of Help projects

Important: The recommended way of editing properties is through the Configuration Manager.

Authenticate users via HTTP request

You can use the HTTP request and response mechanism to authenticate users in RoboHelp Server 11. This method is used to access protected pages on the server. The authentication session is managed by the server and browser, and the authentication parameters are supplied in XML format. You can also use the HTTP-based authentication mechanism to authenticate LDAP users.

To authenticate users via HTTP request, perform the following steps:

Change the help topic URL to include the authentication mechanism, as shown in the following example:

Original help topic URL: http://<server-name>:<port>/<context-name>/server?prj=<project-name>&area=<protected-area>&tpc=<-topic-.htm>&type=<type-of-output>

Modified help topic URL: http://<server-name>:<port>/<context-name>/server?prj=<project-name>&area=<protected-area>&tpc=<-topic-.htm>&mgr=auth&type=<type-of-output>

Note: In the modified help topic URL, the authentication mechanism is specified as mgr=auth.
Send HTTP POST request to the modified help topic URL.
Provide authentication parameters in XML SOAP Envelope, as shown below: <?xml version="1.0" encoding="UTF-8"?><SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><SOAP-ENV:Header /><SOAP-ENV:Body> <login> <UID name="username"></UID> <PWD name="password"></PWD> </login></SOAP-ENV:Body></SOAP-ENV:Envelope>
When this request reaches RoboHelp Server, the server decodes the user credentials from the XML Soap Envelope and authenticates the user.

If successful, RoboHelp Server sends HTTP response in JSON format as shown below and redirects user to the requested page: '{"redirect":"Encoded Redirect URL of the Help Topic"}’

In case of any error, it sends HTTP response in JSON format as shown below: '{error:"Error Message"}'