authentication methods
The following authentication methods are supported by XELOS by default:
- Internal XELOS authentication (default)
- MS Active Directory
- guest authentication
- IP range
- LDAP server
- Single Sign-On (SSO)
- RADIUS authentication
- Superuser Authentication
Additional modules and customer modules can provide their own methods - these are not listed here.
Internal XELOS authentication (default)
- Manual login with login name and password
- Readonly function (e.g. for external employees)
- Explicit definition which users/user groups may use this login
- XELOS saves the access data (passwords are stored as hash, individually salted and according to the current standard of your PHP version)
MS Active Directory
- XELOS establishes an LDAP connection to your Active Directory server and verifies the user against the AD.
- AD-Hoc creation of a previously unknown user possible
- Transfer of LDAP user data and rights according to settings
guest authentication
- Automatic login for "public access" possible
- Selection whether a button should be displayed in the login window for the guest login
- Definition of the Standard Instance for Guest Users
IP range
- Automatic login based on IP
LDAP server
- XELOS establishes an LDAP connection and verifies the user against the directory.
Single Sign-On (NTLMv2)
- Automatic login via the NTLM v2 protocol
RADIUS authentication
- Uses the PHP Radius extension, installable on the Linux console with
yum install php-pecl-radius.x86_64 - Specification of Radius Server/Port and Radius Secret
Superuser Authentication
- For maintenance and problem reproduction it is possible to assume the identity of other persons using a superuser password.
- Standard: Off / Not available
Methods via additional modules
The following methods are provided via additional modules, but are included in the standard XELOS PRO license and can be installed and configured later using the update procedure.
Single Sign-On (SAML 2.0)
- Module: SAML SSO
- Automatic login via the SAML 2.0 protocol
- Compatible with ADFS and AZURE AD
- XELOS acts as a service provider
Azure SSO
- Module: Microsoft 365
- Automatic login via the OAuth 2.0 protocol
- Compatible with Azure AD (Microsoft 365)
- XELOS acts as Microsoft 365 service