Single Sign On with Digital Hive on Linux

Single Sign On with Digital Hive on Linux

Question

Is it possible to set up Single Sign On when Digital Hive is on Linux? 

Answer

Yes, it is possible using OAUTH2, OpenID Connect (OIDC), and OKTA with Azure. 

  1. First you will need to create a Digital hive Azure App Registration, you can refer to the following Knowledge Base for assistance: Create a Digital Hive Azure App Registration. Ensure the Redirect URI is populated, the value for this parameter should be https://digitalhive_servername:9443/Theia/oauth/authFinish (example). 

  2. Browse to <digitalhive install director>/app/node1/tomcat/conf/theia.properties and edit the file. 

OAuth2

  1. Append the following -Dspring.profiles.active=oauth_auth to the end of motio.theia.tomcat.jvm.opts=
    The line should read motio.theia.tomcat.jvm.opts=-Xms4096m -Xmx4096m -Djava.util.concurrent.ForkJoinPool.common.threadFactory=com.motio.theia.TheiaForkJoinWorkerThreadFactory  -Dorg.jboss.logging.provider=slf4j -Dspring.profiles.active=oauth_auth

  2. At the end of the file add the following two properties: 
    spring.security.oauth2.client.registration.azure.client-id= <client id from azure>
    spring.security.oauth2.client.registration.azure.client-secret=<secret from azure>
    azure.activedirectory.tenant-id=<azure tenant id>

OIDC

  1. Append the following -Dspring.profiles.active=oidc_auth to the end of motio.theia.tomcat.jvm.opts=
    The line should read motio.theia.tomcat.jvm.opts=-Xms4096m -Xmx4096m -Djava.util.concurrent.ForkJoinPool.common.threadFactory=com.motio.theia.TheiaForkJoinWorkerThreadFactory  -Dorg.jboss.logging.provider=slf4j -Dspring.profiles.active=oidc_auth

  2. Modify the following properties at the end of the file:
    spring.security.oidc.client.registration.provider=azure
    spring.security.oidc.client.registration.azure.client-id=<client id>
    spring.security.oidc.client.registration.azure.client-secret=<secret from azure>
    spring.security.oidc.client.registration.azure.redirect-uri-template=https://<servername>:9443/theia/login/oauth2/code/azure
    azure.activedirectory.tenant-id=<azure tenant id>

OKTA

  1. Ensure the Redirect URI is added in the Applications in OKTA 

  2. Append the following -Dspring.profiles.active=oidc_auth to the end of motio.theia.tomcat.jvm.opts=
    The line should read motio.theia.tomcat.jvm.opts=-Xms4096m -Xmx4096m -Djava.util.concurrent.ForkJoinPool.common.threadFactory=com.motio.theia.TheiaForkJoinWorkerThreadFactory  -Dorg.jboss.logging.provider=slf4j -Dspring.profiles.active=oidc_auth

  3. Modify the following properties at the end of the file:
    spring.security.oidc.client.registration.provider=okta
    spring.security.oidc.client.registration.okta.client-id=<client id>
    spring.security.oidc.client.registration.okta.client-secret=<secret from okta>
    spring.security.oidc.client.registration.okta.redirect-uri-template=https://<servername>:9443/theia/login/oauth2/code/okta
    spring.security.oidc.client.registration.okta.issuerUri=https://<okta issuer>.okta.com

Restart Digital Hive services using ./stopAll.sh and ./startAll.sh at the root of Digital Hive directory.
Access Digital Hive and it should automatically redirect to logon using Single Sign On. 






    • Related Articles

    • Installing Digital Hive 2024.3 on Linux

      Overview The 2024.3 Digital Hive release brings a lot of new capabilities to the market. In order to deliver some of the new features, changes to the underlying technology stack that underpins the Digital Hive solution had to be made. The 2024.3 ...

    • Digital Hive Architecture Overview

      Overview Digital Hive is a lightweight, web-based application that is both easy to install as well as to maintain and manage. Other than the Microsoft C++ redistributable (https://www.microsoft.com/en-ca/download/details.aspx?id=40784), there are no ...

    • Upgrading Digital Hive on Linux to the 2024.3 Release

      Overview The 2024.3 Digital Hive release brings a lot of new capabilities to the market. In order to deliver some of the new features, changes to the underlying technology stack that underpins the Digital Hive solution had to be made. The 2024.3 ...

    • Digital Hive Frequently Asked Questions (FAQ)

      Installation Can Digital Hive be installed on premise or in the Cloud? Digital Hive can be installed using either on-premise hardware, in a Private Cloud, or a hybrid architecture that leverages both Cloud and on-premise. There is currently no ...

    • Uninstalling the Digital Hive Software

      Question Digital Hive was recently installed on a new server. What is the best way to uninstall Digital Hive from the previous server? Answer To uninstall Digital Hive from your Windows server: Log into the physical Digital Hive Windows server as an ...