Adjust eWay-CRM Web Service for Active Directory Authentification

Content:

Setting for eWay-CRM 6.1 and higher

Important: Since eWay-CRM 6.1, the support of the authentication on the HTTP level (Windows / Basic Authentication on the IIS level) is ended and the Anonymous authentication in is required. The authentication towards the Active Directory is done right by the web service that issues its own login tokens and increases the safety of the whole system.

If you are using any gate or reverse-proxy that adds authentication (Basic / NTLM) to the HTPP communication, you need to change the configuration and allow anonymous transfer for eWay-CRM. If you do not do it, client applications of eWay-CRM will not be able to communicate with the web service.

You need to change the Web.config file. Beneath the system.web tag it is necessary to adjust these tags:

<authentication mode="Windows" />
<identity impersonate="false" />
<authorization><allow users="*" /></authorization>

To be able to login under the build-in admin account, you need to create windows user and put his username into this tag below. The username should not already exist under eWay-CRM users.

<add key="AdminName" value="username"/>

And these under the appSettings tag:

<add key="DomainName" value="YOUR_DOMAIN" />
<add key="UseDomainLogin" value="1" />

Attention: Server has to be joined to the same domain as the domain specified in the configuration file (DomainName).

If non-admin user cannot log in after the settings are applied, but admin user can, it is required to add read permissions on the eWay folder.

Setting for eWay-CRM 6.0 and lower

Before steps above, it is necessary to install and adjust the eWay-CRM web service, according to the manual in the help center. In IIS, on the Authentication page of the web service, it is necessary to turn off Anonymous Authentication and instead turn on Windows Authentication.

Then you need to enable anonymous signing into the web service Download folder. The Download folder must be transformed to an application and on the Authentication page turn on Anonymous Authentication. Turn everything else off.

Then, you proceed with steps same as for eWay-CRM 6.1 and higher.