ADOIT 20.0 Hardware/Software Requirements

Architecture

Abstract

ADOIT Web Client	Web browser that is used to access the ADOIT web server. ADOIT supports the following desktop browsers: Microsoft Edge, Mozilla Firefox and Google Chrome on Windows and Safari on the Mac. In addition, ADOIT supports Safari on the iPad.
ADOIT Web Server	Web server (platform independent) that is necessary for the communication between web client and ADOIT application server.
ADOIT Application Server	The ADOIT application server is responsible for the access to the ADOIT database and it contains the functionality of the ADOIT web scenario. Starts one or more aworker processes.
ADOIT Database	Database server (platform independent) that manages and stores the ADOIT data. ADOIT supports Microsoft SQL Server and PostgreSQL.

Software Requirements

ADOIT Web Client

Browser (64-Bit)

Desktop Browser: Microsoft Edge (latest) on Windows Mozilla Firefox (latest) on Windows Google Chrome (latest) on Windows Safari (latest) on the Mac (the "Workspaces" scenario is not supported in Safari) Mobile Browser: Safari (latest) on the iPad; graphical modelling is not supported on the iPad

Hardware Requirements

ADOIT Web Client

RAM	Minimum: 2 GB Recommended: 4 GB or higher
Processor	Minimum: Intel Pentium D / comparable processor Recommended: Intel Core i7 / comparable processor or higher
Clock speed	Minimum: 1 GHz Recommended: 2 GHz or higher
Screen resolution	Minimum: 1024 x 768 Recommended: 1366 x 768 or higher
Colour depth	Minimum: 65.536 colours / 16 Bit Recommended: 16M colours / 32 Bit or higher

Network Requirements

The bandwidth requirements between the individual components are listed below:

ADOIT Web Client – ADOIT Web Server

Minimum: 2 Mbit Recommended: 10 Mbit

Authentication Mechanisms of ADOIT

This section describes the different authentication mechanisms of ADOIT. The authentication mechanisms can be used separately or in combination. Depending on the used authentication mechanisms, further installation-specific configuration steps may be necessary. Please consult your ADOIT consultant for further information.

Authentication Mechanisms

Standard ADOIT users	ADOIT users are created in the ADOIT Administration. Login to ADOIT requires input of username and password. These credentials are used to authenticate the user against the available data in the ADOIT database. The assignment of user attributes, rights and system roles is controlled in the ADOIT Administration.
LDAP Authentication	Users can either be imported from a directory service or mapped to ADOIT users. Login to ADOIT requires input of username and password. The provided credentials will be used to authenticate the user against the configured directory service. A precondition for this scenario is that the connection of ADOIT to the directory service in use (e.g. Active Directory) is established in the ADOIT Administration. The assignment of user attributes, rights and system roles may be controlled in the ADOIT Administration or synchronised with an external directory service. Specific configuration steps are necessary when setting up ADOIT for this authentication mechanism. Please consult your ADOIT consultant for further information about this authentication mechanism.
IDM Authentication	Users can either be imported from an external user management system or mapped to ADOIT users. Login to ADOIT via single sign-on is possible using an Identity Management System (IDM) A precondition for this scenario is the connection of ADOIT to an authentication server in the target environment which provides means for authentication with an external user management system (e.g. Microsoft Internet Information Services connected to an Active Directory). The assignment of user attributes, rights and system roles may be controlled in the ADOIT Administration or synchronised with an external user management system. Specific configuration steps are necessary when setting up ADOIT for this authentication mechanism. Please consult your ADOIT consultant for further information about this authentication mechanism.
SAML Authentication	Users can either be imported from an external user management system or mapped to ADOIT users. The external user management system must provide an Identity Provider (IdP) for SAML 2.0 (e.g. Active Directory Federation Services [AD FS] or Shibboleth). To log on to ADOIT, the user is redirected to the IdP. Depending on the configuration of the IdP, the authentication is carried out via single sign-on or by entering access data (username and password, certificates, etc.). No server-to-server communication is necessary for this authentication mechanism, since all data is transmitted via the browser. The assignment of user attributes, rights and system roles may be controlled in the ADOIT Administration or synchronised with an external user management system. Specific configuration steps are necessary when setting up ADOIT for this authentication mechanism. Please consult your ADOIT consultant for further information about this authentication mechanism.
OIDC Authentication	Users can either be imported from an external user management system or mapped to ADOIT users. A precondition for using OpenID Connect (OIDC) is the connection of ADOIT to an OpenID Connect provider (OP) that verifies the identity of the user as well as provides basic profile information about the user. To log on to ADOIT, the user is redirected to the OP. Login to ADOIT via single sign-on is possible using OIDC authentication. The assignment of user attributes, rights and system roles may be controlled in the ADOIT Administration or synchronised with an external user management system. Specific configuration steps are necessary when setting up ADOIT for this authentication mechanism. Please consult your ADOIT consultant for further information about this authentication mechanism.

LDAP Support

LDAP/LDAPS support for the providers AD (Active Directory) and eDirectory and comparable LDAP providers. Other LDAP providers are not tested. A specific evaluation can be done on request.

Feature Overview

This table contains a summary of the features of the different authentication mechanisms.

	Standard ADOIT Users	LDAP Authentication	IDM Authentication	SAML Authentication	OIDC Authentication
Login with username and password	Yes	Yes	Yes (depending on the IDM solution)	Yes (depending on the SAML IdP)	Yes (depending on the OP)
SSO	No	No	Yes (depending on the IDM solution)	Yes (depending on the SAML IdP)	Yes (depending on the OP)
On login, synchronize attributes, role and group assignment (with external user management system)	No	Yes	Yes	Yes	Yes
Periodically, synchronize attributes, role and group assignment (with external user management system)	No	Yes	Yes (with LDAP coupling)	Yes (with LDAP coupling)	Yes (with LDAP coupling)
Create users automatically	No	Yes	Yes	Yes	Yes