This application allows the following methods of authentication: Header, Kerberos, IVR, WEB, and AD or LDAP.
Except for the IVR method which is always turned on, all other authentication methods can be turned on or off using the corresponding settings in the security profile. Security profiles are configurable in the Security.Properties configuration file using the secrurity.profiles property setting. The default location is:
C://Program Files > “Application Name” > configuration
> security.properties
One or more security profiles can be used together, except AD and LDAP which are mutually exclusive. Moreover, security authentication methods run in the order shown below. This means only one of the authentications methods needs to pass in this order:
Header
Kerberos
AD or LDAP
Web
General Login Behavior Note |
---|
|
Example:
Suppose the following and multiple security profiles are desired:
AD, Web, and Kerberos. The security.profiles properties setting
was populated like this: security.profiles=SECURITY-AD,SECURITY-WEB,SECURITY-KERBEROS
Using multiple authentication methods means that only one of these authentication methods needs to pass in the system defined order for that user. Since Header and LDAP are not specified in the security.profiles properties, the authentication path for this example is (1) Kerberos, (2) AD, and (3) Web.