Understanding user authentication
You can configure your installation to authenticate IXIASOFT TEXTML Server users.
- Kerberos authentication—Kerberos is an authentication protocol,
based on the concept of "tickets", that allows nodes to prove their identity to
one another in a secure manner. TEXTML Server can use the Kerberos protocol to authenticate
users and provide secure transactions between itself and a client application.
The Kerberos authentication scheme is supported on Windows only (using Active Directory).
Note: For more information about Kerberos, see the Kerberos documentation at the following URL: http://www.kerberos.org/docs/ - Local authentication—In this scheme, TEXTML Server authenticates its users locally on the system
it is currently running. Note that in this scheme, the username and password are
passed in clear by the client application to TEXTML Server, unless the
communication is secured using the SSL protocol. Local authentication is
supported:
-
On Windows, TEXTML Server uses the local operating system to resolve the username and password provided. So if the local machine is a member of a domain/forest, all trusted users of this domain/forest can log into TEXTML Server using their Windows username and password. Note that if the Secure Sockets Layer (SSL) protocol is used, passwords are encrypted.
-
On Linux, TEXTML Server uses pluggable authentication modules (PAM). TEXTML Server can be added to the list of PAM applications, so that users can log into TEXTML Server using their Linux username and password. Note that if the Secure Sockets Layer (SSL) protocol is used, passwords are encrypted.
-
The following table summarizes the authentication schemes supported by operating system.
Authentication scheme | Windows | Linux |
---|---|---|
Kerberos authentication | Supported | Not supported |
Local authentication | Supported | Supported |
You control which authentication scheme is enabled and which users can access TEXTML Server through configuration.
If TEXTML Server user authentication is not enabled (default setting), TEXTML Server will still present the login window when users attempt to connect but it will accept any username and password.
Once authentication is enabled, you must configure who can access TEXTML Server components (servers, docbases, collections) and documents. This is achieved by configuring TEXTML Server security through roles and permissions. See the Administration Guide for IXIASOFT CCMS for more information.