User authentication

You can configure your installation to authenticate IXIA TEXTML Server users.

Authentication is the process of identifying and verifying IXIA TEXTML Server users when they log in before providing access.

Table 1. Supported authentication schemes by operating system

Authentication scheme

Windows

Linux

Kerberos authentication

Supported

Not supported

Local authentication

Supported

Supported

IXIA CCMS supports:

  • Kerberos authentication— Kerberos is an authentication protocol, based on the concept of "tickets", that allows nodes to prove their identity to one another in a secure manner. TEXTML Server can use the Kerberos protocol to authenticate users and provide secure transactions between itself and a client application.

    The Kerberos authentication scheme is supported on Windows only (using Active Directory).

    Note: For more information about Kerberos, see the Kerberos documentation at the following URL: http://www.kerberos.org/docs/

  • Local authentication— In this scheme, TEXTML Server authenticates its users locally on the system it is currently running. Note that in this scheme, the username and password are passed in clear by the client application to TEXTML Server, unless the communication is secured using the SSL protocol.

    • WindowsTEXTML Server uses the local operating system to resolve the username and password provided. So if the local machine is a member of a domain or forest, all trusted users of this domain or forest can log into TEXTML Server using their Windows username and password. If you use the Secure Sockets Layer (SSL) protocol, passwords are encrypted.

    • LinuxTEXTML Server uses pluggable authentication modules (PAM). TEXTML Server can be added to the list of PAM applications, so that users can log into TEXTML Server using their Linux username and password. Note that if the Secure Sockets Layer (SSL) protocol is used, passwords are encrypted.

You control which authentication scheme is enabled and which users can access TEXTML Server through configuration.

Note: While both authentication schemes can be enabled at the same time, this approach is not recommended. However, if both schemes are enabled, Kerberos authentication will first be performed and local authentication will be performed next.
Important: If you leave the default setting where TEXTML Server user authentication is not enabled, TEXTML Server still presents the sign in window when users attempt to connect, but it accepts any username and password.

Once you enable authentication, you must configure the users who have permission to access TEXTML Server documents and components, such as a server, docbase, or collection by configuring TEXTML Server security through roles and permissions. See the Administration Guide for IXIA CCMS for more information.