Web UI framework security - authentication
Authentication identifies users who have access to the application. It is the first step in the login process. It occurs before you are authorized for resources in the application. Use the Applications Manager to specify user IDs and passwords.
All requests are authenticated unless the URI (universal resource indicator) is in the bypass list. This is sometimes done for graphic files, cascading style sheets (css), and other items that support information that is already protected by authentication.
- The default implementation, which includes support for single
sign on (SSO).
If you are currently using the default implementation of authentication, and want to continue using that implementation, you must use this option. The default implementation supports all existing authentication features.
- A custom implementation where you plug in your own authentication
implementation and do not use the default implementation. A customized
implementation can have additional authentication processes, such
as single sign on (SSO). You also can customize the post authentication
mechanism.
You must use either the default authentication implementation or a customized authentication implementation, but if you do not use the default post authentication implementation, you are not required to provide a customized post authentication implementation.
- A custom implementation where you customize the default implementation.
- LDAP
- Database table
The following graphic illustrates the flow of authentication: