Verification Process for Authentication

The type of verifications that are performed depends on the authentication mode that is being used.

Authentication is the process of determining if a user is who they say they are. Authentication is needed where a user must be verified in order to access a secure resource on a system.

Form-based authentication is where a user is presented with a form allowing them to enter username and password credentials. These credentials are compared against the credentials stored on the system for this username, if they match the user is considered an authenticated user for the system. For security reasons the password for authenticating a user is stored on the system in a digested form.

The Cúram web client is configured to support form-based authentication, which means that before a user can access any of the web client content, they will be redirected to a login form to authenticate.

The authentication process involves the verification of the username and password, and this is performed by default by a JAAS (Java™ Authentication and Authorization Service) login module. HTTPS/SSL is turned on by default in the web client ensuring the form-based login authentication mode is secure.

The following list shows authentication modes and configurations with details on the verifications completed for each authentication mode.