Understanding user authentication
You can configure your installation to authenticate TEXTML Server users.
- Kerberos authentication—Kerberos is an authentication protocol, based on the
concept of "tickets", that allows nodes to prove their identity to one another
in a secure manner. TEXTML Server can use the Kerberos protocol to authenticate
users and provide secure transactions between itself and a client application.
The Kerberos authentication scheme is supported on Windows only (using Active Directory).Note: For more information about Kerberos, see the Kerberos documentation.
- Local authentication—In this scheme, TEXTML Server authenticates its users
locally on the system it is currently running. Note that in this scheme, the
username and password are passed in clear by the client application to TEXTML
Server. Local authentication is supported on both Windows and Linux, as
On Windows, TEXTML Server uses the local operating system to resolve the username and password provided. So if the local machine is a member of a domain/forest, all trusted users of this domain/forest can log into TEXTML Server using their Windows username and password. Note that if the Secure Sockets Layer (SSL) protocol is used, passwords are encrypted.
On Linux, TEXTML Server uses pluggable authentication modules (PAM). TEXTML Server can be added to the list of PAM applications, so that users can log into TEXTML Server using their Linux username and password. Note that if the Secure Sockets Layer (SSL) protocol is used, passwords are encrypted.
Table 1 summarizes the authentication schemes supported by operating system.
|Kerberos authentication||Supported||Not supported|
You control which authentication scheme is enabled and which users can access the TEXTML Server application through configuration.
If TEXTML Server user authentication is not enabled (default setting), the TEXTML Server application will still present the login window when users attempt to connect but it will accept any username and password.
Once authentication is enabled, you must configure who can access TEXTML Server components (servers, docbases, collections) and documents. This is achieved by configuring TEXTML Server security through roles and permissions. See the TEXTML Server Administration Guide for more information.