Both sides previous revision
Previous revision
Next revision
|
Previous revision
|
devel:documentation:security:dev:authentication [2020/06/24 06:07] kopro [Actual list of authenticators] change properties and information about deprecated authenticator |
devel:documentation:security:dev:authentication [2020/08/31 13:43] kopro fix proepry |
<code> | <code> |
# ID system against which to authenticate | # ID system against which to authenticate |
idm.sec.security.auth.systemId= | idm.sec.security.auth.system= |
</code> | </code> |
| |
First, the authenticator tries to find an end system with given UUID. If such system doesn't exist, the authentication returns NULL. Otherwise, the authenticator finds the mapped attribute of the system which is marked as ''Authentication attr.''. | First, the authenticator tries to find an end system with given UUID. If such system doesn't exist, the authentication returns NULL. Otherwise, the authenticator finds the mapped attribute of the system which is marked as ''Authentication attr.''. |
| |
{{:navrh:01.png|}} | {{:navrh:01.png|}} |
| |
The result type of this authenticator is **SUFFICIENT**. It's order is **10**, which means that this authenticator would be processed after [[https://github.com/bcvsolutions/CzechIdMng/blob/develop/Realization/backend/core/core-impl/src/main/java/eu/bcvsolutions/idm/core/security/authentication/impl/DefaultCoreAuthenticator.java|DefaultCoreAuthenticator]] | The result type of this authenticator is **SUFFICIENT**. It's order is **10**, which means that this authenticator would be processed after [[https://github.com/bcvsolutions/CzechIdMng/blob/develop/Realization/backend/core/core-impl/src/main/java/eu/bcvsolutions/idm/core/security/authentication/impl/DefaultCoreAuthenticator.java|DefaultCoreAuthenticator]] |
| |
<note important>The authentication against an end system uses the system, which is defined as UUID in the configuration attribute **idm.sec.security.auth.systemId=**</note> | <note important>The authentication against an end system uses the system, which is defined as UUID in the configuration attribute **idm.sec.security.auth.system=**</note> |
| |
<note important>If you want to authenticate against LDAP system, it's **necessary** to add the name of the authentication attribute (e.g. dn, or uid) to the field **Account User Name Attributes** in the system configuration, see the picture.</note> | <note important>If you want to authenticate against LDAP system, it's **necessary** to add the name of the authentication attribute (e.g. dn, or uid) to the field **Account User Name Attributes** in the system configuration, see the picture.</note> |