Authentication is the process by which a user proves who he or she is when accessing a system.
Server authentication options
InterSystems provides the following options that enable you to authenticate users:
authentication The most secure means of authentication. The Kerberos Authentication System provides mathematically proven strong authentication over a network.
authentication OS-based authentication uses the operating system’s identity for each user to identify that user for Caché purposes.
authentication With the Lightweight Directory Access Protocol (LDAP), Caché authenticates the user based on information in a central repository, known as the LDAP server.
With Caché login, Caché prompts the user for a password and compares a hash of the provided password against a value it has stored.
Delegated authentication provides a means for creating customized authentication mechanisms. The application developer entirely controls the content of delegated authentication code.
You can also allow all users to connect to the server without performing any authentication. This option is appropriate for organizations with strongly protected perimeters or in which neither the application nor its data are an attractive target for attackers.
CSP session support
You can define CSP sessions so that users are required to authenticate themselves to the server.
Support for security-related SOAP specifications
Caché web services and web clients can validate the WS-Security header element for inbound SOAP messages, as well as automatically decrypt the inbound messages. Generally speaking, this security header element can carry information that authenticates the sender. See Securing Caché Web Services
The bindings and gateways also provide support for authentication, as discussed in the books for those bindings and gateways.
© 1997-2019 InterSystems Corporation, Cambridge, MA