My webMethods Server 10.11 | My webMethods Server Webhelp | Administering My webMethods Server | System Administrator Functions | Managing Security | Managing Authentication
 
Managing Authentication
 
Specifying a Default Authentication Scheme
Assigning an Authentication Scheme to a Server Resource
Redirecting a User After Login
Redirecting an Unauthenticated Request
An authentication scheme is a way to gather user credentials and validate their authenticity. Within My webMethods Server, you can manage authentication for a server as a whole by specifying a default authentication scheme. As delivered, the forms authentication scheme is the default for all server resources. In addition, every server resource can have an authentication scheme that overrides the setting for the entire deployment.
Note:
A Security realm always takes precedence over an authentication scheme.
The following table lists the authentication schemes that My webMethods Server uses:
Scheme
Description
Anonymous
Allows unrestricted access to a server resource. Used for unprotected areas of the server that might be public facing and do not contain sensitive information. Because a user is not challenged for credentials, the anonymous authentication scheme is appropriate for login pages.
Forms
Presents a form to an unauthenticated user and gathers the necessary credentials that are passed to the server. The forms authentication scheme is the default for all server resources because it redirects unauthenticated requests to a default login page.
Basic
Typically passes credentials as HTTP header parameters. The user experience for basic authentication is a popup window that renders in the native windowing system.
Kerberos
Enables single sign-on for users on Windows. My webMethods Server users, already authenticated by Windows, need not login again to access My webMethods Server. For more information, see Configuring Kerberos Authentication.
HTTP Header
Accepts external HTTP authentication credentials from third-party security and access control products (such as Computer Associates, Oblix, and so forth). After this authentication scheme is enabled, the server ignores all other authentication schemes. For more information, see Configuring External Configuration Credentials.
NTLM
Used for authentication in various Microsoft network protocol implementations. On Windows deployments, when the NTLM authentication scheme is the default for a server, users do not need to re-authenticate for server resources if they are already logged into a Windows domain. For more information on NTLM authentication, see:
SAML
Supports single sign-on (SSO) through the Security Assertion Markup Language (SAML). Using SAML, an application on a target computer grants access based on an assertion from the source computer. For more information about SSO, see Configuring My webMethods Server Single Sign-On.
OAuth 2.0
Allows users to login to My webMethods and access layered applications or other server resources, using credentials from a third-party identity provider. For more information, see Configuring OAuth 2.0 Authentication.