ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzamz_5.4.0.1/rzamzauthentication.htm

67 lines
4.4 KiB
HTML
Raw Normal View History

2024-04-02 14:02:31 +00:00
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="concept" />
<meta name="DC.Title" content="Authentication" />
<meta name="abstract" content="This information explains the process of authentication and the role that it plays in a single signon solution." />
<meta name="description" content="This information explains the process of authentication and the role that it plays in a single signon solution." />
<meta name="DC.Relation" scheme="URI" content="rzamzconcepts.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2000, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2000, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzamzauthentication" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Authentication</title>
</head>
<body id="rzamzauthentication"><a name="rzamzauthentication"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Authentication</h1>
<div><p>This information explains the process of authentication and the
role that it plays in a single signon solution.</p>
<p>Authentication is the process in which an individual indicates who he is
and then proves it, typically based on a user name and password. The process
of authentication is different from the process of <a href="rzamzauthorization.htm">authorization</a>,
in which an entity or a person is granted or denied access to a network or
system resource.</p>
<p>A single signon environment streamlines the process and management of authentication
for users and administrators. Because of the way single signon is implemented
on your system, not only do users need to supply fewer IDs and passwords but,
if you choose to, they do not even need to have a <span class="keyword">i5/OS™</span> passwords.
Administrators need to troubleshoot identity and password problems less often
because users need to know fewer identities and passwords to access the systems
that they use.</p>
<div class="p">Interfaces that are enabled for single signon require the use of Kerberos
as the authentication method. <a href="../rzakh/rzakh000.htm">Network authentication service</a> is the <span class="keyword">i5/OS</span> implementation
of the Kerberos authentication function. Network authentication service provides
a distributed authentication mechanism through the use of a Kerberos server,
also called a key distribution center (KDC), which creates service tickets
that are used to authenticate the user (a <span class="uicontrol">principal</span> in
Kerberos terms) to some service on the network. The ticket provides proof
of the principal's identity to other services that the principal requests
in the network.<div class="note"><span class="notetitle">Note:</span> If you are an application developer, it is possible to
make use of other types of authentication methods as you enable your applications
to work in a single signon environment. For example, you can create applications
that use an authentication method, such as digital certificates, in conjunction
with EIM APIs to enable your application to participate in a single signon
environment.</div>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzamzconcepts.htm" title="Use this information to learn about the underlying concepts for single signon for a better understanding of how you can plan to use single signon in your enterprise.">Concepts</a></div>
</div>
</div>
</body>
</html>