Pegasus uses an authentication process to determine
which users can log into the CIMOM. Unless the enableAuthentication property
of cimconfig command is set to false, authentication
is performed for every connection, before users can access the CIM data.
For Pegasus on i5/OS™, users log in over HTTP or HTTPS,
using either Basic or Kerberos authentication. In addition for HTTPS they
have a choice of logging in using certificate-based authentication
When logging in, users are authenticated using their i5/OS profile, or using Enterprise Identity Mapping (EIM).
In the open source implementation, Pegasus maintains a separate access control list (ACL) that allows users to sign in using a CIM user profile, which does not necessarily require a corresponding profile on the system. In contrast, the i5/OS implementation of Pegasus requires each user to have a profile in i5/OS. After the user has been authenticated, a user (or the user's jobs) can have access to the providers and CIM schemas managed by the CIMOM.