ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzatl_5.4.0.1/rzatlauthentication.htm

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
  PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2005" />
<meta name="DC.rights.owner" content="(C) Copyright IBM Corporation 2005" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="task" />
<meta name="DC.Title" content="Authentication" />
<meta name="abstract" content="Pegasus uses an authentication process to determine which users can log into the CIMOM. Unless the enableAuthentication property of cimconfig command is set to false, authentication is performed for every connection, before users can access the CIM data." />
<meta name="description" content="Pegasus uses an authentication process to determine which users can log into the CIMOM. Unless the enableAuthentication property of cimconfig command is set to false, authentication is performed for every connection, before users can access the CIM data." />
<meta name="DC.Relation" scheme="URI" content="rzatlsecure.htm" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="authentication" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Authentication</title>
</head>
<body id="authentication"><a name="authentication"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Authentication</h1>
<div><p><span><img src="./delta.gif" alt="Start of change" />Pegasus uses an authentication process to determine
which users can log into the CIMOM. Unless the  <span class="parmname">enableAuthentication</span> property
of <span class="parmname">cimconfig</span> command is set to false, authentication
is performed for every connection, before users can access the CIM data.<img src="./deltaend.gif" alt="End of change" /></span></p>
<div class="section"><p><img src="./delta.gif" alt="Start of change" />For Pegasus on i5/OS™, users log in over HTTP or HTTPS,
using either Basic or Kerberos authentication. In addition for HTTPS they
have a choice of logging in using certificate-based authentication<img src="./deltaend.gif" alt="End of change" /></p>
<p>When
logging in, users are authenticated using their <span class="keyword">i5/OS</span> profile,
or using Enterprise Identity Mapping (EIM). </p>
<p> In the open source implementation,
Pegasus maintains a separate access control list (ACL) that allows users to
sign in using a CIM user profile, which does not necessarily require a corresponding
profile on the system. In contrast, the <span class="keyword">i5/OS</span> implementation
of Pegasus requires each user to have a profile in <span class="keyword">i5/OS</span>.
After the user has been authenticated, a user (or the user's jobs) can have
access to the providers and CIM schemas managed by the CIMOM.</p>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzatlsecure.htm" title="Use this topic to find out about the options that are available for ensuring that the CIM server is secure.">Secure Pegasus</a></div>
</div>
</div>
</body>
</html>