Reauthentication
This section contains the following topics:
- Reauthentication concepts
Security Verify Access WebSEAL can force a user to perform an additional login (reauthentication) to ensure that a user who is accessing a protected resource is the same person who initially authenticated at the start of the session. Forced reauthentication provides additional protection for sensitive resources in the secure domain.- Reauthentication based on security policy
- Reauthentication POP: creating and applying
- Reauthentication based on session inactivity
- Enabling of reauthentication based on session inactivity
- Resetting of the session cache entry lifetime value
- Extension of the session cache entry lifetime value
- Prevention of session removal when the session lifetime expires
- Removal of a user session at login failure policy limit
- Customization of login forms for reauthentication
WebSEAL supports reauthentication for both forms authentication methods.Parent topic: Advanced authentication methods
Related concepts