Reauthentication with external authentication interface
Reauthentication is supported for external authentication interface authentication.
Reauthentication requires the method used by the client to reauthenticate is the same as that used by the client to initially authenticate. When WebSEAL receives the authentication response from the custom external authentication application, a check is performed (as with other reauthentication processing) to ensure:
- The authentication method used is the same as that used to create the initial credential
- The user name matches
- Any external authentication interface-specified authentication level is verified to match the existing level
We must modify the standard WebSEAL login pages appropriately if you enable reauthentication with external authentication interface authentication. See Login page and macro support with external authentication interface.
Parent topic: Use of external authentication interface with existing WebSEAL features