Authentication
Authentication requires users to identify themselves to gain access to a system or resources. The combination of a user ID and a password is the most common method of authentication. Users can identify themselves immediately upon entry to the system or the system can prompt users to identify themselves before accessing protected resources. After users successfully authenticate, the system identifies which resources-specific users have sufficient authorization to access.
We can have simultaneous, multiple log ins with the same user ID and password. However, this method can result in a non-reliable behavior depending on the client or authentication method. For this reason, IBM WebSphere Portal does not support simultaneous, multiple log ins.
WebSphere Portal supports the following methods for login and authentication:
- Form-based authentication
- WebSphere Portal uses the WAS Custom Form-based Authentication mechanism to prompt for identities. Users type their user ID and password in the Login portlet.
- SSL Client certificate authentication
- We can configure authentication with certificates stored in the browser or on a smart card. The certificates are stored through an SSL client certificate authentication. The authentication is done for the users when they access the protected area of the portal.
- Third-party authentication
- Use an external security manager, such as IBM Security Access Manager. With this method the portal trusts the authentication was done by the third-party product.