Authentication Protocol

This configuration topic is relevant if you are using the Secure Sockets Layer (SSL) protocol for secure data transmission to and from the authentication provider.

Tokens are encypted; however, additional security such as Secure Sockets Layer is recommended for prevention of replay attacks or man-in-the middle attacks.

Between the <authProtocol></authProtocol> tags, enter ssl. Or, if you are not using Secure Sockets Layer, delete the <authProtocol></authProtocol> tags and their contents.

If you are using Secure Sockets Layer (SSL), also complete the following tasks:

The security platform uses the LDAP service provider from SUN to authenticate users stored externally in an LDAP-compatible directory such as Novell eDirectory, SunTM Open Net Environment (Sun ONE) (formerly iPlanet), or Microsoft Active Directory. The LDAP service provider runs on the Java Virtual Machine for your application. When SSL is used as the secure medium to connect to the directory server, the LDAP service provider of the security platform uses Java Secure Socket Extension (JSSE) software for its SSL support.

For more information about setting up SSL, see the documentation for your directory server and JRE.

©2004 Hyperion Solutions Corporation. All Rights Reserved.
http://www.hyperion.com