Previous Topic: Anonymous Authentication SchemesNext Topic: How to Configure an OAuth Authentication Scheme

Policy Server GuidesPolicy Server Configuration GuideAuthentication SchemesCustom Authentication Schemes

Custom Authentication Schemes

If the Policy Server does not provide a method of authentication that you want to use, use the CA APIs to develop a custom authentication scheme.

If you have installed the Software Development Kit, see the API Reference Guide for C or the API Reference Guide for Java for more information about creating custom authentication schemes. After you create a custom scheme, configure the scheme on the Authentication pane.

Note: For information on configuring an smauthetsso custom authentication scheme, which is required for enabling single sign-on, see CA SSO/WAC Integration.

The prerequisites of a custom authentication scheme are determined when you create the scheme using the CA APIs. Prerequisites differ between authentication schemes.

Custom Scheme Prerequisites

The prerequisites of a custom authentication scheme are determined when you create the scheme using the CA APIs. Prerequisites differ between authentication schemes.

Configure a Custom Authentication Scheme

You can use a custom authentication scheme to specify a scheme that the product does not provide.

Note: The following procedure assumes that you are creating an object. You can also copy the properties of an existing object to create an object. For more information, see Duplicate Policy Server Objects.

Follow these steps:

  1. Click Infrastructure, Authentication.
  2. Click Authentication Schemes.
  3. Click Create Authentication Scheme.

    Verify that the Create a new object of type Authentication Scheme is selected.

    Click OK

  4. Enter a name and a protection level.
  5. Select Custom Template from the Authentication Scheme Type list.

    Scheme-specific settings open.

  6. (Optional) Select the Allow Protection Override check box in Scheme Common Setup. This option specifies that the protection level in the library takes precedence over the protection level specified in the Administrative UI.
  7. Enter the library that is to process the credentials for the authentication scheme and the parameters that are passed to the library in Scheme Setup.
  8. (Optional) Select Persist Authentication Session Variables in Scheme Setup. If you do not select this option, session variables are not saved in the session store.
  9. Click Submit.

    The authentication scheme is saved and can be assigned to a realm.