|
|
|
The following diagrams outline the order of function calls for procedures that perform operations on the directory and possibly perform operations on a directory entry (user). For example, using the SiteMinder Administrative UI to search for a particular user in a custom directory requires both operations on the directory and operations on a directory entry (user). Some procedures involve only operations on the directory. For example, using the SiteMinder Administrative UI only to view the properties of a custom user directory requires only operations on the directory.
This second diagram shows an additional sequence that occurs only if directory entry (user) operations occur.
To authenticate a user, the SiteMinder Policy Server requests a username from the user. SmDirValidateUsername() is called to translate the user-supplied username into the internal user ID key used by the directory as the primary key to the user's data. The username from the credentials is supplied in the lpszUsername parameter. If SmDirValidateUsername() is not implemented, the user-supplied username is passed into lpszUserDN.
If SmDirValidateUsername() is implemented, it should return the user's ID in the lpszNewUsername parameter. The value returned by lpszNewUsername becomes the lpszUserDN parameter value.
The lpszUserDN parameter value is passed into many other functions, such as SmDirValidateUserDN() and SmDirAuthenticateUser().
| Copyright © 2010 CA. All rights reserved. | Email CA about this topic |