Previous Topic: Credentials Selector Use Case

Next Topic: Request Access with Windows Authentication

Request Access with Password And/Or Certificate Authentication

In the Password And/Or Certificate section of the login dialog, the user can choose one of the following combinations of credentials to provide:

If the user provides only his valid username and password, the following message is displayed:

Greetings, SampleUser!
Your authentication level is 5
You have used username/password authentication

If the user selects only the X.509 client certificate check box, he is prompted to select one of the client certificates configured with the browser. If it is recognized by the Policy Server, the following message is displayed:

Greetings, SampleUser!
Your authentication level is 10.
You have used X.509 client certificate authentication

The Password And/Or Certificate option offers the flexibility of providing a different authentication level depending on the credentials the user provides. SiteMinder's X.509 Cert Or Form authentication scheme, which may seem similar to the Password And/Or Certificate option, does not distinguish between the types of provided credentials and therefore, the protection level is the same regardless of what the user provides.

If both Username and Password are provided and the X.509 client certificate check box is marked, the user is prompted for a client certificate. If the certificate is recognized by the Policy Server, and if it matches the username provided, the following message is displayed:

Greetings, SampleUser!
Your authentication level is 15
You have used X.509 client certificate and username/password authentication


Copyright © 2010 CA. All rights reserved. Email CA about this topic