Previous Topic: Protection Levels

Next Topic: Set Up an Authentication Scheme Object in the Policy Server User Interface

Authentication Schemes and Credential Requirements

The following table lists all supported authentication schemes and their credential requirements:

 

Credential Requirements

Authentication Schemes

Directory User Name

Directory Password

Code from Token

X.509 Certificate

User Profile Attributes

Anonymous

 

 

 

 

 

Basic

yes

yes

 

 

 

Basic over SSL

yes

yes

 

 

 

CRYPTOCard RB-1

yes

 

yes

 

 

Custom

optional

optional

optional

optional

optional

HTML Forms (over SSL optional)

custom credentials

custom credentials

 

 

optional

Impersonation

yes

 

 

 

optional

MS Passport

yes

yes

 

 

yes

NTLM or Windows

yes*

yes*

 

 

 

RADIUS CHAP/PAP

yes

yes

 

 

 

RADIUS Server

yes

yes

 

 

 

SafeWord Server

yes

yes

 

 

 

SafeWord and Forms

yes

yes

 

 

optional

SecurID

yes

 

yes

 

 

SecurID and Forms

yes

 

yes

 

optional

TeleID

yes

 

yes

 

 

X.509 Client Certificate

 

 

 

yes

 

X.509 Client Certificate and Basic (uses SSL)

yes

yes

 

yes

 

X.509 Client Certificate or Basic (over SSL optional)

yes for Basic

yes for Basic

 

yes for Certificate

 

X.509 Client Certificate and HTML Forms

custom credentials

custom credentials

 

yes

optional

X.509 Client Certificate or HTML Forms

custom credentials for HTML Forms

custom credentials for HTML Forms

 

 

yes for Certificate

optional for HTML Forms

*For NTLM or Windows, when trying to access a resource, SiteMinder does not prompt the user to enter a username and password. This scheme relies on a properly-configured IIS Web server to acquire and verify a user's credentials. The Policy Server bases authorization decisions on the user's identity as asserted by the IIS server.


Copyright © 2010 CA. All rights reserved. Email CA about this topic