The following table lists all supported authentication schemes and their credential requirements:
|
Credential Requirements |
||||
---|---|---|---|---|---|
Authentication Schemes |
Directory User Name |
Directory Password |
Code from Token |
X.509 Certificate |
User Profile Attributes |
Anonymous |
|
|
|
|
|
Basic |
yes |
yes |
|
|
|
Basic over SSL |
yes |
yes |
|
|
|
CRYPTOCard RB-1 |
yes |
|
yes |
|
|
Custom |
optional |
optional |
optional |
optional |
optional |
HTML Forms (over SSL optional) |
custom credentials |
custom credentials |
|
|
optional |
Impersonation |
yes |
|
|
|
optional |
MS Passport |
yes |
yes |
|
|
yes |
NTLM or Windows |
yes* |
yes* |
|
|
|
RADIUS CHAP/PAP |
yes |
yes |
|
|
|
RADIUS Server |
yes |
yes |
|
|
|
SafeWord Server |
yes |
yes |
|
|
|
SafeWord and Forms |
yes |
yes |
|
|
optional |
SecurID |
yes |
|
yes |
|
|
SecurID and Forms |
yes |
|
yes |
|
optional |
TeleID |
yes |
|
yes |
|
|
X.509 Client Certificate |
|
|
|
yes |
|
X.509 Client Certificate and Basic (uses SSL) |
yes |
yes |
|
yes |
|
X.509 Client Certificate or Basic (over SSL optional) |
yes for Basic |
yes for Basic |
|
yes for Certificate |
|
X.509 Client Certificate and HTML Forms |
custom credentials |
custom credentials |
|
yes |
optional |
X.509 Client Certificate or HTML Forms |
custom credentials for HTML Forms |
custom credentials for HTML Forms
|
|
yes for Certificate |
optional for HTML Forms |
*For NTLM or Windows, when trying to access a resource, SiteMinder does not prompt the user to enter a username and password. This scheme relies on a properly-configured IIS Web server to acquire and verify a user's credentials. The Policy Server bases authorization decisions on the user's identity as asserted by the IIS server.
Copyright © 2010 CA. All rights reserved. | Email CA about this topic |