Policy Server Guides › Policy Server Configuration Guide › Authentication Schemes › Basic Over SSL Authentication Schemes

Basic Over SSL Authentication Schemes

The Basic Over SSL Authentication Scheme verifies a user’s identity by passing a user name and password credentials to a user directory in a process similar to Basic authentication. However, credential delivery is always done over an encrypted Secure Sockets Layer (SSL) connection even if the protected URLs are not setup to require SSL. The SiteMinder Web Agent accomplishes this by redirecting the user’s browser to establish an SSL connection prior to credential delivery. After the credentials are delivered the Web Agent redirects the browser back to the original URL.

For an additional level of security with Basic over SSL authentication, you can create password policies. This SiteMinder feature allows you to manage password rules.

More information:

Basic Authentication Schemes

Password Policies

Verify That Basic over SSL Authentication Scheme Prerequisites Are Met

Verify that the following prerequisites are met before configuring a Basic over SSL authentication scheme:

• Client user names and passwords must exist in a user directory.
• A directory connection exists between the Policy Server and the user directory.
• An X.509 Server Certificate is installed and SSL configured on the SSL web server.
• The network must support an SSL connection to the client browser using the HTTPS protocol.
• A SiteMinder Web Agent must be installed on the web server to which requests are redirected for SSL. The Web Agent enables the server to handle the .scc MIME type required by the authentication scheme.

More information:

User Directories