Web Server Authentication |
This topic describes authentication in Web server. |
|
The Apache and IIS Web servers can be configured to authenticate users. Apache Web server and the Microsoft Web server Internet Information Server (IIS) support various authentication repositories such as LDAP, Active Directory (IIS), and NTLM authentication (IIS).
When the Web server is configured to provide access without authentication (anonymous access), the user is not required to log-in. SOAP requests are executed as 'anonymous', until a Service Group protected by Access Control Lists (ACL) requires the user to provide credentials. Process Platform then prompts the user for credentials.
When the user provides the credentials, the Web server forwards the authenticated user name to the Process Platform Web Gateway. The Web gateway generates SAML assertions for the user name so that the Service Group can validate these credentials.
Note: When you use Web server authentication between the Web client and the Web server, Process Platform internally uses SAML assertions. The Web gateway automatically creates and signs the assertions and inserts these through the SOAP request. Anonymous access can be configured on IIS and Apache Web servers. For more information, refer to the following topics: