Understanding the authentication process
The authentication process involves the following steps, in this order:
*A user or client makes a request by choosing a link on a Visualization Platform page or by typing a Visualization Platform URI in a web browser. The Visualization Platform application processes the request.
*Visualization Platform checks the URI for the forceLogin parameter. If the forceLogin parameter is set to “true” in the URI, the application activates the Visualization Platform Login page, even if the user has already logged in. If forceLogin is set to “false” or does not appear, the request process continues. For details about the forceLogin URI parameter, see Actuate application URIs.
*Visualization Platform authenticates the user for the cluster. If the login information is invalid, the login screen appears in the browser.
If a custom security adapter parameter is set in the web.xml file, Visualization Platform attempts to load the custom security adapter class. If the class loads successfully, the following steps occur:
*Visualization Platform calls the custom security adapter’s authenticate( ) method with the parameters that the browser sent.
*The authenticate( ) method performs the custom validation.
*Visualization Platform calls the required getUserName( ), getPassword( ), and getVolumeProfile ( ) methods to retrieve the user information needed by iHub.
*Optionally, Visualization Platform calls the getExtendedCredentials( ) method. If this method returns null, there are no extended credentials to send to iHub.
*Visualization Platform now has all the information that it requires for connecting to iHub. Visualization Platform creates the necessary SOAP message for connecting to iHub and sends a login request.
iHub Information Console client uses the default Volume Profile setting if the server, volume, or volume profile if it is not registered as a service provider with the cluster.