Next: 13.3 Configuring workflow options
Up: 13. Configuring Web Modules
Previous: 13.1 Modifying general behavior
Contents
Index
Subsections
The navigation steps that end users take to authenticate and then access
any of the ID-Synch modules vary according to how organizations
customize the interface between ID-Synch, the corporate intranet,
and other applications. There are two general procedures:
13.2.1 Front-end authentication (Default)
When a user visits the index page for a ID-Synch instance
they are directed to the Front-end authentication module (nph-psf.exe),
which is used to provide access to ID-Synch and
to present the user with a list of available
options including links to the self-service modules.
The advantages of front-end authentication include the following:
- Authentication options are set once for all modules.
- Greater flexibility and customization means you
can easily incorporate ID-Synch with an intranet site and
centralize all self-service applications requiring
authentication.
- Module configuration that allows users to select which
targets to authenticate against. It also enables users to
use their login ID for the target, rather than
using their Profile ID.
When users authenticate using the front-end authentication process they:
- Access the Front-end authentication module (nph-psf.exe).
- Enter a login ID for a trusted system. Depending on how
authentication options are
configured, the user may select from a
list of targets and enter their login ID for that target.
If ID-Synch finds more than one user with the same login ID
(their short ID on a context sensitive target), a list of those users
displays and you are prompted to
select the appropriate user name from the list before proceeding.
- Authenticate to ID-Synch.
- Click a link on a customizable options page to access any available
ID-Synch module or another application.
| Note: |
|
After authentication, users can navigate to other modules
without authenticating again.
|
|
If a user's sessions on any of the modules fails for any
reason, they are returned to the front-end authentication module.
13.2.1.1 Configuring front-end authentication
The front-end authentication module can be configured to meet the needs
of your organization. In particular, you can allow users to:
Allowing users to log in with a Profile ID
Enable the PROFILE LOGINID TAG
if you want users to enter their Profile ID as the login ID,
rather than selecting a target on which to identify themselves.
If required, edit the
!!!PROFILE_LOGINID_TAG in the
CUSTOM_TAGS.M4 file to change
the text that displays in the target drop-down list for this
option.
13.2.2 Authentication to individual consoles and modules
When users authenticate using this
process they:
- Select a ID-Synch module to access by following
a link from your corporate intranet, or typing the
URL in a web browser. For example, to access the New account request module (nph-idr.exe),
type:
http://provision/idsynch/nph-idr.exe
- Enter their Profile ID.
- Authenticate by entering a password.
The authentication triggers for external programs can
be configured for each module.
When console users access either the Central console (nph-psa.exe) or
Account management console (nph-ida.exe) without going through front-end authentication,
they are required by default to enter their Profile ID
and password on a single web page. You can modify this so that
the Profile ID and password are entered on successive separate pages.
To do this:
- From the Web Modules configuration menu, click Admin console.
- Enable the ADMIN SPLIT LOGIN variable.
- Click Update.
If a user accesses a module in this way, and their session fails for any
reason, they are returned to the login page for that module.
Next: 13.3 Configuring workflow options
Up: 13. Configuring Web Modules
Previous: 13.1 Modifying general behavior
Contents
Index
| |
ID-Synch™ is an access management solution developed by
M-Tech. The full current version of this guide, shipped with the ID-Synch software, contains detailed reference information not included in this version.
|
| |
|
|