test

Sun Java System Portal Server 7.1 Deployment Planning Guide

Example Use Case: Authenticate Portal User

Table 3–1 describes a use case for a portal user to authenticate with the portal.

Table 3–1 Use Case: Authenticate Portal User

Item 

Description 

Priority 

Must have. 

Context of Use 

Only authenticated end-users are allowed to gain access to the portal resources. This access restriction applies to all portal resources, including content and services. This portal relies on the user IDs maintained in the corporate LDAP directory. 

Scope 

The portal end-users identify themselves only once for a complete online session. In the case that an idle time-out occurs, the users must reidentify themselves. If the portal end-user identification fails more often than a specified amount of allowed retries, access to the intranet should be revoked or limited (deactivated) until a system administrator reactivates the account. In this case, the portal end-user should be advised to contact the authorized person. The identified portal end-users are able to access only the data and information that they are authorized for. 

Primary User 

Portal end-user. 

Special Requirements 

None. 

Stakeholders 

Portal end-user. 

Preconditions 

The portal end-user:

  • is an authorized user.

  • has a standard corporate LDAP user ID. The LDAP user ID must be provided to each employee.

  • has an authorized LDAP entry.

  • has access to the corporate intranet.

  • does not have a guest account.

Minimal Guarantees 

Friendly customer-centric message. Status—with error message indicating whom to call. 

Success Guarantees 

Presented with Portal Desktop home page. Authentication. Entitlement. Personal information. 

Trigger 

When any portal page is accessed and the end-user is not yet logged in. 

Description 

  1. End-user enters the portal URL.

  2. If the customization parameter [remember login] is set, then automatically login the user and provide a session ID.

  3. If first time user, prompt for LDAP user ID and password.

  4. End-user enters previously assigned user ID and password.

  5. Information is passed to Access Manager for validation.

  6. If authentication passes, assign session ID and continue.

  7. If authentication fails, display error message, return end-user to login page; decrement remaining attempts; if preset attempts exceed limit, notify user and lock out the account.