1. The Login Server checks for a
login cookie. If one is present, the Login Server identifies the
user from the
encrypted information in the login cookie.
2. If a login cookie is not present, the Login Server prompts the user for the user's credentials.
3. The user provides the user name and password.
4. The Login Server authenticates
the user by passing the provided name and password to the configured
authentication routine-either the local routine or one provided
by an external authentication module for an
external repository. If the authentication is successful, the
Login Server establishes a login cookie on
the
client browser to facilitate Single Sign-On
for future authentication requests.