1. The Login Server checks for a login cookie. If one is present, the Login Server identifies the user from the
encrypted information in the login cookie.

2. If a login cookie is not present, the Login Server prompts the user for the user's credentials.

3. The user provides the user name and password.

4. The Login Server authenticates the user by passing the provided name and password to the configured
authentication routine-either the local routine or one provided by an external authentication module for an
external repository. If the authentication is successful, the Login Server establishes a login cookie on the
client browser to facilitate Single Sign-On for future authentication requests.