Setting Up the Default Authentication Mechanism for the OCF Server and Client Applications
The authmechanism property defines the authentication mechanism that the client application uses on the local system. Solaris Smart Cards offers three authentication mechanisms:
-
Password - Password associated with the individual's login name must be on the smart card or typed when the user tries to access a client application
-
PIN - Individual's personal identification number (PIN) must be on the smart card or typed when the user tries to access a client application
-
Challenge-Response - Challenge-response authentication sequence must occur between the system and the smart card before the individual can access the client application
The default authmechanism property is PIN Password.
How the PIN Password Works
The default authentication mechanism for ocfserv and client applications is PIN Password. In this scenario, the user tries to log in to an application, such as the desktop. The application requests that the user type a PIN.
The ocfserv server verifies the authenticity of the user by comparing the PIN typed by the user to the PIN on the smart card. If the PINs match, the user is either given access to the application, or ocfserv reads additional authentication properties on the card.
See "How to Set Up the Default Authentication Mechanism for the Server and Client Applications (Command Line)" for step-by-step instructions on setting this property with the command line.
- © 2010, Oracle Corporation and/or its affiliates