Sun Java System Access Manager 7 2005Q4 Technical Overview

Authentication Type Configurations

When you install Access Manager, a number of authentication types are automatically configured for you. The following types of authentication are available to you by default when you install Access Manager.

Realm-based Authentication.

User authenticates to a realm or subrealm in the Access Manager information tree.

Role-based Authentication.

User authenticates to a role within a realm or subrealm of the directory information tree. A role is a group of like items in the directory. A static role is created when an attribute is assigned to a specific user or container in the directory. A filtered role is dynamically generated based on an attribute contained in the a user’s or container’s LDAP entry. For example, all users that contain a particular attribute, for example employee, can be automatically included in a filtered role named employees.

Service-based Authentication.

User authenticates to a specific service or application registered to a realm or subrealm.

User-based Authentication.

User authenticates using an authentication process configured specifically for him or her.

Authentication Level-based Authentication

Administrator specifies the security level of the modules to which identities can authenticate.

Module-based Authentication.

User specifies the module instance to which the user will authenticate.