test

Sun Java System Portal Server 7 Deployment Planning Guide

Example Use Case: Authenticate Portal User

Table 3–1 describes a use case for a portal user to authenticate with the portal.

Table 3–1 Use Case: Authenticate Portal User

Item 

Description 

Priority 

Must have. 

Context of Use 

Only authenticated users are allowed to gain access to the portal resources. This access restriction applies to all portal resources, including content and services. This portal relies on the user IDs maintained in the corporate LDAP directory. 

Scope 

The portal users identify themselves only once for a complete online session. In the case that an idle time-out occurs, the users must reidentify themselves. If the portal user identification fails more often than a specified amount of allowed retries, access to the intranet should be revoked or limited (deactivated) until a system administrator reactivates the account. In this case, the portal user should be advised to contact the authorized person. The identified portal users are able to access only the data and information that they are authorized for. 

Primary User 

Portal end user. 

Special Requirements 

None. 

Stakeholders 

Portal end user. 

Preconditions 

The portal user is an authorized user. Standard corporate LDAP user ID. Must be provided to each employee. Authorized LDAP entry. Every employee has access to the corporate intranet. No guest account. 

Minimal Guarantees 

Friendly customer-centric message. Status—with error message indicating whom to call. 

Success Guarantees 

Presented with Portal Desktop home page. Authentication. Entitlement. Personal information. 

Trigger 

When any portal page is accessed and the user is not yet logged in. 

Description 

  1. User enters the portal URL.

  2. If the customization parameter [remember login] is set, then automatically login the user and provide a session ID.

  3. If first time user, prompt for LDAP user ID and password.

  4. User enters previously assigned user ID and password.

  5. Information is passed to Access Manager for validation.

  6. If authentication passes, assign session ID and continue.

  7. If authentication fails, display error message, return user to login page; decrement remaining attempts; if preset attempts exceed limit, notify user and lock out the account.