Using Authentication Chaining

Authentication chaining provides a higher level of security over the regular mechanism of authentication. You can enable users to be authenticated against more than one authentication mechanism.

The procedure described here is only for enabling authentication chaining along with a Personal Digital Certificate (PDC) authentication at the Gateway. For information on authentication chaining without PDC authentication at the Gateway, see the Access Manager Administration Guide.

For example, if you chain the PDC and Radius authentication modules, the user will have to authenticate against all three modules to access the standard Portal Desktop.

When enabled, PDC is always the first authentication module to be presented to the user.

To Add Authentication Modules to an Existing PDC Instance

1. Login to the Access Manager administration console as administrator.

2. Select the required organization.

3. Select Services from the View drop-down box.

   The services are displayed.

4. Click Authentication Configuration.

   The Service Instance List is displayed.

5. Click Gatewaypdc.

   The Gatewaypdc properties page is displayed.

6. Click Edit.

   The Add Module page is displayed.

7. Select Module Name and set Flag to Required.

8. Click OK.

9. Click Save after adding one or more modules.

10. Click Save in the gatewaypdc properties page.

11. Restart the Gateway for the changes to take effect:

    gateway-install-location/SUNWportal/bin/psadmin start-sra-instance –u amadmin – f <password file> –N <profile name>– t <gateway>