Logon Configuration
The default configuration for Online Authentication is using a logon screen for the online product, online help and online AppViewer applications. The product supplies a prebuilt logon screen for all three components preconfigured.
At logon it detects that a user has not logged on before (the presence of a
JSESSIONID cryptographically-secure session cookie issued by the Web Application Server is used). Depending on the configuration (in the
web.xml) of the applications, housed in Oracle WebLogic, the following is performed:
• FORM - This is the default setting to support a logon screen with an associated error screen in case of unsuccessful logon. Oracle Utilities Digital Asset Management provides a prebuilt logon screen but can be replaced with custom logon screens by setting the following configuration settings appropriately for each web component as outlined in the Server Administration Guide:
Note: Custom logon screens should be placed in the cm directory of the Web Application Server as outlined in the Oracle Utilities SDK.
• BASIC - The browser will issue a call to the operating system to display the default logon dialog supplied with the operating system. No logon dialog is supplied.
Note: BASIC authentication is considered a relatively weak authentication scheme, and therefore is not recommended for use.