Overview of Authentication in Archibus Web Central
Overview of Authentication in Archibus Web Central
By default, Archibus uses built-in authentication. However, system administrators may wish to configure Archibus to integrate with their own LDAP or SSO server. Or they may wish to change the password policies or encodings. These topics contain the instructions on how to do so.
For authorization, Archibus always uses built-in mechanism, based on the Archibus user accounts. Those accounts obey the security groups, roles, virtual-private Archibus security settings that you establish using the techniques in the Archibus Administrator section.
Regardless of which method you choose, all authentication methods create an account for each user when they sign on, even if this sign on is transparently made by a single-sign on process. This account will obey the security groups, roles, virtual-private Archibus security settings that you established using the techniques in the Archibus Administrator section. These settings apply to all Archibus users: Web Central users, CAD and BIM users, and Smart Client users.
This section contains the following topics:
- Typical Authentication Process
- Archibus Authentication
- Single Sign-On (SSO)
- LDAP
- Multiple Authentication Types Required
Configuring the Authentication Use Cases
- Archibus Authentication
- Password Control
- Password Pattern
- Password Change Form
- Password Encoder
- How to Change Password Encryption
- Other Encryption Issues
- Single Sign-On (SSO )
- LDAP
Note : System integrators will notice that Web Central authentication uses the open source Spring Security framework. This means that with respect to security, Archibus is a set of objects managed by the Spring framework. System integrators can use the security features as is, alter the security scenario by changing the Spring configuration files, or even replace key portions of the authentication process by adding their own Java code.