Enabling Authentication Methods

Each time an authentication request is send to the Server, determination of the authentication method is initiated with respect to the authentication method finding strategy. The request can be sent directly (Authentication Application or Web Services Communications or indirectly via PEPs. Important is to say that in each case the PEP configuration is involved.

To enable the use of any authentication method within:

  • Authentication Application,

  • PEP,

  • Federation endpoints,

  • SSO REST Web Service.

corresponding PEP has to have given authentication methods in its allowed authentication method list.

The filtering has been introduced to add additional security for establishing sessions based on the allowed authentication methods referenced in the PEP configuration objects. See one of:

The configuration represents a set of all authentication method identifiers that can be used with the PEP.

The filtering primarily protects against unwanted allowance of an insecure authentication method via keyword, authentication method mapping or authentication policies.