TIBCO Spotfire Server 3.2.2 - TIBCO Product Documentation
TIBCO Spotfire Server 3.2.2 - TIBCO Product Documentation
TIBCO Spotfire Server 3.2.2 - TIBCO Product Documentation
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Authentication and User Directory<br />
8.2.3 Windows NT Domain<br />
With this authentication method, users are authenticated with a Windows NT Domain.<br />
To be able to use this method, you must have a working Windows NT 4 <strong>Server</strong><br />
Domain Controller or a Windows <strong>Server</strong> 2000 (or later) Domain Controller running in<br />
Mixed Mode. When users log in using this method, their usernames are automatically<br />
stored in the <strong>Spotfire</strong> database, but all other authentication information, such as<br />
passwords, resides only on the Windows NT Domain Controller. This solution should<br />
only be used in combination with legacy Windows NT 4 environments. To set it up,<br />
you need to provide the name of the domain in the configuration console.<br />
8.2.4 Custom JAAS Module<br />
The authentication methods above are all implemented as Java Authentication and<br />
Authorization Services (JAAS) modules. <strong>Spotfire</strong> also supports third-party JAAS<br />
modules, and you may therefore use a JAAS module of your own, or one or from a<br />
third-party supplier. Such a module must use username and password authentication<br />
(specifically, it must use NameCallback and PasswordCallback methods) to be used in<br />
<strong>Spotfire</strong>. You must specify the following options in the configuration console:<br />
Implementation Class<br />
Flag<br />
Key value pair<br />
This option specifies the name of your custom JAAS<br />
module.<br />
This option specifies how flags are to be handled.<br />
This option can contain any other key value pair that<br />
your custom JAAS module needs or can handle.<br />
If you lack any of this information, you need to speak to the person that provided you<br />
with the Custom JAAS module and that can assist you before you can set up Custom<br />
JAAS authentication.<br />
Note: When using a custom JAAS module, you need to place the module file in the<br />
/tomcat/webapps/spotfire/WEB-INF/lib directory on all<br />
<strong>Spotfire</strong> <strong>Server</strong>s.<br />
8.3 Single Sign-on Authentication<br />
With a single sign-on solution, users do not authenticate using username and password<br />
when they start <strong>Spotfire</strong>. Instead, their Windows login or a client certificate is used to<br />
verify the user. <strong>Spotfire</strong> is able to handle a number of different single sign-on<br />
solutions:<br />
• Kerberos<br />
• X.509 Client Certificate<br />
• NTLM (NT LAN Manager version 1)<br />
All three methods are configurable in the configuration console.<br />
68 (144) <strong>TIBCO</strong> <strong>Spotfire</strong>® <strong>Server</strong> <strong>3.2.2</strong>