By default the admin users are authenticated using passwords stored internally by the Management Server. To modify the admininistrator authentication settings, select Settings → Admin Authentication. On this page you will see three types of configurable categories.
- LDAP authentication parameters
LDAP authentication parameters such as LDAP server address, search scope etc.
- Certificate authentication parameters
Certificate authentication parameters such as trusted CA certificate and certificate to admin account mappings.
- Authentication settings
Authentication settings are assigned to users. Each authentication setting specifies what password and certificate authentication parameters to use (or none).
There are two different default authentication settings called Default superuser authentication settings and Default user authentication settings.
When an administrator is logging in, the authentication process will go through the following steps:
If certificate authentication is configured, any TLS client certificate is verified using the certificate parameters. If verification succeeds, the TLS client certificate is displayed in the login screen.
The account is identified by the account name entered in the login screen. If the given account name is not valid, access is denied.
The account's authentication settings are applied as follows:
If the account has password authentication configured, then the password is verified. If verification fails, access is denied.
If the account has certificate authentication configured, then the TLS client certificate is verified using the certificate parameters. If verification fails, access is denied.
If neither password nor certificate authentication is defined, access is denied (for example using None for both password and certificate parameters will deny access).
It is possible to create and edit sets of password and certificate authentication parameters which can in turn be assigned to authentication sets. The management system itself also defines one password authentication source (Internal password database), which cannot be edited or removed by a superuser.