Other than the Global Console, most Most clients, by default, automatically send authentication information to the server. This information is stored in a clientConnect.conf file. A client that uses automatic authentication reads the records in the order that they appear, selecting the first record whose login username matches the user that runs the client and whose target matches the name of the server that is being connected to. Once it finds a match, the client sends the SDK username and password to the target server as authentication credentials. If the authentication succeeds, the server tells the client its access privilege. If the authentication fails, the server refuses the connection and the failure is recorded in the server™s log file.

Client authentication files are reread for each attempted connection. As such, you can edit the configuration files at any time and the changes take effect immediately.

The Broker uses its own client connection file, brokerConnect.conf.

For example, when a Domain Manager (such as an VMware Smart Assurance IP Availability Manager) registers with a Broker, the Domain Manager sends an SDK username and password from its clientConnect.conf to the Broker. The Broker checks the username and password against the records in its serverConnect.conf. Based on the results, it will grant or deny a connection.

However, when the Broker checks whether a registered Domain Manager is alive (by pinging the manager), the Broker must authenticate with that Domain Manager. To do this, it finds an SDK username and password in its brokerConnect.conf file to send to the Domain Manager. The Domain Manager checks for the username and password in its serverConnect.conf and either grants or denies the right for the Broker to ping it.