Client authentication involves sending the client authentication information, stored in the file, to the server. For the , the client connection file is the.
Other than the Global Console, most clients automatically send authentication information to the server by default. A client that uses automatic authentication reads the records in the order that they appear, selecting the first record whose login username matches the user that runs the client and whose target matches the name of the server that is being connected to. Once it finds a match, the client sends the username and password to the target server as authentication credentials.
- If the authentication succeeds, the server communicates the access privilege to the client.
- If the authentication fails, the server refuses the connection and the failure is recorded in the server’s log file.
Client authentication files are reread for each attempted connection. You can edit the configuration files any time and the changes take effect immediately.
For example, when a Domain Manager (such as an Smart Assurance IP Availability Manager) registers with a Broker, the Domain Manager sends a username and password from its clientConnect.conf file to the Broker. The Broker checks the username and password against the records in its serverConnect.conf file. Based on the results, it grants or denies a connection.
However, when the Broker checks whether a registered Domain Manager is alive by pinging the Manager, the Broker authenticates with that Domain Manager. To do this, it finds a username and password in its brokerConnect.conf file to send to the Domain Manager. The Domain Manager checks for the username and password in its serverConnect.conf and grants or denies the permission to ping it.