Client
authentication
Client authentication involves sending the client authentication
information, stored in the file, to the server. For the , the client connection
file is the.
Other than the
Global Console
,
most clients automatically send authentication information to the server by
default. A client that uses automatic authentication reads the records in the
order that they appear, selecting the first record whose login username matches
the user that runs the client and whose target matches the name of the server
that is being connected to. Once it finds a match, the client sends the
username and password to the target server as authentication credentials.
- If the authentication succeeds, the server communicates the access privilege to the client.
- If the authentication fails, the server refuses the connection and the failure is recorded in the server’s log file.
Client authentication files are reread for each attempted connection.
You can edit the configuration files any time and the changes take effect
immediately.
The
Broker
uses its own client connection file,
brokerConnect.conf.
For example, when a
Domain Manager
(such as an IP Availability Manager) registers with a Broker
, the Domain Manager
sends a username and password from its clientConnect.conf
file
to the Broker
. The Broker
checks the username and password against the records in its
serverConnect.conf
file. Based on the results, it grants or
denies a connection. However, when the
Broker
checks whether a registered
Domain Manager
is alive by pinging the
Manager
,
the
Broker
authenticates with that
Domain Manager
.
To do this, it finds a username and password in its
brokerConnect.conf
file to send to the
Domain Manager
.
The
Domain Manager
checks for the username and password in its
serverConnect.conf
and grants or denies the permission to ping it.