beautypg.com

Imc-rs security mechanism, Identification authentication – HP Intelligent Management Center Licenses User Manual

Page 24

background image

The output indicates that you have successfully accessed the device query interface and get the
first ten device entries in XML format.

iMC-RS Security Mechanism

The iMC-RS framework allows you to access iMC resources and services in secure mode. It features
in the following:

Identity authentication: iMC-RS offers a simple and effective identify authentication mode
called HTTP digest authentication (see RFC 2617). It does not transfer passwords on the
network and thus effectively protects the REST user passwords. This authentication process is
required, or in other words, all attempts to access iMC-RS must pass authentication first.

Secure communication: To ensure data encryption and secure communication, iMC-RS can
be accessed through HTTPS when necessary.

Password protection: With this feature, iMC-RS denies access from a client for a minute by
giving a 403 Forbidden error message if the client continuously enters an incorrect username
or password five times.

Identification authentication

An iMC operator is used for iMC-RS identity authentication, if the operator is a member of the
default administrator group, or a group with administrator rights and with the RESTful Web Services
Call option selected (

Figure 1

).

Figure 1 Add Operator Group dialog box

In addition, iMC-RS identity authentication and privilege restrictions are different from those of the
iMC system in the following ways:

iMC-RS identity authentication does not check the ACLs and password control policy of the
operator.

iMC operators use the "simple password authentication" method to access iMC-RS. If an
operator uses RADIUS or LDAP authentication, the operator must successfully log in to iMC
first and then can pass iMC-RS authentication. If the authentication password is changed, the

24

Quick Start