Configuring the customized third-party plug-in – H3C Technologies H3C Intelligent Management Center User Manual

421

authentication failure message. This parameter appears only when Identity Check Mode is set to

Access the Web interface for authentication.

{

String before Password/String after Password—Enter a character string in the two fields. When
Use the password returned by the Web interface is selected from the Identity Check Mode list,

you must specify these two fields to obtain user's password for authentication. If you do not

specify these two fields, all characters returned by the Web service API are treated as the

password. This parameter appears only when Identity Check Mode is set to Use the password
returned by the Web interface for authentication.

{

User Group—Select the user group to which users synchronized from the third-party database
are assigned in UAM.

{

Password Encryption Type—Select a password encryption type from the list. Options are
Plaintext, DES, IDEA, RC5, and Custom.

{

Encode the encryption result with Base64—Select this option to encode plaintext or ciphertext
passwords with Base64. You can select Encode the encryption result with Base64 for all

password encryption types except the Custom option.

{

Import Password Plugin—To import a customized encryption or decryption plug-in, click Import
Password Plugin. On the Import Password Plugin window, click Browse to select the plug-in and
click OK.

{

The operator must login to use the Web interface—Select this option if the third-party Web
service API requires that the operator must log in.

{

Operator/Password—Enter a user name and password for the operator to log in to the
third-party Web service system.

5.

In the Access Service area, select one or more access services. The third-party authentication
configuration applies to all access users that use the selected services.

6.

Enter a test username and password, and then click Check Configuration to check whether the
third-party authentication configuration is correct.

7.

Click OK.

Configuring the customized third-party plug-in

1.

Access the Third-party Authentication page.

2.

Click the Configure icon

.

The Third-Party Authentication Policy page appears.

3.

Configure the following parameters:

{

Enable Third-Party Authentication—Select this option to enable third-party authentication and

select Customize Third-Party Plugin.

{

Authentication Method—Select an authentication method. Options are Third-Party
Authentication First and Local Authentication First.

−

Third-Party Authentication First—To authenticate a third-party user, UAM first uses a
third-party plug-in. If the third-party plug-in cannot be used, UAM uses the local database.

−

Local Authentication First—To authenticate a third-party user, UAM first searches the local
database. If no match is found, UAM uses the third-party plug-in.

4.

In the Basic Information area, configure the following parameters: