This chapter covers authentication for IBM Cúram Social Program Management. Authentication is the process of determining if a user is who they say they are. Authentication is needed where a user must be verified in order to access a secure resource on a system.
Form-based authentication is where a user is presented with a form allowing them to enter username and password credentials. These credentials are compared against the credentials stored on the system for this username, if they match the user is considered an authenticated user for the system. For security reasons the password for authenticating a user is stored on the system in a digested form.
The IBM Cúram Social Program Management web client is configured to support form-based authentication, which means that before a user can access any of the web client content, they will be redirected to a login form to authenticate.
The authentication process involves the verification of the username and password, and this is performed by default by a JAAS (Java Authentication and Authorization Service) login module. HTTPS/SSL is turned on by default in the web client ensuring the form-based login authentication mode is secure.