BLCLI to Application Server
For traffic between BLCLI and an Application Server, BMC Server Automation relies on TLS to secure communication between client and server and single sign-on credentials to authenticate client users.
BLCLI users obtain single sign-on credentials by authenticating themselves to the BMC Server Automation Authentication Service. The BMC Server Automation Authentication Service supports many user authentication mechanisms. SRP is the default user authentication mechanism.
The BLCLI does not have a built-in authentication utility. Users can acquire and cache a SSO session credential through the BMC Server Automation Console and the BLCLI can use that credential. Alternatively, BLCLI users can use a separate user authentication command line utility,
blcred, to authenticate themselves to an Authentication Service and acquire a SSO session credential.
- A default BMC Server Automation installation sets up a single sign-on system using SRP authentication and TLS session layer security. Additional configuration is necessary if you want to customize the default behavior or use other authentication protocols. For implementation details, see Implementing single sign-on.
- For information about using the
blcredutility to obtain session credentials, see Using the blcred utility.