Skip to Content

Authentication framework

A BMC Server Automation Application Server employs a unified framework for processing all user authentication requests. That framework is based on three services:

  • Authentication Service — An entity dedicated to authenticating users by means of all supported authentication protocols.
  • Application Service — An entity that encapsulates the functionality of a BMC Server Automation Application Server.
  • Network Shell Proxy Service — An entity that encapsulates the functionality of a Network Shell Proxy Server.

The Authentication Service and the Application Service are always located on the same host. A Network Shell Proxy Service can be located on the same host, or it can be set up on a stand--alone machine even though it is still associated with an Application Server.

When users on a BMC Server Automation client application (except BMC BladeLogic Decision Support for Server Automation) want to authenticate:

  • The client contacts the Authentication Service using any supported authentication protocol.
  • Based on the authentication protocol, the Authentication Service uses the appropriate mechanism to authenticate that user.
  • If authentication succeeds, the Authentication Service issues a session credential to the client application.
  • The client application initiates a session by presenting the session credential to an Application Service or Network Shell Proxy Service.

For more information about authentication and other security features, including a description of how BMC BladeLogic Decision Support for Server Automation authenticates users, see Administering-security.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*

BMC Server Automation 8.2