Skip to Content
Information
Unsupported content This version of the documentation is no longer supported. However, the documentation is available for your convenience. You will not be able to leave comments.

Secure remote password authentication

The Secure Remote Password (SRP) protocol is an industry-standard nondisclosing authentication protocol (also characterized as a zero-knowledge protocol). This type of protocol enables a client-tier user to prove to an Authentication Service that he or she has knowledge of a password without ever revealing that password to the middle-tier service. Nondisclosing authentication protocols protect against man-in-the-middle attacks, allowing password-based mutual authentication of a client and server.

For SRP, the BMC Server Automation Authentication Service authenticates client-tier users against a registry of authorized users. In BMC Server Automation, that registry is a user table in the central Application Server database. Information in the user table is derived from the RBAC utility in the BMC Server Automation Console.

After successfully authenticating the SRP user, the Authentication Service issues the client a session credential. At that point a BMC Server Automation client application can use the session credential to establish an authenticated secure session with the Application Service or Network Shell Proxy Service identified by the service URLs in the session credential.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*

BMC Server Automation 8.3