Authentication overview
There are two
aspects of authentication through the HCL Compass API:
- AuthenticationAlgorithm, for enabling or disabling a schema repository to allow LDAP authentication.
- AuthenticationMode, for selecting the mode of authentication for individual HCL Compass users.
The AuthenticationAlgorithm allows LDAP authentication that uses existing user LDAP authentication names, which may not match HCL Compass user account names.
The HCL Compass user profile field that is used for correlating LDAP user records to HCL Compass user records is the CQLDAPMap field.
You can specify a CQLDAPMap field (using the installutil command line utility) to map a HCL Compass user profile field to an LDAP field value for LDAP authentication.
The authentication method used for an individual user is determined by the AuthenticationMode specified for that user, not the AuthenticationAlgorithm.