Установка и обновление > Advanced Deployment Considerations > Authentication > Configuring an Alternative Authentication in Windchill
Configuring an Alternative Authentication in Windchill
Windchill relies on the javax.servlet.http.HttpServletRequest servlet APIs getRemoteUser() and getUserPrincipal() methods to identify the user ID that is authenticating against the server. To provide user identification:
For servlet-engine-based form-based authentication, the authentication is automatically handled.
For web server-based form-based authentication, the authentication is normally handled automatically by the web server setting the REMOTE_USER variable on the request.
* 
Trust by host (Trusted Host) Authentication is deprecated and is planned to be removed in a future release.
Most alternative authentication schemes are capable of populating the REMOTE_USER variable with the authenticating user ID. If not, then you must ensure that the servlet APIs return the appropriate value, using a custom servlet filter to wrap the HttpServletRequest (if necessary). Be aware that if your code passes the user ID through a request header, you must ensure that the code does not accept this particular header from clients.
The following topics provide guidance on configuring these alternative authentication schemes.
Было ли это полезно?