The AuthenticationAlgorithm
controls the authentication search logic. It can restrict the authentication
algorithm to use only the traditional Rational® ClearQuest® Authentication scheme, or it
can allow both Rational ClearQuest and
LDAP authentication for the database set. The administrator configures
an AuthenticationAlgorithm to be used when authenticating users by
specifying the algorithm for the schema repository as a whole.
The following AdminSession object functions allow you to manage
and change the authentication control flow.
- SetAuthenticationAlgorithm(AuthenticationAlgorithm);
- GetAuthenticationAlgorithm( );
Note: The GetAuthenticationAlgorithm method
returns a cached value of the AuthenticationAlgorithm which is initialized
when the AdminSession object is created. The returned value will not
reflect a newly updated value changed (by calling the SetAuthenticationAlgorithm method
or using the installutil setauthenticationalgorithm command)
until the AdminSession object is closed and a new AdminSession object
is created and used instead.
The valid values for the authentication algorithm are:
- CQ_FIRST: The Rational ClearQuest schema
repository is searched first for a Rational ClearQuest user
profile record with the same user name as the given login name, and
the user is authenticated based on the AuthenticationMode for that
user record. If there is no Rational ClearQuest user
profile record with the given login name, then LDAP authentication
is attempted.
- CQ_ONLY: traditional Rational ClearQuest user
authentication. Does not allow LDAP authentication. This is the default
mode.
See AuthenticationAlgorithm for more information on these algorithm
types. For more information on the methods, see GetAuthenticationAlgorithm
and SetAuthenticationAlgorithm.
Note: Traditional Rational ClearQuest authentication
is always an option for user accounts.
Changing the AuthenticationAlgorithm for the schema repository
as a whole does not change the authentication mode for any existing Rational ClearQuest user
accounts. To change the mode of authentication for a particular user,
the administrator must change the AuthenticationMode for that particular
user. See User AuthenticationMode