Manualshelf

HP WBEM Services for HP-UX and Linux System Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP Insight Management WBEM Providers
61626364656667686970
Security Considerations
User Authentication
Chapter 662
User Authentication
When a user request comes through HTTP (HyperText Transport
Protocol) or HTTPS (HTTP Secure), the CIM Server determines whether
this is a legitimate user on the system. If the request does not pass
authentication, the request is rejected without processing.
Local users are users on a system sending requests to HP WBEM
Services on the same system.
Remote users are users on a system sending requests to HP WBEM
Services on another system.
Local User Authentication
For local users, the CIM Server uses a local authentication mechanism.
The CIM Server uses the existing file system security to authenticate the
user. HP WBEM Services accepts the authentication already done by the
system itself, so local requests include only the users’ login names, not
their passwords.
Remote User Authentication
Remote users accessing CIM Server are authenticated with a
request/challenge mechanism using HTTP Basic authentication.
A request is received from a management client. The CIM Server
challenges the client to send a Base64 encoded username and password
in the HTTP Authorization header.
To verify that the encoded user-password pair are authorized on the
system, HP WBEM Services calls PAM (Pluggable Authentication
Module). For information about PAM, see the PAM man page and go to
http://docs.hp.com. Click on your operating system (for example
HP-UX 11iv1). Next, click System Administration. View, download, or
print the manual Managing Systems and Workgroups: A Guide for
HP-UX System Administrators.
The default value for the configuration parameter
enableRemotePrivilegedAccess has been changed to TRUE with the
release of HP WBEM Services A.01.05.02. This means that, by default,