Manualshelf

HP WBEM Services Version A.02.07 Release Notes, March 2009

ManualsBrandsHP ManualsSoftwareHP-UX 11i WBEM Software
12345678910
Table 1-2 Remote User Authentication Methods
HTTP Basic AuthenticationCertificate Based Authentication (CBA)
Description
Using a request/challenge mechanism and authenticating
the user-supplied username and password through
Pluggable Authentication Modules (PAM).
The cimserver requests the client certificate while HTTPS
connection is in progress.
Benefits and Considerations
Easier to setup, as it does not require any server
configuration.
Requires the remote user to provide a password each
time to access the WBEM data.
You will have to update the client application each
time the password is changed.
Requires a one-time server configuration.
Does not require the remote user to provide a
password each time to access the WBEM data.
The benefits of not requiring a password include:
Prevents intruders from gaining access to internal
network resources by “spoofing” passwords.
Additional configuration or updates to applications is
not required whenever a password is changed.
For more information, see...
“More about using HTTP Basic Authentication” (page 10)“More about using Client Certificate-Based
Authentication” (page 11)
More about using HTTP Basic Authentication
The /etc/pam.conf file is the configuration file for PAM. The /etc/pam.conf file contains
a list of services and each service is mapped to a corresponding service module. When a service
is requested, its associated module is invoked. WBEM Services will default to the authentication
mechanism specified in the OTHER directive of the /etc/pam.conf file. To use other
authentication methods, you must edit the/etc/pam.conf file and add a "wbem" service entry.
See example below. For additional information, please refer to the pam(3) and pam.conf(4)
man pages.
#
# Example of /etc/pam.conf file with WBEM services (using LDAP)
#
# Authentication management
wbem auth required libpam_hpsec.so.1
wbem auth sufficient libpam_unix.so.1
wbem auth required libpam_ldap.so.1 try_first_pass
# Account management
wbem account required libpam_hpsec.so.1
wbem account sufficient libpam_unix.so.1
wbem account required libpam_ldap.so.1
# Session management
wbem session required libpam_hpsec.so.1
wbem session sufficient libpam_unix.so.1
wbem session required libpam_ldap.so.1
# Password management
wbem password required libpam_hpsec.so.1
wbem password required libpam_ldap.so.1 try_first_pass
wbem password required libpam_ldap.so.1 try_first_pass
10 HP WBEM Services Version A.02.07 Release Notes