User guide

Chapter 1: Overview
1-30
For details of the user information stored in the SSO repository, refer to "User Information Entry".
For details of the configurations on the Interstage Management Console, refer to Operator’s Guide.
Figure 1-24 Using Re-authentication Intervals
Remarks
When "certificate authentication" is used as the authentication method for the user, or when the
user has been authenticated by certificate authentication with "password authentication or
certificate authentication" used as the authentication method, the client (Web browser)
automatically presents the certificate to the Web server at re-authentication.
Therefore, the window requesting re-authentication is not shown to the user. Note that, when users
are setting up the Authentication Server on multiple machines and the Repository Server on a
machine, or setting up the Authentication Server and the Repository Server on multiple machines
individually, the window requesting re-authentication may display even when the authentication
method is "certificate authentication" or "password authentication or certificate authentication."
When the remaining time for the validity period registered as user information in the SSO repository
is shorter than the set re-authentication interval, the validity period registered as user information in
the SSO repository has priority over the re-authentication interval. For details about the validity
period when set as user information, refer to "User Validity Period" of “Restrictions on
Authentication“.
To reduce the risk of unauthorized use by third persons, it is strongly recommended that "0" should
not be set as the re-authentication interval for each user or the standard re-authentication interval.