Configuring remote authentication services

Use the Configuring Remote Authentication Services panel in the SAN Volume Controller Console to provide remote authentication to the cluster.

Introduction

Remote authentication provides a way for users of SAN management applications, such as IBM® Tivoli® Storage Productivity Center, to authenticate to the cluster using the authentication service provided by the SAN management application.

Fields

The following fields can be updated:
Enabled
Select this check box to enable remote authentication for the cluster.
Remote Service User Name
Enter the HTTP basic-authentication user name that is required to obtain service from the remote authentication server. The user name cannot start or end with a blank character. The user name can consist of a string of any 1 - 64 ASCII characters with the exception of the following characters: %:",*' .
Remote Service Password
Enter the HTTP basic-authentication user name that is required to obtain service from the remote authentication server. The user name cannot start or end with a blank character. The password can consist of a string of 6 - 64 printable-ASCII characters.
Protocol
Select the protocol for the remote service Web address. The following options are possible:
HTTP
Select this option if the remote service Web address use HTTP as the protocol. If you use select HTTP, the user and password information is transmitted in clear text over the IP network.
HTTPS
Select this option if the remote service Web address use HTTPS as the protocol. If you use select HTTPS, the user name and passwoed are encrypted. To use a secure Web address, an SSL certificate in privacy enhanced mail (PEM) format is required.
SSL Certificate
Enter the fully qualified name of the file that contains the SSL certificate in Privacy-Enhanced Mail (PEM) format for the remote authentication service. The maximum file length for the SSL certificate is 2048 bytes. An SSL certificate is required to authenticate to the remote authentication service when a secure Web address is configured. Click Browse to locate the SSL certificate.
Remote Service Web Address (IPv4 or IPv6)
Enter the Web address of the remote authentication service. SAN Volume Controller supports both an IPv4 or an IPv6 network addresses for the remote authentication service. You can use the following characters: a - z, A - Z, 0 - 9, _, ~, :, [, ], %, or /. The maximum length of the Web address is 100 characters. The Web address can have either of the following formats:
  • http://network_address:http remote authentication service port number/path_to_service
  • https://network_address:https remote authentication service port number/path_to_service

    For example, if the system network IPv4 address is 9.71.45.108, you could enter either of the following corresponding addresses: http://9.71.45.108:16310/TokenService/services/Trust https://9.71.45.108:16311/TokenService/services/Trust

Note: To obtain the correct remote-authentication service port numbers and service path, consult the documentation for your remote authentication service software.

Actions

The following actions are available:

OK
Click this button to accept the specified settings for remote authentication.
Cancel
Click this button to exit the panel without configuring remote authentication.
Parent topic: Managing authentication
Related tasks
Configuring remote authentication
Library | Support | Terms of use | Feedback
© Copyright IBM Corporation 2003, 2009. All Rights Reserved.