Pubcookie Authentication - ADTRAN BlueSecure Controller Setup And Administration Manual

Optional. Use the commands included in the Row Management drop-down list to
2.
change the order of rules, add new blank rules, clear rule data, or delete a rule, etc.
Remember, the BSC evaluates rules in the order in which they are listed here on the
New Cosign server page.
Select the default user role from the Default role drop-down list. The selected default
3.
role is the role the BSC assigns the user if none of rules is true.
Alternatively, select an LDAP/Active Directory authentication server from the Using
LDAP/Active Directory Server drop-down list to resume rules checking using the rules
configured for the selected LDAP/Active Directory authentication server.
Location Optional. Specify the user location from which the Cosign authentication request must
originate by selecting a defined user location from the drop-down menu. If a user location
is specified, the authentication request will not be attempted if the request does not come
from that location.
Notes Optional. Enter a meaningful description for the external Cosign authentication server.
Saving the Click Save to store the information to the BSC database or Save and create another to
settings continue to define external Kerberos authentication servers.
You may be prompted to restart the BSC. We recommend that you do not restart the BSC
until you have completely finished configuring the BSC for use in your network.

Pubcookie Authentication

Pubcookie is a mechanism for centralized user authentication. Note that Pubcookie does
not handle authorization; it will only assert that a User ID and corresponding password
have been entered correctly.
Because Pubcookie is centralized, it allows the user to authenticate once for several
applications. The authentication remains valid for up to eight hours.
Pubcookie consists of a standalone login server and modules for common web server
platforms like Apache and Microsoft IIS. Together, these components can turn existing
authentication services (like Kerberos, LDAP, or NIS) into a solution for single sign-on
authentication to websites throughout an institution.
Note: You may need to set up the BSC to communicate with a Pubcookie authentication
server over Secure Sockets Layer (SSL). To do so, you must first upload the appropriate
certificate(s) to the BSC as described in "Configuring External Server Authentication Over
SSL" on page 10-21before following the steps in this section to set up the Pubcookie
authentication server.
To configure an external Pubcookie authentication server and define the rules used for
authentication:
BlueSecure™ Controller Setup and Administration Guide
Alternatively, you can select the Create New... option to open a window that
enables you to define a new role. After you save the role information, you are
returned to the New Cosign server page where you can select the role from the
drop-down list.
Pubcookie Authentication
6-27