Netscape MANAGEMENT SYSTEM 6.0 Installation And Setup Manual page 494
Hide thumbs
Also See for NETSCAPE MANAGEMENT SYSTEM 6.0:
- Manual (302 pages) ,
- Installation and migration manual (66 pages) ,
- Administrator's manual (470 pages)
Table of Contents
Advertisement
Introduction to Authentication
Upon receiving the certificate, the Registration Manager performs the
2.
following authentication and authorization process:
If both authentication and authorization succeed, the Registration Manager
services the request. Otherwise, it rejects the request and logs a reason for the
rejection.
494
Netscape Certificate Management System Installation and Setup Guide • March 2002
First, it verifies that the certificate exists in its internal database. Next, it
verifies that the certificate is a valid client certificate. If the certificate is
valid, the Registration Manager proceeds. Otherwise (for example, if the
certificate has expired or been revoked or was signed by an untrusted
authority), the Registration Manager rejects the request, sends an error
message to the agent, and logs a reason for the rejection.
Note that the Registration Manager verifies the revocation status of the
agent certificate if it has been issued by the Certificate Manager to which
the Registration Manager is connected to; the Certificate Manager keeps a
record of all the certificates it has issued and their current status in its
internal database. However, if the agent certificate is issued by any other
CA, the Registration Manager cannot verify the revocation status of the
certificate; it can only verify that the certificate is valid and that it has been
issued by a CA that the Registration Manager trusts. For details on
configuring the Certificate Manager or Registration Manager to check the
revocation status of its agents' certificates, see "Revocation Status
Checking of Agent Certificates" on page 378.
If the internal database contains an invalid certificate for an agent, the
server rejects all requests from that agent. For the server to accept requests
from that agent, you would have to replace the agent's invalid certificate in
the internal database with a valid one. For details on how to do this, see
"Changing a Privileged User's Certificate" on page 414.
The Registration Manager reads the user's subject name (in DN form) and
the issuer name from the certificate. This combination is unique. It then
finds the login name corresponding to this unique combination in its
privileged-users list, which is stored in the internal database. If a login
name is associated with the certificate, the Registration Manager proceeds.
Otherwise, it rejects the request.
The Registration Manager then checks the group memberships of the login
name and the corresponding access rights to determine whether the user is
authorized to perform the requested service.
Advertisement
Table of Contents
Related Manuals for Netscape NETSCAPE MANAGEMENT SYSTEM 6.0
Related Products for Netscape NETSCAPE MANAGEMENT SYSTEM 6.0
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - CUSTOMIZATION GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN