Authentication
Last updated
Last updated
Copyright 2013-2024 60East Technologies, Inc.
The Authentication element specifies the module to use for validating user identity. AMPS allows you to set the default Authentication for the instance as a whole, and also to set the Authentication on each Transport individually.
Authentication elements are not required. The instance authentication defaults to using the amps-default-authentication-module if no Authentication element is specified for the instance. An individual Transport defaults to using the instance Authentication if no Authentication element is provided for that Transport.
The Securing AMPS section of the AMPS User Guide describes how AMPS handles authentication and the default modules in more detail.
AMPS loads the following authentication modules by default:
| Module Name | Policy |
|---|---|
Name
Description
Module
The element specifies the name of the module that will be used for authentication.
The value of this element must be the name of an authentication module loaded in the Modules section of the configuration file or one of the authentication modules that AMPS loads by default.
By default, AMPS loads the authentication modules listed in the table below.
Options
A list of supported features for the implemented library.
AMPS allows you to pass options to the module by specifying elements within the Options element. The exact options that the module requires, if any, are determined by the creator of the module.
amps-default-authentication-module
Authenticate any user, regardless of the credentials provided. Does not provide the user name to AMPS by default, and does not allow implicit authentication by default.
The amps-default-authentication-module accepts the following options:
AllowSpoofing - When set to true, this module provides the user name to AMPS. This option is set to false by default.
RequireLogon - When set to true, this module does not allow implicit logon. Connections must explicitly logon or the module will refuse to authenticate them. This option is set to true by default.
RequireUsername - When set to true, this module does not allow a logon unless a user name is provided. This option is set to false by default.
amps-implicit-authentication-module
Authenticate any user, regardless of the credentials provided. Allows implicit authentication. Does not provide the user name to AMPS by default.
This module accepts the following option:
AllowSpoofing. When set to true, this module provides the user name to AMPS. This option is set to false by default.
This module is provided to mimic the default behavior of the amps-default-authentication-module in versions prior to 5.0. To restore that behavior, set amps-implicit-authentication-module to the Authenticator for the instance
amps-default-no-authentication-module
Do not authenticate any user.