Authentication
The Authentication
element specifies the module to use for validating user identity. AMPS allows you to set the default Authentication
for the instance as a whole, and also to set the Authentication
on each Transport
individually.
Authentication
elements are not required. The instance authentication defaults to using the amps-default-authentication-module
if no Authentication
element is specified for the instance. An individual Transport
defaults to using the instance Authentication
if no Authentication
element is provided for that Transport
.
The Securing AMPS section of the AMPS User Guide describes how AMPS handles authentication and the default modules in more detail.
Name
Description
Module
The element specifies the name of the module that will be used for authentication.
The value of this element must be the name of an authentication module loaded in the Modules section of the configuration file or one of the authentication modules that AMPS loads by default.
By default, AMPS loads the authentication modules listed in the table below.
Options
A list of supported features for the implemented library.
AMPS allows you to pass options to the module by specifying elements within the Options
element. The exact options that the module requires, if any, are determined by the creator of the module.
Authentication Modules Loaded by Default
AMPS loads the following authentication modules by default:
amps-default-authentication-module
Authenticate any user, regardless of the credentials provided. Does not provide the user name to AMPS by default, and does not allow implicit authentication by default.
The amps-default-authentication-module
accepts the following options:
AllowSpoofing
- When set totrue
, this module provides the user name to AMPS. This option is set tofalse
by default.
RequireLogon
- When set totrue
, this module does not allow implicit logon. Connections must explicitly logon or the module will refuse to authenticate them. This option is set totrue
by default.
RequireUsername
- When set totrue
, this module does not allow a logon unless a user name is provided. This option is set tofalse
by default.
amps-implicit-authentication-module
Authenticate any user, regardless of the credentials provided. Allows implicit authentication. Does not provide the user name to AMPS by default.
This module accepts the following option:
AllowSpoofing
. When set totrue
, this module provides the user name to AMPS. This option is set tofalse
by default.
This module is provided to mimic the default behavior of the amps-default-authentication-module
in versions prior to 5.0. To restore that behavior, set amps-implicit-authentication-module
to the Authenticator
for the instance
amps-default-no-authentication-module
Do not authenticate any user.
Last updated