LogoLogo
AMPS Server Documentation 5.3.5 (Early Access)
AMPS Server Documentation 5.3.5 (Early Access)
  • Welcome to AMPS
  • Introduction to AMPS
    • Overview of AMPS
    • Getting Started With AMPS
      • Installing AMPS
      • Starting AMPS
      • JSON Messages - A Quick Primer
      • spark: the AMPS command-line client
      • Evaluating AMPS on Windows or MacOS
      • Galvanometer and RESTful Statistics
    • AMPS Basics: Subscribe and Publish to Topics
    • State of the World (SOW): The Message Database
      • When Should I Store a Topic in the SOW?
      • How Does the SOW Work?
      • Configuration
      • Queries
      • Atomic Query and Subscribe
      • Advanced Messaging and the SOW
    • Record and Replay Messages with the AMPS Transaction Log
    • Message Queues
    • Scenario and Feature Reference
      • Recovery Strategies
    • Getting Support
    • Advanced Topics
    • Next Steps
  • AMPS Evaluation Guide
    • Introduction
    • Evaluation and Development with AMPS
    • Tips on Measuring Performance
    • Next Steps
  • AMPS User Guide
    • Introduction
      • Product Overview
      • Requirements
      • Organization of this Guide
        • Documentation Conventions
      • Technical Support
    • Installing and Starting AMPS
      • Installing AMPS
      • Starting AMPS
    • Configuring AMPS
      • Getting Started with AMPS Configuration
      • Units, Intervals, and Environment Variables
      • Working with Configuration Files
      • Including External Files
      • Production Configuration
      • Instance-Level Configuration
      • Configuration Options Quick Reference
    • Subscribe and Publish
      • Topics
      • Filtering Subscriptions by Content
      • Conflated Subscriptions
      • Replacing Subscriptions
      • Messages in AMPS
      • Message Ordering
      • Retrieving Part of a Message
    • AMPS Expressions
      • Syntax
      • Identifiers
      • AMPS Data Types
      • Grouping and Order of Evaluation
      • Logical Operators
      • Arithmetic Operators
      • Comparison Operators
      • LIKE Operator
      • Conditional Operators
      • Working with Arrays
      • Regular Expressions
      • Performance Considerations
    • AMPS Functions
      • AMPS Function Overview
      • String Comparison Functions
      • Concatenating Strings
      • Managing String Case
      • Replacing Text in Strings
      • Extracting Matching Text in Strings
      • String Manipulation Functions
      • Date and Time Functions
      • Array Reduce Functions
      • Geospatial Functions
      • Numeric Functions
      • CRC Functions
      • Message Functions
      • Client Functions
      • Coalesce Function
      • AMPS Information Functions
      • Typed Value Creation
      • Constructing Fields
      • Aggregate Functions
    • State of the World (SOW) Topics
      • How Does the SOW Work?
      • Using the State of the World
      • Understanding SOW Keys
      • Indexing SOW Topics
      • Programmatically Deleting Records from the Topic State
      • SOW Maintenance
        • Creating a Maintenance Schedule for a Topic
        • Setting Per-Message Lifetime
      • Storing Multiple Logical Topics in One Physical Topic
      • Configuring a SOW
        • Configuring Topics in a SOW
    • Querying the State of the World (SOW)
      • Overview of SOW Queries
      • Query and Subscribe
      • Historical SOW Topic Queries
      • Managing Result Sets
      • Batching Query Results
    • Out-of-Focus Messages (OOF)
    • State of the World Message Enrichment
    • Incremental Message Updates
      • Using Delta Publish
      • Understanding Delta Publish
      • Delta Publish Support
    • Receiving Only Updated Fields
      • Using Delta Subscribe
      • Identifying Changed Records
      • Conflated Subscriptions and Delta Subscribe
      • Select List and Delta Subscribe
      • Options for Delta Subscribe
    • Conflated Topics
      • Configuring Conflated Topics in a SOW
    • Aggregation and Analytics
      • Understanding Views
      • Defining Views and Aggregations
      • Constructing Field Contents
      • Best Practices for Views
      • View Examples
      • Aggregated Subscriptions
      • Configuring Views in a SOW
    • Record and Replay Messages
      • Using the Transaction Log and Bookmark Subscriptions
      • Understanding Message Persistence
      • Replaying Messages with Bookmark Subscription
      • Managing Journal Files
      • Using amps-grep to Search the Journal
      • Configuring a Transaction Log
    • Message Queues
      • Getting Started with AMPS Queues
      • Understanding AMPS Queuing
      • Advanced Messaging and Queues
      • Replacing Queue Subscriptions
      • Handling Unprocessed Messages
      • Queue Subscriptions Compared to Bookmark Replays
      • Configuring Queues in a SOW
      • Advanced Queue Configuration
    • Message Types
      • Default Message Types
      • BFlat Messages
      • MessagePack Messages
      • Composite Messages
      • Protobuf Message Types
      • Struct Message Types
      • Configuring Message Types
    • Command Acknowledgment
      • Requesting Acknowledgments
      • Receiving Acknowledgments
      • Bookmark Subscriptions and Completed Acknowledgments
      • Bookmark Subscriptions and Persisted Acknowledgments
      • Acknowledgment Conflation and Publish Acknowledgements
    • Transports
      • Client Connections
      • Replication Connections
      • Transport Filters
      • Configuring Transports
      • Configuring Protocols
    • Running AMPS as a Linux Service
      • Installing the Service
      • Configuring the Service
      • Managing the Service
      • Uninstalling the Service
    • Logging
      • Log Message Format
      • Message Levels
      • Message Categories
      • Logging to Files
      • Logging to Syslog
      • Looking up Errors with ampserr
      • Configuring Logging
    • Event Topics
      • Client Status Events
      • SOW Statistics Events
      • Persisting Event Topics
    • Utilities
      • Command-Line Basic Client
      • Dump clients.ack File
      • Dump journal File
      • Dump queues.ack File
      • Dump SOW File
      • Dump Journal Topic Index File
      • Find Bookmark or Transaction ID in Transaction Log
      • Find Information in Error Log or Transaction Log
      • Identify Type of AMPS File
      • List/Explain Error Codes
      • Query Statistics Database
      • Statistics Database Report
      • Storage Performance Testing
      • Submit Minidump to 60East
      • Obsolete Utility: Upgrade File Formats
    • Monitoring AMPS
      • Statistics Collection
        • Time Range Selection
        • Output Formatting
      • Galvanometer
      • Configuring Monitoring
    • Configuring AMPS for Automation with Actions
      • Choosing When an Action Runs
        • On a Schedule
        • On AMPS Startup or Shutdown
        • On a Linux Signal
        • On a REST Request
        • On Minidump Creation
        • On Client Connect or Disconnect
        • On Client Logon
        • On Client Offline Message Buffering
        • On Subscribe or Unsubscribe
        • On Incoming Replication Connections
        • On Outgoing Replication Connections
        • On Message Published to AMPS
        • On Message Delivered to Subscriber
        • On Message Affinity
        • On SOW Message Expiration
        • On SOW Message Delete
        • On OOF Message
        • On Message Condition Timeout
        • On Message State Change
        • On a Custom Event
      • Choosing What an Action Does
        • Rotate Error/Event Log
        • Compress Files
        • Truncate Statistics
        • Manage Transaction Log Journal Files
        • Remove Files
        • Delete SOW Messages
        • Compact SOW Topic
        • Query SOW Topic
        • Manage Security
        • Enable or Disable Transports
        • Publish Message
        • Manage Replication Acknowledgment
        • Extract Values from a Message
        • Translate Data Within an Action
        • Increment Counter
        • Raise a Custom Event
        • Execute System Command
        • Manage Queue Transfers
        • Create Minidump
        • Shut Down AMPS
        • Debug Action Configuration
      • Conditionally Stopping an Action
        • Based on File System Capacity
        • Based on an Expression
      • Examples of Action Configuration
        • Archive Journals Once a Week
        • Archive Journals On RESTful Command
        • Record Expired Queue Messages to a Dead Letter Topic
        • Copy Messages that Exceed a Timeout to a Different Topic
        • Deactivate and Reactivate Security on Signals
        • Reset Entitlements for a Disconnected Client
        • Extract Values from a Published Message
        • Shut Down AMPS When a Filesystem Is Full
        • Increment a Counter and Echo a Message
    • Replicating Messages Between Instances
      • Replication Basics
      • Replication Resynchronization
      • Replication Compression
      • Destination Server Failover
      • Two-Way Replication
      • PassThrough Replication
      • Guarantees on Ordering
      • Replication Security
      • Understanding Replication Message Routing
      • Replicated Queues
      • Replication Best Practices
      • Configuring Replication
        • Configuring Outgoing Replication Destinations
        • Configuring Incoming Replication Transports
        • Replication Configuration Validation
    • Highly Available AMPS Installations
      • Overview of High Availability
        • Example: Pair of Instances for Failover
        • Example: Regional Distribution
        • Example: Regional Distribution with HA
        • Example: Hub and Spoke / Expandable Mesh
      • Details of High Availability
      • Slow Client Management and Capacity Limits
      • Message Ordering Considerations
    • Operation and Deployment
      • Capacity Planning
      • Linux OS Settings
      • Upgrading AMPS
      • Using AMPS with a Proxy
      • Operations Best Practices
    • Securing AMPS
      • Authentication
        • Configuring Authentication
      • Entitlement
        • Configuring Entitlement
      • Providing an Identity for Outbound Connections
      • Protecting Data in Transit Using TLS/SSL
      • Loadable Authentication/Entitlements Modules
        • Simple Access Entitlements Module
        • RESTful Authentication and Entitlements
        • Multimethod Authentication Module
        • OAuth Authentication Module
      • Loadable Authenticator Modules
        • Multimethod Authenticator
        • Command Execution Authenticator
    • Troubleshooting AMPS
      • Planning for Troubleshooting
      • Diagnostic Utilities
      • Finding Information in the Log
      • Reading Replication Log Messages
      • Troubleshooting Disconnected Clients
      • Troubleshooting Regular Expression Subscriptions
    • AMPS Distribution Layout
    • Optionally-Loaded Modules
      • Loadable Function Modules
        • Legacy Messaging Functions
        • Special-Purpose Functions
      • Loadable Authentication/Entitlements Modules
      • Loadable Authenticator Modules
      • Loadable SOW Key Generator
        • Chaining Key Generator
      • Configuring Modules
    • AMPS Statistics
    • File Format Versions
  • AMPS Monitoring Guide
    • Statistics Types
    • Table Reference
    • Administrative Actions
    • Host Statistics
      • cpu (host statistics)
      • disks (host statistics)
      • memory (host statistics)
      • name (host statistics)
      • network (host statistics)
    • AMPS Instance Statistics
      • api (instance statistics)
      • clients (instance statistics)
      • config.xml (instance statistics)
      • config_path (instance statistics)
      • conflated_topics (instance statistics)
      • cpu (instance statistics)
      • cwd (instance statistics)
      • description (instance statistics)
      • environment (instance statistics)
      • lifetimes (instance statistics)
      • logging (instance statistics)
      • memory (instance statistics)
      • message_types (instance statistics)
      • name (instance statistics)
      • name_hash (instance statistics)
      • pid (instance statistics)
      • processors (instance statistics)
      • queues (instance statistics)
      • queries (instance statistics)
      • replication (instance statistics)
      • sow (instance statistics)
      • statistics (instance statistics)
      • subscriptions (instance statistics)
      • timestamp (instance statistics)
      • transaction_log (instance statistics)
      • transports (instance statistics)
      • tuning (instance statistics)
      • uptime (instance statistics)
      • user_id (instance statistics)
      • version (instance statistics)
      • views (instance statistics)
  • AMPS Command Reference
    • Commands to AMPS
      • logon command
      • Publishing
        • publish command
        • delta_publish command
      • Subscribing to and Querying Topics
        • subscribe command
        • sow command
        • sow_and_subscribe command
        • unsubscribe command
        • delta_subscribe command
        • sow_and_delta_subscribe command
      • Removing Messages (SOW/Topic or Message Queue)
      • heartbeat command
      • flush command
    • Responses from AMPS
      • sow: Content from Server
      • publish: Content from Server
      • oof: Content from Server
      • ack: Status from Server
      • group_begin / group_end: Result Set Delimiters
    • Protocol Reference
      • AMPS Protocol
      • Legacy Protocols Reference
    • Command Cookbook
      • Cookbook: Delta Publish
      • Cookbook: Delta Subscribe
      • Cookbook: Publish
      • Cookbook: SOW
      • Cookbook: SOW and Delta Subscribe
      • Cookbook: SOW and Subscribe
      • Cookbook: SOW Delete
      • Cookbook: Subscribe
  • Deployment Checklist
    • Ensure Sufficient Capacity
    • Apply System and AMPS Configuration
    • Create Maintenance Plan
    • Create Monitoring Strategy
    • Create Patch and Upgrade Plan
    • Create and Test Support Process
    • Conclusion
  • AMPS Clients
    • Performance Tips and Best Practices
    • C++
    • C#/.NET
    • Java
    • JavaScript
    • Python
  • Glossary
Powered by GitBook

Get Help

  • FAQ
  • Legacy Documentation
  • Support / Contact Us

Get AMPS

  • Evaluate
  • Develop

60East Resources

  • Website
  • Privacy Policy

Copyright 2013-2024 60East Technologies, Inc.

On this page
Export as PDF
  1. AMPS User Guide
  2. Securing AMPS
  3. Authentication

Configuring Authentication

PreviousAuthenticationNextEntitlement

Last updated 7 days ago

The Authentication element specifies the module to use for validating user identity. AMPS allows you to set the default Authentication for the instance as a whole, and also to set the Authentication on each Transport individually.

Authentication elements are not required. The instance authentication defaults to using the amps-default-authentication-module if no Authentication element is specified for the instance. An individual Transport defaults to using the instance Authentication if no Authentication element is provided for that Transport.

The section describes how AMPS handles authentication and the default modules in more detail.

Described below are the configuration items for setting Authentication. Expand each item for more details.

Module

This element specifies the name of the module that will be used for authentication.

The value must be the Name of an authentication module loaded in the Modules section of the configuration file or one of the authentication modules that AMPS loads by default.

By default, AMPS loads the authentication modules described in the following section.

Options

A list of supported features for the implemented library.

AMPS allows you to pass options to the module by specifying elements within the Options element. The exact options that the module requires, if any, are determined by the creator of the module.

Authentication Modules Loaded by Default

AMPS loads the following authentication modules by default. Expand each item for more details.

amps-default-authentication-module

Authenticate any user, regardless of the credentials provided. Does not provide the user name to AMPS by default, and does not allow implicit authentication by default.

This module accepts the following options:

  • AllowSpoofing - When set to true, this module provides the user name to AMPS. This option is set to false by default.

  • RequireLogon - When set to true, this module does not allow implicit logon. Connections must explicitly logon or the module will refuse to authenticate them. This option is set to true by default.

  • RequireUsername - When set to true, this module does not allow a logon unless a user name is provided. This option is set to false by default.

amps-implicit-authentication-module

Authenticate any user, regardless of the credentials provided. Allows implicit authentication. Does not provide the user name to AMPS by default.

This module accepts the following option:

  • AllowSpoofing - When set to true, this module provides the user name to AMPS. This option is set to false by default.

This module is provided to mimic the default behavior of the amps-default-authentication-module in versions prior to 5.0. To restore that behavior, set amps-implicit-authentication-module to the Authenticator for the instance.

amps-default-no-authentication-module

Do not authenticate any user.

Authentication