Configuring the third-party web service – H3C Technologies H3C Intelligent Management Center User Manual

420

Configuring the third-party Web service

1.

Access the Third-party Authentication page.

2.

Click the Configure icon .
The Third-Party Authentication Policy page appears.

3.

Configure the following third-party authentication parameters:

{

Enable Third-Party Authentication—Select this option to enable third-party authentication and
select Third-Party Web Service.

{

Authentication Method—Select an authentication method. Options are Third-Party

Authentication First and Local Authentication First.

−

Third-Party Authentication First—To authenticate a third-party user, UAM first uses a
third-party Web service API. If the third-party Web service API cannot be used, UAM uses

the local database.

−

Local Authentication First—To authenticate a third-party user, UAM first searches the local
database. If no match is found, UAM uses the third-party Web service API.

4.

In the Basic Information area, configure the following parameters:

{

Web Interface Method—Select a Web service API from the list. Options are HTTP/HTTPS and
REST.

When the HTTP/HTTPS option is selected, the system sends authentication requests to the
specified third-party service URL by using the specified username and password.
When the REST option is selected, the system sends authentication requests to the specified
third-party service URL. The URL must include the fields ${username} and ${password} to
indicate the username and the password.

{

Request Mode—Select a mode for UAM to send authentication requests to the third-party service
URL. Options are GET and POST.

{

Identity Check Mode—Select a user identity check mode from the list. Options are Access the
Web interface for authentication and Use the password returned by the Web interface for

authentication.

−

Access the Web interface for authentication—The third-party Web service API authenticates
the user and then sends the authentication result back to UAM.

−

Use the password returned by the Web interface for authentication—UAM uses the
password returned by the third-party Web service API to authenticate the user.

{

Web Service URL—Enter the URL of the third-party Web service.

{

Username—Enter a user name that identifies the user in packets sent from UAM to the Web

service API.

{

Password—Enter the password of the user name. This parameter appears only when Identity
Check Mode is set to Access the Web interface for authentication.

{

AuthN Success Identifier—Enter a character string. The authentication process is considered to
be successful only when the returned value set includes this identifier. This parameter appears

only when Identity Check Mode is set to Access the Web interface for authentication.

{

String before failure message/String after failure message—Enter a character string in the two
fields. When Access the Web interface for authentication is selected from the Identity Check

Mode list, you must specify these two fields to obtain the authentication failure message. If you
do not specify these two fields, all characters returned by the Web service API are treated as the