Authentication by pin, Authentication by host name or ip address – VBrick Systems Portal Server ETV v4.1 User Manual

Users and User Groups

ETV Portal Server Admin Guide

91

Authentication by PIN

When an end user accesses the ETV Portal Server via a STB, the Portal Server takes the
following steps to authorize users.
1. It determines if there is Authentication/Authorization information associated with the

Host Name of the STB. If so, based on the STB Host Name, the ETV Portal Server will
present the STB with the information appropriate to its privileges. Note that the ETV
Portal Server uses the least restrictive settings when providing access to the system.

2. If there is no Authentication/Authorization information associated with the Host Name

of the STB, the user will be prompted for a PIN. A PIN is a user-based mechanism to log
onto the STB. When the user enters his or her PIN, the ETV Portal Server authenticates
the user against the Portal Server database.

3. Once the user is authenticated, the ETV Portal Server will check the User Groups and/

or Resource Groups that the User is associated with and the privileges associated with
those groups.

4. After checking the Groups privileges, the ETV Portal Server will check for any individual

user privileges above the group privileges.

5. The user will be presented with the information appropriate to their privileges. Note that

the ETV Portal Server uses the least restrictive settings when providing access to the
system.

If Authentication and Authorization is enabled, but the STB is not defined in the system,

then Access Management works based on a User PIN. This PIN is defined on a per user (not
per STB) basis, so Users need to be setup in the system for this to work. When the user
accesses the ETV Portal Server through the STB, they will be prompted for their PIN. The
user simply enters the PIN with the remote control or the wireless keyboard, and can then
access the video for which they have privilege. This implementation is appropriate for
environments where multiple users with different privileges will be accessing the same STB.
An example of this would be a shared classroom, where multiple teachers are accessing the
STB at different times.

Authentication by Host Name or IP Address

The ETV Portal Server determines the content that the STB can view based on its IP
Address or Host Name. No user interaction is required. The user simply turns on the STB,
and only the content that the STB user can view displays. This implementation is similar to a
Cable Television setup – for example, if the plan does not include HBO, then that channel
cannot be viewed. This implementation is easiest from the end user perspective because end
users do not have to remember user names or PINs. This implementation is appropriate for
environments where multiple people can access the same STB.

The following steps provide best practices for properly configuring the Access Control
section of the ETV Portal Server.