Authentication chains: Plugins
The following sections show you how to write authentication chain plugins or adapt sample plugins for your requirements. There are two types of authentication chain plugins:
Chain selector plugins
These plugins are specific for the Authentication chain selector (
select_chain.pss) module and they are configured via the Run this plugin to automatically select a sub-chain option of theselect_chainmodule. These type of plugins can decide:What chain to use to authenticate the user
What chains are available for users to authenticate themselves
Bravura Security provides samples listed in Table 1, “Authentication chain selector plugin samples”.
External authentication plugins
These plugins can be used to implement new authentication methods or processes and they are configured and launched via the External program setting for the
external.pssauthentication module.These type of plugins can decide:
What tokens are required to complete the authentication process and what kind of dialog to present to the user for acquiring those required tokens.
What authentication chain to use to continue the authentication process.
Whether the tokens provided are valid or invalid and whether the authentication should consider success or failed accordingly.
Bravura Security provides samples listed in Table 2, “External authentication plugin samples”.
Sample script | Description |
|---|---|
| A generic sample to demonstrate IP based chain selection. |
| Can be used to direct users to a single-page login page that includes ID and password fields. |
Sample script | Description |
|---|---|
| A simple demonstration of this kind of plugin. |
| Generic tools for web server(NTLM, SmartCard) authentication integration. |
| Provides authentication to anonymous users who do not have pre-existing credentials, allowing them to submit pre-defined requests for new users. |
| Allows authentication using profile attributes, such as date of birth and email address. |