Supported authentication methods
Although WebSEAL functions independently of the authentication process, WebSEAL uses credentials to monitor all users participating in the secure domain.
To obtain the necessary identity information for credentials acquisition, WebSEAL relies on the information gained from the authentication process.
The following table lists the authentication methods supported by WebSEAL for credentials acquisition. When WebSEAL examines a client request, it searches for authentication data in the order specified in this table.
| Authentication Method | Supported Connection Type |
|---|---|
| Failover cookie | HTTP and HTTPS |
| LTPA cookie | HTTP and HTTPS |
| Client-side certificate | HTTPS |
| Forms authentication (username and password) | HTTP and HTTPS |
| Basic authentication (username and password) | HTTP and HTTPS |
| External Authentication Interface | HTTP and HTTPS |
| Open Authentication (OAuth) | HTTP and HTTPS |
Authentication methods can be independently enabled and disabled for both HTTP and HTTPS transports. If no authentication methods are enabled for a particular transport, the authentication process is inactive for clients using that transport.