Server API authentication setup examples

You can go through a list of Server API authentication examples. This will help you in configuring the server.

Authentication configuration examples:

Non-SSL configuration and custom authentication:
```
api.remote.ssl.on=false 
api.remote.nonssl.hosts=192.168.113.51, 192.168.113.52 
api.custom.authentication=ldap_auth.js 
```
SSL is not used.
- Authentication requests with no username and password supplied succeed only if they are invoked from the localhost or from 192.168.113.51 or 192.168.113.52.
- Authentication requests with username and password supplied succeed only if the ldap_auth.js successfully authenticates the user specified with the username and password parameters.
- Remote JMX clients are authenticated only when the request comes from the localhost or from 192.168.113.51 or 192.168.113.52.
SSL (without client authentication) and custom authentication:
```
api.remote.ssl.on=true 
api.remote.ssl.client.auth.on=false 
api.custom.authentication=ldap_auth.js
```
SSL is used for remote Server API communication.
- Authentication requests with no username and password supplied fail because neither SSL client authentication, nor host-based authentication is turned on.
- Authentication requests with username and password supplied succeed only if the ldap_auth.js successfully authenticates the user specified with the username and password parameters.
- Host-based authentication is not available in this case regardless of the value of the api.remote.nonssl.hosts parameter, because api.remote.ssl.on is set to true.
- Remote JMX layer is not accessible. This is because SSL is turned on but SSL client authentication is not used.
SSL with client authentication and custom authentication:
```
api.remote.ssl.on=true 
api.remote.ssl.client.auth.on=true 
api.custom.authentication=ldap_auth.js 
```
SSL is used for remote Server API communication and the Server requires SSL client authentication.
- Authentication requests with no username and password supplied succeed when the SSL certificate of the client is present in the Server’s truststore (or verifiable using the certificates in the truststore).
- Authentication requests with username and password supplied succeed only when the SSL client authentication is successful (the SSL certificate of the client is present in the Server’s truststore) and the ldap_auth.js script successfully authenticates the user specified with the username and password parameters. In this case, authorization is performed based on the username parameter from the username and password supplied and not with the user identity from the SSL client certificate.
- Host-based authentication is not available in this case regardless of the value of the api.remote.nonssl.hosts parameter, because api.remote.ssl.on is set to true.
- Remote JMX clients are authenticated when the SSL certificate of the client is present in the Server’s truststore (or verifiable using the certificates in the truststore).
SSL with client authentication & no custom authentication:
```
api.remote.ssl.on=true 
api.remote.ssl.client.auth.on=true 
api.custom.authentication=
```
(as an alternative, the "api.custom.authentication" property may be missing entirely)
SSL is used for remote Server API communication and the Server requires SSL client authentication.
- Authentication requests with no username and password supplied succeed when the SSL certificate of the client is present in the Server’s truststore (or verifiable using the certificates in the truststore).
- Authentication requests with username and password supplied do not succeed because custom authentication is not configured.
- Host-based authentication is not available in this case regardless of the value of the api.remote.nonssl.hosts parameter, because api.remote.ssl.on is set to true.
- Remote JMX clients are authenticated successfully only when the SSL certificate of the client is present in the Server’s truststore.