When authenticating users, ADQM verifies the identity of users and determines if they are allowed to connect to servers. ADQM uses roles to manage access rights.
The following authentication methods are supported:
By password — passwords can be hashed using the SHA-256 and double SHA-1 algorithms, or stored as plain text.
LDAP — an LDAP server can be used as an external authenticator to verify ADQM user passwords or as an external directory to store information about user accounts and their access rights.
By SSL certificates — users can be authenticated by SSL certificates if SSL channel protection is enabled for ADQM.
Kerberos — Kerberos authentication in ADQM is under development, full support for this functionality will be available in future releases of ADQM. Currently, Kerberos-authenticated users can access ADQM through the HTTP interface only, and the used client must support the SPNEGO mechanism. The parameters required for Kerberos authentication are configured in the
kerberossection of the config.xml and users.xml configuration files.