Riva CRM Integration - Documentation and Knowledge Base

Domino: Authentication Modes Supported

Article ID: 920
Last updated: 18 Nov, 2016

Riva supports the following two primary authentication modes available to Domino:

  1. Standard HTTP Authentication
  2. Session-based Forms Authentication
Notice! It is always highly recommended that all communication be HTTPS (SSL) encrypted. This will ensure that when credentials are exchanged between Riva and Domino, passwords are always encrypted.

The below is an excerpt from the Domino Administrator guide, http://publib.boulder.ibm.com/infocenter/domhelp/v8r0/topic/com.ibm.help.domino.admin85.doc/H_SSL_AND_BASIC_PASSWORD_AUTHENTICATION_8792_OVERVIEW.html

Name-and-password authentication, also known as basic password authentication, uses a basic challenge/response protocol to ask users for their names and passwords and then verifies the accuracy of the passwords by checking them against a secure hash of the password stored in Person documents in the IBM® Lotus® Domino(tm) Directory.

Standard HTTP Authentication

A common internet standard is HTTP authentication.

With Domino, this authentication method requires that every request including subsequent requests include the complete HTTP authentication header. This header includes the user name and password.

Advantages:

  1. Not affected by session timeouts.
  2. No need for applications to keep session states.
  3. Low server memory consumption.
  4. Easily scales for distributed load.

Disadvantage:

  1. For every request, the credentials are included in the HTTP headers.

Session-Based Forms Authentication

This is a common authentication process. Users are prompted with a web-based form for their credentials when they first access a password-protected section of the site.

With Domino, this authentication method requires that session-based form authentication be enabled.

Advantages:

  1. The credentials are exchanged once at the beginning of the session.
  2. The session can be used until an inactivity timeout or session reset.
  3. Used to enable single sign-on or enable gated authentication.

Disadvantages:

  1. Applications must store and manage session states, including re-authentication.
  2. Higher server memory usage, because the session state must be maintained.
  3. Session timeout requires applications to re-authenticate after timeout.
  4. More complicated scaling to distribute loads in a multiserver environment.
  5. Uses HTTP cookies to maintain session that must be kept by the application.

Article ID: 920
Last updated: 18 Nov, 2016
Revision: 2
Views: 6227