Please ensure Javascript is enabled for purposes of website accessibility
Powered by Zoomin Software. For more details please contactZoomin

Application Server

TABLE OF CONTENTS

Authentication Modes

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
  • Last UpdatedJun 16, 2022
  • 2 minute read

Enable security for a Galaxy by selecting one of four authentication modes:

  • Galaxy: Uses local Galaxy configuration to authenticate users. All security for the Galaxy is specified and contained at the specific Galaxy level. When the user logs on, security credentials are checked and access to areas and activities is granted at the Galaxy level.

    Note: If you are implementing a multi-Galaxy environment or creating credentials for ViewApps, Galaxy Authentication Mode is not supported. Use one of the OS-based authentication modes instead. See Working with Multiple GR Nodes and Galaxies and About Credentials for more information.

  • OS User Based: Uses the operating system's user authentication system on an individual user level. All security for the Galaxy is specified and contained in the operating system (OS) on a user level basis. When the user logs on, security credentials are checked and access to areas and activities are decided at the OS user level.

  • OS Group Based: Uses the operating system's user authentication system on a group basis. All security for the Galaxy is specified and contained in the user-to-roles mapping you created in the OS to assign security. When a user logs on, security credentials are checked and verified at the OS group level. OS groups are mapped to security roles in the Galaxy to allow access to areas and activities in the Galaxy. For more information, see About OS Group-based Security.

  • Authentication Providers: Uses the AVEVA Identity Manager (AIM) to create a unified security management infrastructure across your local System Platform nodes and Azure VMs by leveraging operating system security and Azure Active Directory (AD). To use Azure AD as an authentication mode, you must have an Azure AD account available in the Azure portal. See Configure Azure AD as an Identity Provider for guidance about creating an account. The identity manager is normally configured during System Platform installation is a Platform Common Service. See Common Platform for details.

The AVEVA Identity Manager (AIM) is a Platform Common Service (PCS) that creates a unified security management infrastructure across your local System Platform nodes and Azure VMs by leveraging operating system security and Azure Active Directory (AD). To use Azure AD as an authentication mode, you must have an Azure AD account available in the Azure portal. See Configure Azure AD as an Identity Provider for guidance about creating an account.

Note: If you are using OS user-based security or OS group-based security and you have permissions to use the IDE, the Log In dialog box does not appear.

Important: Do not use the "Administrator" user account to log in to Application Server, InTouch ViewApps, or other System Platform components. "Administrator" is a reserved System Platform name. Some modules of Application Server and System Platform view "Administrator" as a system admin, while other modules view it as a Galaxy admin.

TitleResults for “How to create a CRG?”Also Available in