The AuthenticationAlgorithm
controls the authentication search logic. It can restrict the authentication
algorithm to use only the traditional Rational® ClearQuest® Authentication scheme,
or it can allow both Rational ClearQuest and
LDAP authentication for the database set. The administrator configures an
AuthenticationAlgorithm to be used when authenticating users by specifying
the algorithm for the schema repository as a whole.
The following AdminSession object functions allow you to manage and change
the authentication control flow.
- SetAuthenticationAlgorithm(AuthenticationAlgorithm);
- GetAuthenticationAlgorithm( );
Note: The GetAuthenticationAlgorithm method returns
a cached value of the AuthenticationAlgorithm which is initialized when the
AdminSession object is created. The returned value will not reflect a newly
updated value changed (by calling the SetAuthenticationAlgorithm method
or using the installutil setauthenticationalgorithm command)
until the AdminSession object is closed and a new AdminSession object is created
and used instead.
The valid values for the authentication algorithm are:
- CQ_FIRST: The Rational ClearQuest schema
repository is searched first for a Rational ClearQuest user
profile record with the same user name as the given login name, and the user
is authenticated based on the AuthenticationMode for that user record. If
there is no Rational ClearQuest user
profile record with the given login name, then LDAP authentication is attempted.
- CQ_ONLY: traditional Rational ClearQuest user
authentication. Does not allow LDAP authentication. This is the default mode.
See AuthenticationAlgorithm for more information on these algorithm types.
For more information on the methods, see GetAuthenticationAlgorithm and SetAuthenticationAlgorithm.
Note: Traditional Rational ClearQuest authentication
is always an option for user accounts.
Changing the AuthenticationAlgorithm for the schema repository as a whole
does not change the authentication mode for any existing Rational ClearQuest user
accounts. To change the mode of authentication for a particular user, the
administrator must change the AuthenticationMode for that particular user.
See User AuthenticationMode