How is ControlTier secure?
ControlTier security is managed at various levels. • Authentication: ControlTier server users must authenticate to access information managed in the server. The server tools use a form-based login mechanism that has session expiration control. User information is stored in an LDAP database or flat file. • Authorization: Authorization is managed via security roles defined in LDAP. A security role is a privilege granted to a group of users allowing a particular Workbench action. Workbench requires users to have a login ID to authenticate to the server, and to determine the user’s role, which provides authorization to access different functionality. See the Security Roles section in the Workbench documentation for more info. Whenever a user executes a command via the client, the request passes through an authorization stage, where the user request is matched up against the access control list. Part of the authorization process includes a user role lookup from an LDAP repository. The clien
