Use > Hardening > Universal CMDB Login Authentication > Setting Up an Authentication Method

Setting Up an Authentication Method

To perform authentication, you can work:

  • Against the internal Universal CMDB service.

  • Through the Lightweight Directory Access Protocol (LDAP). You can use a dedicated, external LDAP server to store the authentication information instead of using the internal Universal CMDB service.

    For details on LDAP, see the section about LDAP Mapping in the Universal CMDB Administration Guide.

    The default authentication method uses the internal Universal CMDB service. If you use the default method, you do not have to make any changes to the system.

    These options apply to logins performed through Web services as well as through the user interface.

  • Through LW-SSO. Universal CMDB is configured with LW-SSO. LW-SSO enables you to log in to Universal CMDB and automatically have access to other configured applications running on the same domain, without needing to log in to those applications.

    When LW-SSO Authentication Support is enabled (it is disabled by default), you must ensure that the other applications in the Single Sign-On environment have LW-SSO enabled and are working with the same initString parameter.

  • Through SAML authentication.Using SAML Authentication, UCMDB allows users to access the UCMDB UI based on the authentication assertion received from the Identity Provider (IdP). So, instead of authenticating the user based on the username and password entered on the UCMDB UI login page, the UCMDB server passes the authentication responsibility to IdP and the users automatically log in to the UCMDB UI when a successful response is received from IdP.