EAServer 4.1 adds methods that allow a client to maintain an authenticated session across multiple transport sessions. In versions earlier than EAServer 4.1, if a client created a second component instance on the same server, or created a component instance on another server in the same cluster, the client was reauthenticated. A server can now authenticate and verify a client’s credentials once, and, on subsequent authentication requests, the client provides a reference to the initial authentication.
To use the single authentication mechanism, you must use a custom authentication component that implements the CtsSecurity::AuthService interface.
CtsSecurity::SessionInfo::setName is a method that can be called only when your custom authentication component is running. When this method is called from the custom authentication component, the server sets the reference to the authenticated security credentials. When the client needs to be authenticated again, the custom authentication component returns the original principal name by calling CtsSecurity::AuthService::getCallerPrincipal(string alternate_name). For more information, see Chapter 10, “Creating and Using Custom Security Components,” in the Security Administration and Programming Guide.
