Stacking Providers for DCN SSO Authentication

(Applies only to DCN events) Stack DCN providers with SSO providers to authenticate the SUP DCN User logical role with the SSO mechanisms. The users must be authenicated before they can be authorized.

The providers you use for SSO can vary.
  1. For HttpAuthenticationLoginModule SSOimplementations, the CertificateAuthenticationLoginModule must be first in the list with the controlFlag set to "sufficient". If authentication succeeds, no other modules are used unless their controlFlags are set to "required".
  2. For CertificateAuthenticationLoginModule implementations, , stack the chose DCN provider after the CertificateAuthenticationLoginModule and:
    1. Set the CertificateAuthenticationLoginModule's controlFlag to "sufficient", and order it first in the stack. This sequence allows normal device users to authenticate quickly.
    2. Choose any other user name and password-based login module to stack with its controlFlag set to either "optional" or "sufficient".
Parent topic: Enabling Authorization of EIS Operations
Related concepts
SUP Roles to Support EIS Operations: SUP DCN User and SUP Push User
Related tasks
Setting Up Authorization with a Technical User Role Stored in a Repository
Setting Up Authorization with Certificate Validation
Setting Up Authorization with PreConfiguredUserLogin Values