VBrick Systems Server ETV v3.1 Manual Do Utilizador
46
© 2005 VBrick Systems, Inc.
functionality of the ETV Portal Server Access Control system, it is beneficial to define some
of terms that will be used throughout the remainder of this document.
of terms that will be used throughout the remainder of this document.
Authentication
Authentication is the process of identifying an individual, usually based on a username and
password. In security systems, authentication is distinct from authorization (see below), which is
the process of providing individuals access to resources based on their identity.
Authentication merely ensures that the individual is who he or she claims to be, but says
nothing about the access rights of the individual.
The ETV Portal Server Access Control system allows administrators to authenticate users
against the ETV Portal Server database or authenticate users against an LDAP directory.
More details on the different authentication databases are given below.
password. In security systems, authentication is distinct from authorization (see below), which is
the process of providing individuals access to resources based on their identity.
Authentication merely ensures that the individual is who he or she claims to be, but says
nothing about the access rights of the individual.
The ETV Portal Server Access Control system allows administrators to authenticate users
against the ETV Portal Server database or authenticate users against an LDAP directory.
More details on the different authentication databases are given below.
Authorization
Authorization is the process of granting or denying access to a network resource. Most
computer security systems are based on a two-step process. The first stage is authentication,
which ensures that a user is who he or she claims to be. The second stage is authorization,
which allows the user access to various resources based on the user's identity. In the ETV
Portal Server, all authorization is done directly on the ETV Portal Server, through the ETV
Portal Server database.
computer security systems are based on a two-step process. The first stage is authentication,
which ensures that a user is who he or she claims to be. The second stage is authorization,
which allows the user access to various resources based on the user's identity. In the ETV
Portal Server, all authorization is done directly on the ETV Portal Server, through the ETV
Portal Server database.
LDAP
LDAP stands for Lightweight Directory Access Protocol which is a set of protocols for
accessing information directories. The LDAP standard defines both a network protocol for
accessing information from the directory and an extensible structure for defining how the
information is organized in the directory. The advantage of using an LDAP directory is
centralized management of users. For example, a new user needs only to be entered once into
the LDAP directory and all future modifications to that user can be done in the same central
location. Different applications can authenticate and/or authorize users against the LDAP
directory.
There are numerous LDAP directory products on the market today, but the most popular are
Microsoft Active Directory, Novell eDirectory, Sun iPlanet, and OpenLDAP. VBrick supports
major LDAP vendors but only Microsoft Active Directory and Novell eDirectory are fully tested
and supported.
accessing information directories. The LDAP standard defines both a network protocol for
accessing information from the directory and an extensible structure for defining how the
information is organized in the directory. The advantage of using an LDAP directory is
centralized management of users. For example, a new user needs only to be entered once into
the LDAP directory and all future modifications to that user can be done in the same central
location. Different applications can authenticate and/or authorize users against the LDAP
directory.
There are numerous LDAP directory products on the market today, but the most popular are
Microsoft Active Directory, Novell eDirectory, Sun iPlanet, and OpenLDAP. VBrick supports
major LDAP vendors but only Microsoft Active Directory and Novell eDirectory are fully tested
and supported.
VBrick Database
The ETV Portal Server server ships by default with the MySQL database, which is a fully
ODBC-compliant database. (Open Database Connectivity is a standard database access
method.) For those environments that have not migrated to an LDAP directory-based user
management system, all of the authentication functionality can be done directly in the ETV
Portal Server database itself. Also, for those environments that are using LDAP directories for
Authentication, all of the Authorization functionality also takes place in the ETV Portal
Server database. Additionally, to reduce the chance of system lockout, all Administrative
Users are located in the ETV Portal Server database.
ODBC-compliant database. (Open Database Connectivity is a standard database access
method.) For those environments that have not migrated to an LDAP directory-based user
management system, all of the authentication functionality can be done directly in the ETV
Portal Server database itself. Also, for those environments that are using LDAP directories for
Authentication, all of the Authorization functionality also takes place in the ETV Portal
Server database. Additionally, to reduce the chance of system lockout, all Administrative
Users are located in the ETV Portal Server database.
Resources and Resource Groups
In the ETV Portal Server, providing a user with Resources refers to providing them access to
a particular functionality of the EtherneTV system. These include the ability to view Live
a particular functionality of the EtherneTV system. These include the ability to view Live