By default, SAS Web
applications use the form-based authentication that is provided by
the SAS Logon Manager Web application. When credentials are provided
to the SAS Logon Manager Web application, the credentials are sent
to the SAS Metadata server for authentication. The metadata server
then authenticates the credentials against its authentication provider.
The default provider is the host operating system.
As an alternative, you
can configure the SAS Web applications to authenticate on the middle
tier. When users log on to a SAS Web application, the Web application
server handles the initial authentication. In this configuration,
the Web application server’s JAAS login module authentication
provider verifies the user’s identity. Then, the SAS Logon
Manager Web application makes a trusted user connection to the metadata
server to check that the authenticated user has a SAS identity in
metadata.
Performing Web authentication
facilitates single sign-on. Most likely, your organization has several
applications behind a common set of reverse proxy and HTTP servers.
By having a common server handle authentication, users do not need
to re-authenticate for access to each application.