Security

The security of LumisXP is divided into authentication and authorization.

The authentication takes care of the identification and certification of the user through a login and password. This authentication can be delegated to an external mechanism that is compatible with the JAAS – Java Authorization and Authentication Service standard from Sun Microsystem®. With this technology, it is possible to authenticate in various systems such as Active Directory, LDAP Server, or another customized mechanism.

The authentication mechanism of LumisXP has been implemented using the set of APIs from JAAS. With this technology, it is possible to delegate authentication to various systems such as Active Directory from Windows, IBM Directory, LDAP Server, etc.

Another form of authentication is through the integrated login.

By default, LumisXP comes configured to authenticate using its user and password database, but this configuration can be changed to allow for external authentication.

Authorization, on the other hand, is done exclusively by the portal and is based on users, groups, and permissions, which are configured in the various ACL (Access Control List) of the objects. An ACL is a set of permissions for an object that is associated with a principal (user or group).