1.14 Linking with JP1/Base authentication
By linking with JP1/Base, you can use the authentication functionality provided by JP1/Base to manage and authenticate JP1/AO users.
When you use JP1/Base to manage users, you can use the JP1/Base user interface to create JP1 users and assign JP1 resource groups and permission levels. By giving JP1 resource groups and permission levels the same names as JP1/AO service groups and roles, you can manage JP1 users as JP1/AO users.
However, a user cannot undergo authentication in JP1/Base if the service group to which the user belongs violates the naming rules for JP1 resource groups.
Linking with JP1/Base offers the following advantages:
You do not need to manage users and user groups in JP1/AO.
You can use existing JP1 user accounts in JP1/AO.
The following figure shows a general overview of user authentication when linking with JP1/Base:
|
![[Figure]](GRAPHICS/F0000039.GIF)
To link JP1/AO with the authentication functionality of JP1/Base, you need to enter the appropriate settings in the configuration file for external authentication server linkage. In a cluster system, make sure that you configure the active and standby servers using the same settings.
After linking with the JP1/Base authentication functionality, when a user who is not registered in JP1/AO attempts to log in, the authentication process is performed by JP1/Base. When a user who is registered in JP1/AO logs in to JP1/AO, authentication and permissions are managed by JP1/AO without any intervention by JP1/Base.