Windows Domain and User Name Authentication Plus Role Authentication
One of your options for authenticating a user's credentials at login is Windows Domain and User Name authentication, plus role authentication and communication security. This authentication is available only for n-tier deployments.
In an n-tier deployment, clients connect to an application server and the application server connects to the database. The authentication occurs between the client and server. Cobra uses configuration files found on both the client machines and application server to enable Windows authentication. Authentication only supports authenticating users who are members of the same domain as the application server.
After Windows Authentication is configured, Cobra performs the following actions:
- When a user starts a Cobra client, the client attempts to connect to the application server. The Windows User Identity from the client Windows machine (which includes the user ID and Domain) is passed to the server, where it is authenticated against the Active Directory of the server. This authentication process is controlled by Windows Communication Foundation (WCF). If authentication fails, the Cobra login will fail and the user will not be able to gain access to Cobra.
Attention: For more information, go to the Deltek Support Center site and check the Knowledge Base article about the WCF feature of Cobra.
- Once the user is successfully authenticated against Active Directory, the Cobra n-tier service validates the Windows User Identity against any roles specified in the configuration file of the Cobra n-tier service. If one or more roles are specified, and the Windows User does not have one or more of those Windows roles assigned, the Cobra login will fail and the user will not be able to gain access to Cobra.
- If Active Directory and role authentication succeed, the Cobra n-tier service uses the User ID and Domain of the Windows User and validates them against the list of users in the Cobra database. If a matching entry cannot be found, the Cobra login will fail and the user will not be able to gain access to Cobra.
- If a Cobra user is found with a matching User ID and Domain, the user is logged into Cobra.
Parent Topic: Windows Authentication