Standard nevisAuth Patterns
Introduction
The standard nevisAuth patterns can be used to set up nevisAuth instances and to integrate with nevisProxy. Patterns are classified into categories for easy access; the nevisAuth patterns are classified in the Authentication category.
Core Patterns
The following diagram shows important patterns in the Authenticationcategory. Several add-on patterns are not shown. See Standard Patterns Reference for a complete list.
nevisAuth Instance
The nevisAuth Instancepattern sets up an instance of nevisAuth. It is possible to assign add-on patterns to customize the base configuration (for example, to customize log settings or session storage).
Realm Patterns
Realm patterns integrate nevisAuth with nevisProxy and provide single-sign-on to applications.
As of version 4.2, nevisAdmin provides the following Realm patterns:
- Authentication Realm: This high-level pattern allows you to configure authentication flows by assigning Authentication Step patterns, such as the nevisIDM Password Login pattern.
- Generic Authentication Realm: This low-level pattern allows you to configure nevisAuth by providing AuthStates as XML.
- SAML Service Provider Realm: This pattern is used to make a connection with a SAML Identity Provider.
Authentication Step Patterns
The Authentication Realm pattern includes the property Initial Authentication Flow. You use this property to assign a pattern that implements the InitialStepPattern interface (see the previous graphic). An example of a pattern that implements the InitialStepPatterninterface is the LDAP Login pattern, which is provided by the nevisAuth plug-in. Alternatively, you could assign a Generic Authentication Step pattern and configure a custom authentication process by providing AuthStates as XML.
Authentication step patterns typically also have properties such as On Success or On Failure. You can use these properties to build the authentication flow by chaining patterns.
Application Add-on Patterns
The nevisAuth plug-in provides several patterns that you can assign to applications. You assign these patterns in the property field Additional Settings, which is available in the application patterns (for example, the Web Application pattern). Here are some examples:
- The Authorization Policy pattern allows the definition of the required roles or authentication level.
- Token patterns (for example, the Nevis SecToken pattern) can be assigned to propagate the user identity to the backend.
What if my Use Case is not Covered by the Standard?
If your use case is not covered by the standard patterns, contact Nevis Support and explain your case.
The nevisAuth patterns are in active development and we are interested in your requirements.
In the meantime you have several options:
- Use the Generic Authentication Step pattern to add a custom step to an authentication flow configured with the Authentication Realm pattern. See the Help page of the Generic Authentication Step pattern for further information.
- Use the Generic Authentication Realm pattern for complex authentication flows.