Authentication methods
The JADE Client provides a number of authentication methods.
These are specified in the Fragments branch of the XSD Schema at the end of various ProtocolFragments branches in the schema. This is because the authentication method(s) that can be used as for a connection depend on the protocol used.
Note that any number of ProtocolFragments can be specified within a configuration, allowing a number of authentication methods to be predefined for a particular file transfer operation. The AlternativeFragments element can be used to specify a number of alternative connections and authentication methods for a file transfer profile.
The protocol-dependency of the various authentication methods is integrated into the XSD Schema and explains why authentication methods lie below ProtocolFragments in the XML hierarchy. This integration in the Schema ensures that the only authentication methods that are supported by a protocol can be specified.
The authentication methods that are supported are:
- BasicAuthentication:
- an Account (i.e. user name) is required
- AND an optional Password
- BasicAuthentication can be used with the following protocol fragments:
- FTP and FTPS fragments
- HTTP and HTTPS fragments
- WebDAV fragments
- SSHAuthentication:
- an Account (i.e. user name) is required
- AND either:
- AuthenticationMethodPassword with a (required) Password
- OR AuthenticationMethodPublickey
- with a (required) AuthenticationFile location
- AND an optional Passphrase that protects the File
- SSHAuthentication can be used with with the following protocol fragments:
- SFTP fragments
- jump fragments
- SMBAuthentication (in conjunction with SMBFragment elements / the SMB protocol and a Hostmane )
- an Account (i.e. user name) is required
- AND an optional Domain
- AND an optional Password
- SMBAuthentication can only be used with with the SMB protocol fragment.
- an Account (i.e. user name) is required
Note that the following additional authentication elements can be optionally specified:
- StrictHostkeyChecking can be specified for some protocol fragments to provide maximum security against Trojan horse attacks.
- AcceptUntrustedCertificate can be used to allow self-signed certificates to be accepted.
Authentication using the Credential Store
JADE can use the SOS Credential Store to securely access authentication credentials.TO EXTEND