InterSystems Authentication Components and Process
The InterSystems authentication process involves three sets of components in addition to the authentication mechanisms:
Connection Tools — The means by which users connect to InterSystems IRIS. Each connection tool uses a particular InterSystems Service to connect to InterSystems IRIS.
InterSystems Services — Control the ability of users to connect to InterSystems IRIS. You can enable or disable services. When you disable a service, then no one can access InterSystems IRIS using the service. When you enable a service, you must also specify the authentication mechanism that it uses.
User Accounts — Contain information about the InterSystems IRIS user, including user name, password, default namespace, and user type.
Here is the process by which Connection Tools, InterSystems Services, and Authentication Mechanisms work together to authenticate a user to InterSystems IRIS:
A user attempts to connect to InterSystems IRIS using a connection tool. The connection tool in turn uses an InterSystems service which then uses a particular authentication mechanism to authenticate the user. The authentication mechanism verifies the user's identity. Depending on the mechanism, the authentication mechanism verifies against information stored in the database or in another repository outside of InterSystems IRIS. If authentication succeeds, then the user has access to the system.