Step-up authentication provides authentication levels for pages and portlets. The Remember me cookie is an encrypted HTTP cookie that supports state-of-the-art authentication, which allows you to present personalized portlets and pages in a public area without asking the user to manually authenticate. Together, these two features allow remembered users to view anonymous pages and portlets with a standard or identified authentication level. By providing a valid Remember me cookie, a user can also be allowed to access protected pages and portlets that require the identified authentication level. If the authentication level is set to authenticated, the user will have to provide a user ID and password to view the page or portlet.
Important: The Remember me cookie does not extend the Portal Personalization feature to the public area because a user identified by the Remember me cookie in a public area is still considered anonymous from an access control point of view.
Restriction: Step-up authentication is not supported by the Web Content authoring portlet or when delivering content using a local or remote Web Content Viewer portlet.
Restriction: Step-up authentication requires the LtpaToken2 for single sign-on; see Implementing single sign-on to minimize Web user authentications for details.
No comments:
Post a Comment