The OpenInsight Authentication Module (OAM) builds upon the standard OpenInsight security processes and provides additional enhanced industry standard security processes. It is included in OpenInsight 10.0 and above.
The module provides support for login policies including locking out of users after a definable number of unsuccessful attempts, password construction requirements, etc. Sensitive data for policy and user information is stored in AES encrypted records. In addition, the OAM records ("journals") successful and unsuccessful login attempts, changes to policies and changes to user information.
Administrators will configure login policies, and set up user information, for all applications that require this enhanced security. End users will log into enhanced security applications twice - once via the normal OpenInsight log in process, and then through the enhanced security screen. If desired, administrators can hard code the password and application name (in the desktop "shortcut") to remove the end user requirement of logging in via the normal OpenInsight log in process, or - should the network infrastructure support it - Revelation Software recommends that OpenInsight Single Sign-On (SSO) is also enabled for thes systems.
The user interface components included in this implementation of the OAM are a master Policy Configuration window, the Authentication User Maintenance window, the User Password Maintenance window, and the sample User Login Screen.
The Policy Configuration window is used to define and maintain the enhanced policy configuration.
The Authentication User Maintenance window is used to create and maintain individual user settings such as expiration dates and disable until dates, as well as to reset the users's password.
The User Password Maintenance window is used by the individual user to change his or her password.
The sample User Login Screen serves as an example of how to connect your own login screen to the routines used to access the functionality of the OAM.
In addition, there is an MDI frame that can be used to access the various windows for testing of the module's functionality.