User Authentication¶

Colectica Repository supports user profiles. Users must provide credentials in order to access the repository. Colectica Repository uses the WS-Security Model to implement user authentication.

Colectica Repository can be configured to verify credentials in two ways:

  1. Built-in, database-backed membership provider

  2. Active Directory

Custom providers can also be built to interface with an organization’s current authentication scheme, such as LDAP. Colectica Repository also supports X.509 client certificates, Windows Authentication, Kerberos Tokens, and SAML Tokens for user authentication.

Note

Implementers Note: All users must be authenticated with the repository for every call. If an organization wishes to allow guest access, a guest user should be created and given the appropriate roles for access.