SetAuthenticationAlgorithm

Description

Sets the AuthenticationAlgorithm for the schema repository.

The CQ_FIRST authentication algorithm for a schema repository allows LDAP authentication, after first checking if traditional Rational® ClearQuest® authentication is configured for the login name. The ClearQuest schema repository is first checked for a user profile record that has the same user name as the given login name. If the user is found, then that user's authentication mode is used to determine if traditional ClearQuest or LDAP authentication is to be used for the selected user. If there is no user record in the schema repository that has the same user name as the login name, then LDAP authentication is attempted. If the LDAP server authenticates the login name and password pair as valid then the LDAP mapping attribute (using the installutil setcqldapmap command) is used to find a ClearQuest user profile record that has the same mapping profile field value as the LDAP user's mapping attribute value.

Note: The caller of this method must have Administrator privileges (that is, the UserPrivilegeMaskType value USER_ADMIN) to set this value.

Changing the AuthenticationAlgorithm for the control flow of authentication for the schema repository as a whole does not change the authentication mode for any existing Rational ClearQuest user accounts. To change the mode of authentication for a particular user, the Administrator must change the AuthenticationMode for that particular user.

If the AuthenticationAlgorithm is changed to CQ_ONLY, then any existing LDAP authenticated Rational ClearQuest user will fail to be able to login since LDAP authentication is not allowed. The ClearQuest administrator will need to individually reconfigure these users as ClearQuest authenticated users.

However, if the AuthenticationAlgorithm is changed back to CQ_FIRST and the administrator has not reconfigured LDAP authenticated users, then those users would be able to authenticate using LDAP.

Note: This method became available in version 2003.06.14.

Syntax

VBScript

adminSession.SetAuthenticationAlgorithm(AuthenticationAlgorithm)

Perl

$adminSession->SetAuthenticationAlgorithm(AuthenticationAlgorithm);

Identifier: Description
adminSession: The AdminSession object representing the current schema repository access session.
AuthenticationAlgorithm: A Long containing the AuthenticationAlgorithm of the schema repository.
Return value: None on success, else an exception is thrown (due to an incorrect input value, or other unexpected condition).

Examples

VBScript

' set the admin session ...
  set adminSession = CreateObject("ClearQuest.AdminSession")
  adminSession.Logon "admin", "admin", ""
' set preferred authentication algorithm:
  Dim cquser2 ' a user object
  Dim authAlg ' the authentication algorithm value
  authAlg = AD_CQ_FIRST ' set preference
  StdOut "Setting authentication algorithm for schema to " 
	& CStr(authAlg) & vbCrLf
  adminSession.SetAuthenticationAlgorithm (authAlg)
  StdOut "Authentication algorithm set to: " & CStr(authAlg) 
	& vbCrLf

Perl

use CQPerlExt;
#Create a Rational
                    ClearQuest
 admin session
$adminSession = CQAdminSession::Build();
#Logon as admin
$adminSession->Logon( "admin", "admin", "" );
$adminSession->SetAuthenticationAlgorithm($CQPerlExt::CQ_CQ_FIRST);
# ...
CQAdminSession::Unbuild($adminSession);