Client Authentication
Beginning in RLM v13.0, ISV servers are able to authenticate clients before doing any processing on their requests. This ability is entirely under your control, based on information in the ISV server options file. If there are any USER records in the options file, the server will authenticate all requests (including checkouts, status, reread, shutdown, etc.).
Note
This functionality is available only with RLM native comms, not with HTTPS communications.
Turning on Authentication
In order to turn on authentication, you must create one or more USER records in the ISV server’s options file. This is done with the new rlmadduser utility (or “rlmutil rlmadduser”).
To add a user, run:
% rlmadduser options-file-name username password
This command adds the specified username/password pair to the end of the options-file specified.
Some notes:
Usernames and passwords must be <= 10 characters long
Usernames and passwords are CASE SENSITIVE
Usernames and passwords cannot contain white space or any of the following characters: “<”, “>”, “&”, “:”, and single (’ or `) or double quotes (“)
If there are no USER records in the ISV server options file, the server does no authentication of clients.
Passing authentication to the Server
In order to pass the authentication data to the license server, set the environment variable RLMAUTH to <username>:<password>. The data will be passed on any client request to the server.
This capability requires an RLM v13.0-linked client as well as v13.0 license servers.
Server Processing
If the ISV server encounters any valid USER records in its options file, authentication is automatically turned on. If the same username is encountered twice in the options file, the password from the last entry will be used. All components must be RLM v13.0 or greater, both servers and applications.
If you use authentication on more than one ISV server, you will probably find it useful to have a single administration user to do shutdowns and rereads.