Services and Authentication

Services represent components of the system that require authentication. Among other things, each service stores specifications about how a user can access that service. When a user attempts to access the component, the component's service authenticates the user, or refers to another service that performs the authentication. In general, a service must exist and users must have identities for that service before the users can access or use the component or application represented by the service.

Services that perform authentication can be designated as the primary service for your system or, if you are using multiple SSO domains, they can be designated as the primary service for a domain. The installation of Landmark includes the Single Sign-On service (SSOPV2) as a primary service. If your services are set up to refer to the Single Sign-On service, then SSOPV2 provides a consistent authentication interface to the user, no matter what Lawson application or service the user is attempting to access. It also enables a user to be authenticated for one Lawson service and then not need to sign in separately to other Lawson services when the user attempts to access those other services.

Services that refer to a primary service for authentication are reference services. For example, if you have SSOPV2 as the primary service, you may have the services for several applications set up as reference services that point to SSOPV2 for authentication purposes.

You can configure both primary services and reference services through the setup and assignment of security policies. The security policies control login schemes, account lockout policies, password policies, and password reset policies.