Applications accessed through the web interface

  1. When a user accesses a Landmark application through Infor Rich Client, the user must supply a user name and password as credentials. The encryption (algorithm, provider, key size) for user authentication credentials is configurable.
  2. The credentials are validated using the authentication policy in place (LDAP bind or Match against local storage). A new session for the user is created if the credentials are valid.
  3. Any requests for data or transactions are checked for the proper authorization. The authorization system uses a role-based access control model.
  4. Appropriate data is returned for that request. Any data not authorized for the user to see is not returned (that is, it is not simply hidden from the user; it is not even sent). The authorization model is the same as in #3.
  5. Credentials and sensitive data are stored in the application database in an encrypted form.