Applications accessed through the web interface
- When a user accesses a Landmark application through Infor Rich Client, the user must supply a user name and password as credentials. The encryption (algorithm, provider, key size) for user authentication credentials is configurable.
- The credentials are validated using the authentication policy in place (LDAP bind or Match against local storage). A new session for the user is created if the credentials are valid.
- Any requests for data or transactions are checked for the proper authorization. The authorization system uses a role-based access control model.
- Appropriate data is returned for that request. Any data not authorized for the user to see is not returned (that is, it is not simply hidden from the user; it is not even sent). The authorization model is the same as in #3.
- Credentials and sensitive data are stored in the application database in an encrypted form.