Introduction to Access Control Unit

The Nesstar Server provides an Access Control Unit (ACU) that controls access to data and operations made available by the server.

The ACU controls functions such as the following:

A challenge is a dialogue between the user and the server and may appear in one of several ways:

A challenge sequence is a series of challenges issued by the server.

The simplest challenge type is a login form, which is presented to the user if a login has not been performed before a protected operation.

By default the server supports the following kind of challenges (more can be added):

The Nesstar Authentication process behaves as follows:

  1. A user requests a server operation.
  2. The Access Control Unit retrieves the user details from the user database.
  3. The ACU authenticates the user details.
  4. The ACU checks whether the user is authorised to perform the requested operation.
  5. If the user is not authorised or further authentication details are required then the ACU issues a challenge for authentication.
  6. At the end of the challenge sequence the user is granted or denied access to the resource according to the access conditions.
  7. The user is either authorised or not authorised.