concept_identity.htm [plain text]
<html>
<head>
<title>Network Identity Manager Concepts: Identity</title>
<meta name="description" content="NetIDMgr Concepts: Identity">
<meta name="keywords" content="identity,concepts">
<link rel="stylesheet" type="text/css" href="nidmgr.css">
</head>
<body>
<h1>Network Identity Manager Concepts: Identity</h1>
<p>While there are many approaches to defining what an identity is, as far as the
Network Identity Manager (NetIDMgr) is concerned, an identity is the unique user
identifier that is accepted by a network service. Each credential that is managed
by NetIDMgr is assumed to map to a single identity. The collection of credentials
that map to a single identity is considered to belong to that identity. </p>
<p></p>
<a name="default_identity"></a>
<h3>Default Identity</h3>
<p>The default identity is the identity that will be used by applications when a
specific identity is not requested. The Kerberos v5 plug-in will mark the
credential cache that contains the default identity as the default credentials cache
for the current logon session.</p>
<p>Most applications that implement GSS-API or Kerberos v5 authentication assume
that there is only one Kerberos v5 credential cache and one identity in use by
the user at a time. These applications use the default identity. In
general, if the application does not have a configuration option permitting the
specification of a Kerberos v5 principal, the default identity will be used.</p>
<p> </p>
</body>
</html>