Zorp can authenticate every connection: it is a single sign-on (SSO) authentication point for network connections. During authentication, Zorp communicates with the Zorp Authentication Agent (ZAA) application that runs on the client computers.
However, Zorp does not have database access for authentication information such as usernames, passwords and access rights. It operates indirectly with the help of authentication backends through an authentication middleware, the Zorp Authentication Server (ZAS). To authenticate a connection, Zorp connects to ZAS, and ZAS retrieves the necessary information from a user database. ZAS notifies Zorp about the results of the authentication, together with some additional data about the user that can be used for authorization.
ZAS supports the following user database backends:
plain file in Apache htpasswd format
Pluggable Authentication Module (PAM) framework
RADIUS server
LDAP server (plain BIND, password authentication, or with own LDAP scheme)
Microsoft Active Directory
ZAS supports the following authentication methods:
plain password-based authentication
challenge/response method (S/KEY, CryptoCard RB1)
X.509 certificates
Kerberos 5
Published on March 04, 2024
© BalaSys IT Ltd.
Send your comments to support@balasys.hu
