IBM Sterling Ideas
formerly Watson Supply Chain
Submit new product ideas for IBM Sterling solutions. Before you submit, please review existing ideas; if an idea close to yours already exists, it's better to add comments or vote on the existing idea. We will review your ideas and use them to help prioritize our product development. Best of all, the portal will automatically update you when the status of your idea has been changed. Order Management, Store Engagement, Watson Order Optimizer, Inventory Visibility, CPQ and Call Center are now part of Watson Supply Chain
Connect with IBM experts and your peers on the
Supply Chain Collaboration Community and the Order Management Interest Group
External authentication is already achieved through SEAS, however, if additional authentication logic is required then the only way to achieve this is through a SEAS custom exit. Use of a SEAS custom exit means that we have to re-write the existing authentication logic that ships with SEAS in addition to completing the additional logic.
For instance, if we use a custom exit to authenticate an SSH key and validate that the user is not connecting from a volatile list of IP addresses then we have to write the key authentication logic and IP lookup even though the key authentication logic ships with SEAS.
It would be much better to have either a pre or post authentication exit for a SEAS profile so that additional logic can be executed in addition to that which ships with the product.
For instance, I configure SEAS with the OOTB Key authentication profile. In that profile, I then have the option to set a Java class as a user exit once the OOTB authentication completes. This reduces the complexity of code we need to maintain and ensures that the main authentication logic as designed and tested by IBM is still used.
This would likely benefit all users of product that have need of custom exit, but do not want to re-write and manage the authentication logic that ships with the product in addition to the custom extension.
How will this idea be used?
The exit will be used to validate connections against a volatile list of undesired sources and record the user information who attempted the connection.
|What is your industry?||Banking|
|What is the idea priority?||Urgent|
|Link to original RFE|