session that generated the cookie can access it. When the user closes the browser or logs out of iLO,
the browser destroys the cookie. Therefore, users should close all browser instances to guarantee the
cookie is destroyed.
After the browser creates the cookie, it returns it to iLO with a request for a status page. The iLO
device then begins the process of looking up the assigned user privileges. The iLO processor uses a
generic login interface (application program interface, or API) to centralize the login functionality and
abstract the local and directory user accounts. The common login API authenticates first against the
directory, and then against local user accounts. Figure 5 shows the common login API that iLO
performs using the authenticated credentials in the cookie.
Figure 5.
Common login API flowchart
Start iLO 2 login process
Bad login
name or
password
Directory
enabled and
local accounts
disabled?
Found as
local user?
Scan local
user accounts
No
Single
Sign-On
Enabled?
Compare with
SSO proxy
credentials
Erase
SSO proxy
credentials
Match as
SSO?
No
Yes
Directory
integration?
Yes
No
No
Attempt directory
authentication
Authenticated
to directory?
iLO security
override
switch set?
No
Yes
No
Login as
security override:
login name
Exit (error)
No
Yes
No
Login as
Local user
Login as
SSO user
Login as
Directory user
Yes
Yes
Yes
Yes
Record login
event
Record login
failure
Log the event?
Yes
No
Exit (success)
Start iLO 2 login process
Bad login
name or
password
Directory
enabled and
local accounts
disabled?
Found as
local user?
Scan local
user accounts
No
Single
Sign-On
Enabled?
Compare with
SSO proxy
credentials
Erase
SSO proxy
credentials
Match as
SSO?
No
Yes
Directory
integration?
Yes
No
No
Attempt directory
authentication
Authenticated
to directory?
iLO security
override
switch set?
No
Yes
No
Login as
security override:
login name
Exit (error)
No
Yes
No
Login as
Local user
Login as
SSO user
Login as
Directory user
Yes
Yes
Yes
Yes
Record login
event
Record login
failure
Log the event?
Yes
No
Exit (success)
After authenticating the user, iLO calculates the current privileges, as described in the section titled
“
Calculating current privileges
.” Then iLO sends the iLO Status Summary page to the client browser
12