Steve: It is difficult to compare a decade-old open-source enterprise-wide solution (ie Atrium/OpenSSO), that is not well integrated with AR System, with a modern solution built for AR System that sits neatly in Mid Tier and is well supported/respected by BMC customers/partners. :)
Matt's found a very nice video and it only goes to highlight the importance of protecting against brute-force attacks, such as automatically locking accounts in AR System after a number of failed login attempts. And of course, changing the default AR#Admin# database password. Joe: An alternative mechanism of integrating Mid Tier and AR System would be to use SSL client certificates. This is how the HP Service Manager web application is integrated with the SM server side application (ie ARS in this world). The down side of this approach is the complexity: SSL client certs is far more complicated to configure than simply entering a password. John _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org "Where the Answers Are, and have been for 20 years"
