Hitachi ID Login Manager Components
The Hitachi ID Login Manager architecture is illustrated in Figure [link].
Login Manager: Internal Components / Architecture
In the diagram:
- All Login Manager software is local to a user's Windows PC,
and is (silently) installed using an MSI package.
- Other than at installation time, the Login Manager client software
does not interact with any server components. At most, it
loads a set of alternate login IDs, associated with the same
user, from the user's Active Directory object at login time.
- The core Login Manager software runs as a privileged service, with
hooks into the login system (GINA), the display system and
various event queues.
When a user logs in, Login Manager acquires that
user's Windows login ID and password. It then:
- Optionally, looks up the user's profile in the corporate
directory, assuming the PC is connected to the network
at the time, to find alternate login IDs that belong to the same
Looks for and, if it finds it, reads a
configuration file, that identifies which applications are
already known to have login IDs and passwords that are the same as Windows.
- Whenever a user launches a new application, Login Manager:
- Checks to see if it is already a "known application," and if
so auto-populates credentials into the appropriate dialog.
- If the application is not recognized, Login Manager watches to see
what the user types to log in and if it detects login IDs and passwords
that are identical to those from step (_label_gina-login), it
records the application's identifying characteristics (e.g.,
process ID, Window title, etc.) in the configuration file
mentioned in step (_label_sso-config-file).