1. Field of the Invention
The invention generally relates to an authentication technique, and more particularly, to a system and a method which carry out a unified authentication by a network storage appliance.
2. Description of Related Art
Nowadays, local area networks (LANs) are broadly deployed. By setting up a network storage appliance connected to computer devices inside an enterprise, the computer devices can access files or data stored in the network storage appliance through LAN connections. Moreover, the network storage appliance allows heterogeneous platforms or clients and servers within a system to share files. For the security of data access, a user has to log into a network storage appliance by using authorized ID and password. Because different data access techniques adopt different authentication protocols, a network storage appliance has to use different account databases to carry out ID/password authentication.
FIG. 1 is a diagram of an authentication system. The authentication system 100 includes an Internet Small Computer System Interface (iSCSI) initiator 112, a Common Internet File System (CIFS) client 114, a network storage appliance 120, and a directory server 130. When the iSCSI initiator 112 sends a connection request to the iSCSI target 122 through a data flow 1, the iSCSI target 122 sends an authentication comparison request to a local account database 126 of the network storage appliance 120 through a data flow 2. When the CIFS client 114 sends a connection request to the CIFS server 124 through a data flow 4, the CIFS server 124 has to send an authentication comparison request to a remote account database 132 of the directory server 130 through a data flow 5.
This creates an in-consistent usage paradigm for most of network storage appliance. When a user uses different data access protocols provided by the network storage appliance 120, the user may be authenticated by different account databases of the network storage appliance 120. When the user changes his/her password, the user does not know whether he/she changes data in the local account database 126 or data in the remote account database 132. When the account information of the user is out of synchronization between the local account database 126 and the remote account database 132, the user is prone to input incorrect ID/password so that the authentication may be failed and the user may be prohibited from accessing any data. In addition, it is very time-consuming and inconvenient for a network system administrator to maintain the account information in both the local account database 126 and the remote account database 132.