Field of the Invention
The present invention relates to an information processing apparatus, a method of controlling the same, and a storage medium.
Description of the Related Art
In recent years, among multi function peripherals, users are able to use functions equipped in the multi function peripherals via a variety of user interfaces (hereinafter referred to as UIs). For example, as UIs that a multi function peripheral provides, there are operation panels mounted on the multi function peripheral (hereinafter referred to as a local UI), Web pages that can be accessed from a Web browser on a PC connected to the multi function peripheral via a network (hereinafter referred to as a remote UI), or the like. Because functions of the multi function peripheral can be used from both of these UIs, by arranging a function for performing a user authentication (hereinafter referred to as an authentication service) for each UI, configuration is taken such that a user can authenticate without exception regardless of which UI is accessed.
Also, Japanese Patent Laid-Open No. 2005-267201 discloses a multi function peripheral that provides an arrangement in which it is possible to later add and switch authentication services, in order to handle a case where a new UI is added to the multi function peripheral, and even a new authentication system.
In a case where it is desired that different authentication methods can be employed for each authentication service corresponding to the respective UIs, individual authentication settings are arranged for each authentication service, and each authentication service can be realized by the user authenticating independently in accordance with these authentication settings. However, there is a problem in that unified security cannot be guaranteed across all of the authentication services. In a case where, in this way, unified security cannot be guaranteed, there is the possibility that a route will be generated by which a user, access by whom is not desired to be allowed, is able to access a function of the multi function peripheral, and it is envisioned that the multi function peripheral, through such a route, would be used by a user, allowance of access by whom is not desired.
As examples in which different authentication methods are performed for each authentication service, the followings are given. For example, logging in as a guest user that can use only a part of the functions of the multi function peripheral without authentication (hereinafter referred to as a guest login) is permitted only in a case where the user is authenticated by a local UI. Meanwhile, with a remote UI, only a user having an authority of an administrator of the multi function peripheral is allowed to use the multi function peripheral.
Meanwhile, as an example in which it is desired that unified security be guaranteed across all authentication services, a case can be considered in which it is not desired that a guest login be permitted for a local authentication or a remote authentication. Even in the case where a login service is added later, a case can be considered in which it is desired that the same authentication setting be applied across all authentication services. In order to satisfy both of these demands, it is necessary to realize an authentication system that is able to perform different authentication functions for each authentication service while providing a unified user authentication.