From the UPA RDM guide, when sending a REQUEST for the LOGIN domain, we can supply a password alongside username. This is doable using a UPA consumer.
However, if consumers doesn't connect to a UPA provider point-to-point, but connect through ADS instead, from the UPA Provider's viewpoint, there will be only one Login Request sent when ADS is establishing a channel. I have not found a way for ADS to also supply a password in its LOGIN Request message, which means at the Provider we cannot do a proper authentication.
Please suggest if there is actually a way.
TREP uses DACS to control access to data and DACS uses user names for permissioning. Therefore, ADS POP uses *userName configuration when connecting to the provider.
Moreover, there is no configuration regarding password mentioned in the ADS POP configuration file.