test

Oracle Waveset Service Provider 8.1.1 Deployment

SPEUserPages Configuration Object

The following table lists the major attributes in the SPEUserPages configuration object. Edit this object to change when to send notification emails, how to handle password resets, or integrate the user pages with Access Manager or similar product.

Attribute 

Description 

enrollment 

Controls enrollment options. This attribute contains the following subattributes: 

  • validation.enabled— If true, the validation page is displayed and the user must verify his relationship with the provider. The default is true.

  • privacypolicy— If true, the user must accept the privacy policy before completing the registration. The default is true.

lookup-attributes 

A list of attributes that are used to retrieve a user’s ID or password. By default, the user’s homephone and email attributes are used, but any attribute defined as an Identity System User Attribute in the schema map for the resource may be used.

This attribute contains the following subattributes: 

  • name— The name of the attribute to use to look up the user.

  • title— The message key of the title to display for the lookup user form.

  • required— A boolean indicating whether the attribute is required in the lookup user form.

notification 

Indicates when an e-mail notification should be sent to the user. This attribute contains the following subattributes. The possible values for these subattributes are true and false.

The notification values are 

  • emailchange

  • lockout

  • passwordchange

  • questionchange

  • recovery

  • registration

  • useridchange

password 

Specifies how password resets should be handled. This attribute contains the password-reset subattribute, which must be set to one of the following values:.

  • self— The user can reset his or her password if all the challenge questions have been answered correctly

  • notification— The user is sent a temporary password to the notification address if all the challenge questions have been answered correctly.

sso-assume-authenticated 

If set to true, the AuthFilter will not redirect to a login page. However, for auditing purposes, the filter requires a user name to associate with each request. Normally, this username is stored on the HTTP session by the login pages. However, since the login pages are not used in an SSO environment, the username is pulled from an HTTP header attribute.

sso-user-name-http-header-attr 

Specifies the name of the HTTP header attribute to use. 

The following table lists the default values of the notification attribute and its corresponding email template. The email templates can be edited from the Waveset Administration Interface, but the preferred method of changing the subject and body of the email is to modify the messages in the IDMXMessages.properties file to the desired text.

Notification Value 

Email Template 

emailchange 

Service Provider End-User Change Notifications 

Service Provider End-User Change Notifications Old Address 

lockout 

Service Provider End-User Profile Locked 

passwordchange 

Service Provider End-User Change Password 

passwordreset 

Service Provider End-User Password Reset 

questionchange 

Service Provider End-User Authentication Answers Updated 

recovery 

Service Provider End-User Username Recovery 

registration 

Service Provider End-User Registration Template 

useridchange 

Service Provider End-User Change User Id 

Note –

For the emailchange option, notification is sent to both the new and old e-mail addresses.