Default value is false. Specifies whether or not the IP address of the client is checked in all SSOToken creations or validations.
This is a READ-ONLY property. Do not modify the property value.
Default value is false. Enables client-side session polling. Please note that the session polling mode and the session notification mode are mutually exclusive. If the polling mode is enabled, the session notification is automatically turned off, and vice versa.
Default value is 180. Specifies number of seconds in a polling period.
Default value is true. Enables or disables USING httpSession.
Default value is 10. Specifies the number of minutes after which the invalid session will be removed from the session table if it is created and the user does not login. This value should always be greater than the timeout value in the Authentication module properties file.
Default value is 5000. Specify the maximum number of allowable concurrent sessions.
Login sends a Maximum Sessions error if the maximum concurrent sessions value exceeds this number.
Allows you to protect certain core or internal session properties from remote updates via the SetProperty method of the Session Service. By setting this “hidden” key security parameter, you can customize session attributes in order to participate in authorization as well as other Access Manager features. To use this parameter:
With a text editor, add the parameter to the AMConfig.properties file.
Set the parameter to the session properties that you want to protect. For example:
com.iplanet.am.session.protectedPropertiesList = PropertyName1,PropertyName2,PropertyName3
Restart the Access Manager Web container for the values to take effect.
Default value is 60. Specifies the number of minutes to delay the purge session operation.
After a session times out, this is an extended time period during which the session continues to reside in the session server. This property is used by the client application to check if the session has timed out through SSO APIs. At the end of this extended time period, the session is destroyed. The session is not sustained during the extended time period if the user logs out or if the session is explicitly destroyed by an Access Manager component. The session is in the INVALID state during this extended period.
Default value is true. Compares the Agent DN. If the value is false, the comparison is case-sensitive.
Default value is false. Enables or disables host lookup during session logging.