local.sso.appid.verifyurl
|
Sets the verify URL values for peer SSO applications. appid is
the application ID of a peer SSO application whose SSO cookies are to be honored.
For example, the default appid for Delegated Administrator
is nda45.Its actual value is specified by the Delegated
Administrator resource.properties file entry NDAAuth-applicationID.
There should be one parameter defined for each trusted peer SSO application.
The standard form of the verify URL is:
http://nda-host:port/VerifySSO?
If you are using a load balancer in front of multiple Webmail Servers
and Message Store servers (running Messenger Express) or Calendar front ends,
be sure to assign a different appid for each physical system with the real
host names in the verifyurl. This will ensure that the correct system will be used to verify
the cookie
|
local.webmail.sso.
cookiedomain
|
|
The string value of this parameter is used to set the cookie domain
value of all SSO cookies set by the Messenger Express HTTP server. The default
value is null.
This domain must match the DNS domain used by the Messenger Express
browser to access the server. It is not the hosted domain name.
|
local.webmail.sso.enable
|
Enables or disables all single sign-on functionality, including accepting
and verifying SSO cookies presented by the client when the login page is fetched,
returning an SSO cookie to the client on successful login and responding to
requests from other SSO partners to verify its own cookies.
If set to any non-zero value, the server performs all SSO functions.
If set to zero, the server does not perform any of these SSO functions.
The default value is zero.
|
local.webmail.sso.id
|
The string value of this parameter is used as the application ID value
when formatting SSO cookies set by the Messenger Express HTTP server. The
default value is null.
This is an arbitrary string. Its value must match what you specify for
the Delegated Administrator in its resource.properties file.
The corresponding entry in resource.properties would be:
Verifycationurl-XXX-YYY=http://webmailhost:
webmailport/VerifySSO?
|
Where XXX is the local.webmail.sso.prefix value
set above, and YYY is the value of local.webmail.sso.id set here.
|
local.webmail.sso.prefix
|
The string value of this parameter is used as the prefix value when
formatting SSO cookies set by the Messenger Express HTTP server. Only SSO
cookies with this prefix will be recognized by the server; all other SSO cookies
will be ignored.
A null value for this parameter effectively disables all SSO functionality
on the server.
The default value is null.
This string must match what is used by the Delegated Administrator in
its resource.properties file without the trailing -. For
example, if:
NDAAuth-singleSignOnID=ssogrp1-
Then this value should be set here to ssogrp1.
|
local.webmail.sso.
singlesignoff
|
|
The integer value of this parameter, if set to any non-zero value, clears
all SSO cookies on the client with prefix values matching the value configured
in local.webmail.sso.prefix when the client logs out.
If set to zero, Messenger Express will clear its own SSO cookie when
the client logs out.
The default value is zero.
|