|Previous Contents Index Next|
|Sun ONE Identity Server Administration Guide|
Chapter 24 Authentication Configuration Attributes
The Authentication Configuration Attributes are dynamic and organization attributes. These attributes can be defined for an organization, service, or role.
If the role is assigned to a user or a user is assigned to the organization, these attributes, by default, are inherited by the user. The Authentication Configuration Attributes are:
Clicking on the Edit link will display the Authentication Configuration interface. It allows you to configure the authentication modules for role-based or organization-based authentication.
The following table lists the authentication module configuration options:
REQUIRED - The authentication module is required to succeed. If it succeeds or fails, authentication continues to proceed down the authentication module list.
REQUISITE - The authentication module is required to succeed. If it succeeds, authentication continues down the authentication module list. If it fails, control returns to the application (authentication does not proceed down the authentication module list.)
SUFFICIENT - The authentication module is not required to succeed. If it does succeed, control immediately returns to the application (authentication does not proceed down the authentication module list.). If it fails, authentication continues down the list.
Login Success URL
This attribute specifies the URL that the user will be redirected to upon successful authentication.
Login Failure URL
This attribute specifies the URL that the user will be redirected to upon unsuccessful authentication.
Authentication Post Processing Class
This attribute defines the name of the Java class used to customize the post authentication process after a login success or failure.
Conflict Resolution Level
This attribute applies to roles only. Conflict Resolution level sets a priority level for the Authentication Configuration attributes for roles that may contain the same user. For example, if User1 is assigned to both Role1 and Role2, you can define a higher priority level for Role1 so when the user attempts authentication Role1 will have the highest priority for success or failure redirects and for post authentication processes.
Previous Contents Index Next
Copyright 2002 Sun Microsystems, Inc. All rights reserved.
Last Updated December 04, 2002