This procedure assumes you are logged into the OpenSSO Enterprise console as the administrator.
Click the Configuration tab.
Click Core under the Authentication tab.
Modify the Global attributes by adding or changing the values.
These properties contain operating values that are applied to the Authentication Service throughout the OpenSSO Enterprise deployment.
Specifies the Java classes of the available authentication modules. Takes a text string specifying the full class name (including package) of each authentication module. After writing a custom authentication module (by implementing the OpenSSO Enterprise AMLoginModule or the Java Authentication and Authorization Service [JAAS] LoginModule service provider interfaces), the new class value must be added to this property.
Specifies a list of authentication modules supported for a specific client. Formatted as:
clientType | module1,module2,module3 |
This attribute is read by the Client Detection Service when it is enabled.
Specifies the minimum and maximum connection pool to be used on a specific LDAP server and port. Formatted as:
host:port:min:max |
This attribute is for LDAP and Membership authentication services only.
Sets the default minimum and maximum connection pool to be used with all LDAP authentication module configurations. Formatted as:
min:max |
This value is superseded by a value defined for a specific host and port in the LDAP Connection Pool Size property.
Requires that OpenSSO Enterprise validate the identity of the calling application; thus all remote authentication requests require the calling application's SSOToken. This allows the Authentication Service to obtain the username and password associated with the application.
Requires that the user session hold the instances of any post processing authentication classes used during the log in process after authentication is complete. When user log out is later invoked, the onLogout() method of these instances is called. If this attribute is not enabled, the post processing instances are not preserved and new instances are created when logout is invoked.
Requires that the user session hold the instances of authentication modules used during the log in process after authentication is complete. When user log out is later invoked, the destroyModuleState() method of these instances is called. If this attribute is not enabled, the authentication module instances are not preserved and no method on the authentication modules is called upon log out.
Modify the top level Realm attributes by adding or changing the values.
These realm properties (as defined globally under the Configuration tab) are specific to the top level realm. Top level realm properties can also be modified by navigating to the top level realm itself. See To Modify Core Authentication Properties By Realm for instructions and definitions of the attributes.
Click Save.
Click Back to Service Configuration.
Logout of the OpenSSO Enterprise console.