I
identity-assertion-trust
Specifies identity assertion trust domain configuration information according to RFC 3325. P-asserted identity headers received from hosts and domains configured under this element can be trusted. A P-asserted identity header specifies the identity of a user who was authenticated at another node in the network.
If no identity-assertion-trust is defined, this represents presumed trust, that is, any identity assertion that is received is trusted based on a presumption that the network topology would prevent non-trusted assertions from reaching the server.
Superelements
Subelements
The following table describes subelements for the identity-assertion-trust element.
Table 1–85 identity-assertion-trust Subelements|
Element |
Required |
Description |
|---|---|---|
|
zero or more if no trust-handler is defined |
Specifies intermediate hosts and domains according to RFC 3325. |
|
|
zero or one if no trusted-entity is defined |
Specifies a custom trust handler according to RFC 3325. |
Attributes
The following table describes attributes for the identity-assertion-trust element.
Table 1–86 identity-assertion-trust Attributes|
Attribute |
Default |
Description |
|---|---|---|
|
none |
Specifies a unique identifier for the identity-assertion-trust element. |
|
|
false |
If true, specifies that this is the default identity-assertion-trust. There can be only one default identity-assertion-trust. |
iiop-listener
Defines an IIOP listen socket. To enable SSL for this listener, include an ssl subelement.
Superelements
Subelements
The following table describes subelements for the iiop-listener element.
Table 1–87 iiop-listener Subelements|
Element |
Required |
Description |
|---|---|---|
|
zero or one |
Defines SSL parameters. |
|
|
zero or more |
Specifies a property or a variable. |
Attributes
The following table describes attributes for the iiop-listener element.
Table 1–88 iiop-listener Attributes|
Attribute |
Default |
Description |
|---|---|---|
|
none |
The listener name. An iiop-listener name cannot begin with a number. |
|
|
none |
IP address of the listener. Can be in dotted-pair or IPv6 notation, or just a name. |
|
|
1072 |
(optional) Port number for the listener. Legal values are 1 - 65535. On UNIX, creating sockets that listen on ports 1 - 1024 requires superuser privileges. |
|
|
false |
(optional) Determines whether the listener runs SSL. To turn SSL2 or SSL3 on or off and set ciphers, use an ssl element. |
|
|
enabled |
true |
(optional) Determines whether the listener is active. |
iiop-service
Defines the IIOP service.
Superelements
Subelements
The following table describes subelements for the iiop-service element.
Table 1–89 iiop-service Subelements|
Element |
Required |
Description |
|---|---|---|
|
only one |
Configures the ORB. |
|
|
zero or one |
Defines SSL parameters for the ORB. |
|
|
zero or more |
Defines an IIOP listen socket. |
Attributes
The following table describes attributes for the iiop-service element.
Table 1–90 iiop-service Attributes|
Attribute |
Default |
Description |
|---|---|---|
|
false |
(optional) If true, the server rejects unauthenticated requests and inserts an authentication-required bit in IORs sent to clients. |
ip-address
Identifies the trusted host on the network using an IP address.
Superelements
Subelements
none - contains data
- © 2010, Oracle Corporation and/or its affiliates