The uwcauth.properties File

defaultdomain

Specifies the default domain to be used when the domain does not have the required properties. The properties are picked up from the default domain name. 

The default domain is assigned the value entered during configuration. 

defaultlocale

Defines the default locale of the application. 

virtualdomain.mode

Defines the mode in which calendar server is operating. If the calendar server is operating in hosted (also known as virtual) domain mode, set the parameter value to 'y' otherwise to 'n'. 

uwcauth.ssl.enabled

Defines if SSL is enabled. 

uwcauth.ssl.authonly

Defines if SSL is enabled for authentication only. 

ldapauth.ldaphost

Specifies the LDAP host value. 

Normally the ldapauth.ldaphost value is the same as the ldapusersession value. You can set it to a different value, if required.

ldapauth.ldapport

Specifies the LDAP port number. 

ldapauth.dcroot

Specifies the DC root for the authentication tree. 

ldapauth.domainattr

inetDomainBaseDNinetDomainStatusinetDomainSearchFilterdomainUidSeparatorpreferredLanguage

Specifies the list of attributes to be retrieved from the domain entry in which the user is authenticated. 

ldapauth.domainfilter

(|(objectclass=inetDomain)(objectclass=inetDomainAlias))

Specifies the filter based on which the domain entry is retrieved. 

ldapauth.ldapbinddn

<binddn\>

Specifies User DN of the user binding to the authentication LDAP. 

ldapauth.ldapbindcred

<binddncredintials\>

Specifies password of the user binding to the authentication LDAP. 

ldapauth.enablessl

false 

Specifies whether the directory against which authentication is to be performed is in SSL mode. 

Change the default value to “true” to setup a secure LDAP connection. 

ldapusersession.defaultugfilter

Specifies the default filter syntax to be used when retrieving the user entry. 

Parameters for the user lookup 

ldapauth.schema

Specifies the LDAP schema deployed during installation. 

ldapusersession.ugattr

uid,inetUserStatus,preferredLanguage,psRoot,pabURI,cn,mail,mailHost

Specifies the set of attributes to be returned from LDAP during entry lookup. 

ldapusersession.ldaphost

Specifies the Host name of the directory server used for users lookup. More than one host can be specified for fallback. 

The names of the servers are delimited by semicolon (;). 

!The name of fallback servers should be in the format: Host Name: PortNumber 

ldapusersession.ldapport

Specifies the port number of the user/group directory server. 

ldapusersession.ldapbinddn

Specifies the UserDN of the admin binding to the user group Directory Server.

ldapusersession.ldapbindcred

Specifies the password of the admin binding to the user tree.

ldapusersession.dcroot

Specifies the Domain Component (DC) tree in the user/group LDAP that is used to resolve a user entry in Sun Java System LDAP Schema v.1. 

ldapauth.basedn

Specifies the LDAP base domain name value. 

ldapusersession.domainfilter

(|(objectclass=inetDomain)(objectclass=inetDomainAlias))

Defines the filter used to identify a domain entry. 

ldapusersession.ldappoolmin

Specifies the minimum number of LDAP client connections maintained. 

ldapusersession.ldappoolmax

Specifies the maximum number of LDAP client connections maintained. 

ldapusersession.ldappooltimeout

Specifies the number of seconds before timing out an LDAP connection. 

Increase this value to accommodate large search results. 

ldapusersession.enablessl

Specifies whether the directory against which authentication is to be performed is in SSL mode. 

Change the default value to “true” to setup a secure LDAP connection. 

Common Auth Configuration

uwcauth.sessioncookie

JSESSIONID

Specifies the name of the cookie used by the servlet container to monitor sessions. 

This value should not be changed. 

uwcauth.appprefix

Specifies the prefix for the host application used to find cookies generated by other trusted applications for single sign-on. 

If the deployment uses Messaging SSO, this attribute should be assigned the value of local.webmail.sso.prefix set during messaging server configuration.

uwcauth.appid

uwc

Specifies the cookie name containing the unique application ID for the host application. 

messagingsso.appid

ims

Communications Express uses this cookie to determine whether to issue the logout request to Messenger Express. 

The value of messagingsso.appid should be same as the value of local.webmail.sso.id set during messaging configuration.

uwcauth.cookiedomain

Specifies the domain or path saved as part of the single sign-on cookie. 

MessagingSSOAuth Filter Configuration 

uwcauth.messagingsso.enable

Enables or disables messaging single sign-on functionality. 

Set this parameter to “true” to enable single sign-on and “false” to disable single sign-on. 

Make sure that uwcauth.messagingsso.enable is set to “false” when setting up Communications Express for Access Manager Single Sign-On.

uwcauth.messagingsso.cookiepath

/ 

Specifies the URI for which the single sign-on cookie is saved. 

messagingsso.ims.url

http://servername:MessagingServerPort/VerifySSO?

Specifies the URL used to verify the SSO cookie. 

The value of xxx should be replaced by the application ID of the server. 

The value of xxx mentioned here should be identical to the value assigned in Messenger Express to local.webmail.sso.id.

messagingsso.uwc.url

http://servername:85/uwc/VerifySSO?When Communications Express is not deployed under “/”, such as /uwc, the value of the parameter may look like: 

http://servername:85/uwc/VerifySSO? 

Specifies the verify URL of Communications Express. 

If you have edited the value of uwcauth.appid for this server, replace uwc in messagingsso.uwc.url with the new uwcauth.appid.

Identity SSO 

uwcauth.identity.enabled

Specifies whether Access Manager is enabled. 

Set the attribute to “true” to enable Access Manager. Set the attribute to “false” to disable Access Manager. Initially the value is set in the configurator. 

uwcauth.identity.login.url

http://nicp160.india.sun.com:99/amserver/UI/Login

Specifies the Login Page URL of the Indentity Server 

uwcauth.identity.binddn

Specifies the complete DN of the amadmin.

For example, 

uid=amAdmin, ou=People, o=siroe.example.com, o=example.com

Note: The uwcauth.identity.binddn and uwcauth.identity.bindcred values should correspond to the values entered when installing Access Manager.

For example, uwcauth.identity.binddn=uid=amAdmin, ou=People, o=siroe.example.com, o=example.com and uwcauth.identity.bindcred=password.

uwcauth.identity.bindcred

Specifies the password of the amAdmin.

uwcauth.identity.cookiename

iPlanetDirectoryPro

Specifies the Access Manager session cookie name. 

Ensure that in the uwcauth.properties file, the value of uwcauth.identity.cookiename is set to the value of local.webmail.sso.amcookiename.

uwcauth.http.port

80 

Specifies the port number that Communications Express listens to when Communications Express is configured on a non SSL port. 

uwcauth.https.port

443 

Specifies the HTTPS port number that Communications Express listens to when Communications Express is configured on Web Server. 

uwcauth.identitysso.cookiepath

/

Specifies the Identity SSO Cookie Path 

identitysso.singlesignoff

Enables or disables identity single sign-on functionality. 

If this attribute is set to true, all applications participating in this IS session are signed out when the users logs out. 

If this attribute is set to false, only Communications Express session is disabled and the user will be taken to the URL configured in identitysso.portalurl.

identitysso.portalurl

Specifies the verify URL of Communications Express. 

If Access Manager is enabled and single sign-off is set to false, Communications Express displays the identitysso.portalurl.

pab_mig_required

true

Specifies whether the address book directories should to be migrated. 

Set the attribute to ”true’ if PAB migration is required otherwise set the parameter to 'false'. 

[fully qualified virtual hostname of uwc].isvirtualhostname

When Communications Express is configured with Access Manager SDK in a remote set up, you need to specify the fully qualified virtual hostname of the desired virtual host to the virtual hostname of the Access Manager server.