Previous Contents Index Next |
iPlanet Directory Server Access Management Edition Administration Guide |
Chapter 13 SafeWord Authentication Attributes
The SafeWord Authentication Attributes are organization attributes. The values applied to them under Service Management become the default values for the SafeWord Authentication template. A template is created for each organization when the organization registers for a service. The default values can be changed after registration by the organization's administrator. Organization attributes are not inherited by entries in the subtrees of the organization. The SafeWord Authentication attributes are:
SafeWord Server Specification
SafeWord Server Specification
This field specifies the SafeWord server name and port. Port 7482 is set as the default.
SafeWord System Name
This field specifies the system name configured in the SafeWord server. The default system name is STANDARD.
SafeWord Server Verification Files Path
This field specifies the directory into which the SafeWord client library places its verification files. The default is as follows:
If a different directory is specified in this field, the directory must exist before attempting SafeWord authentication.
- /var/opt/SUNWam/auth/safeword/serverVerification
SafeWord Logging Level
This attribute specifies the logging level for the SafeWord client. The default is 0.
SafeWord Log Path
This attribute specifies the directory path and log file name for SafeWord client logging. The default path is as follows:
If a different path or filename is specified, they must exist before attempting SafeWord authentication.
- /var/opt/SUNWam/auth/safeword/safe.log
SafeWord Module Authentication Level
The authentication level is set separately for each method of authentication. The value indicates how much to trust an authentication. Once a user has authenticated, this value is stored in the SSO token for the session. When the SSO token is presented to an application the user wants to access, the application uses the stored value to determine whether the level is sufficient to grant the user access. (The value in this attribute is not specifically used by DSAME but by any external application that may chose to use it.) If the authentication level stored in an SSO token does not meet the minimum value required, the application can prompt the user to authenticate again through a service with a higher authentication level. The default value is 0, the lowest authentication level.
Note If no authentication level is specified, the SSO token stores the value specified in the Core Authentication attribute Default Auth Level. See "Default Auth Level" for details.
Previous Contents Index Next
Copyright © 2002 Sun Microsystems, Inc. All rights reserved.
Last Updated May 09, 2002