The Authentication Web Service attributes are global; the value of this attribute is carried across the OpenSSO Enterprise configuration and inherited by every realm. The attributes for the Authentication Web Service are defined in the amAuthnSvc.xml service file. The Mechanism Handlers List attribute stores information about the SASL mechanisms that are supported by the Authentication Web Service and contains two parameters.
The required key defines the SASL mechanism supported by the Authentication Web Service.
The required class specifies the name of the implemented class for the SASL mechanism. Two authentication mechanisms are supported by the following default implementations:
Table 9–3 Default Implementations for Authentication Mechanism
Class |
Description |
---|---|
com.sun.identity.liberty.ws.authnsvc.mechanism.PlainMechanismHandler |
This class is the default implementation for the PLAIN authentication mechanism. It maps user identifiers and passwords in the PLAIN mechanism to the user identifiers and passwords in the LDAP authentication module under the root organization. |
com.sun.identity.liberty.ws.authnsvc.mechanism.CramMD5MechanismHandler |
This class is the default implementation for the CRAM-MD5 authentication mechanism. |
The Authentication Web Service layer provides an interface that must be implemented for each SASL mechanism to process the requested message and return a response.