Table D-5, list the parameters of the uwcauth.properties file.
Table D–5 Parameters of uwcauth.properties
Parameters |
Default Value |
Description |
---|---|---|
defaultdomain |
Specifies the default domain to be used when the domain does not have the required properties. The properties are picked up from the default domain name. The default domain is assigned the value entered during configuration. |
|
defaultlocale |
Defines the default locale of the application. |
|
virtualdomain.mode |
Defines the mode in which calendar server is operating. If the calendar server is operating in hosted (also known as virtual) domain mode, set the parameter value to \qy\q otherwise to \qn\q. |
|
uwcauth.ssl.enabled |
Defines if SSL is enabled. |
|
uwcauth.ssl.authonly |
Defines if SSL is enabled for authentication only. |
|
ldapauth.ldaphost |
Specifies the LDAP host value. Normally the ldapauth.ldaphost value is the same as the ldapusersession value. You can set it to a different value, if required. |
|
ldapauth.ldapport |
Specifies the ldap port number. |
|
ldapauth.dcroot |
Specifies the DC root for the authentication tree. |
|
ldapauth.domainattr |
inetDomainBaseDNinetDomainStatusinetDomainSearchFilterdomainUidSeparatorpreferredLanguage |
Specifies the list of attributes to be retrieved from the domain entry in which the user is authenticated. |
ldapauth.domainfilter |
(|(objectclass=inetDomain)(objectclass=inetDomainAlias)) |
Specifies the filter based on which the domain entry is retrieved. |
ldapauth.ldapbinddn |
<binddn\> |
Specifies User DN of the user binding to the authentication LDAP. |
ldapauth.ldapbindcred |
<binddncredintials\> |
Specifies password of the user binding to the authentication LDAP. |
ldapauth.enablessl |
false |
Specifies whether the directory against which authentication is to be performed is in SSL mode. Change the default value to “true” to setup a secure LDAP connection. |
ldapusersession.defaultugfilter |
Specifies the default filter syntax to be used when retrieving the user entry. |
|
Parameters for the user lookup | ||
ldapusersession.ugattr |
uid,inetUserStatus,preferredLanguage,psRoot,pabURI,cn,mail,mailHost |
Specifies the set of attributes to be returned from LDAP during entry lookup. |
ldapusersession.ldaphost |
Specifies the Host name of the directory server used for users lookup. More than one host can be specified for fallback. The names of the servers are delimited by semi-colon (;). !The name of fallback servers should be in the format: Host Name: Port# |
|
ldapusersession.ldapport |
Specifies the port number of the user/group directory server. |
|
ldapusersession.ldapbinddn |
Specifies the UserDN of the admin binding to the user group Directory Server. |
|
ldapusersession.ldapbindcred |
Specifies the password of the admin binding to the user tree. |
|
ldapusersession.dcroot |
Specifies the Domain Component (DC) tree in the user/group LDAP that is used to resolve a user entry in Sun Java System LDAP Schema v.1. |
|
ldapusersession.domainfilter |
(|(objectclass=inetDomain)(objectclass=inetDomainAlias)) |
Defines the filter used to identify a domain entry. |
ldapusersession.ldappoolmin |
Specifies the minimum number of LDAP client connections maintained. |
|
ldapusersession.ldappoolmax |
Specifies the maximum number of LDAP client connections maintained. |
|
ldapusersession.ldappooltimeout |
Specifies the number of seconds before timing out an LDAP connection. Increase this value to accommodate large search results. |
|
ldapusersession.enablessl |
Specifies whether the directory against which authentication is to be performed is in SSL mode. Change the default value to “true” to setup a secure LDAP connection. |
|
Common Auth Configuration | ||
uwcauth.sessioncookie |
JSESSIONID |
Specifies the name of the cookie used by the servlet container to monitor sessions. This value should not be changed. |
uwcauth.appprefix |
Specifies the prefix for the host application used to find cookies generated by other trusted applications for single sign-on. If the deployment uses Messaging SSO, this attribute should be assigned the value of local.webmail.sso.prefix set during messaging server configuration. |
|
uwcauth.appid |
uwc |
Specifies the cookie name containing the unique application ID for the host application. |
messagingsso.appid |
ims |
Communications Express uses this cookie to determine whether to issue the logout request to Messenger Express. The value of messagingsso.appid should be same as the value of local.webmail.sso.id set during messaging configuration. |
uwcauth.cookiedomain |
Specifies the domain or path saved as part of the single sign-on cookie. |
|
MessagingSSOAuth Filter Configuration | ||
uwcauth.messagingsso.enable |
Enables or disables messaging single sign-on functionality. Set this parameter to “true” to enable single sign-on and “false” to disable single sign-on. Make sure that uwcauth.messagingsso.enable is set to “false” when setting up Communications Express for Access Manager Single Sign-On. |
|
uwcauth.messagingsso.cookiepath |
/ |
Specifies the URI for which the single sign-on cookie is saved. |
messagingsso.xxx.url |
http://servername/VerifySSO? |
Specifies the URL used to verify the SSO cookie. The value of xxx should be replaced by the application ID of the server. The value of xxx mentioned here should be identical to the value assigned in Messenger Express to local.webmail.sso.id. |
messagingsso.uwc.url |
http://servername:85/iuwc/VerifySSO?When Communications Express is not deployed under “/”, such as /uwc, the value of the parameter may look like: http://servername:85/uwc/VerifySSO? |
Specifies the verify URL of Communications Express. If you have edited the value of uwcauth.appid for this server, replace uwc in messagingsso.uwc.url with the new uwcauth.appid. |
Identity SSO | ||
uwcauth.identity.enabled |
Specifies whether Access Manager is enabled. Set the attribute to “true” to enable Access Manager. Set the attribute to “false” to disable Access Manager. Initially the value is set in the configurator. |
|
uwcauth.identity.login.url |
http://nicp160.india.sun.com:99/amserver/UI/Login |
Specifies the Login Page URL of the Indentity Server |
uwcauth.identity.binddn |
Specifies the complete DN of the amadmin. For example, uid=amAdmin, ou=People, o=siroe.example.com, o=example.com Note: The uwcauth.identity.binddn and uwcauth.identity.bindcred values should correspond to the values entered when installing Access Manager. For example, uwcauth.identity.binddn=uid=amAdmin, ou=People, o=siroe.example.com, o=example.com and uwcauth.identity.bindcred=password. |
|
uwcauth.identity.bindcred |
Specifies the password of the amadmin. |
|
uwcauth.identity.cookiename |
iPlanetDirectoryPro |
Specifies the Access Manager session cookie name. Ensure that in the uwcauth.properties file, the value of uwcauth.identity.cookiename is set to the value of local.webmail.sso.amcookiename. |
uwcauth.http.port |
80 |
Specifies the port number that Communications Express listens to when Communications Express is configured on a non SSL port. |
uwcauth.https.port |
443 |
Specifies the HTTPS port number that Communications Express listens to when Communications Express is configured on Web Server. |
uwcauth.identitysso.cookiepath |
/ |
Specifies the Identity SSO Cookie Path |
identitysso.singlesignoff |
Enables or disables identity single sign-on functionality. If this attribute is set to true, all applications participating in this IS session are signed out when the users logs out. If this attribute is set to false, only Communication Express session is disabled and the user will be taken to the URL configured in identitysso.portalurl. |
|
identitysso.portalurl |
Specifies the verify URL of Communications Express. If Access Manager is enabled and single sign-off is set to false, Communication Express displays the identitysso.portalurl. |
|
pab_mig_required |
true |
Specifies whether the address book directories should to be migrated. Set the attribute to ”true’ if pab migration is required otherwise set the parameter to 'false'. |