LDAP X509 Identity Asserter: Common
Configuration Options Related Tasks Related Topics
Use this page to define the common configuration for this LDAP X509 Identity Assertion provider.
Configuration Options
Name Description Name The name of this LDAP X509 Identity Assertion provider.
MBean Attribute:
LDAPX509IdentityAsserterMBean.DisplayName
Changes take effect after you redeploy the module or restart the server.
Description A short description of this LDAP X509 Identity Assertion provider.
MBean Attribute:
LDAPX509IdentityAsserterMBean.Description
Changes take effect after you redeploy the module or restart the server.
Version The version number of this LDAP X509 Identity Assertion provider.
MBean Attribute:
LDAPX509IdentityAsserterMBean.Version
Changes take effect after you redeploy the module or restart the server.
Control Flag Specifies how this LDAP X509 Identity Assertion provider fits into the login sequence.
The Control Flag determines how the login sequence uses the Authentication provider.
- A
REQUIRED
value specifies this LoginModule must succeed. Even if it fails, authentication proceeds down the list of LoginModules for the configured Authentication providers.- A
REQUISITE
value specifies this LoginModule must succeed. If other Authentication providers are configured and this LoginModule succeeds, authentication proceeds down the list of LoginModules. Otherwise, control is return to the application.- A
SUFFICIENT
value specifies this LoginModule need not succeed. If it does succeed, return control to the application. If it fails and other Authentication providers are configured, authentication proceeds down the LoginModule list.- An
OPTIONAL
value specifies this LoginModule need not succeed. Whether it succeeds or fails, authentication proceeds down the LoginModule list. This setting is the default.MBean Attribute:
LDAPX509IdentityAsserterMBean.ControlFlag
Changes take effect after you redeploy the module or restart the server.
Active Types The token type this LDAP X509 Identity Assertion provider uses for authentication. Ensure no other identity assertion provider configured in the same security realm has this attribute set to X509.
MBean Attribute:
LDAPX509IdentityAsserterMBean.ActiveTypes
Changes take effect after you redeploy the module or restart the server.
Base64 Decoding Required Determines whether the request header value or cookie value must be Base64 Decoded before sending it to the Identity Assertion provider. The setting is enabled by default for purposes of backward compatibility, however, most Identity Assertion providers will disable this attribute.
MBean Attribute:
IdentityAsserterMBean.Base64DecodingRequired
Changes take effect after you redeploy the module or restart the server.