eai-data
Specify which client certificate data elements are passed to the external authentication interface (EAI) application by WebSEAL.
eai-data = data:header_name
Description
The client certificate data elements that will be passed to the EAI application. Multiple pieces of client certificate data can be passed to the EAI application by including multiple eai-data configuration entries.
Options
header_name Used to indicate the name of the HTTP header which will contain the data. data Used to indicate the data that will be included in the header. It should be one of the following:
- Base64Certificate
- SerialNumber
- SubjectCN
- SubjectLocality
- SubjectState
- SubjectCountry
- SubjectOrganization
- SubjectOrganizationalUnit
- SubjectDN
- SubjectPostalCode
- SubjectEmail
- SubjectUniqueID
- IssuerCN
- IssuerLocality
- IssuerState
- IssuerCountry
- IssuerOrganization
- IssuerOrganizationUnit
- IssuerDN
- IssuerPostalCode
- IssuerEmail
- IssuerUniqueID
- Version
- SignatureAlgorithm
- ValidFrom
- ValidFromEx
- ValidTo
- ValidToEx
- PublicKeyAlgorithm
- PublicKey
- PublicKeySize
- FingerprintAlgorithm
- Fingerprint
Usage: This stanza entry is required for EAI based client certificate authentication.
Default: no
Example: eai-data = SubjectCN:eai-cn eai-data = SubjectDN:eai-dn
Parent topic: [certificate] stanza