IBM Security Verify Access for Web WebSEAL [eai] stanza

[eai] stanza

Configure the external authentication interface (EAI).

eai-auth Enable the EAI.
eai-auth-level-header Header containing the authentication strength level for the generated credential.
eai-create-multi-valued-attributes Specify whether multiple extended attribute headers of the same name are added to the credential as a multi-valued attribute or a single comma-delimited attribute.
eai-ext-user-id-header Header containing the ID of the external user to use when creating a credential.
eai-ext-user-groups-header Header containing the group or groups an external user is to be considered a member of when generating a credential.
eai-pac-header HTTP header containing the authentication data in Privilege Attribute Certificate (PAC) format.
eai-pac-svc-header Header containing the service ID, which WebSEAL uses to convert the Privilege Attribute Certificate (PAC) into a credential.
eai-redir-url-header Header containing the URL to which WebSEAL redirects the client after successful authentication.
eai-session-id-header Header containing the session identifier of the distributed session.
eai-user-id-header Header containing the user ID for which WebSEAL generates the credential. The specified header must precede all others in the HTTP response.
eai-verify-user-identity Control whether the user identity is verified during reauthentication. EAI applications can reauthenticate a user by returning new authentication information for a previously authenticated session. By default, WebSEAL does not ensure the new user identity matches the user identity from the previous authentication.
eai-xattrs-header HTTP headers in the response from the EAI server containing authentication data. WebSEAL uses these headers to add extended attributes to the credential.
retain-eai-session

Parent topic: Stanza reference

eai-auth	Enable the EAI.
eai-auth-level-header	Header containing the authentication strength level for the generated credential.
eai-create-multi-valued-attributes	Specify whether multiple extended attribute headers of the same name are added to the credential as a multi-valued attribute or a single comma-delimited attribute.
eai-ext-user-id-header	Header containing the ID of the external user to use when creating a credential.
eai-ext-user-groups-header	Header containing the group or groups an external user is to be considered a member of when generating a credential.
eai-pac-header	HTTP header containing the authentication data in Privilege Attribute Certificate (PAC) format.
eai-pac-svc-header	Header containing the service ID, which WebSEAL uses to convert the Privilege Attribute Certificate (PAC) into a credential.
eai-redir-url-header	Header containing the URL to which WebSEAL redirects the client after successful authentication.
eai-session-id-header	Header containing the session identifier of the distributed session.
eai-user-id-header	Header containing the user ID for which WebSEAL generates the credential. The specified header must precede all others in the HTTP response.
eai-verify-user-identity	Control whether the user identity is verified during reauthentication. EAI applications can reauthenticate a user by returning new authentication information for a previously authenticated session. By default, WebSEAL does not ensure the new user identity matches the user identity from the previous authentication.
eai-xattrs-header	HTTP headers in the response from the EAI server containing authentication data. WebSEAL uses these headers to add extended attributes to the credential.
retain-eai-session