IBM Security Verify Access for Web WebSEAL eai-verify-user-identity stanza entry

eai-verify-user-identity

Control whether the user identity is verified during reauthentication. EAI applications can reauthenticate a user by returning new authentication information for a previously authenticated session. By default, WebSEAL does not ensure the new user identity matches the user identity from the previous authentication.

eai-verify-user-identity = {yes|no}

Description

During the EAI re-authentication process, this configuration entry determines whether the new user identity must match the user identity from the previous authentication.
Options

yes During EAI authentication, the new user identity is compared with the user identity from the previous authentication. If the user identities do not match, an error is returned.
no EAI authentication proceeds without verifying the new user identity.

Usage: Optional.
Default: no
Example: eai-verify-user-identity = yes
Parent topic: [eai] stanza

yes	During EAI authentication, the new user identity is compared with the user identity from the previous authentication. If the user identities do not match, an error is returned.
no	EAI authentication proceeds without verifying the new user identity.