Properties file: wp.auth.tai.properties
Table of contents
- Advanced Security Configuration using External Security Managers
- HTTP Basic Authentication Trust Association Interceptor (TAI) settings
Parent: Configuration properties reference
1. Advanced Security Configuration using External Security Managers
The following parameters are used for advanced security configuration using external security managers. Use the properties to specify namespace management parameters that are common to TAM and SiteMinder
- wp.auth.tai.facebook_app_secret_alias
- Description
- Do not change the value of this attribute unless specifically directed to do so by IBM Support.
- Default value
- facebook_app_secret
- Examples
- None available
2. HTTP Basic Authentication Trust Association Interceptor (TAI) settings
WebSphere Portal uses the following information to configure an HTTP Basic Authentication Trust Association Interceptor (TAI) to authenticate incoming requests using the HTTP Basic Authentication Protocol described in RFC 2617.
- wp.auth.tai.BasicAuthEnabled
- Description
- Defines whether the basic authentication TAI is active (authenticates requests) or not.
- Default value
- true
- Examples
- None available
- wp.auth.tai.BasicAuthRealm
- Description
- This is the name of an authentication realm as defined in RFC 2617. The TAI challenges the client to authenticate against this realm. The default value for this property is the same authentication realm name as the one used by portal HTTP form based login.
- Default value
- WPS
- Examples
- None available
- wp.auth.tai.BasicAuthUseRegExp
- Description
- This value determines whether or not the patterns specified for the black list and white list properties are to be interpreted as Java regular expressions. For more information see: http://java.sun.com/j2se/1.4.2/docs/api/java/util/regex/Pattern.html. If Java regular expressions are not used, then only astericks are supported as wild cards. The following applies to astericks:
- The asterisk ( * ) wildcard can appear anywhere in the pattern.
- We can use multiple asterisk ( * ) wildcards within the same pattern.
- To represent an asterisk as an actual character for matches in the pattern instead of using it as a wildcard, prefix it with a backslash like this: \* .
- To represent the backslash as a character for matching, code it using a double backslash: \\ .
- Default value
- false
- Examples
- Java regular expressions examples:
- * [^X]* will match every user agent that does not contain an uppercase X in its product name.
- * .*my_browser.* will match every user agent containing my_browser in its product name.
- * .*%5bX%5d is URL encoded for .*[X] and will match every URL that ends with X.
- Examples using astericks:
- * *my_browser* will match every user agent containing my_browser in its product name.
- * /myprefix*mysuffix will match every URL that starts with /myprefix and ends with mysuffix.
- * Fun\* Ag\\ent will only match a user agent hat has Fun* Ag\ent as product name.
- wp.auth.tai.BasicAuthLoginTarget
- Description
- This value is the alias of the JAAS login configuration used by the TAI.Default is the same JAAS login configuration as the one that is used by portal HTTP form based login. The value is the target to execute to populate the Subject with portal specific Principals when logging on using the TAI.
- Default value
- Portal_LTPA
- Examples
- None available
- wp.auth.tai.BasicAuthUserAgentBlackList
- Description
- This is the list of patterns for which you do not want the TAI to handle the requests. Separate the patterns using a whitespaces. Every product name in the HTTP header field User-Agent of incoming requests is compared with each of the patterns specified for this property. If the TAI is enabled and the URL matches at least one of the patterns specified for the userAgentBlackList property, the TAI will not handle the request. To use Java regular expressions, set the property wp.auth.tai.BasicAuthUseRegExp = true.
- Default value
- AllAgentsAllowed
- Examples
- None available
- wp.auth.tai.BasicAuthUserAgentWhiteList
- Description
- This is the list of patterns for which you want the TAI to handle the requests. Separate the patterns by whitespaces. Every product name in the HTTP header field User-Agent of the incoming request is compared with each of the patterns specified for this property.If the TAI is enabled and the pattern specified for this property has at least one match and neither of the userAgentBlackList or the urlBlackList have a match, then the TAI handles the request. To use Java regular expressions, set the property wp.auth.tai.BasicAuthUseRegExp = true We can specify the patterns with an asterisk ( * ) as a wild card character. We can also define the patterns as Java regular expressions.
- Default value
- NoAgentSpecified
- Examples
- None available
- wp.auth.tai.BasicAuthUrlBlackList
- Description
- This is the list of URI patterns this TAI will never handle. Separate the patterns by whitespaces. The full path information of the URL of the incoming request is compared with each of the patterns specified for this parameter. Before comparing the URL to the patterns, the protocol, server, port, and query information is removed from the URL. If the TAI is enabled and the URL matches at least one of the patterns specified for the urlBlackList property, the TAI will not handle the request. To use Java regular expressions, set the property wp.auth.tai.BasicAuthUseRegExp = true.
- Default value
- /${WpsContextRoot}/myportal*
- Examples
- None available
- wp.auth.tai.BasicAuthUrlWhiteList
- Description
- This is the list of patterns for which you want the TAI to handle the requests. Separate the patterns by whitespaces. The full path information of the URL of the incoming request is compared with each of the patterns specified for this parameter. Before comparing the URL to the patterns, the protocol, server, port, and query information is removed from the URL. If the TAI is enabled and the pattern specified for this property has at least one match and neither of the userAgentBlackList or the urlBlackList have a match, then the TAI handles the request. To use Java regular expressions, set the property wp.auth.tai.BasicAuthUseRegExp = true.
- Default value
- /${WpsContextRoot}/mycontenthandler*
- Examples
- None available