+

Search Tips   |   Advanced Search

Reference: Properties for the HTTP Basic Authentication Trust Association Interceptor

The default value for each parameter is given in parentheses.

    enabled = ( true )

    Whether the TAI is active or not. Possible values are true and false. The default is false. If true, the TAI authenticates requests. If false, the TAI does not authenticate requests.

    loginTarget = ( Portal_LTPA )

    Alias of the JAAS login configuration used by the TAI. The default value is Portal_LTPA. By this default, the TAI uses the same JAAS login configuration as the one used by portal HTTP form based login.

    authenticationRealm = ( WPS )

    Name of an authentication realm as defined in RFC 2617. The TAI challenges the client to authenticate against this realm. The default is WPS. By this default, the TAI uses the same authentication realm name as the one used by portal HTTP form based login.

    userAgentBlackList = ( AllAgentsAllowed )

    List of patterns for which we do not want the TAI to handle the requests. Separate the patterns by whitespaces.

    Every product name in the HTTP header field User-Agent of incoming requests is compared with each of the patterns specified for this parameter. If the TAI is enabled and the URL matches at least one of the patterns specified for the userAgentBlackList property, the TAI will not handle the request.

    The default value is an asterisk ( * ); this default means that all patterns match, and consequently the TAI handles no requests at all.

    We can specify the patterns with an asterisk ( * ) as a wild card character. We can also define the patterns as Java regular expressions. In this case set the property useRegExp to true.

    urlBlackList = ( /wps/myportal* )

    List of patterns for which we do not want the TAI to handle the requests. Separate the patterns by whitespaces.

    The full path information of the URL of the incoming request is compared with each of the patterns specified for this parameter. Before comparing the URL to the patterns, the protocol, server, port, and query information is removed from the URL. If the TAI is enabled and the URL matches at least one of the patterns specified for the urlBlackList property, the TAI will not handle the request.

    The default value is an asterisk ( * ); this default means that all patterns match, and consequently the TAI handles no requests at all.

    Use the following syntax rules for specifying the patterns:

    • Use URI encoded patterns. For example, to use the blank character as part of a pattern, we can encode it as %20 . It is then interpreted as part of the pattern and not as a pattern separator. Make sure that we use only characters that are valid within a URI, and encode all other characters.

    • Use an asterisk ( * ) as a wild card character.

    • We can define the patterns as Java regular expressions. In this case set the property useRegExp to true.

    userAgentWhiteList = ( your_pattern_here )

    List of patterns for which we want the TAI to handle the requests. Separate the patterns by whitespaces. Every product name in the HTTP header field User-Agent of the incoming request is compared with each of the patterns specified for this parameter.

    If the TAI is enabled and the pattern specified for this property has at least one match and neither of the userAgentBlackList or the urlBlackList have a match, then the TAI handles the request.

    The default is <your_pattern_here> ; this is not an actual value, but only a placeholder.

    We can specify the patterns with an asterisk ( * ) as a wild card character. We can also define the patterns as Java regular expressions. In this case set the property useRegExp to true.

    urlWhiteList = ( /wps/mycontenthander* )

    List of patterns for which we want the TAI to handle the requests. Separate the patterns by whitespaces. The full path information of the URL of the incoming request is compared with each of the patterns specified for this parameter. Before comparing the URL to the patterns, the protocol, server, port, and query information is removed from the URL.

    If the TAI is enabled and the pattern specified for this property has at least one match and neither of the userAgentBlackList or the urlBlackList have a match, then the TAI handles the request.

    The default is <your_pattern_here> ; this is not an actual value, but only a placeholder.

    Use the following syntax rules for specifying the patterns:

    • Use URI encoded patterns. For example, to use the blank character as part of a pattern, we can encode it as %20 . It is then interpreted as part of the pattern and not as a pattern separator. Make sure that we use only characters that are valid within a URI, and encode all other characters.

    • Use an asterisk ( * ) as a wild card character.

    • We can define the patterns as Java regular expressions. In this case set the property useRegExp to true.

Values specified for the userAgentWhiteList or urlWhiteList properties come into effect only if all of the following conditions apply:

  • The TAI is enabled by specifying enabled = true.

  • Neither of the properties userAgentBlackList or urlBlackList has the default value asterisk specified. To enable the values specified for the white list properties, we can remove the asterisk from the black list properties and leave them without a specified value.

    useRegExp = ( false )

    Whether or not the patterns specified for the black list and white list the previous properties are to be interpreted as Java regular expressions. Possible values are true or false. The default value is false. The values have the following meanings and syntax rules:

      true

      All the patterns in the black and white lists are interpreted as Java regular expressions (RegExp).

      Examples:

      • [^X]* will match every user agent that does not contain an uppercase X in its product name.

      • .*my_browser.* will match every user agent containing my_browser in its product name.

      • .*%5bX%5d is URL encoded for .*[X] and will match every URL that ends with X.

      false

      Default. If the value for this property is set to false, all patterns support only the asterisk ( * ) as a wildcard character that matches against any string. The asterisk ( * ) wildcard can appear anywhere in the pattern. Use multiple asterisk ( * ) wildcards within the same pattern.

      To represent an asterisk as an actual character for matches in the pattern instead of using it as a wildcard, prefix it with a backslash like this: \* . To represent the backslash as a character for matching, code it using a double backslash: \\ .

      Examples:

      • *my_browser* will match every user agent containing my_browser in its product name.

      • /myprefix*mysuffix will match every URL that starts with /myprefix and ends with mysuffix.

      • Fun\* Ag\\ent will only match a user agent hat has Fun* Ag\ent as product name.


Parent Enable HTTP Basic Authentication for simple clients