#######################################################
#                                                     #
# CASA Authentication Token System configuration file #
# for client.                                         #
#                                                     #
#######################################################

#
# ATS-hostname setting.
#
# Description: Used to configure the address of the
#              ATS that should be used for obtaining
#              authentication tokens.
#
#              If this parameter is not set, the client
#              assummes that the ATS resides in the same
#              host as the authentication token consuming
#              services.
#
#ATS-hostname	hostname or IP address

#
# ATS-port setting.
#
# Description: Used to configure the port utilized by the
#              ATS to listen for connections.
#
#              If this parameter is not set ....
#
#ATS-port		2645

#
# DisableSecureConnections setting.
#
# Description: Used to disable the use of secure connections (SSL) between
#              the Client and ATSs.
#
#              If this parameter is not set to true, the client
#              defaults to communicating securedly with ATSs.
#
#              Security Note: Disabling secure connections allows
#              malicious users/processes to view confidential
#              information such as username/passwords and to tamper
#              with client-ATS communications without being detected.
#              You should not disable secure connections unless you are
#              trying to debug the authentication token infrastructure.
#
#DisableSecureConnections	false

#
# AllowInvalidCerts setting.
#
# Description: Used to specify that the client should ignore
#              invalid certificates presented by ATSs when
#              performing SSL communications.
#
#              If this parameter is not set to true, the client defaults
#              to not ignoring invalid certificates presented by ATSs.
#              ATSs.
#
#              Security Note: Ignoring invalid certificates downgrades the
#              security of your infrastructure by allowing a malicious
#              process to impersonate an ATS and obtain information that
#              is confidential such as username and passwords.
#
AllowInvalidCerts	true

#
# UsersCannotAllowInvalidCerts setting.
#
# Description: Used to specify that the client should not allow users to
#              decide that invalid certificates presented by ATSs should be
#              ignored.
#
#              If this parameter is not set to true, the client defaults
#              to allow users to choose whether or not invalid certificates
#              presented by ATSs.
#
#              If this parameter is set to true then users are not consulted
#              when an invalid server certificate is received and communications
#              between the client and the ATS fail.
#
#              Note: This parameter has no effect if the setting AllowInvalidCerts
#              is set to true.
#
#UsersCannotAllowInvalidCerts	true