####################################################### # # # CASA Authentication Token System configuration file # # for client. # # # ####################################################### # # ATSHostList setting. # # Description: Used to configure the addresses of the # ATSs that should be used for obtaining # authentication tokens. Use semicolons # and no spaces to separate the host # entries. To also configure the ports # utilized by a host specify the # port number after the hostname using # a colon to separate the fields. # # Note that the client will try all of the # ATSs on this list in the specified order # in addition to the host for which an # Authentication Token has been requested. # #ATSHostList hostname1:2645;ip_address:443;hosname2 # # DisableSecureConnections setting. # # Description: Used to disable the use of secure connections (SSL) between # the Client and ATSs. # # If this parameter is not set to true, the client # defaults to communicating securedly with ATSs. # # Security Note: Disabling secure connections allows # malicious users/processes to view confidential # information such as username/passwords and to tamper # with client-ATS communications without being detected. # You should not disable secure connections unless you are # trying to debug the authentication token infrastructure. # #DisableSecureConnections false # # AllowUntrustedCerts setting. # # Description: Used to specify that the client should ignore # invalid certificates presented by ATSs when # performing SSL communications. # # If this parameter is not set to true, the client defaults # to not ignoring invalid certificates presented by ATSs. # ATSs. # # Security Note: Ignoring invalid certificates downgrades the # security of your infrastructure by allowing a malicious # process to impersonate an ATS and obtain information that # is confidential such as username and passwords. # AllowUntrustedCerts true # # UsersCannotAllowInvalidCerts setting. # # Description: Used to specify that the client should not allow users to # decide that invalid certificates presented by ATSs should be # ignored. # # If this parameter is not set to true, the client defaults # to allow users to choose whether or not invalid certificates # presented by ATSs. # # If this parameter is set to true then users are not consulted # when an invalid server certificate is received and communications # between the client and the ATS fail. # # Note: This parameter has no effect if the setting AllowInvalidCerts # is set to true. # # THIS FUNCTIONALITY HAS NOT BEEN IMPLEMENTED # #UsersCannotAllowInvalidCerts true # # DebugLevel setting. # # Description: Used to specify the level of logging utilized for debugging # purposes. A level of zero being the lowest debugging level. # # If this parameter is not set, the client defaults # to use a debug level of zero. # # Note: Under Linux, debug output is placed in the /ver/log/messages # file. Under Windoes, debug output is dumped to the debugger console # unless a folder is specified using the DebugLogFolderPath setting. # Output sent to the debug console under windows can be viewed by using # tools such as DbgView. # #DebugLevel 0 # # DebugLogFolderPath setting. # # Description: Used to specify a path to a folder to be used for placing debug # log files under Windows. # # If this parameter is not set on windows, the client defaults # to dumping debug output to the debug console. # # Note: The folder specified must exist and all users that may # be writting to it should be given write privileges to it. # #DebugLogFolderPath c:\logfolder