c99e319a3a
Also made a fix to allow credential store scoping all the way into the authentication mechanisms.
87 lines
3.0 KiB
Plaintext
87 lines
3.0 KiB
Plaintext
#######################################################
|
|
# #
|
|
# CASA Authentication Token System configuration file #
|
|
# for client. #
|
|
# #
|
|
#######################################################
|
|
|
|
#
|
|
# ATS-hostname setting.
|
|
#
|
|
# Description: Used to configure the address of the
|
|
# ATS that should be used for obtaining
|
|
# authentication tokens.
|
|
#
|
|
# If this parameter is not set, the client
|
|
# assummes that the ATS resides in the same
|
|
# host as the authentication token consuming
|
|
# services.
|
|
#
|
|
#ATS-hostname hostname or IP address
|
|
|
|
#
|
|
# ATS-port setting.
|
|
#
|
|
# Description: Used to configure the port utilized by the
|
|
# ATS to listen for connections.
|
|
#
|
|
# If this parameter is not set ....
|
|
#
|
|
#ATS-port 2645
|
|
|
|
#
|
|
# DisableSecureConnections setting.
|
|
#
|
|
# Description: Used to disable the use of secure connections (SSL) between
|
|
# the Client and ATSs.
|
|
#
|
|
# If this parameter is not set to true, the client
|
|
# defaults to communicating securedly with ATSs.
|
|
#
|
|
# Security Note: Disabling secure connections allows
|
|
# malicious users/processes to view confidential
|
|
# information such as username/passwords and to tamper
|
|
# with client-ATS communications without being detected.
|
|
# You should not disable secure connections unless you are
|
|
# trying to debug the authentication token infrastructure.
|
|
#
|
|
#DisableSecureConnections false
|
|
|
|
#
|
|
# AllowInvalidCerts setting.
|
|
#
|
|
# Description: Used to specify that the client should ignore
|
|
# invalid certificates presented by ATSs when
|
|
# performing SSL communications.
|
|
#
|
|
# If this parameter is not set to true, the client defaults
|
|
# to not ignoring invalid certificates presented by ATSs.
|
|
# ATSs.
|
|
#
|
|
# Security Note: Ignoring invalid certificates downgrades the
|
|
# security of your infrastructure by allowing a malicious
|
|
# process to impersonate an ATS and obtain information that
|
|
# is confidential such as username and passwords.
|
|
#
|
|
AllowInvalidCerts true
|
|
|
|
#
|
|
# UsersCannotAllowInvalidCerts setting.
|
|
#
|
|
# Description: Used to specify that the client should not allow users to
|
|
# decide that invalid certificates presented by ATSs should be
|
|
# ignored.
|
|
#
|
|
# If this parameter is not set to true, the client defaults
|
|
# to allow users to choose whether or not invalid certificates
|
|
# presented by ATSs.
|
|
#
|
|
# If this parameter is set to true then users are not consulted
|
|
# when an invalid server certificate is received and communications
|
|
# between the client and the ATS fail.
|
|
#
|
|
# Note: This parameter has no effect if the setting AllowInvalidCerts
|
|
# is set to true.
|
|
#
|
|
#UsersCannotAllowInvalidCerts true
|