Oracle® Application Server Single Sign-On Administrator's Guide
10g Release 2 (10.1.2) B14078-02 |
|
Previous |
Next |
The policy.properties
file, provided here, is a multipurpose configuration file that contains basic parameters required by the single sign-on server. The file is also used to implement advanced features such as multilevel authentication.
# SSO Server policy configurations ############################################################ # Authentication Levels # --------------------- # Set the auth levels from lower value to higher value. # 10 being the lowest authentication level # The auth level names (on the right hand side) can be changed to # some other names if desired as long as the change is consistent # in other places of the file. NoSecurity = 10 LowSecurity = 20 LowMediumSecurity = 30 MediumSecurity = 40 MediumHighSecurity = 50 HighSecurity = 60 # DefaultAuthLevel # ---------------- # DefaultAuthLevel entry must have a value assigned. This is a mandatory # requirement if any of the partner app URLs are not listed with the # auth level mapping. # If partner app url does nor specify the auth level, then the DefaultAuthLevel # will be used. DefaultAuthLevel = MediumSecurity ######################################################################## # Protected URL configurations # ------------------------------ # Assign a auth level to each protected (partner) application that is # participating in SSO. If any of the partner apps are not listed with # a specific auth level, then the DefaultAuthLevel will be used. # # Protected application URL configuration format: # "Partner Application Root URL" = "AuthenticationLevel" # host.company.com\:port = AuthLevelName # NOTE: The required backslash(escape character) before the # colon (:) character immediately preceding. # There should be a corresponding auth plugin configured for the # "AuthenticationLevel" used. # # Examples: # The following example configures a SSO partner application hosted # on host1.company.com:7777 machine using LowSecurity authentication level. # This configuration will secure all URLs hosted on this host/port. # host1.company.com\:7777 = LowSecurity # # The following example configures a SSO partner application hosted # on host2.company.com:7777 machine using MediumSecurity authentication level # This configuration will secure all URLs hosted on this host/port. # host2.company.com\:7777 = MediumSecurity ##################################################################### # Authentication plugins # ---------------------- # Assign a class name that implements SSOServerAuthInterface for each auth # level defined # # Note: also see the WeakAuthLevel attribute which must be set to # the same auth level corresponding to the weak auth mechanism # # The Authentication level name must be appended with "_AuthPlugin" # keyword. LowSecurity_AuthPlugin = oracle.security.sso.server.auth.SSOServerWeakAuth MediumSecurity_AuthPlugin = oracle.security.sso.server.auth.SSOServerAuth ##################################################################### # Custom Cookie Provider Class name # --------------------------------- # Sample custom cookie tester provider class # CustomCookie_ProviderPlugin = oracle.security.sso.server.auth.CustomCookieTester # Custom Cookie auth level # ------------------------ # This is a mandatory attribute. If custom cookies are not needed it should # be set to a higher value than any of the authentication levels used. CustomCookieAuthLevel = HighSecurity ################################################################# #SSO Server specfic configurations # set the cache size in kbytes #default is 1000 #cacheSize = 1000 #set the minimum number of connections in the connection pool #default is 5 minConnectionsInPool = 5 #set the maximum number of connections in the connection pool #default is 150 maxConnectionsInPool = 150 #Debug level {ERROR, WARN, INFO, DEBUG} # default debug level is set to ERROR debugLevel = ERROR #Debug file location #This is a mandatory property that needs to be passed #the SSO server. A valid file location should be specified here debugFile = %ORACLE_HOME%/sso/log/ssoServer.log #Custom login page link loginPageUrl = /sso/jsp/login.jsp #Custom weak authentication login page link weakAuthLoginPageUrl = /sso/jsp/ssoWeakAuthLogin.jsp #Custom change password page link chgPasswordPageUrl = /sso/jsp/password.jsp #Wireless login page link wirelessLoginPageUrl = /wirelesssso/wirelesslogin.jsp wirelessChgPasswordPageUrl = /wirelesssso/wirelesscpwd.jsp