Skip to end of metadata
Comment: Migrated to Confluence 4.0
Go to start of metadata

The rules governing authentication are determined by an authentication policy. These rules include parameters such as:

  • Which repository to use for authentication.
  • The type of security token that is to be returned.
  • How long will the security token live.
  • etc.

The following section explains how to define a security policy. To create a new authentication policy using the admin console, please follow the steps below:

  • Select the Policy menu option from the top level menu bar.
  • Select Authentication Policy from the drop down as shown below and then click on the Search button.
  • You will then see a list of existing authentication policies.
  • Select New Policy

Upon selecting New Policy, you will see the screen shown below. After entering some required information such as Name and Status you will need to define the relevant sections of the authentication policy.

Field Name

Description

FAILED_AUTH_COUNT

Number of failed Authentication attempts before the account is locked.

AUTO_UNLOCK_TIME

UnLock account after n minutes
To enable to the Auto Unlock feature, you must also enable the schedule task to auto lock. The steps to do this are defined below.

TOKEN_TYPE

Format to be used for the security token. Valid values include: OPENIAM_TOKEN, SAML1_TOKEN, SAML2_TOKEN (Default)

TOKEN_LIFE

Amount of time that the security token is valid

LOGIN_MODULE_SEL_POLICY

url of the script that will be used to determine which login module should be used.

SUCCESS_URL

URL to which the system should forward the request to upon success. Usually left blank in the Identity Manager.

FAIL_URL

URL to which the system should forward the request to upon authentication failure. Usually left blank in the Identity Manager.

DEFAULT_LOGIN_MOD

Default Login Module

LOGIN_MOD_TYPE

Indicates which type of login module is being used. The valid options are:

  • 1 - LOGIN_MODULE
  • 2 - CONNECTOR SUPPORTING AUTHENTICATE OPERATION

TOKEN_ISSUER

Name of the issuer. Used in the creation of a SAML assertion.

Auto Unlock Scheduled Task

To enable the auto unlock feature in the Identity manager, you must carry out the following steps:

  1. Define the unlock time as described above
  2. Enable the scheduled task. This is done by:
    1.  selecting Batch Processes from the Administration menu option in the webconsole.
    2. Select the Auto Unlock task as shown below.
    3. View the Auto Unlock task
    4. Set the task to "enabled" and then click on Save

 

Labels:
None
Edit Labels