RSA token authentication settings
Use this panel to configure RSA token authentication.
To view this administrative console page, click Security > Global security. Under Administrative security click Administrative authentication.
RSA token (recommended for flexible systems administration)
RSA token is an authentication mechanism using certificates for signing and encryption portions of the security information being propagated.
Information | Value |
---|---|
Default: | Enabled |
Data encryption keystore
This is the keystore that contains the personal certificate used to encrypt and sign RSA tokens.
Information | Value |
---|---|
Data type: | text |
Personal certificate for encryption
This is the alias found in the Data encryption keystore that is used to encrypt and sign RSA tokens.
Information | Value |
---|---|
Data type: | text |
Trusted signers keystore
This is the keystore used to contain signer certificates that can validate RSA tokens sent by other servers. The RSA token contains a sending certificate that needs to be validated by this trust store using a CertPath validation.
Information | Value |
---|---|
Data type: | text |
Nonce cache timeout
Specifies the amount of time, in minutes, that the issued token is valid.
This field displays the maximum timeout, in minutes, for a token to be considered valid.
Information | Value |
---|---|
Data type: | Integer |
Default: | 20 |
Minimum: | 10 |
Maximum: | Integer.MAX_VALUE |
Token timeout
Specifies the amount of time, in minutes, that the issued token is valid.
This field displays the maximum timeout, in minutes, for a token to be considered valid.
Information | Value |
---|---|
Data type: | Integer |
Default: | 10 |
Minimum: | 10 |
Maximum: | Integer.MAX_VALUE |
Only use the active application authentication mechanism (currently LTPA)
Select to encrypt authentication information so that the application server can send the data from one server to another in a secure manner.
The encryption of authentication information that is exchanged between servers involves the Lightweight Third-Party Authentication (LTPA) mechanism.
Kerberos
Select to encrypt authentication information so that the application server can send the data from one server to another in a secure manner.