Tivoli Federated Identity Manager, Version 6.2    

Custom properties for single sign-on protocol service

requireSoapActionForSoap
This parameter controls the single sign-on protocol service behavior when it receives a request through the browser POST method and it needs to determine if it is a SOAPRequest or a BrowserRequest. Use of this parameter enables the service to handle non-compliant SOAP clients that do not send the required SOAPAction header on SOAP requests.

Default value: true

  • Value type: boolean
  • Example value: true
requireContentTypeForSoap
This parameter controls whether or not a SOAPRequest must contain a content-type of either text/xml or application/soap+xml. This parameter enables the single sign-on protocol service to handle non-compliant SOAP clients.
Note: When this parameter, and requestSoapActionForSoap are both false, all posts will be interpreted as SOAPRequests.

Default value: true

  • Value type: boolean
  • Example value: True
POC.allowsCredRefresh
When set to true, this parameter causes the LocalLogoutAction to be skipped on the service provider during single sign-on and federation. Instead, the credentials are refreshed. Set this parameter to true for the Web Plug-ins. Otherwise, set it to false.

Default value: true

  • Value type: boolean
  • Example value: True
SPS.PageFactory.HtmlEscapedTokens
A comma separated list of tokens that should be HTML-escaped if encountered.
  • Value type: string
  • Example value: @TOKEN_A@,@TARGET@
SPS.POC.Default.Header.Names.Enabled
When specified, this property enables the use of default header names for the point of contact header values. If false, the only headers taht will be read or written will have to be part of the sps.xml configuration file.
  • Value type: boolean
  • Example value: false
POC.WebSeal.SignOutInfoDelegate.UserSessionIdHeaderName
This value overrides the default tagvalue_user_session_id.
  • Value type: String
  • Example value: tagvalue_user_session_id
SPS.WebSealPoc.ContextPoolSize
Specifies the number of PDContext objects available in the pool. This value reflects the number of clients that need to be authorized when using single sign-on. You might need to increase the value based on the logout load of the system. When a large number of logouts occur at the same time, the Tivoli® Federated Identity Manager runtime might run out of PDContext objects and logouts might start to fail. Because each PDContext object uses system resources, such as memory and file descriptors, care should be taken to select a value. The value must be greater than 0.

Default value: 5

  • Value type: integer
  • Example value: 5
SPS.WebSealPoc.DisablePDSignout
When set to true, this parameter disables the signout functionality of the single sign-on protocol service WebSEAL Point of Contact client. When the signout operation is invoked, it logs that no signout occurs and returns successfully. When this parameter is enabled, the single sign-on protocol service does not require the Tivoli Access Manager Java™ runtime (PDJRTE) to be configured.

Default value: false

  • Value type: boolean
  • Example value: true
SPS.WebSealPoc.Force.PdAdmin.Task
When set to true, this value forces the WebSeal Point of Contact callback to always use pdadmin server tasks to logout the user.
  • Value type: boolean
  • Example value: false
SPS.WebSealPoc.ContextPoolInitAttempts
This value represents the amount times that the PDContext objects initialization will be tried. The default is 1 and the value needs to be greater then 0.
  • Value type: integer
  • Example value: 1
SPS.WebSealPoc.ContextPoolInitTimeout
This value represents the maximun amount of time to be used during PDContext objects initialization. After the time has expired, the initialization will stop. The default is 10000 and the value needs to be greater then 0. The amount is on miliseconds.
  • Value type: integer
  • Example value: 10000

Topic type Reference topic    


Feedback