IBM Tivoli Federated Identity Manager, Version 6.2.1

Custom properties for the trust service

username.disable.password.validation
When set to true, this parameter causes the UsernameTokenSTSModule to skip password validation.

The default is false.

  • Value type: boolean
  • Example value: true
username.jaas.provider.hostname
This parameter allows for specifying an alternate name for the local host in the event that WebSphere® was not configured with the value of localhost for the host name.

The default is localhost.

  • Value type: String
  • Example value: localhost
username.jaas.provider.port
This parameter allows for specifying the port configured for the local WebSphere NameServer service.

The default is 2809.

  • Value type: Integer
  • Example value: 2809
pdjrte.context.min.pool.size
Specifies the minimum size of the Authorization context pool. This parameter is used by the UsernameTokenSTSModule. This parameter should be set only if recommended by a performance evaluation.
  • Value type: Integer
  • Example value: 5
pdjrte.context.max.pool.size
Specifies the maximum size of the Authorization context pool. This parameter is used by the UsernameTokenSTSModule. This parameter should be set only if recommended by a performance evaluation.
  • Value type: Integer
  • Example value: 50
ivcred.allow.groupUpdate
When set to true, will attempt to modify the credential by adding groups.
Note: Do not under any circumstances use this parameter.
  • Value type: boolean
  • Example value: false
saml.use.rst.lifetime
Directs the SAML modules to use the lifetime of the RequestSecurityToken element to derive the lifetime of the issued SAML assertion. When false, does not use the RST lifetime.

Default value: false

  • Value type: boolean
  • Example value: false
passticket.disable.uppercase.principal
Directs the PassTicket Module not to transform the principal name to all uppercase before attempting to generate a Passticket using the native RACF® handler. When false, always raises the principal to uppercase for the native RACF handler.

Default value: false

  • Value type: boolean
  • Example value: false
sts.use.issuer.saml20.sso
The default is false, which directs the SAML 2.0 module to use the Issuer value, instead of the NameID NameQualifier value to look up an alias when performing a single sign-on operation.

Default value: false

  • Value type: boolean
  • Example value: false
username.wss.namespace.override
If not specified, the default is the WSS 1.1 token profile namespace. The key for this property can be used as a prefix to set the scope of the property to a specific STS Chain (i.e. username.wss.namespace.override.uuid1234)
  • Value type: string
  • Example value: <a_URI_namespace>
Parent topic: Custom properties reference

Feedback