IBM Tivoli Federated Identity Manager, Version 6.2.1
Custom properties for the trust service
username.disable.password.validation
When set to true, this parameter causes the UsernameTokenSTSModule
to skip password validation.
The default is false.
Value type: boolean
Example value: true
username.jaas.provider.hostname
This parameter allows for specifying an alternate name for the
local host in the event that WebSphere® was
not configured with the value of localhost for the host name.
The
default is localhost.
Value type: String
Example value: localhost
username.jaas.provider.port
This parameter allows for specifying the port configured for the
local WebSphere NameServer
service.
The default is 2809.
Value type: Integer
Example value: 2809
pdjrte.context.min.pool.size
Specifies the minimum size of the Authorization context pool.
This parameter is used by the UsernameTokenSTSModule. This parameter
should be set only if recommended by a performance evaluation.
Value type: Integer
Example value: 5
pdjrte.context.max.pool.size
Specifies the maximum size of the Authorization context pool.
This parameter is used by the UsernameTokenSTSModule. This parameter
should be set only if recommended by a performance evaluation.
Value type: Integer
Example value: 50
ivcred.allow.groupUpdate
When set to true, will attempt to modify the credential by adding
groups.
Note: Do not under any circumstances use this parameter.
Value type: boolean
Example value: false
saml.use.rst.lifetime
Directs the SAML modules to use the lifetime of the RequestSecurityToken
element to derive the lifetime of the issued SAML assertion. When
false, does not use the RST lifetime.
Default value: false
Value type: boolean
Example value: false
passticket.disable.uppercase.principal
Directs the PassTicket Module not to transform the principal name
to all uppercase before attempting to generate a Passticket using
the native RACF® handler. When
false, always raises the principal to uppercase for the native RACF handler.
Default value:
false
Value type: boolean
Example value: false
sts.use.issuer.saml20.sso
The default is false, which directs the SAML 2.0 module to use
the Issuer value, instead of the NameID NameQualifier value to look
up an alias when performing a single sign-on operation.
Default
value: false
Value type: boolean
Example value: false
username.wss.namespace.override
If not specified, the default is the WSS 1.1 token profile namespace.
The key for this property can be used as a prefix to set the scope
of the property to a specific STS Chain (i.e. username.wss.namespace.override.uuid1234)