Programming GuidesProgramming Guide for PerlPolicy Management APIAuthentication Scheme ConfigurationConfiguration Tables › Impersonation Template

Previous Topic: HTML Form Template

Next Topic: RADIUS CHAP/PAP Template
Impersonation Template

Use this table when configuring an authentication scheme based on the scheme type MS Passport.

Information Type

Value Assignment and Meaning

Scheme type

Type(templateObject)
CreateAuthScheme() param: schemeTemplate

The scheme type MS Passport.

Description

Description(schemeDesc)
CreateAuthScheme() param: schemeDesc

The description of the authentication scheme.

Protection level

ProtectionLevel(nLevel)
CreateAuthScheme() param: protLevel

A value of 1 through 1000. The higher the number, the greater degree of protection provided by the scheme. Default is 1.

Library

CustomLib("smauthmspp")
CreateAuthScheme() param: schemeLib

The default library for this scheme type.

Parameter

CustomParam(param)
CreateAuthScheme() param: schemeParam

The following information, separated by semicolons:

  • A DN for an anonymous user. Format: anonuser=anonUserDN. If you specify an anonymous user DN, the protection level is 0.
  • The search string for looking up a user in a user directory of the specified type. Format: attribute=nameSpace:attrib=searchSpec Valid namespaces are LDAP, AD, ODBC, WinNT, and Custom.
  • The registration URL. The URL can be a custom URL or a SiteMinder form. Formats: registrationurl=URL (custom URL)
    registrationurl=FORM=URL (SiteMinder form)

Example using an LDAP attribute and a custom URL:

attribute=LDAP:altSecurityIdentities=
Kerberos:%s@company.local;registrationurl
=http://passport.xanadu.local/registration/passportreg.asp

Shared secret

CustomSecret("")

CreateAuthScheme() param: secret

Set to an empty string. Not applicable to this scheme.

Is template?

IsTemplate(templateFlag)
CreateAuthScheme() param: isTemplate

Set to 0 to indicate that the scheme is not a template. Any other value is ignored.

Is used by administrator?

IsUsedByAdmin(0)
CreateAuthScheme() param: isUsedByAdmin

Set to 0—scheme is not used to authenticate administrators.

Save credentials?

SaveCredentials(0)
CreateAuthScheme() param: saveCreds

Set to 0 to indicate that user credentials will not be saved.

Is RADIUS?

IsRadius(0)
CreateAuthScheme() param: isRadius

Set to 0—scheme is not used with RADIUS agents.

Ignore password check?

IgnorePwd(1)
CreateAuthScheme() param: ignorePwd

Set to 1—ignore password checking.

Copyright © 2010 CA. All rights reserved. Email CA about this topic