Agent GuidesSAML Affiliate Agent GuideProperties File for Unattended Installations › Passwords and Shared Secrets

Previous Topic: URL Information

Next Topic: Parameter Descriptions for Agent Configuration

Passwords and Shared Secrets

When you initially install the SAML Affiliate Agent, you specify a shared secret and a consumer (affiliate) password. The installer encrypts these passwords and enters them in the nete-af-installer.properties file.

You can use the encrypted shared secret and consumer password in subsequent installations.

If you want to specify a new shared secret or consumer password, you can enter new values in the nete-af-installer.properties file before you run an unattended installation; however, you must specify the new shared secret or consumer password in clear text.

The following table lists the password parameters you can modify.

Password Parameters

Description and Sample Value

DEFAULT_SHARED_SECRET

Allows you to specify a new shared secret, which the SAML Affiliate Agent uses to encrypt consumer cookies. Enter the shared secret in clear text.

Note: By default, the DEFAULT_SHARED_SECRET is commented out and the unattended installer uses the encrypted secret in the ENCRYPTED_SHARED_SECRET parameter to encrypt consumer cookies.

To specify a new shared secret:

1. Uncomment the DEFAULT_SHARED_SECRET parameter, and specify the new secret. For example:

DEFAULT_SHARED_SECRET =newsecret

2. Comment out the ENCRYPTED_SHARED_SECRET parameter. For example:

# ENCRYPTED_SHARED_SECRET = ENC:DVFrPCj3RcsRg1nxNpEODA==

The shared secret is case-sensitive.

ENCRYPTED_SHARED_SECRET

The encrypted secret that the SAML Affiliate Agent uses to encrypt consumer cookies.

You entered this shared secret during the initial SAML Affiliate Agent installation and cannot change it.

Important: Changing the encrypted secret will cause communication between the SAML Affiliate Agent and the Policy Server to fail.

To specify a new shared secret, uncomment the DEFAULT_SHARED_SECRET parameter and specify a new secret in clear text.

DEFAULT_AF_PW

Allows you to change the password that the SAML Affiliate Agent uses to communicate with the Policy Server at the producer site. The consumer password that you specify must be in clear text.

Note: By default, the DEFAULT_AF_PW is commented out and the unattended installer uses the encrypted password in the ENCRYPTED_AF_PW parameter to communicate with the Policy Server.

To specify a new password:

1. Uncomment the DEFAULT_AF_PW parameter, and specify the new password. For example:

DEFAULT_AF_PW=newpassword

2. Comment out the ENCRYPTED_AF_PWparameter. For example:

# ENCRYPTED_AF_PW = ENC:DVFrPCj3RcsRg1nxNpEODA==

The consumer password is case-sensitive.

ENCRYPTED_AF_PW

Shows the encrypted password that the SAML Affiliate Agent uses to communicate with the Policy Server at the producer site. You entered this password during the initial SAML Affiliate Agent installation.

Important: Changing the encrypted consumer password will cause communication between the SAML Affiliate Agent and the Policy Server to fail.

To change the shared secret, uncomment the DEFAULT_AF_PW parameter and specify a new consumer password in clear text.