Scripting and Programming Guides › Developer's Guide for Java › Policy Management API › Authentication Scheme Configuration › Configuration Information

Configuration Information

When you configure an authentication scheme, you provide the following kinds of configuration information. This information is managed through get... and set... methods in the SmScheme class.

Note: The categories of information below can be used for different purposes in different authentication schemes. For example, with the TeleID authentication scheme, the shared secret is used to supply the encryption seed.

• Scheme type

  SiteMinder provides a number of standard authentication scheme types (also called templates). Each authentication scheme type is configured differently.

  The following scheme types are available. The are listed below as they appear in the Authentication Scheme Type field of the Policy Server Authentication Scheme Properties dialog box:

  • Anonymous Template
  • Basic Over SSL Template
  • Basic Template
  • CRYPTOCard RB-1 Template
  • Custom Template
  • HTML Form Template
  • Impersonation Template
  • MS Passport Template
  • RADIUS CHAP/PAP Template
  • RADIUS Server Template
  • SafeWord HTML Form Template
  • SafeWord Template
  • SecurID HTML Form Template (ACE server)
  • SecurID Template (ACE server)
  • smauthetsso Authentication Scheme (uses Custom Template)
  • TeleID Template (Encotone)
  • Windows Authentication Template
  • X.509 Client Cert and Basic Template
  • X.509 Client Cert and Form Template
  • X.509 Client Cert or Basic Template
  • X.509 Client Cert or Form Template
  • X.509 Client Cert Template
• Description

  Brief description of the authentication scheme.

• Protection level

  Protection level values can range from 1 through 1000. The higher the number, the greater the degree of protection provided by the scheme.

• Library

  An authentication scheme library performs authentication processing for the associated authentication scheme type. Each pre-defined authentication scheme is shipped with a default library, which you typically will use. But optionally, you can use a custom library instead of the default.

• Parameter

  Additional information that the authentication scheme requires, such as the URL of an HTML login page.

  With some authentication schemes, the parameter information is constructed from field values in the Scheme Type Setup tab of the Authentication Scheme Properties dialog box. To see how a parameter string might be constructed for a given scheme type, open this dialog box, choose the appropriate scheme type, provide values to the fields in the Scheme Type Setup tab, and view the constructed parameter in the Advanced tab.

• Shared Secret

  Information that is known to both the authentication scheme and the Policy Server. Different authentication schemes use different kinds of secrets. Most schemes use no secret.

• Is template?

  A flag that specifies whether the authentication scheme is a template.

• Is used by administrator?

  A flag that specifies whether the authentication scheme can be used to authenticate administrators.

• Save Credentials?

  A flag that specifies whether the user’s credentials will be saved.

• Is RADIUS?

  A flag that specifies whether the scheme can be used with RADIUS agents.

• Ignore password check?

  A flag that specifies whether password policies for the scheme are enabled. If True (1), password policies will be disabled.