OpenId Authentication (openId)

OpenId authentication.

Attribute name Data type Default value Description
authFilterRef A reference to top level authFilter element (string).   Specifies the authentication filter reference.
authenticationMode
  • checkid_immediate
  • checkid_setup
checkid_setup Specifies the OpenID provider authentication mode either checkid_immediate or checkid_setup. checkid_setup is the default authentication mode.
checkid_immediate
The checkid_immediate disables the browser interact with the user.
checkid_setup
The checkid_setup enables the openID provider to interact with the user, to request authentication or self-registration before returning a result to the openId relying party.
hashAlgorithm
  • SHA256
  • SHA1
SHA256 Specifies the hash algorithm that is used to sign and encrypt the OpenID provider response parameters.
SHA256
Secure hash algorithm SHA256
SHA1
Secure hash algorithm SHA1
hostNameVerificationEnabled boolean true Specifies whether enable host name verification or not.
httpsRequired boolean true Require SSL communication between the OpenID relying party and provider service.
mapIdentityToRegistryUser boolean false Specifies whether to map identity to registry user. The user registry is not used to create the user subject.
providerIdentifier string   Specifies a default OpenID provider URL where users get the Open IDs.
realmIdentifier string   Specifies the attribute for the OpenID provider name.
sslRef A reference to top level ssl element (string).   Specifies an ID of the SSL configuration is used to connect to the OpenID provider.
useClientIdentity boolean false Specifies whether to use the client OpenID identity to create a user subject. If set to true, only the OpenID client identity is used. If set to false and the first element of userInfoRef is found, we use it to create a user subject. Otherwise, we use the OpenID identity to create a user subject.
userInfoRef List of references to top level userInfo elements (comma-separated string). email Specifies a list of userInfo references separated by commas for the OpenID provider to include in the response.
authFilter
Description: Specifies the authentication filter reference.
Required: false
Data type:
authFilter > host
Description: A unique configuration ID.
Required: false
Data type:
Attribute name Data type Default value Description
id string   A unique configuration ID.
matchType
  • equals
  • contains
  • notContain
contains Specifies the match type.
equals
Equals
contains
Contains
notContain
Not contain
name string   Specifies the name.
authFilter > remoteAddress
Description: A unique configuration ID.
Required: false
Data type:
Attribute name Data type Default value Description
id string   A unique configuration ID.
ip string   Specifies the IP address.
matchType
  • lessThan
  • equals
  • greaterThan
  • contains
  • notContain
contains Specifies the match type.
lessThan
Less than
equals
Equals
greaterThan
Greater than
contains
Contains
notContain
Not contain
authFilter > requestUrl
Description: A unique configuration ID.
Required: false
Data type:
Attribute name Data type Default value Description
id string   A unique configuration ID.
matchType
  • equals
  • contains
  • notContain
contains Specifies the match type.
equals
Equals
contains
Contains
notContain
Not contain
urlPattern string   Specifies the URL pattern.
authFilter > userAgent
Description: A unique configuration ID.
Required: false
Data type:
Attribute name Data type Default value Description
agent string   Specifies the user agent
id string   A unique configuration ID.
matchType
  • equals
  • contains
  • notContain
contains Specifies the match type.
equals
Equals
contains
Contains
notContain
Not contain
authFilter > webApp
Description: A unique configuration ID.
Required: false
Data type:
Attribute name Data type Default value Description
id string   A unique configuration ID.
matchType
  • equals
  • contains
  • notContain
contains Specifies the match type.
equals
Equals
contains
Contains
notContain
Not contain
name string   Specifies the name.
userInfo
Description: Specifies a list of userInfo references separated by commas for the OpenID provider to include in the response.
Required: false
Data type:
Attribute name Data type Default value Description
alias string email Specifies an alias name.
count int

Minimum: 1

1 Specifies how much userInfo is included in the response of the openID provider.
id string   A unique configuration ID.
required boolean true Specifies whether user information is required or not.
uriType string http://axschema.org/contact/email Specifies a URI type.

Icon that indicates the type of topic Reference topic



Timestamp icon Last updated: Monday, 5 December 2016
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=cord&product=was-nd-mp&topic=rwlp_config_openId
File name: rwlp_config_openId.html