iiopServerPolicies - IIOP Server Policies (iiopServerPolicies)

Configuration for IIOP server policies

NameTypeDefaultDescription
idstringA unique configuration ID.

serverPolicy.csiv2

A unique configuration ID.

NameTypeDefaultDescription
idstringA unique configuration ID.

serverPolicy.csiv2 > layers

Specify the CSIv2 layers like transport, authentication, and attribute.

serverPolicy.csiv2 > layers > attributeLayer

Determine the attribute layer options that are claimed by the server for incoming CSIv2 requests.

NameTypeDefaultDescription
identityAssertionEnabledbooleanfalseIndicate by true or false whether identity assertion is enabled. Default is false.
trustedIdentitiesstringSpecify a pipe (

serverPolicy.csiv2 > layers > attributeLayer > identityAssertionTypes

Specify the supported identity token types for identity assertion.

serverPolicy.csiv2 > layers > authenticationLayer

Determine the authentication mechanisms and association options that are claimed by the server for incoming CSIv2 requests.

NameTypeDefaultDescription
establishTrustInClient
  • Required
  • Never
  • Supported
RequiredSpecify if this association option is Supported, Required, or Never used for this layer. It indicates authentication requirements at the authentication layer.
Required
The association option is required
Never
The association option must not be used
Supported
The association option is supported

serverPolicy.csiv2 > layers > authenticationLayer > mechanisms

Specifies authentication mechanisms as a comma separated list. For example: GSSUP, LTPA

serverPolicy.csiv2 > layers > transportLayer

Configure how to trust the client.

NameTypeDefaultDescription
sslEnabledbooleantrueIndicate by true or false whether SSL is enabled for CSIv2 requests. Default is true and is the recommended value. If this attribute is set to false, sensitive information such as passwords and tokens are sent over unsecured channels when using IIOP.
sslRefA reference to top level ssl element (string).Specify the SSL configuration needed to establish a secure connection.