InfoCenter Home >
6: Administer applications >
6.6: Tools and resources quick reference >
6.6.18: Securing applications >
6.6.18.1: Securing applications with the Java administrative console >
6.6.18.1.4a.2: Application Default settings of the Configure Global Settings task
- Realm Name
- Specify the security realm to which the application should belong. See
article 0.18.7 to learn more.
- Challenge Type - None
- Specifies that clients will not be challenged for authentication information.
If the administrator has
protected a resource within an application,
selecting None will deny users access to that resource.
- Challenge Type - Basic
- Specifies that clients will be prompted for a user ID and password, usually
acquired through a basic HTTP 401 challenge.
- Challenge Type - Certificate
- Specifies that clients must provide a digital certificate for authentication.
If the administrator additionally selects Default to Basic, clients without certificates
will be permitted to use the basic authentication scheme.
- Challenge Type - Custom
- Specifies that clients will log in using servlet-generated Web pages you
specify in the Login URL and Relogin URL fields.
Currently, the administrator needs to enter the same URL in each of the two fields. The
URL is intended to reference a Web page containing an HTML-based login form,
but the administrator can enter the URL of any Web page, whether or
not it offers a login form.
For example, the field could contain the URL
http://host.name.com/login/deny.html
for a Web page created to deny access to users without allowing
the users to attempt login.
- Login URL
- Specifies the fully-qualified path to the Web page to be presented for
users to log on to. The administrator should complete this field if he or she
specified the Custom challenge
type. Currently, this field must match the Relogin URL.
The product does not validate this field or the Relogin URL.
If Single Sign-On (SSO) is enabled, the URL must be contained within the
domain specified in the Single Sign-On configuration.
- Relogin URL
- Specifies the fully-qualified path to the Web page to be presented when
the connection is released and a user must log on again. Complete this field
if you specified the Custom challenge type. Currently, this field must match the Login URL.
- Use SSL to connect client and Web server
- Specifies that an SSL connection is required between the client
and Web server. Requests that do not arrive over SSL will be refused.
This check box applies to the Basic, Certificate, and Custom
challenge types.
|
|