InfoCenter Home >
6: Administer applications >
6.6: Tools and resources quick reference >
6.6.18: Securing applications >
6.6.18.1: Securing applications >
6.6.18.1.4a.2: Application Default settings
of the Configure Global Settings task

6.6.18.1.4a.2: Application Default settings
of the Configure Global Settings task

Realm Name
Specify the security realm to which the application should belong. See article 0.18.7 to learn more.

Challenge Type - None
Specifies that clients will not be challenged for authentication information.

  If the administrator has protected a resource within an application, selecting None will deny users access to that resource.

Challenge Type - Basic
Specifies that clients will be prompted for a user ID and password, usually acquired through a basic HTTP 401 challenge.

Challenge Type - Certificate
Specifies that clients must provide a digital certificate for authentication.

If the administrator additionally selects Default to Basic, clients without certificates will be permitted to use the basic authentication scheme.

Challenge Type - Custom
Specifies that clients will log in using servlet-generated Web pages you specify in the Login URL and Relogin URL fields.

Currently, the administrator needs to enter the same URL in each of the two fields. The URL is intended to reference a Web page containing an HTML-based login form, but the administrator can enter the URL of any Web page, whether or not it offers a login form.

For example, the field could contain the URL

http://host.name.com/login/deny.html
for a Web page created to deny access to users without allowing the users to attempt login.
Login URL
Specifies the fully-qualified path to the Web page to be presented for users to log on to. The administrator should complete this field if he or she specified the Custom challenge type. Currently, this field must match the Relogin URL.

The product does not validate this field or the Relogin URL.

If Single Sign-On (SSO) is enabled, the URL must be contained within the domain specified in the Single Sign-On configuration.

Relogin URL
Specifies the fully-qualified path to the Web page to be presented when the connection is released and a user must log on again. Complete this field if you specified the Custom challenge type. Currently, this field must match the Login URL.

Use SSL to connect client and Web server
Specifies that an SSL connection is required between the client and Web server. Requests that do not arrive over SSL will be refused.

This check box applies to the Basic, Certificate, and Custom challenge types.

Go to previous article: Authentication Mechanism settings Go to next article: General settings of the Configure Global Settings task

 

 
Go to previous article: Authentication Mechanism settings Go to next article: General settings of the Configure Global Settings task