Use this page to configure Session Initiation Protocol (SIP) digest authentication settings; these settings allow the SIP container to authenticate secured applications.
To view this administrative console page, click
.Specifies the authentication integrity (auth-int) quality of protection (QOP) for digest authentication. Digest authentication defines two types of QOP: auth and auth-int. By default, basic authentication (auth) is used. If the value is set to True, the auth-int QOP is used, which is the highest level of protection.
Information | Value |
---|---|
Data type | Boolean |
Default | True |
Specifies the SIP container supports basic authentication. If the value is set to True, requests that have the Authorization header with basic schema are authenticated by the application server. Otherwise, digest authentication is required.
Information | Value |
---|---|
Data type | Boolean |
Default | False |
Specifies whether to enable multiple uses of the same nonce. If you use the same nonce more than once, then less system resources are required, however, your system is not as secure.
Information | Value |
---|---|
Data type | Boolean |
Default | False |
Specifies whether to enable the nonce maximum age. If you do not disable this parameter, the nonce never expires.
Information | Value |
---|---|
Data type | Boolean |
Default | True |
Specifies the amount of time, in milliseconds, for which a nonce is valid. If the value is set to 1, the amount of time is considered to be infinite.
Information | Value |
---|---|
Data type | Integer |
Default | 1 |
Specifies the amount of time that must expire, in minutes, before the LDAP cache is cleaned.
Information | Value |
---|---|
Data type | Integer |
Default | 120 |
Specifies the LDAP attribute name that stores the user password .
Information | Value |
---|---|
Data type | String |
Default | Empty string |
Specifies the amount of time that must expire, in minutes, before the security subject cache is cleaned.
Information | Value |
---|---|
Data type | Integer |
Default | 15 |
Specifies the Java class name that implements the PasswordServer interface.
Information | Value |
---|---|
Data type | String |
Default | Empty string |
Specifies the name of the LDAP field that contains the hashed credentials. If a value is specified for this setting, then this setting overrides the pws_atr_name setting.
LDAP servers automatically provide password support. Unless you enable the LDAP server to use hashed values, the LDAP server stores user passwords and then the request processing component uses these passwords to validate a request. Because this method of authentication exposes user passwords to potential internet theft, you should enable the use of hashed credentials to authenticate a request.
Information | Value |
---|---|
Data type | String |
Default | Empty string |
Specifies the realm for hashed credentials, if the hashed credentials setting is enabled.
Information | Value |
---|---|
Data type | String |
Default | Empty string |