amAuthAD.properties revision 0e93e49a78b66390d2ff541eea6307b4c3fb33b4
e1836d1fe413cc14430ce89508e79c4c01df830bTinderbox User# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews# Copyright (c) 2007 Sun Microsystems Inc. All Rights Reserved
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews# The contents of this file are subject to the terms
bfcc5ae79a46c5c55e6cf1a9fe4d70a957712d2bTatuya JINMEI 神明達哉# of the Common Development and Distribution License
bfcc5ae79a46c5c55e6cf1a9fe4d70a957712d2bTatuya JINMEI 神明達哉# (the License). You may not use this file except in
bfcc5ae79a46c5c55e6cf1a9fe4d70a957712d2bTatuya JINMEI 神明達哉# compliance with the License.
bfcc5ae79a46c5c55e6cf1a9fe4d70a957712d2bTatuya JINMEI 神明達哉# You can obtain a copy of the License at
bfcc5ae79a46c5c55e6cf1a9fe4d70a957712d2bTatuya JINMEI 神明達哉# https://opensso.dev.java.net/public/CDDLv1.0.html or
bfcc5ae79a46c5c55e6cf1a9fe4d70a957712d2bTatuya JINMEI 神明達哉# See the License for the specific language governing
8a9bac8dec81997fec38fb880dc81b41eb026c27Mark Andrews# permission and limitations under the License.
2fff8b8280779a25fbdb891b2d3d9b435d2084f0Tatuya JINMEI 神明達哉# When distributing Covered Code, include this CDDL
bfcc5ae79a46c5c55e6cf1a9fe4d70a957712d2bTatuya JINMEI 神明達哉# Header Notice in each file and include the License file
d9059b0c38bd630c367d81424d72b1308cd74b04Tatuya JINMEI 神明達哉# If applicable, add the following below the CDDL Header,
1bb2f53b9f74a8ca9812cbe9243ef41190b4da14Evan Hunt# with the fields enclosed by brackets [] replaced by
bfcc5ae79a46c5c55e6cf1a9fe4d70a957712d2bTatuya JINMEI 神明達哉# your own identifying information:
bfcc5ae79a46c5c55e6cf1a9fe4d70a957712d2bTatuya JINMEI 神明達哉# "Portions Copyrighted [year] [name of copyright owner]"
8907d8fa04fdaa65baf0bc6b01230b2ebde93106Mark Andrews# $Id: amAuthAD.properties,v 1.5 2009/12/11 01:43:23 goodearth Exp $
8907d8fa04fdaa65baf0bc6b01230b2ebde93106Mark Andrews# Portions Copyrighted 2011-2015 ForgeRock AS.
8907d8fa04fdaa65baf0bc6b01230b2ebde93106Mark Andrews# Portions Copyrighted 2012 Open Source Solution Technology Corporation
bfcc5ae79a46c5c55e6cf1a9fe4d70a957712d2bTatuya JINMEI 神明達哉authentication=Authentication Modules
bfcc5ae79a46c5c55e6cf1a9fe4d70a957712d2bTatuya JINMEI 神明達哉LDAPex=Unknown LDAP exception.
bfcc5ae79a46c5c55e6cf1a9fe4d70a957712d2bTatuya JINMEI 神明達哉UPerror=Both user ID and password required.
bfcc5ae79a46c5c55e6cf1a9fe4d70a957712d2bTatuya JINMEI 神明達哉classpathError=Class not found. Check class path.
bfcc5ae79a46c5c55e6cf1a9fe4d70a957712d2bTatuya JINMEI 神明達哉InvalidUP=Invalid user ID and password. Try again.
bfcc5ae79a46c5c55e6cf1a9fe4d70a957712d2bTatuya JINMEI 神明達哉NoUser=User ID not found.
8907d8fa04fdaa65baf0bc6b01230b2ebde93106Mark AndrewsNoServer=Server cannot be contacted.
8907d8fa04fdaa65baf0bc6b01230b2ebde93106Mark AndrewsNaming=Naming error has occurred.
bfcc5ae79a46c5c55e6cf1a9fe4d70a957712d2bTatuya JINMEI 神明達哉sunAMAuthADServiceDescription=Active Directory
bfcc5ae79a46c5c55e6cf1a9fe4d70a957712d2bTatuya JINMEI 神明達哉PasswordExp=Password Expires In: {0}
bfcc5ae79a46c5c55e6cf1a9fe4d70a957712d2bTatuya JINMEI 神明達哉GraceLogins=Your password has expired and you have {0} grace logins remaining.
bfcc5ae79a46c5c55e6cf1a9fe4d70a957712d2bTatuya JINMEI 神明達哉TimeBeforeExpiration=Password expires in: {0}
bfcc5ae79a46c5c55e6cf1a9fe4d70a957712d2bTatuya JINMEI 神明達哉PasswordReset=Reset the password.
bfcc5ae79a46c5c55e6cf1a9fe4d70a957712d2bTatuya JINMEI 神明達哉PasswdMismatch=The password and the confirm password do not match.
bfcc5ae79a46c5c55e6cf1a9fe4d70a957712d2bTatuya JINMEI 神明達哉PasswordInvalid=Your password does not comply with present password policy.
7f1785d0ded8897082abacec5219b27feac755afFrancis DupontNewPasswordInvalid=Your new password does not comply with present password policy.
2f012d936b5ccdf6520c96a4de23721dc58a2221Automatic UpdaterUPsame=Username and password must be different. Try again.
bfcc5ae79a46c5c55e6cf1a9fe4d70a957712d2bTatuya JINMEI 神明達哉inPwdQual=New password does not meet the password policy requirements.
bfcc5ae79a46c5c55e6cf1a9fe4d70a957712d2bTatuya JINMEI 神明達哉pwdInHist=New password has been used previously.
bfcc5ae79a46c5c55e6cf1a9fe4d70a957712d2bTatuya JINMEI 神明達哉pwdToShort=New password is too short.
bfcc5ae79a46c5c55e6cf1a9fe4d70a957712d2bTatuya JINMEI 神明達哉pwdToYoung=Password has been changed recently, cannot change password.
bfcc5ae79a46c5c55e6cf1a9fe4d70a957712d2bTatuya JINMEI 神明達哉PInvalid=The password you have entered is invalid.
bfcc5ae79a46c5c55e6cf1a9fe4d70a957712d2bTatuya JINMEI 神明達哉PasswdSame=The password must be different. Try again.
bfcc5ae79a46c5c55e6cf1a9fe4d70a957712d2bTatuya JINMEI 神明達哉PasswdMinChars=Password contains fewer than minimum number of characters.
bfcc5ae79a46c5c55e6cf1a9fe4d70a957712d2bTatuya JINMEI 神明達哉a101=Primary Active Directory Server
8907d8fa04fdaa65baf0bc6b01230b2ebde93106Mark Andrewsa101.help=Use this list to set the primary Active Directory server used for authentication.
8907d8fa04fdaa65baf0bc6b01230b2ebde93106Mark Andrewsa101.help.txt=The Active Directory authentication module will use this list as the primary server for authentication. A single entry must \
dd2a0a6d2dec1c23787351e51b434a838dec5603Evan Huntbe in the format:<br/><br/><code>server:port</code><br/><br/>Multiple entries allow associations between OpenAM servers and an \
dd2a0a6d2dec1c23787351e51b434a838dec5603Evan HuntActive Directory server. \
dd2a0a6d2dec1c23787351e51b434a838dec5603Evan HuntThe format is:<br/><br/><code>local server name | server:port</code><br/><br/>\
dd2a0a6d2dec1c23787351e51b434a838dec5603Evan HuntThe local server name is the full name of the server from the list of servers and sites.
dd2a0a6d2dec1c23787351e51b434a838dec5603Evan Hunta102=Secondary Active Directory Server
dd2a0a6d2dec1c23787351e51b434a838dec5603Evan Hunta102.help=Use this list to set the secondary (failover) Active Directory server used for authentication.
8907d8fa04fdaa65baf0bc6b01230b2ebde93106Mark Andrewsa102.help.txt=If the primary Active Directory server fails, the Active Directory authentication module will failover to the secondary \
8907d8fa04fdaa65baf0bc6b01230b2ebde93106Mark Andrewsserver. A single entry must be in the format:<br/><br/><code>server:port</code><br/><br/>\
2fff8b8280779a25fbdb891b2d3d9b435d2084f0Tatuya JINMEI 神明達哉Multiple entries allow associations between OpenAM servers and an Active Directory server. \
2fff8b8280779a25fbdb891b2d3d9b435d2084f0Tatuya JINMEI 神明達哉The format is:<br/><br/><code>local server name | server:port</code><br/><br/>\
a0f91e910bd9af006a65e555ec4082864ca1eb8dMark Andrews<i>NB </i>The local server name is the full name of the server from the list of servers and sites.
a0f91e910bd9af006a65e555ec4082864ca1eb8dMark Andrewsa103=DN to Start User Search
a0f91e910bd9af006a65e555ec4082864ca1eb8dMark Andrewsa103.help=The search for accounts to be authenticated start from this base DN
a0f91e910bd9af006a65e555ec4082864ca1eb8dMark Andrewsa103.help.txt=For a single server just enter the Base DN to be searched. Multiple OpenAM servers can have different base DNs for the search \
a0f91e910bd9af006a65e555ec4082864ca1eb8dMark AndrewsThe format is as follows:<br/><br/><code>local server name | search DN</code><br/><br/>\
a0f91e910bd9af006a65e555ec4082864ca1eb8dMark Andrews<i>NB </i>The local server name is the full name of the server from the list of servers and sites.
a70fc47e9dc165175e77f091076559748858a488Mark Andrewsa104=Bind User DN
a70fc47e9dc165175e77f091076559748858a488Mark Andrewsa104.help=The DN of an admin user used by the module to authentication to the LDAP server
a70fc47e9dc165175e77f091076559748858a488Mark Andrewsa104.help.txt=The LDAP module requires an administration account in order to perform functionality such as password reset.<br/><br/>\
a70fc47e9dc165175e77f091076559748858a488Mark Andrews<i>NB </i><code>cn=Directory Manager</code> should not be used in production systems.
a70fc47e9dc165175e77f091076559748858a488Mark Andrewsa105=Bind User Password
a70fc47e9dc165175e77f091076559748858a488Mark Andrewsa105.help=The password of the administration account.
a70fc47e9dc165175e77f091076559748858a488Mark Andrewsa106=Attribute Used to Retrieve User Profile
a70fc47e9dc165175e77f091076559748858a488Mark Andrewsa106.help=The LDAP module will use this attribute to search of the profile of an authenticated user.
a70fc47e9dc165175e77f091076559748858a488Mark Andrewsa106.help.txt=This is the attribute used to find the profile of the authenticated user. Normally this will be the same attribute used to \
a70fc47e9dc165175e77f091076559748858a488Mark Andrewsfind the user account. The value will be the name of the user used for authentication.
a70fc47e9dc165175e77f091076559748858a488Mark Andrewsa107=Attributes Used to Search for a User to be Authenticated
a70fc47e9dc165175e77f091076559748858a488Mark Andrewsa107.help=The attributes specified in this list form the LDAP search filter.
a70fc47e9dc165175e77f091076559748858a488Mark Andrewsa107.help.txt=The default value of uid will form the following search filter of <code>uid=<i>user</i></code>, if there are multiple \
a70fc47e9dc165175e77f091076559748858a488Mark Andrewsvalues such as uid and cn, the module will create a search filter as follows <code>(|(uid=<i>user</i>)(cn=<i>user</i>))</code>
a70fc47e9dc165175e77f091076559748858a488Mark Andrewsa108=User Search Filter
a70fc47e9dc165175e77f091076559748858a488Mark Andrewsa108.help=This search filter will be appended to the standard user search filter.
a70fc47e9dc165175e77f091076559748858a488Mark Andrewsa108.help.txt=This attribute can be used to append a custom search filter to the standard filter. For example: \
a70fc47e9dc165175e77f091076559748858a488Mark Andrews<code>(objectClass=person)</code>would result in the following user search filter:<br/><br/>\
a70fc47e9dc165175e77f091076559748858a488Mark Andrews<code>(&(uid=<i>user</i>)(objectClass=person))</code>
a70fc47e9dc165175e77f091076559748858a488Mark Andrewsa109=Search Scope
a70fc47e9dc165175e77f091076559748858a488Mark Andrewsa109.help=The level in the Directory Server that will be searched for a matching user profile.
a70fc47e9dc165175e77f091076559748858a488Mark Andrewsa109.help.txt=This attribute controls how the directory is searched.<br/><br/>\
a70fc47e9dc165175e77f091076559748858a488Mark Andrews<ul><li><code>OBJECT</code>: Only the Base DN is searched.</li>\
a70fc47e9dc165175e77f091076559748858a488Mark Andrews<li><code>ONELEVEL</code>: Only the single level below (and not the Base DN) is searched</li>\
a70fc47e9dc165175e77f091076559748858a488Mark Andrews<li><code>SUBTREE</code>: The Base DN and all levels below are searched</li></ul>
a70fc47e9dc165175e77f091076559748858a488Mark Andrewsa110=LDAP Connection Mode
a70fc47e9dc165175e77f091076559748858a488Mark Andrewsa110.help=Defines which protocol/operation is used to establish the connection to the LDAP Directory Server.
a70fc47e9dc165175e77f091076559748858a488Mark Andrewsa110.help.txt=If 'LDAP' is selected, the connection <b>won't be secured</b> and passwords are transferred in <b>cleartext</b> over the network.<br/> \
a70fc47e9dc165175e77f091076559748858a488Mark AndrewsIf 'LDAPS' is selected, the connection is secured via SSL or TLS. <br/> \
a70fc47e9dc165175e77f091076559748858a488Mark AndrewsIf 'StartTLS' is selected, the connection is secured by using StartTLS extended operation.
a70fc47e9dc165175e77f091076559748858a488Mark Andrewsa1103=StartTLS
a70fc47e9dc165175e77f091076559748858a488Mark Andrewsa111=Return User DN to DataStore
7c60401dbd4dce617dffc685c269fca224c589adTatuya JINMEI 神明達哉a111.help=Controls whether the DN or the username is returned as the authentication principal.
7c60401dbd4dce617dffc685c269fca224c589adTatuya JINMEI 神明達哉a114=User Creation Attributes
7c60401dbd4dce617dffc685c269fca224c589adTatuya JINMEI 神明達哉a114.help=Controls the mapping of local attribute to external attribute for dynamic profile creation.
7c60401dbd4dce617dffc685c269fca224c589adTatuya JINMEI 神明達哉a114.help.txt=If dynamic profile creation is enabled; this feature allows for a mapping between the attribute/values retrieved from \
7c60401dbd4dce617dffc685c269fca224c589adTatuya JINMEI 神明達哉the users authenticated profile and the attribute/values that will be provisioned into their matching account in the data store.\
7c60401dbd4dce617dffc685c269fca224c589adTatuya JINMEI 神明達哉<br/><br/>The format of this property is: <br/><br/><code> local attr1|external attr1</code>
7c60401dbd4dce617dffc685c269fca224c589adTatuya JINMEI 神明達哉a117=Trust All Server Certificates
dd2a0a6d2dec1c23787351e51b434a838dec5603Evan Hunta117.help=Enables a <code>X509TrustManager</code> that trusts all certificates.
7c60401dbd4dce617dffc685c269fca224c589adTatuya JINMEI 神明達哉a117.help.txt=This feature will allow the LDAP authentication module to connect to LDAP servers protected by self signed or invalid \
d9059b0c38bd630c367d81424d72b1308cd74b04Tatuya JINMEI 神明達哉certificates (such as invalid hostname).<br/><br/>\
26833735d3d95e731a1cfb2a9b12c9bc10ba208aEvan Hunt<i>NB </i>Use this feature with care as it bypasses the normal certificate verification process
70d987def5a58ebeb8243017c0ec2e9b2c326cf4Evan Hunta118=LDAP Connection Heartbeat Interval
70d987def5a58ebeb8243017c0ec2e9b2c326cf4Evan Hunta118.help=Specifies how often should OpenAM send a heartbeat request to the directory.
70d987def5a58ebeb8243017c0ec2e9b2c326cf4Evan Hunta118.help.txt=Use this option in case a firewall/loadbalancer can close idle connections, since the heartbeat \
70d987def5a58ebeb8243017c0ec2e9b2c326cf4Evan Huntrequests will ensure that the connections won't become idle. Use along with the Heartbeat Time Unit parameter to \
a0f91e910bd9af006a65e555ec4082864ca1eb8dMark Andrewsdefine the correct interval. Zero or negative value will result in disabling heartbeat requests.
7c60401dbd4dce617dffc685c269fca224c589adTatuya JINMEI 神明達哉a119=LDAP Connection Heartbeat Time Unit
7c60401dbd4dce617dffc685c269fca224c589adTatuya JINMEI 神明達哉a119.help=Defines the time unit corresponding to the Heartbeat Interval setting.
dd2a0a6d2dec1c23787351e51b434a838dec5603Evan Hunta119.help.txt=Use this option in case a firewall/loadbalancer can close idle connections, since the heartbeat \
7c60401dbd4dce617dffc685c269fca224c589adTatuya JINMEI 神明達哉requests will ensure that the connections won't become idle.
70d987def5a58ebeb8243017c0ec2e9b2c326cf4Evan Hunta120=LDAP operations timeout
70d987def5a58ebeb8243017c0ec2e9b2c326cf4Evan Hunta120.help=Defines the timeout in seconds OpenAM should wait for a response of the Directory Server - <code>0</code> means no timeout.
70d987def5a58ebeb8243017c0ec2e9b2c326cf4Evan Hunta120.help.txt=If the Directory Server's host is down completely or the TCP connection became stale OpenAM waits until operation \
7c60401dbd4dce617dffc685c269fca224c589adTatuya JINMEI 神明達哉timeouts from the OS or the JVM are applied. However this setting allows more granular control within OpenAM itself. \
7c60401dbd4dce617dffc685c269fca224c589adTatuya JINMEI 神明達哉A value of <code>0</code> means NO timeout is applied on OpenAM level and the timeouts from the JVM or OS will apply.
7c60401dbd4dce617dffc685c269fca224c589adTatuya JINMEI 神明達哉AcctInactive=Account in-activated or locked. Unlock or activate the account.
dd2a0a6d2dec1c23787351e51b434a838dec5603Evan Hunt## Note level should have the highest
7c60401dbd4dce617dffc685c269fca224c589adTatuya JINMEI 神明達哉## number for i18N key since it should
d9059b0c38bd630c367d81424d72b1308cd74b04Tatuya JINMEI 神明達哉## be the last attribute when viewed in
26833735d3d95e731a1cfb2a9b12c9bc10ba208aEvan Hunt## the adminconsole
70d987def5a58ebeb8243017c0ec2e9b2c326cf4Evan Hunta500=Authentication Level
70d987def5a58ebeb8243017c0ec2e9b2c326cf4Evan Hunta500.help=The authentication level associated with this module.
70d987def5a58ebeb8243017c0ec2e9b2c326cf4Evan Hunta500.help.txt=Each authentication module has an authentication level that can be used to indicate the level of security \
70d987def5a58ebeb8243017c0ec2e9b2c326cf4Evan Huntassociated with the module; 0 is the lowest (and the default).
7c60401dbd4dce617dffc685c269fca224c589adTatuya JINMEI 神明達哉InappAuth=Inappropriate Authentication
8ac908b38a2fd9b780ae3a27ff26932a17823ae0Mark AndrewsnoUserMatchFound=User not found.
8ac908b38a2fd9b780ae3a27ff26932a17823ae0Mark AndrewsmultipleUserMatchFound=Multiple matches found for the user. Contact your system administrator to fix the problem.
d9059b0c38bd630c367d81424d72b1308cd74b04Tatuya JINMEI 神明達哉Nosecserver=No secondary server provided.
d9059b0c38bd630c367d81424d72b1308cd74b04Tatuya JINMEI 神明達哉choiceObject=OBJECT
d9059b0c38bd630c367d81424d72b1308cd74b04Tatuya JINMEI 神明達哉choiceOneLevel=ONELEVEL
d9059b0c38bd630c367d81424d72b1308cd74b04Tatuya JINMEI 神明達哉choiceSubTree=SUBTREE
d9059b0c38bd630c367d81424d72b1308cd74b04Tatuya JINMEI 神明達哉HostInvalid=Invalid host name.
26833735d3d95e731a1cfb2a9b12c9bc10ba208aEvan HuntHostUnknown=Unknown host {0}
d9059b0c38bd630c367d81424d72b1308cd74b04Tatuya JINMEI 神明達哉SchBaseInvalid=Invalid search base.
d9059b0c38bd630c367d81424d72b1308cd74b04Tatuya JINMEI 神明達哉PwdInvalid=Invalid user password.
26833735d3d95e731a1cfb2a9b12c9bc10ba208aEvan HuntFConnect=Connection failed.
70d987def5a58ebeb8243017c0ec2e9b2c326cf4Evan HuntCredInvalid=Invalid credentials.
70d987def5a58ebeb8243017c0ec2e9b2c326cf4Evan HuntUsrNotExist=User does not exist.
70d987def5a58ebeb8243017c0ec2e9b2c326cf4Evan HuntFAuth=Authentication failed.
70d987def5a58ebeb8243017c0ec2e9b2c326cf4Evan HuntUNAttr=User naming attribute is null.
d9059b0c38bd630c367d81424d72b1308cd74b04Tatuya JINMEI 神明達哉USchAttr=User search attributes must have at least one value.
7c60401dbd4dce617dffc685c269fca224c589adTatuya JINMEI 神明達哉i18nTrue=Enabled
a0f91e910bd9af006a65e555ec4082864ca1eb8dMark Andrewsi18nFalse=Disabled