amAuthCert.xml revision 3d8ee1629200b24b539b887a7feaec640fe610a8
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit<?xml version="1.0" encoding="ISO-8859-1"?>
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit<!--
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
b34025e1e963e60c0f81c01af0f25f1984b9ca54James Phillpotts
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit The contents of this file are subject to the terms
685810e390056c123842842f5104daa3179cf2c9Phill Cunnington of the Common Development and Distribution License
685810e390056c123842842f5104daa3179cf2c9Phill Cunnington (the License). You may not use this file except in
685810e390056c123842842f5104daa3179cf2c9Phill Cunnington compliance with the License.
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit
b34025e1e963e60c0f81c01af0f25f1984b9ca54James Phillpotts You can obtain a copy of the License at
b34025e1e963e60c0f81c01af0f25f1984b9ca54James Phillpotts https://opensso.dev.java.net/public/CDDLv1.0.html or
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit opensso/legal/CDDLv1.0.txt
685810e390056c123842842f5104daa3179cf2c9Phill Cunnington See the License for the specific language governing
685810e390056c123842842f5104daa3179cf2c9Phill Cunnington permission and limitations under the License.
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit
685810e390056c123842842f5104daa3179cf2c9Phill Cunnington When distributing Covered Code, include this CDDL
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit Header Notice in each file and include the License file
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit at opensso/legal/CDDLv1.0.txt.
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit If applicable, add the following below the CDDL Header,
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit with the fields enclosed by brackets [] replaced by
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit your own identifying information:
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit "Portions Copyrighted [year] [name of copyright owner]"
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit $Id: amAuthCert.xml,v 1.9 2008/06/25 05:45:41 qcheng Exp $
b34025e1e963e60c0f81c01af0f25f1984b9ca54James Phillpotts
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit Portions Copyrighted 2011-2016 ForgeRock AS.
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit-->
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit<!DOCTYPE ServicesConfiguration
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit PUBLIC "=//iPlanet//Service Management Services (SMS) 1.0 DTD//EN"
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit "jar://com/sun/identity/sm/sms.dtd">
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit<ServicesConfiguration>
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit <Service name="iPlanetAMAuthCertService" version="1.0">
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit <Schema
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit serviceHierarchy="/DSAMEConfig/authentication/iPlanetAMAuthCertService"
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit i18nFileName="amAuthCert"
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit revisionNumber="40"
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit i18nKey="iplanet-am-auth-cert-service-description"
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit resourceName="certificate">
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit <Organization>
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit <AttributeSchema name="iplanet-am-auth-cert-check-cert-in-ldap"
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit type="single"
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit syntax="boolean"
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit i18nKey="a101"
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit order="100"
685810e390056c123842842f5104daa3179cf2c9Phill Cunnington resourceName="matchCertificateInLdap">
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit <DefaultValues>
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit <Value>false</Value>
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit </DefaultValues>
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit </AttributeSchema>
80802511792d4e59a4ac67ad19677009d332b37dBruno Lavit <AttributeSchema name="iplanet-am-auth-cert-attr-check-ldap"
type="single"
syntax="string"
i18nKey="a1011"
order="200"
resourceName="ldapCertificateAttribute">
<DefaultValues>
<Value>CN</Value>
</DefaultValues>
</AttributeSchema>
<AttributeSchema name="iplanet-am-auth-cert-check-crl"
type="single"
syntax="boolean"
i18nKey="a102"
order="300"
resourceName="matchCertificateToCRL">
<DefaultValues>
<Value>false</Value>
</DefaultValues>
</AttributeSchema>
<AttributeSchema name="sunAMValidateCACert"
type="single"
syntax="boolean"
i18nKey="a1023"
order="600"
resourceName="matchCACertificateToCRL">
<DefaultValues>
<Value>false</Value>
</DefaultValues>
</AttributeSchema>
<AttributeSchema name="iplanet-am-auth-cert-attr-check-crl"
type="single"
syntax="string"
i18nKey="a1021"
order="400"
resourceName="crlMatchingCertificateAttribute">
<DefaultValues>
<Value>CN</Value>
</DefaultValues>
</AttributeSchema>
<AttributeSchema name="openam-am-auth-cert-attr-cache-crl"
type="single"
syntax="boolean"
i18nKey="a1024"
order="700"
resourceName="cacheCRLsInMemory">
<DefaultValues>
<Value>true</Value>
</DefaultValues>
</AttributeSchema>
<AttributeSchema name="iplanet-am-auth-cert-param-get-crl"
type="single"
syntax="string"
i18nKey="a1022"
order="500"
resourceName="crlHttpParameters">
<DefaultValues>
<Value></Value>
</DefaultValues>
</AttributeSchema>
<AttributeSchema name="openam-am-auth-cert-update-crl"
type="single"
syntax="boolean"
i18nKey="a1025"
order="800"
resourceName="updateCRLsFromDistributionPoint">
<DefaultValues>
<Value>true</Value>
</DefaultValues>
</AttributeSchema>
<AttributeSchema name="iplanet-am-auth-cert-check-ocsp"
type="single"
syntax="boolean"
i18nKey="a103"
order="900"
resourceName="ocspValidationEnabled">
<DefaultValues>
<Value>false</Value>
</DefaultValues>
</AttributeSchema>
<AttributeSchema name="iplanet-am-auth-cert-ldap-provider-url"
type="list"
syntax="string"
i18nKey="a104"
order="1000"
resourceName="certificateLdapServers">
<DefaultValues>
<Value>@UM_DIRECTORY_SERVER@:@UM_DIRECTORY_PORT@</Value>
</DefaultValues>
</AttributeSchema>
<AttributeSchema name="iplanet-am-auth-cert-start-search-loc"
type="list"
syntax="string"
i18nKey="a105"
order="1100"
resourceName="ldapSearchStartDN">
</AttributeSchema>
<AttributeSchema name="iplanet-am-auth-cert-security-type"
type="single_choice"
syntax="string"
i18nKey="">
<ChoiceValues>
<ChoiceValue i18nKey="choiceNone">none</ChoiceValue>
<ChoiceValue i18nKey="choiceSimple">simple</ChoiceValue>
<ChoiceValue i18nKey="choiceCRAM-MD5">CRAM-MD5</ChoiceValue>
</ChoiceValues>
<DefaultValues>
<Value>none</Value>
</DefaultValues>
</AttributeSchema>
<AttributeSchema name="iplanet-am-auth-cert-principal-user"
type="single"
syntax="string"
i18nKey="a107"
order="1200"
resourceName="userBindDN">
<DefaultValues>
<Value>@UM_DS_DIRMGRDN@</Value>
</DefaultValues>
</AttributeSchema>
<AttributeSchema name="iplanet-am-auth-cert-principal-passwd"
type="single"
syntax="password"
i18nKey="a108"
order="1300"
resourceName="userBindPassword">
</AttributeSchema>
<AttributeSchema name="iplanet-am-auth-cert-use-ssl"
type="single"
syntax="boolean"
i18nKey="a110"
order="1400"
resourceName="sslEnabled">
<DefaultValues>
<Value>false</Value>
</DefaultValues>
</AttributeSchema>
<AttributeSchema name="iplanet-am-auth-cert-user-profile-mapper"
type="single_choice"
syntax="string"
i18nKey="a111"
order="1500"
resourceName="certificateAttributeToProfileMapping">
<ChoiceValues>
<ChoiceValue i18nKey="choiceSubjectDN">subject DN</ChoiceValue>
<ChoiceValue i18nKey="choiceSubjectCN">subject CN</ChoiceValue>
<ChoiceValue i18nKey="choiceSubjectUID">subject UID</ChoiceValue>
<ChoiceValue i18nKey="choiceEmail">email address</ChoiceValue>
<ChoiceValue i18nKey="choiceOther">other</ChoiceValue>
<ChoiceValue i18nKey="choiceNone">none</ChoiceValue>
</ChoiceValues>
<DefaultValues>
<Value>subject CN</Value>
</DefaultValues>
</AttributeSchema>
<AttributeSchema name="iplanet-am-auth-cert-user-profile-mapper-other"
type="single"
syntax="string"
i18nKey="a1111"
order="1600"
resourceName="otherCertificateAttributeToProfileMapping">
</AttributeSchema>
<AttributeSchema name="iplanet-am-auth-cert-user-profile-mapper-ext"
type="single_choice"
syntax="string"
i18nKey="a1112"
order="1700"
resourceName="certificateAttributeProfileMappingExtension">
<ChoiceValues>
<ChoiceValue i18nKey="choiceNone">none</ChoiceValue>
<ChoiceValue i18nKey="choiceRFC822Name">RFC822Name</ChoiceValue>
<ChoiceValue i18nKey="choiceUPN">UPN</ChoiceValue>
</ChoiceValues>
<DefaultValues>
<Value>none</Value>
</DefaultValues>
</AttributeSchema>
<AttributeSchema name="iplanet-am-auth-cert-auth-level"
type="single"
syntax="number_range" rangeStart="0" rangeEnd="2147483647"
i18nKey="a500"
order="2100"
resourceName="authenticationLevel">
<DefaultValues>
<Value>0</Value>
</DefaultValues>
</AttributeSchema>
<AttributeSchema name="iplanet-am-auth-cert-gw-cert-auth-enabled"
type="list"
syntax="string"
i18nKey="a113"
order="1800"
resourceName="trustedRemoteHosts">
<DefaultValues>
<Value>none</Value>
</DefaultValues>
</AttributeSchema>
<AttributeSchema name="sunAMHttpParamName"
type="single"
syntax="string"
validator="no"
i18nKey="a115"
order="1900"
resourceName="clientCertificateHttpHeaderName">
<DefaultValues>
<Value></Value>
</DefaultValues>
</AttributeSchema>
<AttributeSchema name="iplanet-am-auth-cert-gw-cert-preferred"
type="single"
syntax="boolean"
i18nKey="a1151"
order="2000">
<DefaultValues>
<Value>false</Value>
</DefaultValues>
</AttributeSchema>
<SubSchema name="serverconfig" inheritance="multiple" resourceName="USE-PARENT">
<AttributeSchema name="iplanet-am-auth-cert-check-cert-in-ldap"
type="single"
syntax="boolean"
i18nKey="a101"
order="100"
resourceName="matchCertificateInLdap">
<DefaultValues>
<Value>false</Value>
</DefaultValues>
</AttributeSchema>
<AttributeSchema name="iplanet-am-auth-cert-attr-check-ldap"
type="single"
syntax="string"
i18nKey="a1011"
order="200"
resourceName="ldapCertificateAttribute">
<DefaultValues>
<Value>CN</Value>
</DefaultValues>
</AttributeSchema>
<AttributeSchema name="iplanet-am-auth-cert-check-crl"
type="single"
syntax="boolean"
i18nKey="a102"
order="300"
resourceName="matchCertificateToCRL">
<DefaultValues>
<Value>false</Value>
</DefaultValues>
</AttributeSchema>
<AttributeSchema name="sunAMValidateCACert"
type="single"
syntax="boolean"
i18nKey="a1023"
order="600"
resourceName="matchCACertificateToCRL">
<DefaultValues>
<Value>false</Value>
</DefaultValues>
</AttributeSchema>
<AttributeSchema name="iplanet-am-auth-cert-attr-check-crl"
type="single"
syntax="string"
i18nKey="a1021"
order="400"
resourceName="crlMatchingCertificateAttribute">
<DefaultValues>
<Value>CN</Value>
</DefaultValues>
</AttributeSchema>
<AttributeSchema name="openam-am-auth-cert-attr-cache-crl"
type="single"
syntax="boolean"
i18nKey="a1024"
order="700"
resourceName="cacheCRLsInMemory">
<DefaultValues>
<Value>true</Value>
</DefaultValues>
</AttributeSchema>
<AttributeSchema name="iplanet-am-auth-cert-param-get-crl"
type="single"
syntax="string"
i18nKey="a1022"
order="500"
resourceName="crlHttpParameters">
<DefaultValues>
<Value></Value>
</DefaultValues>
</AttributeSchema>
<AttributeSchema name="openam-am-auth-cert-update-crl"
type="single"
syntax="boolean"
i18nKey="a1025"
order="800"
resourceName="updateCRLsFromDistributionPoint">
<DefaultValues>
<Value>true</Value>
</DefaultValues>
</AttributeSchema>
<AttributeSchema name="iplanet-am-auth-cert-check-ocsp"
type="single"
syntax="boolean"
i18nKey="a103"
order="900"
resourceName="ocspValidationEnabled">
<DefaultValues>
<Value>false</Value>
</DefaultValues>
</AttributeSchema>
<AttributeSchema name="iplanet-am-auth-cert-ldap-provider-url"
type="list"
syntax="string"
i18nKey="a104"
order="1000"
resourceName="certificateLdapServers">
<DefaultValues>
<Value>@UM_DIRECTORY_SERVER@:@UM_DIRECTORY_PORT@</Value>
</DefaultValues>
</AttributeSchema>
<AttributeSchema name="iplanet-am-auth-cert-start-search-loc"
type="list"
syntax="string"
i18nKey="a105"
order="1100"
resourceName="ldapSearchStartDN">
</AttributeSchema>
<AttributeSchema name="iplanet-am-auth-cert-security-type"
type="single_choice"
syntax="string"
i18nKey="">
<ChoiceValues>
<ChoiceValue i18nKey="choiceNone">none</ChoiceValue>
<ChoiceValue i18nKey="choiceSimple">simple</ChoiceValue>
<ChoiceValue i18nKey="choiceCRAM-MD5">CRAM-MD5</ChoiceValue>
</ChoiceValues>
<DefaultValues>
<Value>none</Value>
</DefaultValues>
</AttributeSchema>
<AttributeSchema name="iplanet-am-auth-cert-principal-user"
type="single"
syntax="string"
i18nKey="a107"
order="1200"
resourceName="userBindDN">
<DefaultValues>
<Value>@UM_DS_DIRMGRDN@</Value>
</DefaultValues>
</AttributeSchema>
<AttributeSchema name="iplanet-am-auth-cert-principal-passwd"
type="single"
syntax="password"
i18nKey="a108"
order="1300"
resourceName="userBindPassword">
</AttributeSchema>
<AttributeSchema name="iplanet-am-auth-cert-use-ssl"
type="single"
syntax="boolean"
i18nKey="a110"
order="1400"
resourceName="sslEnabled">
<DefaultValues>
<Value>false</Value>
</DefaultValues>
</AttributeSchema>
<AttributeSchema name="iplanet-am-auth-cert-user-profile-mapper"
type="single_choice"
syntax="string"
i18nKey="a111"
order="1500"
resourceName="certificateAttributeToProfileMapping">
<ChoiceValues>
<ChoiceValue i18nKey="choiceSubjectDN">subject DN</ChoiceValue>
<ChoiceValue i18nKey="choiceSubjectCN">subject CN</ChoiceValue>
<ChoiceValue i18nKey="choiceSubjectUID">subject UID</ChoiceValue>
<ChoiceValue i18nKey="choiceEmail">email address</ChoiceValue>
<ChoiceValue i18nKey="choiceOther">other</ChoiceValue>
<ChoiceValue i18nKey="choiceNone">none</ChoiceValue>
</ChoiceValues>
<DefaultValues>
<Value>subject CN</Value>
</DefaultValues>
</AttributeSchema>
<AttributeSchema name="iplanet-am-auth-cert-user-profile-mapper-other"
type="single"
syntax="string"
i18nKey="a1111"
order="1600"
resourceName="otherCertificateAttributeToProfileMapping">
</AttributeSchema>
<AttributeSchema name="iplanet-am-auth-cert-user-profile-mapper-ext"
type="single_choice"
syntax="string"
i18nKey="a1112"
order="1700"
resourceName="certificateAttributeProfileMappingExtension">
<ChoiceValues>
<ChoiceValue i18nKey="choiceNone">none</ChoiceValue>
<ChoiceValue i18nKey="choiceRFC822Name">RFC822Name</ChoiceValue>
<ChoiceValue i18nKey="choiceUPN">UPN</ChoiceValue>
</ChoiceValues>
<DefaultValues>
<Value>none</Value>
</DefaultValues>
</AttributeSchema>
<AttributeSchema name="iplanet-am-auth-cert-auth-level"
type="single"
syntax="number_range" rangeStart="0" rangeEnd="2147483647"
i18nKey="a500"
order="2100"
resourceName="authenticationLevel">
<DefaultValues>
<Value>0</Value>
</DefaultValues>
</AttributeSchema>
<AttributeSchema name="iplanet-am-auth-cert-gw-cert-auth-enabled"
type="list"
syntax="string"
i18nKey="a113"
order="1800"
resourceName="trustedRemoteHosts">
<DefaultValues>
<Value>none</Value>
</DefaultValues>
</AttributeSchema>
<AttributeSchema name="sunAMHttpParamName"
type="single"
syntax="string"
validator="no"
i18nKey="a115"
order="1900"
resourceName="clientCertificateHttpHeaderName">
<DefaultValues>
<Value></Value>
</DefaultValues>
</AttributeSchema>
<AttributeSchema name="iplanet-am-auth-cert-gw-cert-preferred"
type="single"
syntax="boolean"
i18nKey="a1151"
order="2000">
<DefaultValues>
<Value>false</Value>
</DefaultValues>
</AttributeSchema>
</SubSchema>
</Organization>
</Schema>
</Service>
</ServicesConfiguration>