security.manager - Enterprise Edition

This section refers exclusively to the connection of service.monitor with security.manager Enterprise Edition.

Running service.monitor and security.manager under the same host

The section below describes all properties that are relevant for integration with security.manager:

Configuration settings for service.monitor operation with security.manager user management
security.mode=ONLY_AUTHN
#
# --- ONLY_AUTHN / SSO configuration ---
#
# The name of the domain cookie. This value has to correspond to the settings in security.manager.
security.sso.cookie.name=ct_SSO
# The domain of the domain cookie. This value has to correspond to the settings in security.manager.
security.sso.cookie.domain=
security.sso.support.nonmatchinghosts=true
# URL to the SSO session service of security.manager
security.sso.service.url=http://localhost:8080/administration/resources/ssosessions
# URL des WAS Dienstes des security.manager
security.was.service.url=http://localhost:8080/administration/WAS
# The URL to the login page of security.manager. The client is redirected to this URL if she is currently not authenticated.
security.app.url=https://secman-host.example.com/administration
# An additional postfix to be added when IWA is used and sec.man runs in hybrid mode
security.remoteuser.postfix=
#
# The key store where the private key of the application is defined.
security.keystore.location=<PFAD_DATA_DIR>/.keystore
# The key store password
security.keystore.passwd=changeit
# The alias name of the private key
security.keystore.key.alias=ct-security
# The password for the private key
security.keystore.key.passwd=changeit

The property security.mode determines the change from internal authentication to integration with security.manager. All the following parameters can be found in the current installation of security.manager. This applies to the parameter values of the Java keystore and the settings for the SSO domain cookie.

The values for security.was.service.url and security.sso.service.url are only used by the server and can therefore be defined with internal host names and port specifications if necessary. The value for the security.app.url is defined as a user would see it in the browser.