11.7.3. IOR Security Parameters
Prerequisites
- Enable IOR settings with the following management CLI command.
/subsystem=jacorb/ior-settings=default:add
- Ensure the JacORB subsystem is enabled. For example, it is already enabled in the
full
profile, but not in the default (web
) profile. For details on how to enable the JacORB subsystem see Section 21.4.2, “Configure the ORB for JTS Transactions”.
The iorSASContextType specifies the attributes used to setup the IOR Secure Attribute Service settings. These parameters can only be set using the management CLI.
Table 11.1. iorSASContextType
Parameter | Description | Valid Values |
---|---|---|
caller-propagation | Indicates whether or not the caller should be propagated in the SAS context | none , supported |
/subsystem=jacorb/ior-settings=default/setting=sas-context:add /subsystem=jacorb/ior-settings=default/setting=sas-context:write-attribute(name=caller-propagation, value=NONE|SUPPORTED)
The iorASContextType specifies the attributes used to setup the IOR Authentication Service settings. Each of the following parameters are optional.
Table 11.2. iorASContextType
Parameter | Description | Type | Valid Values |
---|---|---|---|
auth-method | Authentication method. | String | none , username_password |
realm | Authentication Service realm name. | String | Default value: Default |
required | Indicates if authentication is required. | Boolean | true , false |
/subsystem=jacorb/ior-settings=default/setting=as-context:add /subsystem=jacorb/ior-settings=default/setting=as-context:write-attribute(name=ATTRIBUTE, value=VALUE)
The iorTransportconfigType specifies the attributes used to set up the IOR transport settings.
Table 11.3. iorTransportconfigType
Parameter | Description | Valid Values |
---|---|---|
integrity | Indicates whether or not the transport must require integrity protection. | none , supported , or required . |
confidentiality | Indicates whether or not the transport must require confidentiality protection. | none , supported , or required . |
trust-in-target | Indicates if the transport must require trust in target to be established. | none , supported |
trust-in-client | Indicates if the transport must require trust in client to be established. | none , supported , or required . |
detect-replay | Indicates whether the transport must require replay detection or not. | none , supported , or required . |
detect-misordering | Indicates whether or not the transport must require misordering detection. | none , supported , or required . |
/subsystem=jacorb/ior-settings=default/setting=transport-config:add /subsystem=jacorb/ior-settings=default/setting=transport-config:write-attribute(name=ATTRIBUTE, value=VALUE)