11.7.3. IOR Security Parameters

Prerequisites

  • Enable IOR settings with the following management CLI command.
    /subsystem=jacorb/ior-settings=default:add
    
  • Ensure the JacORB subsystem is enabled. For example, it is already enabled in the full profile, but not in the default (web) profile. For details on how to enable the JacORB subsystem see Section 21.4.2, “Configure the ORB for JTS Transactions”.
The iorSASContextType specifies the attributes used to setup the IOR Secure Attribute Service settings. These parameters can only be set using the management CLI.

Table 11.1. iorSASContextType

Parameter Description Valid Values
caller-propagation Indicates whether or not the caller should be propagated in the SAS context none, supported
/subsystem=jacorb/ior-settings=default/setting=sas-context:add
/subsystem=jacorb/ior-settings=default/setting=sas-context:write-attribute(name=caller-propagation, value=NONE|SUPPORTED)
The iorASContextType specifies the attributes used to setup the IOR Authentication Service settings. Each of the following parameters are optional.

Table 11.2. iorASContextType

Parameter Description Type Valid Values
auth-method Authentication method. String none, username_password
realm Authentication Service realm name. String Default value: Default
required Indicates if authentication is required. Boolean true, false
/subsystem=jacorb/ior-settings=default/setting=as-context:add
/subsystem=jacorb/ior-settings=default/setting=as-context:write-attribute(name=ATTRIBUTE, value=VALUE)
The iorTransportconfigType specifies the attributes used to set up the IOR transport settings.

Table 11.3. iorTransportconfigType

Parameter Description Valid Values
integrity Indicates whether or not the transport must require integrity protection. none, supported, or required.
confidentiality Indicates whether or not the transport must require confidentiality protection. none, supported, or required.
trust-in-target Indicates if the transport must require trust in target to be established. none, supported
trust-in-client Indicates if the transport must require trust in client to be established. none, supported, or required.
detect-replay Indicates whether the transport must require replay detection or not. none, supported, or required.
detect-misordering Indicates whether or not the transport must require misordering detection. none, supported, or required.
/subsystem=jacorb/ior-settings=default/setting=transport-config:add
/subsystem=jacorb/ior-settings=default/setting=transport-config:write-attribute(name=ATTRIBUTE, value=VALUE)