{CSI {{claims {{layers {{{supportedQOP {{enable false}}}
{supportedTypes {}}
{trustedServers {}}
{useClaim false}} {{authenticationLayerRetryCount 0}
{isStateful false}
{requiredQOP {{enableOutOfSequenceDetection false}
{enableReplayDetection false}
{establishTrustInClient false}}}
{supportedAuthMechList LTPA|BASICAUTH}
{supportedAuthTargets {}}
{supportedQOP {{enableOutOfSequenceDetection false}
{enableReplayDetection false}
{establishTrustInClient true}}}
{useClaim false}} {{requiredQOP {{confidentiality false}
{enableProtection false}
{establishTrustInClient false}
{integrity true}}}
{serverAuthentication {{external false}
{properties {}}
{sslConfig {}}
{sslEnabled false}}}
{supportedQOP {{confidentiality true}
{enableProtection true}
{establishTrustInClient true}
{integrity true}}}
{useClaim false}}}}
{sessionGCIdleTime 0}
{sessionGCInterval 0}
{stateful true}}}
{performs {{layers {{{requiredQOP {{enable false}}}
{supportedQOP {{enable false}
{trustedId {}}
{trustedPassword *****}}}
{supportedTypes {}}
{trustedServers {}}
{useClaim false}} {{authenticationLayerRetryCount 3}
{isStateful false}
{requiredQOP {{enableOutOfSequenceDetection false}
{enableReplayDetection false}
{establishTrustInClient false}}}
{supportedAuthMechList LTPA|BASICAUTH}
{supportedAuthTargets {}}
{supportedQOP {{enableOutOfSequenceDetection false}
{enableReplayDetection false}
{establishTrustInClient true}}}
{useClaim false}} {{requiredQOP {{confidentiality false}
{enableProtection false}
{establishTrustInClient false}
{integrity true}}}
{serverAuthentication {{external false}
{properties {}}
{sslConfig {}}
{sslEnabled false}}}
{supportedQOP {{confidentiality true}
{enableProtection true}
{establishTrustInClient false}
{integrity true}}}
{useClaim false}}}}
{sessionGCIdleTime 900000}
{sessionGCInterval 300000}
{stateful true}}}}}
{IBM {{claims {{layers {{{serverAuthentication {{external false}
{properties {}}
{sslConfig {}}
{sslEnabled false}}}
{supportedQOP {{confidentiality true}
{enableProtection true}
{establishTrustInClient false}
{integrity true}}}
{useClaim false}}}}
{securityTagCompatibilityMode false}
{sessionGCIdleTime 0}
{sessionGCInterval 0}
{stateful false}}}
{performs {{layers {{{serverAuthentication {{external false}
{properties {}}
{sslConfig {}}
{sslEnabled false}}}
{supportedQOP {{confidentiality false}
{enableProtection true}
{establishTrustInClient false}
{integrity false}}}
{useClaim false}}}}
{securityTagCompatibilityMode false}
{sessionGCIdleTime 0}
{sessionGCInterval 0}
{stateful false}}}}}
{activeAuthMechanism (cells/skyway2kCell02|security.xml#LTPA_1)}
{activeProtocol BOTH}
{activeUserRegistry (cells/skyway2kCell02|security.xml#WIMUserRegistry_1)}
{additionalSecAttrs {}}
{allowAllPermissionForApplication false}
{allowBasicAuth true}
{appEnabled false}
{applicationLoginConfig {{entries {{{alias ClientContainer}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy}
{options {{{name delegate}
{required false}
{value com.ibm.ws.security.common.auth.module.WSClientLoginModuleImpl}}}}}}}} {{alias WSLogin}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy}
{options {{{name delegate}
{required false}
{value com.ibm.ws.security.common.auth.module.WSLoginModuleImpl}} {{name use_realm_callback}
{required false}
{value false}} {{name use_appcontext_callback}
{required false}
{value false}}}}}}}} {{alias WSKRB5Login}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.security.auth.kerberos.Krb5LoginModuleWrapperClient}
{options {{{name storeSharedStateCredentials}
{required false}
{value true}} {{name refreshKrb5Config}
{required false}
{value true}} {{name credsType}
{required false}
{value INITIATOR}} {{name tryFirstPass}
{required false}
{value false}} {{name useFirstPass}
{required false}
{value true}}}}}}}} {{alias DefaultPrincipalMapping}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy}
{options {{{name delegate}
{required false}
{value com.ibm.ws.security.auth.j2c.WSPrincipalMappingLoginModule}}}}}}}} {{alias TrustedConnectionMapping}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy}
{options {{{name delegate}
{required false}
{value com.ibm.ws.security.auth.j2c.WSPrincipalMappingLoginModule}} {{name useTrustedConnection}
{required false}
{value true}}}}}}}} {{alias KerberosMapping}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy}
{options {{{name delegate}
{required false}
{value com.ibm.ws.security.auth.j2c.WSPrincipalMappingLoginModule}}}}}}}}}}}}
{auditSpecifications {}}
{authConfig {{authorizationProviders {{{initializeJACCProviderClassName com.tivoli.pd.as.jacc.cfg.TAMConfigInitialize}
{j2eePolicyImplClassName com.tivoli.pd.as.jacc.TAMPolicy}
{name "TAM"}
{policyConfigurationFactoryImplClassName com.tivoli.pd.as.jacc.TAMPolicyConfigurationFactory}
{properties {}}
{required false}
{requiresEJBArgumentsPolicyContextHandler false}
{roleConfigurationFactoryImplClassName com.tivoli.pd.as.jacc.TAMRoleConfigurationFactory}
{supportedPermissions {}}
{supportsDynamicModuleUpdates true}}}}
{useJACCProvider false}
{useNativeAuthorization false}}}
{authDataEntries {{{alias skyway2kCell02/samples}
{description "JAAS Alias for WebSphere Samples"}
{password *****}
{userId samples}}}}
{authMechanisms {{{OID oid:1.2.840.113554.1.2.2}
{allowLTPAAuth false}
{authConfig system.KRB5}
{authContextImplClass com.ibm.ISecurityLocalObjectTokenBaseImpl.Krb5WSSecurityContextImpl}
{authValidationConfig system.KRB5}
{configured false}
{enabledGssCredDelegate true}
{isCredentialForwardable false}
{krb5Config {}}
{krb5Keytab {}}
{krb5Realm {}}
{krb5Spn WAS/${HOST}}
{properties {}}
{simpleAuthConfig system.KRB5}
{trimUserName true}} {{OID oid:1.3.18.0.2.30.2}
{authConfig system.LTPA}
{authContextImplClass com.ibm.ISecurityLocalObjectTokenBaseImpl.WSSecurityContextLTPAImpl}
{authValidationConfig system.LTPA}
{isCredentialForwardable false}
{keySetGroup CellLTPAKeySetGroup(cells/skyway2kCell02|security.xml#KeySetGroup_1)}
{properties {}}
{simpleAuthConfig system.LTPA}
{singleSignon {{domainName {}}
{enabled true}
{requiresSSL false}}}
{timeout 120}
{trustAssociation {{enabled false}
{interceptors {{{interceptorClassName com.ibm.ws.security.web.TAMTrustAssociationInterceptorPlus}
{trustProperties {}}} {{interceptorClassName com.ibm.ws.security.spnego.TrustAssociationInterceptorImpl}
{trustProperties {}}}}}}}} {{OID oid:1.3.6.1.5.5.2}
{allowAppAuthMethodFallback false}
{authContextImplClass com.ibm.ws.security.spnego.TrustAssociationInterceptorImpl}
{enabled false}
{filters {}}
{isCredentialForwardable false}
{properties {}}} {{OID oid:1.3.18.0.2.30.6}
{adminCertificate (cells/skyway2kCell02|security.xml#Certificate_1)}
{adminCertificateTrustStore CellRSATokenTrustStore(cells/skyway2kCell02|security.xml#KeyStore_10)}
{authConfig system.DEFAULT}
{authContextImplClass com.ibm.ISecurityLocalObjectTokenBaseImpl.WSSecurityContextAdminRSAPropImpl}
{authValidationConfig system.DEFAULT}
{isCredentialForwardable false}
{nonceCacheTimeout 1200}
{properties {}}
{simpleAuthConfig system.DEFAULT}
{tokenExpiration 600}}}}
{caClients {}}
{cacheTimeout 600}
{certificates {{{alias default}
{keyStore CellRSATokenKeyStore(cells/skyway2kCell02|security.xml#KeyStore_9)}}}}
{defaultSSLSettings (cells/skyway2kCell02|security.xml#SSLConfig_1)}
{dynamicSSLConfigSelections {}}
{dynamicallyUpdateSSLConfig true}
{enableJava2SecRuntimeFiltering false}
{enabled true}
{enforceFineGrainedJCASecurity false}
{enforceJava2Security false}
{issuePermissionWarning true}
{keyManagers {{{Property {}}
{additionalKeyManagerAttrs {}}
{algorithm IbmX509}
{keyManagerClass {}}
{managementScope (cells/skyway2kCell02|security.xml#ManagementScope_1)}
{name IbmX509}
{provider IBMJSSE2}}}}
{keySetGroups {{{autoGenerate false}
{keySet {CellLTPAKeyPair(cells/skyway2kCell02|security.xml#KeySet_1) CellLTPASecret(cells/skyway2kCell02|security.xml#KeySet_2)}}
{managementScope (cells/skyway2kCell02|security.xml#ManagementScope_1)}
{name CellLTPAKeySetGroup}
{wsSchedule LTPAKeySetSchedule(cells/skyway2kCell02|security.xml#WSSchedule_1)}}}}
{keySets {{{additionalKeySetAttrs {}}
{aliasPrefix LTPAKeyPair}
{deleteOldKeys true}
{isKeyPair true}
{keyGenerationClass com.ibm.ws.security.ltpa.LTPAKeyPairGenerator}
{keyReference {{{keyAlias LTPAKeyPair_1}
{version 1}}}}
{keyStore CellLTPAKeys(cells/skyway2kCell02|security.xml#KeyStore_3)}
{managementScope (cells/skyway2kCell02|security.xml#ManagementScope_1)}
{maxKeyReferences 2}
{name CellLTPAKeyPair}
{password *****}} {{additionalKeySetAttrs {}}
{aliasPrefix LTPASecret}
{deleteOldKeys true}
{isKeyPair false}
{keyGenerationClass com.ibm.ws.security.ltpa.LTPAKeyGenerator}
{keyReference {{{keyAlias LTPASecret_1}
{version 1}}}}
{keyStore CellLTPAKeys(cells/skyway2kCell02|security.xml#KeyStore_3)}
{managementScope (cells/skyway2kCell02|security.xml#ManagementScope_1)}
{maxKeyReferences 2}
{name CellLTPASecret}
{password *****}}}}
{keyStores {{{additionalKeyStoreAttrs {}}
{createStashFileForCMS false}
{description "Default key store for skyway2kCell02"}
{fileBased true}
{hostList {}}
{initializeAtStartup false}
{location ${CONFIG_ROOT}/cells/skyway2kCell02/key.p12}
{managementScope (cells/skyway2kCell02|security.xml#ManagementScope_1)}
{name CellDefaultKeyStore}
{password *****}
{provider IBMJCE}
{readOnly false}
{slot 0}
{type PKCS12}
{usage SSLKeys}
{useForAcceleration false}} {{additionalKeyStoreAttrs {}}
{createStashFileForCMS false}
{description "Default trust store for skyway2kCell02"}
{fileBased true}
{hostList {}}
{initializeAtStartup false}
{location ${CONFIG_ROOT}/cells/skyway2kCell02/trust.p12}
{managementScope (cells/skyway2kCell02|security.xml#ManagementScope_1)}
{name CellDefaultTrustStore}
{password *****}
{provider IBMJCE}
{readOnly false}
{slot 0}
{type PKCS12}
{usage SSLKeys}
{useForAcceleration false}} {{additionalKeyStoreAttrs {}}
{createStashFileForCMS false}
{description "LTPA key store for skyway2kCell02"}
{fileBased true}
{hostList {}}
{initializeAtStartup false}
{location ${CONFIG_ROOT}/cells/skyway2kCell02/ltpa.jceks}
{managementScope (cells/skyway2kCell02|security.xml#ManagementScope_1)}
{name CellLTPAKeys}
{password *****}
{provider IBMJCE}
{readOnly false}
{slot 0}
{type JCEKS}
{usage KeySetKeys}
{useForAcceleration false}} {{additionalKeyStoreAttrs {}}
{createStashFileForCMS false}
{description "Root certificate key store for skyway2kCellManager02"}
{fileBased true}
{hostList {}}
{initializeAtStartup false}
{location ${CONFIG_ROOT}/cells/skyway2kCell02/nodes/skyway2kCellManager02/root-key.p12}
{managementScope (cells/skyway2kCell02|security.xml#ManagementScope_2)}
{name DmgrDefaultRootStore}
{password *****}
{provider IBMJCE}
{readOnly false}
{slot 0}
{type PKCS12}
{usage RootKeys}
{useForAcceleration false}} {{additionalKeyStoreAttrs {}}
{createStashFileForCMS false}
{description "Key store containing deleted certificates for skyway2kCellManager02"}
{fileBased true}
{hostList {}}
{initializeAtStartup false}
{location ${CONFIG_ROOT}/cells/skyway2kCell02/nodes/skyway2kCellManager02/deleted.p12}
{managementScope (cells/skyway2kCell02|security.xml#ManagementScope_2)}
{name DmgrDefaultDeletedStore}
{password *****}
{provider IBMJCE}
{readOnly false}
{slot 0}
{type PKCS12}
{usage DeletedKeys}
{useForAcceleration false}} {{additionalKeyStoreAttrs {}}
{createStashFileForCMS false}
{description "Key store containing default signers for skyway2kCellManager02"}
{fileBased true}
{hostList {}}
{initializeAtStartup false}
{location ${CONFIG_ROOT}/cells/skyway2kCell02/nodes/skyway2kCellManager02/default-signers.p12}
{managementScope (cells/skyway2kCell02|security.xml#ManagementScope_2)}
{name DmgrDefaultSignersStore}
{password *****}
{provider IBMJCE}
{readOnly false}
{slot 0}
{type PKCS12}
{usage DefaultSigners}
{useForAcceleration false}} {{additionalKeyStoreAttrs {}}
{createStashFileForCMS false}
{description "Default key store for skyway2kNode02"}
{fileBased true}
{hostList {}}
{initializeAtStartup false}
{location ${CONFIG_ROOT}/cells/skyway2kCell02/nodes/skyway2kNode02/key.p12}
{managementScope (cells/skyway2kCell02|security.xml#ManagementScope_3)}
{name NodeDefaultKeyStore}
{password *****}
{provider IBMJCE}
{readOnly false}
{slot 0}
{type PKCS12}
{usage SSLKeys}
{useForAcceleration false}} {{additionalKeyStoreAttrs {}}
{createStashFileForCMS false}
{description "Default trust store for skyway2kNode02"}
{fileBased true}
{hostList {}}
{initializeAtStartup false}
{location ${CONFIG_ROOT}/cells/skyway2kCell02/nodes/skyway2kNode02/trust.p12}
{managementScope (cells/skyway2kCell02|security.xml#ManagementScope_3)}
{name NodeDefaultTrustStore}
{password *****}
{provider IBMJCE}
{readOnly false}
{slot 0}
{type PKCS12}
{usage SSLKeys}
{useForAcceleration false}} {{additionalKeyStoreAttrs {}}
{createStashFileForCMS false}
{description "RSAToken key store for skyway2kCell02"}
{fileBased true}
{hostList {}}
{initializeAtStartup false}
{location ${CONFIG_ROOT}/cells/skyway2kCell02/rsatoken-key.p12}
{managementScope (cells/skyway2kCell02|security.xml#ManagementScope_1)}
{name CellRSATokenKeyStore}
{password *****}
{provider IBMJCE}
{readOnly false}
{slot 0}
{type PKCS12}
{usage RSATokenKeys}
{useForAcceleration false}} {{additionalKeyStoreAttrs {}}
{createStashFileForCMS false}
{description "RSAToken key store for skyway2kCell02"}
{fileBased true}
{hostList {}}
{initializeAtStartup false}
{location ${CONFIG_ROOT}/cells/skyway2kCell02/rsatoken-trust.p12}
{managementScope (cells/skyway2kCell02|security.xml#ManagementScope_1)}
{name CellRSATokenTrustStore}
{password *****}
{provider IBMJCE}
{readOnly false}
{slot 0}
{type PKCS12}
{usage RSATokenKeys}
{useForAcceleration false}} {{additionalKeyStoreAttrs {}}
{createStashFileForCMS false}
{description "RSAToken root certificate key store for skyway2kCellManager02"}
{fileBased true}
{hostList {}}
{initializeAtStartup false}
{location ${CONFIG_ROOT}/cells/skyway2kCell02/nodes/skyway2kCellManager02/rsatoken-root-key.p12}
{managementScope (cells/skyway2kCell02|security.xml#ManagementScope_2)}
{name DmgrRSATokenRootStore}
{password *****}
{provider IBMJCE}
{readOnly false}
{slot 0}
{type PKCS12}
{usage RSATokenKeys}
{useForAcceleration false}}}}
{managementScopes {{{scopeName (cell):skyway2kCell02}
{scopeType cell}} {{scopeName (cell):skyway2kCell02:(node):skyway2kCellManager02}
{scopeType node}} {{scopeName (cell):skyway2kCell02:(node):skyway2kNode02}
{scopeType node}}}}
{properties {{{name security.enablePluggableAuthentication}
{required false}
{value true}} {{name com.ibm.CSI.rmiOutboundPropagationEnabled}
{required false}
{value true}} {{name com.ibm.CSI.rmiInboundPropagationEnabled}
{required false}
{value true}} {{name com.ibm.CSI.rmiOutboundLoginEnabled}
{required false}
{value false}} {{name com.ibm.ws.security.webInboundPropagationEnabled}
{required false}
{value true}} {{name com.ibm.ws.security.ssoInteropModeEnabled}
{required false}
{value false}} {{name com.ibm.CSI.supportedTargetRealms}
{required false}
{value {}}} {{name com.ibm.CSI.rmiInboundLoginConfig}
{required false}
{value system.RMI_INBOUND}} {{name com.ibm.CSI.rmiOutboundLoginConfig}
{required false}
{value system.RMI_OUTBOUND}} {{name com.ibm.ws.security.webInboundLoginConfig}
{required false}
{value system.WEB_INBOUND}} {{name com.ibm.ws.security.defaultLoginConfig}
{required false}
{value system.DEFAULT}} {{name com.ibm.wsspi.security.ltpa.tokenFactory}
{required false}
{value com.ibm.ws.security.ltpa.LTPATokenFactory|com.ibm.ws.security.ltpa.LTPAToken2Factory|com.ibm.ws.security.ltpa.AuthzPropTokenFactory}} {{name com.ibm.wsspi.security.token.authenticationTokenFactory}
{required false}
{value com.ibm.ws.security.ltpa.LTPATokenFactory}} {{name com.ibm.wsspi.security.token.authorizationTokenFactory}
{required false}
{value com.ibm.ws.security.ltpa.AuthzPropTokenFactory}} {{name com.ibm.wsspi.security.token.propagationTokenFactory}
{required false}
{value com.ibm.ws.security.ltpa.AuthzPropTokenFactory}} {{name com.ibm.wsspi.security.token.singleSignonTokenFactory}
{required false}
{value com.ibm.ws.security.ltpa.LTPAToken2Factory}} {{name com.ibm.ws.security.webChallengeIfCustomSubjectNotFound}
{required false}
{value true}} {{name com.ibm.security.useFIPS}
{required false}
{value false}} {{description "JGSS credential is not serializable. Do not propagate Kerberos ticket and key"}
{name com.ibm.ws.security.propagationExcludeList}
{required false}
{value com.ibm.security.jgss.*:javax.security.auth.kerberos.KerberosKey:javax.security.auth.kerberos.KerberosTicket}} {{description "Allow LTPA authentication when Kerberos is an active authentication mechanism"}
{name com.ibm.websphere.security.krb.allowLTPAAuth}
{required false}
{value true}} {{description "Use canonical host name and key to validate the SPNEGO request"}
{name com.ibm.websphere.security.krb.canonical_host}
{required false}
{value true}} {{name com.ibm.ssl.defaultCertReqSubjectDN}
{required false}
{value cn=skyway2k.setgetweb.com,ou=skyway2kCell02,ou=skyway2kCellManager02,o=IBM,c=US}} {{name com.ibm.ssl.rootCertSubjectDN}
{required false}
{value "cn=skyway2k.setgetweb.com,ou=Root Certificate,ou=skyway2kCell02,ou=skyway2kCellManager02,o=IBM,c=US"}} {{name com.ibm.ssl.rootCertValidDays}
{required false}
{value 5475}} {{name com.ibm.ssl.defaultCertReqDays}
{required false}
{value 365}}}}
{repertoire {{{alias CellDefaultSSLSettings}
{managementScope (cells/skyway2kCell02|security.xml#ManagementScope_1)}
{setting {{clientAuthentication false}
{clientAuthenticationSupported false}
{enableCryptoHardwareSupport false}
{enabledCiphers {}}
{jsseProvider IBMJSSE2}
{keyFileFormat JKS}
{keyManager IbmX509(cells/skyway2kCell02|security.xml#KeyManager_1)}
{keyStore CellDefaultKeyStore(cells/skyway2kCell02|security.xml#KeyStore_1)}
{properties {}}
{securityLevel HIGH}
{sslProtocol SSL_TLS}
{trustFileFormat JKS}
{trustManager {IbmPKIX(cells/skyway2kCell02|security.xml#TrustManager_2)}}
{trustStore CellDefaultTrustStore(cells/skyway2kCell02|security.xml#KeyStore_2)}}}
{type JSSE}} {{alias NodeDefaultSSLSettings}
{managementScope (cells/skyway2kCell02|security.xml#ManagementScope_3)}
{setting {{clientAuthentication false}
{clientAuthenticationSupported false}
{enableCryptoHardwareSupport false}
{enabledCiphers {}}
{jsseProvider IBMJSSE2}
{keyFileFormat JKS}
{keyManager IbmX509(cells/skyway2kCell02|security.xml#KeyManager_1)}
{keyStore NodeDefaultKeyStore(cells/skyway2kCell02|security.xml#KeyStore_7)}
{properties {}}
{securityLevel HIGH}
{sslProtocol SSL_TLS}
{trustFileFormat JKS}
{trustManager {IbmPKIX(cells/skyway2kCell02|security.xml#TrustManager_2)}}
{trustStore CellDefaultTrustStore(cells/skyway2kCell02|security.xml#KeyStore_2)}}}
{type JSSE}}}}
{roleBasedAuthorization {}}
{sslConfigGroups {{{direction inbound}
{managementScope (cells/skyway2kCell02|security.xml#ManagementScope_1)}
{name skyway2kCell02}
{sslConfig (cells/skyway2kCell02|security.xml#SSLConfig_1)}} {{direction outbound}
{managementScope (cells/skyway2kCell02|security.xml#ManagementScope_1)}
{name skyway2kCell02}
{sslConfig (cells/skyway2kCell02|security.xml#SSLConfig_1)}} {{direction inbound}
{managementScope (cells/skyway2kCell02|security.xml#ManagementScope_3)}
{name skyway2kNode02}
{sslConfig (cells/skyway2kCell02|security.xml#SSLConfig_2)}} {{direction outbound}
{managementScope (cells/skyway2kCell02|security.xml#ManagementScope_3)}
{name skyway2kNode02}
{sslConfig (cells/skyway2kCell02|security.xml#SSLConfig_2)}}}}
{systemLoginConfig {{entries {{{alias KRB5}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.security.auth.kerberos.Krb5LoginModuleWrapper}
{options {{{name storeSharedStateCredentials}
{required false}
{value true}} {{name refreshKrb5Config}
{required false}
{value true}} {{name credsType}
{required false}
{value both}} {{name tryFirstPass}
{required false}
{value true}} {{name renewable}
{required false}
{value true}} {{name forwardable}
{required false}
{value true}} {{name noAddress}
{required false}
{value true}}}}} {{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.security.auth.kerberos.WSKrb5LoginModule}
{options {}}}}}} {{alias LTPA}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy}
{options {{{name delegate}
{required false}
{value com.ibm.ws.security.server.lm.ltpaLoginModule}}}}}}}} {{alias SWAM}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy}
{options {{{name delegate}
{required false}
{value com.ibm.ws.security.server.lm.swamLoginModule}}}}}}}} {{alias wssecurity.IDAssertion}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy}
{options {{{name delegate}
{required false}
{value com.ibm.wsspi.wssecurity.auth.module.IDAssertionLoginModule}}}}}}}} {{alias wssecurity.Signature}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy}
{options {{{name delegate}
{required false}
{value com.ibm.wsspi.wssecurity.auth.module.SignatureLoginModule}}}}}}}} {{alias LTPA_WEB}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy}
{options {{{name delegate}
{required false}
{value com.ibm.ws.security.web.AuthenLoginModule}}}}}}}} {{alias WEB_INBOUND}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.security.server.lm.ltpaLoginModule}
{options {}}} {{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.security.server.lm.wsMapDefaultInboundLoginModule}
{options {}}}}}} {{alias RMI_INBOUND}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.security.server.lm.ltpaLoginModule}
{options {}}} {{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.security.server.lm.wsMapDefaultInboundLoginModule}
{options {}}}}}} {{alias DEFAULT}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.security.server.lm.ltpaLoginModule}
{options {}}} {{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.security.server.lm.wsMapDefaultInboundLoginModule}
{options {}}}}}} {{alias RMI_OUTBOUND}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.security.server.lm.wsMapCSIv2OutboundLoginModule}
{options {}}}}}} {{alias wssecurity.X509BST}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.wsspi.wssecurity.auth.module.X509LoginModule}
{options {}}}}}} {{alias wssecurity.PkiPath}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.wsspi.wssecurity.auth.module.PkiPathLoginModule}
{options {}}}}}} {{alias wssecurity.PKCS7}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.wsspi.wssecurity.auth.module.PKCS7LoginModule}
{options {}}}}}} {{alias wssecurity.UsernameToken}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.wsspi.wssecurity.auth.module.UsernameLoginModule}
{options {}}}}}} {{alias wssecurity.IDAssertionUsernameToken}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.wsspi.wssecurity.auth.module.IDAssertionUsernameLoginModule}
{options {}}}}}} {{alias WSS_INBOUND}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.security.server.lm.ltpaLoginModule}
{options {}}} {{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.security.server.lm.wsMapDefaultInboundLoginModule}
{options {}}}}}} {{alias WSS_OUTBOUND}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.security.server.lm.wsMapCSIv2OutboundLoginModule}
{options {}}}}}} {{alias DESERIALIZE_ASYNCH_CONTEXT}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.security.server.lm.ltpaLoginModule}
{options {}}} {{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.security.server.lm.wsMapDefaultInboundLoginModule}
{options {{{name com.ibm.ws.security.context.renewToken}
{required false}
{value true}}}}}}}} {{alias wssecurity.KRB5BST}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.wsspi.wssecurity.auth.module.KRBLoginModule}
{options {}}}}}} {{alias wss.generate.x509}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.wssecurity.wssapi.token.impl.X509GenerateLoginModule}
{options {}}}}}} {{alias wss.consume.x509}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.wssecurity.wssapi.token.impl.X509ConsumeLoginModule}
{options {}}}}}} {{alias wss.generate.unt}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.wssecurity.wssapi.token.impl.UNTGenerateLoginModule}
{options {}}}}}} {{alias wss.consume.unt}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.wssecurity.wssapi.token.impl.UNTConsumeLoginModule}
{options {}}}}}} {{alias wss.generate.sct}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.wssecurity.wssapi.token.impl.SCTGenerateLoginModule}
{options {}}} {{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.wssecurity.wssapi.token.impl.DKTGenerateLoginModule}
{options {}}}}}} {{alias wss.consume.sct}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.wssecurity.wssapi.token.impl.SCTConsumeLoginModule}
{options {}}} {{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.wssecurity.wssapi.token.impl.DKTConsumeLoginModule}
{options {}}}}}} {{alias wss.caller}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.wssecurity.impl.auth.module.PreCallerLoginModule}
{options {}}} {{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.wssecurity.impl.auth.module.UNTCallerLoginModule}
{options {}}} {{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.wssecurity.impl.auth.module.X509CallerLoginModule}
{options {}}} {{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.wssecurity.impl.auth.module.LTPACallerLoginModule}
{options {}}} {{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.wssecurity.impl.auth.module.LTPAPropagationCallerLoginModule}
{options {}}} {{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.wssecurity.impl.auth.module.KRBCallerLoginModule}
{options {}}} {{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.wssecurity.impl.auth.module.WSWSSLoginModule}
{options {}}} {{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.security.server.lm.ltpaLoginModule}
{options {}}} {{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.security.server.lm.wsMapDefaultInboundLoginModule}
{options {}}}}}} {{alias wss.generate.pkcs7}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.wssecurity.wssapi.token.impl.PKCS7GenerateLoginModule}
{options {}}}}}} {{alias wss.consume.pkcs7}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.wssecurity.wssapi.token.impl.PKCS7ConsumeLoginModule}
{options {}}}}}} {{alias wss.generate.pkiPath}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.wssecurity.wssapi.token.impl.PkiPathGenerateLoginModule}
{options {}}}}}} {{alias wss.consume.pkiPath}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.wssecurity.wssapi.token.impl.PkiPathConsumeLoginModule}
{options {}}}}}} {{alias wss.generate.ltpa}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.wssecurity.wssapi.token.impl.LTPAGenerateLoginModule}
{options {}}}}}} {{alias wss.consume.ltpa}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.wssecurity.wssapi.token.impl.LTPAConsumeLoginModule}
{options {}}}}}} {{alias wss.generate.ltpaProp}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.wssecurity.wssapi.token.impl.LTPAPropagationGenerateLoginModule}
{options {}}}}}} {{alias wss.consume.ltpaProp}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.wssecurity.wssapi.token.impl.LTPAPropagationConsumeLoginModule}
{options {}}}}}} {{alias wss.inbound.propagation}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.security.server.lm.ltpaLoginModule}
{options {}}} {{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.security.server.lm.wsMapDefaultInboundLoginModule}
{options {}}} {{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.wssecurity.platform.websphere.wssapi.token.impl.wssTokenPropagationInboundLoginModule}
{options {}}}}}} {{alias wss.inbound.deserialize}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.wssecurity.platform.websphere.wssapi.token.impl.wssLtpaLoginModule}
{options {}}} {{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.wssecurity.platform.websphere.wssapi.token.impl.wssMapDefaultInboundLoginModule}
{options {}}} {{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.wssecurity.platform.websphere.wssapi.token.impl.wssTokenPropagationInboundLoginModule}
{options {}}}}}} {{alias wss.auth.sts}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.wssecurity.impl.auth.module.STSDefaultLoginModule}
{options {}}}}}} {{alias wss.generate.KRB5BST}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.wssecurity.wssapi.token.impl.KRBGenerateLoginModule}
{options {}}} {{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.wssecurity.wssapi.token.impl.DKTGenerateLoginModule}
{options {}}}}}} {{alias wss.consume.KRB5BST}
{loginModules {{{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.wssecurity.wssapi.token.impl.KRBConsumeLoginModule}
{options {}}} {{authenticationStrategy REQUIRED}
{moduleClassName com.ibm.ws.wssecurity.wssapi.token.impl.DKTConsumeLoginModule}
{options {}}}}}}}}}}
{trustManagers {{{Property {}}
{additionalTrustManagerAttrs {}}
{algorithm IbmX509}
{managementScope (cells/skyway2kCell02|security.xml#ManagementScope_1)}
{name IbmX509}
{provider IBMJSSE2}} {{Property {}}
{additionalTrustManagerAttrs {{{displayNameKey {}}
{firstClass false}
{hoverHelpKey {}}
{inclusive false}
{name com.ibm.security.enableCRLDP}
{nlsRangeKey {}}
{range {}}
{required false}
{type boolean}
{value false}} {{displayNameKey {}}
{firstClass false}
{hoverHelpKey {}}
{inclusive false}
{name com.ibm.jsse2.checkRevocation}
{nlsRangeKey {}}
{range {}}
{required false}
{type boolean}
{value false}} {{displayNameKey {}}
{firstClass false}
{hoverHelpKey {}}
{inclusive false}
{name ocsp.enable}
{nlsRangeKey {}}
{range {}}
{required false}
{type String}
{value false}} {{displayNameKey {}}
{firstClass false}
{hoverHelpKey {}}
{inclusive false}
{name ocsp.responderURL}
{nlsRangeKey {}}
{range {}}
{required false}
{type String}
{value http://ocsp.example.net:80}} {{displayNameKey {}}
{firstClass false}
{hoverHelpKey {}}
{inclusive false}
{name ocsp.responderCertSubjectName}
{nlsRangeKey {}}
{range {}}
{required false}
{type String}
{value "CN=OCSP Responder, O=XYZ Corp"}} {{displayNameKey {}}
{firstClass false}
{hoverHelpKey {}}
{inclusive false}
{name ocsp.responderCertIssuerName}
{nlsRangeKey {}}
{range {}}
{required false}
{type String}
{value "CN=Enterprise CA, O=XYZ Corp"}} {{displayNameKey {}}
{firstClass false}
{hoverHelpKey {}}
{inclusive false}
{name ocsp.responderCertSerialNumber}
{nlsRangeKey {}}
{range {}}
{required false}
{type String}
{value 2A:FF:00}}}}
{algorithm IbmPKIX}
{managementScope (cells/skyway2kCell02|security.xml#ManagementScope_1)}
{name IbmPKIX}
{provider IBMJSSE2}
{trustManagerClass {}}}}}
{useDomainQualifiedUserNames false}
{useLocalSecurityServer true}
{userRegistries {{{ignoreCase false}
{limit 0}
{primaryAdminId {}}
{properties {}}
{realm {}}
{serverId {}}
{serverPassword *****}
{useRegistryRealm false}
{useRegistryServerId false}} {{customRegistryClassName com.ibm.websphere.security.FileRegistrySample}
{ignoreCase false}
{limit 0}
{primaryAdminId {}}
{properties {}}
{useRegistryRealm false}
{useRegistryServerId false}} {{baseDN {}}
{bindDN {}}
{bindPassword *****}
{hosts {{{host {}}
{port 389}}}}
{ignoreCase true}
{limit 0}
{monitorInterval 0}
{primaryAdminId {}}
{properties {}}
{realm {}}
{reuseConnection true}
{searchFilter {{certificateFilter {}}
{certificateMapMode EXACT_DN}
{groupFilter (&(cn=%v)(|(objectclass=groupOfNames)(objectclass=groupOfUniqueNames)))}
{groupIdMap *:cn}
{groupMemberIdMap ibm-allGroups:member;ibm-allGroups:uniqueMember}
{krbUserFilter (&(krbPrincipalName=%v)(objectclass=ePerson))}
{userFilter (&(uid=%v)(objectclass=ePerson))}
{userIdMap *:uid}}}
{searchTimeout 120}
{serverId {}}
{serverPassword *****}
{sslConfig {}}
{sslEnabled false}
{type IBM_DIRECTORY_SERVER}
{useRegistryRealm false}
{useRegistryServerId false}} {{ignoreCase true}
{limit 0}
{primaryAdminId wasadmin}
{properties {}}
{realm defaultWIMFileBasedRealm}
{registryClassName com.ibm.ws.wim.registry.WIMUserRegistry}
{serverId {}}
{serverPassword *****}
{useRegistryRealm false}
{useRegistryServerId false}}}}
{webAuthAttrs {{{displayNameKey {}}
{firstClass false}
{hoverHelpKey {}}
{inclusive false}
{name com.ibm.wsspi.security.web.webAuthReq}
{nlsRangeKey {}}
{range lazy,persisting,always}
{required false}
{type String}
{value lazy}} {{displayNameKey {}}
{firstClass false}
{hoverHelpKey {}}
{inclusive false}
{name com.ibm.wsspi.security.web.failOverToBasicAuth}
{nlsRangeKey {}}
{range {}}
{required false}
{type boolean}
{value false}}}}
{wsCertificateExpirationMonitor {{autoReplace true}
{daysBeforeNotification 60}
{deleteOld true}
{isEnabled true}
{name "Certificate Expiration Monitor"}
{wsNotification MessageLog(cells/skyway2kCell02|security.xml#WSNotification_1)}
{wsSchedule ExpirationMonitorSchedule(cells/skyway2kCell02|security.xml#WSSchedule_2)}}}
{wsNotifications {{{emailFormat HTML}
{emailList {}}
{logToSystemOut true}
{name MessageLog}
{properties {}}
{sendEmail false}
{sendSecure false}}}}
{wsPasswordEncryptions *****}
{wsPasswordLocators *****}
{wsPasswords *****}
{wsSchedules {{{dayOfWeek 1}
{frequency 90}
{hour 22}
{minute 0}
{name LTPAKeySetSchedule}
{nextStartDate 0}} {{dayOfWeek 1}
{frequency 30}
{hour 21}
{minute 30}
{name ExpirationMonitorSchedule}
{nextStartDate 1244428259296}}}}