Policy Sets and Policy Set Bindings editor: Kerberos settings panel
Use this panel, which is in the Policy Set Bindings section of the editor, to further configure any Kerberos tokens that are defined in the associated policy set.
This panel is enabled only if the Compatibility Mode option in the Policy Sets and Policy Set Bindings editor: Main panel is deselected.
The table is pre-filled based on the Kerberos tokens in the associated policy. Symmetric tokens configured in the policy require additional information for consumer bindings only.
Fields
Field name | Description and valid options |
---|---|
Token | Displays the names of any Kerberos tokens that require further configuration. |
Target Service Realm | The Kerberos target service realm. The default is a blank string, which results in the Kerberos default being used; other realms can be specified by changing this value. |
Target Service Name | The Kerberos target service name. The default is a blank string, which results in the default from the WSDL being used; other names can be specified by changing this value. |
Target Service Host | The Kerberos target service host. The default is a blank string, which results in the Kerberos default being used; other hosts can be specified by changing this value. This option is not applicable to service providers. |
Require Derived Keys | Specify derived keys. Valid values are True or False. The default is True. |
Derived Key Token Namespace | The namespace to use for derived keys. The default value is WS-SecureConversation 1.3. |
Key Size | The key size for derived keys. The default is 16. |
Acquire New Tokens | Specifies whether a new ticket must be acquired from the Key Distribution Center (KDC) for each request. Valid values are True or False. The default is True. This option is not applicable to service providers. |