Enabling the external authentication interface

Edit online

About this task

The eai-auth stanza entry, located in the [eai] stanza of the WebSEAL configuration file, enables and disables the external authentication interface functionality. The external authentication interface can be implemented over HTTP, HTTPS, or both.

External authentication interface authentication is disabled by default.

To configure the external authentication interface:

Procedure

  1. Stop the WebSEAL server.
  2. Edit the WebSEAL configuration file. In the [eai] stanza, specify the protocols to support in your network environment. The protocols are shown in the following table.
    Table 1. Configuring the external authentication interface
    Protocol to SupportConfiguration File Entry
    HTTP eai-auth = http
    HTTPSeai-auth = https
    Both HTTP and HTTPSeai-auth = both
    Disable external authentication interface (default)eai-auth = none
    For example, to support both protocols: 
    [eai] 
eai-auth = both
    .
  3. Restart the WebSEAL server.

Results

When eai-auth = none (disabled), all other configured external authentication interface-related stanza entries have no effect.