[eai] stanza
Use the [eai] stanza to configure the external authentication interface (EAI).
- eai-auth
Use the eai-auth stanza entry to enable the external authentication interface. - eai-auth-level-header
Use the eai-auth-level-header stanza entry to specify the name of the header that contains the authentication strength level for the generated credential. - eai-create-multi-valued-attributes
Use this entry to specify whether multiple extended attribute headers of the same name are added to the credential as a multi-valued attribute or a single comma-delimited attribute. - eai-ext-user-id-header
Use the eai-ext-user-id-header stanza entry to specify the name of the header that contains the ID of the external user to use when creating a credential. - eai-ext-user-groups-header
Use the eai-ext-user-groups-header stanza entry to specify the name of the header that contains the group or groups an external user is to be considered a member of when generating a credential. - eai-pac-header
Use the eai-pac-header stanza entry to specify the name of the HTTP header that contains the authentication data in Privilege Attribute Certificate (PAC) format. - eai-pac-svc-header
Use the eai-pac-svc-header stanza entry to specify the name of the header that contains the service ID, which WebSEAL uses to convert the Privilege Attribute Certificate (PAC) into a credential. - eai-redir-url-header
Use the eai-redir-url-header stanza entry to specify the name of the header that contains the URL to which WebSEAL redirects the client after successful authentication. - eai-session-id-header
Use the eai-session-id-header stanza entry to specify the name of the header that contains the session identifier of the distributed session. - eai-user-id-header
Use the eai-user-id-header stanza entry to specify the header that contains the user ID for which WebSEAL generates the credential. The specified header must precede all others in the HTTP response. - eai-verify-user-identity
Use the eai-verify-user-identity stanza entry to control whether the user identity is verified during reauthentication. EAI applications can reauthenticate a user by returning new authentication information for a previously authenticated session. By default, WebSEAL does not ensure that the new user identity matches the user identity from the previous authentication. - eai-xattrs-header
Use the eai-xattrs-header stanza entry to specify the HTTP headers in the response from the external authentication interface (EAI) server that contain authentication data. WebSEAL uses these headers to add extended attributes to the credential. - retain-eai-session
Parent topic: Stanza reference