Enabling and disabling OAuth authentication

The oauth-introspection-auth stanza entry, located in the [oauth-introspection] stanza of the WebSEAL configuration file, enables and disables the OAuth authentication method. By default, OAuth authentication is disabled.

About this task

Each configuration entry can be customized on a per junction basis by adding the configuration entry to a [oauth-introspection:{jct_id}] stanza, where '{jct-id}' refers to the junction point for a standard junction (include the leading '/'), or the virtual host label for a virtual host junction.

Procedure

  1. Stop the WebSEAL server.
  2. Edit the WebSEAL configuration file. In the [oauth-introspection] stanza, specify the protocols to support in your network environment. The protocols are shown in the following table.
    Table 1. Configuring OAuth authentication
    Protocol to support Configuration file entry
    HTTP oauth-introspection-auth = http
    HTTPS oauth-introspection-auth = https
    Both HTTP and HTTPS oauth-introspection-auth = both
    Disable OAuth authentication oauth-introspection-auth = none

    For example, to support both HTTP and HTTPS protocols:

    [oauth-introspection]
oauth-introspection-auth = both
  3. Restart the WebSEAL server.