Setting an Authentication Level for Kerberos in ISAM

Tying an authentication mechanism to an authentication level can be very useful when writing security policy in ISAM. For example you might want a password based authentication (Such as Basic Auth or Forms Auth) to map to level 1, whilst you might hold a federated identity, or something achieved through another EAI to have a higher authentication level – 2.

Within the Webseal configuration file however, there is no mention of Kerberos as an acceptable authentication type:

# authentication levels
# Syntax:
# level = <method-name>
# Valid method names are:
# unauthenticated
# password
# token-card
# ssl
# ext-auth-interface
# ltpa

The good news is that whilst the list doesn’t show Kerberos, it’s still possible to set it. just use the text:

level = kerberosv5

And you’re on your way!

Screen Shot 2015-12-17 at 2.15.01 PM


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Up ↑

%d bloggers like this: