Show TOC Anfang des Inhaltsbereichs

Hintergrunddokumentation Logon Ticket  Dokument im Navigationsbaum lokalisieren

These properties enable you to configure how the user management engine (UME) handles logon tickets.

Hinweis

For these properties to apply, the login modules that apply to tickets (CreateTicketLoginModule and EvaluateTicketLoginModule) must have the following option set:

ume.configuration.active = TRUE

For more information about setting this property, see Specifying the J2EE Engine Client to Use for Logon Tickets.

Logon Ticket Properties

Property

Value

Description

login.ticket_client

A three-character numeric string, for example 888.

Default value is 000.

The client that is written into the logon ticket. This value is used to differentiate the AS for Java from the AS for ABAP. Systems are identified by the client and system ID (SID). In a combined installation the AS for Java and AS for ABAP have the same SID, so you must identify the AS for Java with a client number that is not in use by the AS for ABAP.

Set or change this value in a combined AS for ABAP and Java installation.

login.
ticket_lifetime

Default value is 8.

Number of hours that the logon ticket is valid. You can also set the hours and minutes using the following syntax: hh:mm.

login.
ticket_portalid

Default value is AUTO.

YES = The portal ID is always written into the logon ticket.

NO = The portal ID is never written into the logon ticket.

AUTO = If a portal installation is detected, the portal ID is written into the logon ticket.

When evaluating logon tickets the AS Java reacts as follows:

YES = The AS Java reads the portal ID from the logon ticket.

NO = The AS Java reads the ABAP user ID from the logon ticket.

AUTO = If a portal installation is detected, the AS Java reads the portal ID from the logon ticket.

The system always writes the ABAP user ID into the log on ticket. You can configure the system to write in the portal user ID only when it is necessary, or you can force the system to always include the portal ID.

ume.login.mdc.hosts

Enter a comma separated list of servers, with the following syntax:

<protocol>://<host>:<port>/<path>

For example:

http://server.mycompany.de

Only the host value is mandatory in all cases. For more information about the syntax, see Configuring Logon Tickets for Multiple Domains.

This property enables the portal to solicit logon tickets from servers outside the portal domain. For more information, see Logon Tickets for Multiple Domains.

ume.logon.
httponlycookie

Default value is TRUE.

If TRUE, the logon ticket is set to HttpOnly. This prevents it from being read by malicious client-side script code such as JavaScript.

The setting is only effective for clients that use Microsoft Internet Explorer 6.0 SP1 or higher.

ume.logon.
security.enforce_
secure_cookie

Default value is FALSE.

Marks the logon ticket as a secure cookie, to enforce that the client browser sends the cookie only when an SSL connection to the J2EE Engine or the reverse proxy is established.

ume.logon.
security.relax_domain.
level

Default value is 1.

Specifies the amount of sub domains to remove from the server name to obtain the domain for which the logon ticket is valid.

For example, if the value is 1 and the logon ticket is issued by the server server.mycompany.com, the logon ticket is valid for all servers in the domain mycompany.com.

 

Ende des Inhaltsbereichs