Configuring Authentication Plugins - dogtagpki/pki GitHub Wiki

Default Authentication Plugins

The following authentication plugins are defined in CA’s CS.cfg by default:

auths.impl.AgentCertAuth.class=com.netscape.cms.authentication.AgentCertAuthentication
auths.impl.CMCAuth.class=com.netscape.cms.authentication.CMCAuth
auths.impl.CMCUserSignedAuth.class=com.netscape.cms.authentication.CMCUserSignedAuth
auths.impl.SSLclientCertAuth.class=com.netscape.cms.authentication.SSLclientCertAuthentication
auths.impl.UidPwdDirAuth.class=com.netscape.cms.authentication.UidPwdDirAuthentication
auths.impl.UidPwdPinDirAuth.class=com.netscape.cms.authentication.UidPwdPinDirAuthentication
auths.impl.UidPwdGroupDirAuth.class=com.netscape.cms.authentication.UidPwdGroupDirAuthentication
auths.impl.UserPwdDirAuth.class=com.netscape.cms.authentication.UserPwdDirAuthentication
auths.impl.TokenAuth.class=com.netscape.cms.authentication.TokenAuthentication
auths.impl.FlatFileAuth.class=com.netscape.cms.authentication.FlatFileAuth
auths.impl.SessionAuthentication.class=com.netscape.cms.authentication.SessionAuthentication
auths.impl.SharedToken.class=com.netscape.cms.authentication.SharedSecret

The following authentication plugins are defined in KRA’s CS.cfg by default:

auths.impl.AgentCertAuth.class=com.netscape.cms.authentication.AgentCertAuthentication
auths.impl.PortalEnroll.class=com.netscape.cms.authentication.PortalEnroll
auths.impl.TokenAuth.class=com.netscape.cms.authentication.TokenAuthentication
auths.impl.UidPwdDirAuth.class=com.netscape.cms.authentication.UidPwdDirAuthentication
auths.impl.UidPwdPinDirAuth.class=com.netscape.cms.authentication.UidPwdPinDirAuthentication
auths.impl.UserPwdDirAuth.class=com.netscape.cms.authentication.UserPwdDirAuthentication

The following authentication plugins are defined in OCSP’s CS.cfg by default:

auths.impl.AgentCertAuth.class=com.netscape.cms.authentication.AgentCertAuthentication
auths.impl.PortalEnroll.class=com.netscape.cms.authentication.PortalEnroll
auths.impl.TokenAuth.class=com.netscape.cms.authentication.TokenAuthentication
auths.impl.UidPwdDirAuth.class=com.netscape.cms.authentication.UidPwdDirAuthentication
auths.impl.UidPwdPinDirAuth.class=com.netscape.cms.authentication.UidPwdPinDirAuthentication
auths.impl.UserPwdDirAuth.class=com.netscape.cms.authentication.UserPwdDirAuthentication

The following authentication plugins are defined in TKS’s CS.cfg by default:

auths.impl.AgentCertAuth.class=com.netscape.cms.authentication.AgentCertAuthentication
auths.impl.PortalEnroll.class=com.netscape.cms.authentication.PortalEnroll
auths.impl.TokenAuth.class=com.netscape.cms.authentication.TokenAuthentication
auths.impl.UidPwdDirAuth.class=com.netscape.cms.authentication.UidPwdDirAuthentication
auths.impl.UidPwdPinDirAuth.class=com.netscape.cms.authentication.UidPwdPinDirAuthentication
auths.impl.UserPwdDirAuth.class=com.netscape.cms.authentication.UserPwdDirAuthentication

The following authentication plugins are defined in TPS’s CS.cfg by default:

auths.impl.AgentCertAuth.class=com.netscape.cms.authentication.AgentCertAuthentication
auths.impl.PortalEnroll.class=com.netscape.cms.authentication.PortalEnroll
auths.impl.SSLclientCertAuth.class=com.netscape.cms.authentication.SSLclientCertAuthentication
auths.impl.TokenAuth.class=com.netscape.cms.authentication.TokenAuthentication
auths.impl.UidPwdDirAuth.class=com.netscape.cms.authentication.UidPwdDirAuthentication
auths.impl.UidPwdPinDirAuth.class=com.netscape.cms.authentication.UidPwdPinDirAuthentication

Configuring Authentication Plugins

auths.impl.<plugin name>.class=<plugin class>

Revocation Checking

auths.revocationChecking.bufferSize=50
auths.revocationChecking.ca=ca
auths.revocationChecking.enabled=true
auths.revocationChecking.unknownStateInterval=0
auths.revocationChecking.validityInterval=120

See Also

⚠️ **GitHub.com Fallback** ⚠️