User guide
Chapter 7: Developing Applications
7-50
com.fujitsu.interstage.sso{
com.fujitsu.interstage.sso.auth.module.ISLoginModule Required
authserver="https://authenticate_server.fujitsu.com:10443/ssoatcag" <- Edit
here.
serviceidpath="C:\\Interstage\\F3FMsso\\ssoatzag\\sample\\javaapi\\domainsid
" <- Edit here.
timeout="20"
;
};
Authentication infrastructure URL: "https://authenticate_server.fujitsu.com:10443"
Absolute path name of service ID file: "/home/jaastest/javaapi/domainsid"
/**
* sample login config file
*/
/* This sample does not use Business server configuration. */
com.fujitsu.interstage.sso{
com.fujitsu.interstage.sso.auth.module.ISLoginModule required
authserver="https://authenticate_server.fujitsu.com:10443/ssoatcag" <- Edit
here.
serviceidpath="/home/jaastest/javaapi/domainsid" <- Edit here.
timeout="20"
;
};
(7) Editing Security Policy File
JDK1.3
Edit the security policy file isssojaasauth.policy. In the sample security policy file, read permission of
property java.home is set for the user ID “guest” and read permission of property user.home is set for
the role name “administrator.” Change the user ID and role name to the user ID and role name
registered in the SSO repository.
The example below shows how to grant read permission of property java.home and read permission of
property user.home for user ID “user001” and role name “Admin.”
Example
/* sample policy file */
grant codeBase "file:isssoaction.jar" ,
principal com.fujitsu.interstage.sso.auth.ISUserPrincipal "user001" { <-
Change the user ID in the sample file.
permission java.util.PropertyPermission "java.home","read";
};
grant codeBase "file:isssoaction.jar" ,
principal com.fujitsu.interstage.sso.auth.ISRolePrincipal "Admin" { <-