The External SASL Mechanism Handler performs all processing related to SASL EXTERNAL authentication.
The External SASL Mechanism Handler object inherits from SASL Mechanism Handler.
Use the --advanced
option to access advanced properties.
Basic Properties
Advanced Properties
Synopsis | Specifies the name of the attribute to hold user certificates. |
Description | This property must specify the name of a valid attribute type defined in the server schema. |
Default Value | userCertificate |
Allowed Values | The name of an attribute type defined in the LDAP schema. |
Multi-valued | No |
Required | No |
Admin Action Required | None |
Advanced | No |
Read-Only | No |
Synopsis | Specifies the name of the certificate mapper that should be used to match client certificates to user entries. |
Default Value | None |
Allowed Values | The name of an existing Certificate Mapper. The referenced certificate mapper must be enabled when the External SASL Mechanism Handler is enabled. |
Multi-valued | No |
Required | Yes |
Admin Action Required | None |
Advanced | No |
Read-Only | No |
Synopsis | Indicates whether to attempt to validate the peer certificate against a certificate held in the user's entry. |
Default Value | None |
Allowed Values | always: Always require the peer certificate to be present in the user's entry. ifpresent: If the user's entry contains one or more certificates, require that one of them match the peer certificate. never: Do not look for the peer certificate to be present in the user's entry. |
Multi-valued | No |
Required | Yes |
Admin Action Required | None |
Advanced | No |
Read-Only | No |
Synopsis | Indicates whether the SASL mechanism handler is enabled for use. |
Default Value | None |
Allowed Values | true false |
Multi-valued | No |
Required | Yes |
Admin Action Required | None |
Advanced | No |
Read-Only | No |
Synopsis | Specifies the fully-qualified name of the Java class that provides the SASL mechanism handler implementation. |
Default Value | org.opends.server.extensions.ExternalSASLMechanismHandler |
Allowed Values | A Java class that extends or implements: org.opends.server.api.SASLMechanismHandler |
Multi-valued | No |
Required | Yes |
Admin Action Required | The object must be disabled and re-enabled for changes to take effect. |
Advanced | Yes |
Read-Only | No |