Preparing Additional Input for CA Strong Authentication

To augment CA Strong Authentication by implementing plug-ins, set the extra information that must be sent to the server in name-value pairs. CA Strong Authentication’s com.arcot.webfort.common.api provides you the AdditionalInput class, which enables you to set this additional information.
aatest
2112330
To augment CA Strong Authentication by implementing plug-ins, set the extra information that must be sent to the server in name-value pairs. CA Strong Authentication’s com.arcot.webfort.common.api provides you the AdditionalInput class, which enables you to set this additional information.
Some of the pre-defined additional input parameters supported by the AdditionalInput class are:
  • AR_WF_LOCALE_ID
    Specifies the locale that CA Strong Authentication will use in returning the messages back to the calling application.
  • AR_WF_CALLER_ID
    This is useful in tracking transactions. You can use session ID or transaction ID for specifying this information.
  • AR_WF_TXN_FILE_LOG_TRACE
    Enables the TRACE logging for the transaction. The presence of the identifier irrespective of the value enables TRACE logging.
  • AR_WF_TXN_FILE_LOG_LEVEL
    Used to control the log level for the transaction. The supported values are:
    • 1 for WARNING
    • 2 for INFO
    • 3 for DETAIL
    See appendix, "CA Strong Authentication Logging" for more information on log levels.
  • AR_WF_TXN_LOG_SENSITIVE_DATA
    Is used to indicate whether the sensitive data must be logged for the current transaction. For example, USERNAME of the user. The presence of the identifier irrespective of the value enables this logging.
  • AR_WF_TXN_DB_LOG_QUERY_DETAILS
    Is used to indicate whether the database query execution has to be logged in detail. The presence of the identifier irrespective of the value enables this logging.
  • AR_WF_OTP_TXN_SIGN_DATA
    Specifies the transaction data that the end user enters in the Challenge field of the CA Auth ID OTP client to generate a passcode in the Sign mode. The maximum length of the signed data is 64 bytes. This implementation of the Transaction Signing feature conforms to the OATH Challenge-Response Algorithm (OCRA) as defined by RFC 6287.