X.509 Client Cert or Basic Template

Use this table when configuring an authentication scheme based on the scheme type X.509 Client Certificate or Basic. The structure fields referenced in the table are in Sm_PolicyApi_Scheme_t.
casso1283
Use this table when configuring an authentication scheme based on the scheme type X.509 Client Certificate
or
Basic. The structure fields referenced in the table are in Sm_PolicyApi_Scheme_t.
Information Type
Value Assignment and Meaning
Scheme type
nType
=Sm_Api_SchemeType_X509ClientCertOrBasic
The scheme type X.509 Client Certificate or Basic.
Description
pszDesc
=
description
The description of the authentication scheme.
Protection level
nLevel
=
value
A value of 1 through 1000. The higher the number, the greater degree of protection provided by the scheme. Default is 5.
Library
pszLib
="smauthcert"
The default library for this scheme type.
Parameter
pszParam
=
param
A string containing the following information:
Server for establishing an SSL connection. This server redirects a user's X.509 certificate over an SSL connection.
Name and path of the SSL Credentials Collector (SSC).
If you are using basic authentication over SSL, also provide the following two pieces of information:
The fully qualified name of the SSL server used for establishing an SSL connection for basic authentication.
Name and path of the SSL Credentials Collector (SSC).
https://
SSLserver:port
/
SCC
?certorbasic;[https://
BasicServer
/
SCC
]
The following example uses the default SCC values:
https://my.SSLserver.com:80/siteminderagent/certoptional/smgetcred.scc?certorbasic;https://my.BasicServer.com/siteminderagent/nocert/smgetcred.scc
 
Shared secret
pszSecret
=""
Set to an empty string. Not applicable to this scheme.
Is template?
bIsTemplate
=0
Set to false (0) to indicate that the scheme is not a template. Any other value is ignored.
Is used by administrator?
bIsUsedbyAdmin
=0
Set to false (0)-scheme is not used to authenticate administrators.
Save credentials?
bAllowSaveCreds
=0
Set to false (0) to indicate that user credentials won't be saved.
Is RADIUS?
bIsRadius
=0
Set to false (0)-scheme is not used with RADIUS agents.
Ignore password check?
bIgnorePwCheck
=
flag
Set to true (1) to ignore password checking, or false (0) to check passwords. Default is 0.