X.509 Client Cert or Form Template

Use this table when configuring an authentication scheme based on the scheme type X.509 Client Certificate or Form. The structure fields referenced in the table are in Sm_PolicyApi_Scheme_t.
casso1283
Use this table when configuring an authentication scheme based on the scheme type X.509 Client Certificate
or
Form. The structure fields referenced in the table are in Sm_PolicyApi_Scheme_t.
Information Type
Value Assignment and Meaning
Scheme type
nType
=Sm_Api_SchemeType_X509ClientCertOrForm
The scheme type X.509 Client Certificate or HTML Form.
Description
pszDesc
=
description
The description of the authentication scheme.
Protection level
nLevel
=
value
A value of 1 through 1000. The higher the number, the greater degree of protection provided by the scheme. Default is 5.
Library
pszLib
="smauthcertorform"
The default library for this scheme type.
Parameter
C
pszParam
=
param
A string containing the following information:
Server for establishing an SSL connection. This server redirects a user's X.509 certificate over an SSL connection.
Name and path of the SSL and forms credentials collector (SFCC).
If you are using an alternate forms-based authentication over SSL, also provide the following two pieces of information:
The fully qualified name of the SSL server used for establishing an SSL connection for authentication.
Name and path of the Forms Credentials Collector (FCC).
https://
SSLserver:port
/
SFCC
?certorform;[https://
BasicServer
/
FCC
]
The following example uses the default SCC values:
https://my.SSLserver.com:80/siteminderagent/certoptional/forms/login.sfcc?certorform;https://my.BasicServer.com/siteminderagent/forms/login.fcc
 
Shared secret
pszSecret
=""
Set to an empty string. Not applicable to this scheme.
Is template?
bIsTemplate
=0
Set to false (0) to indicate that the scheme is not a template. Any other value is ignored.
Is used by administrator?
bIsUsedbyAdmin
=0
Set to 0-scheme is not used to authenticate administrators.
Save credentials?
bAllowSaveCreds
=0
Set to 0 to indicate that user credentials won't be saved.
Is RADIUS?
bIsRadius
=0
Set to 0-scheme is not used with RADIUS agents.
Ignore password check?
bIgnorePwCheck
=
flag
Set to 1 to ignore password checking, or 0 to check passwords. Default is 0.