JWT SSO (jwtSso)

Information about configuring JWT Single Sign On.

NameTypeDefaultDescription

authFilterRef

A reference to top level authFilter element (string).

Specifies the authentication filter reference.

cookieName

string

JWT

Name of the cookie that is used to store the JWT token.

disableJwtCookie

boolean

false

Do not create the JWT cookie.

includeLtpaCookie

boolean

false

After successful authentication with a JWT token, include an LTPA cookie in addition to the JWT cookie.

jwtBuilderRef

A reference to top level jwtBuilder element (string).

A reference to the JWT Builder configuration element in server.xml that describes how to build the JWT token.

setCookieSecureFlag

boolean

true

Set the secure flag on the JWT cookie to send it only over a secured connection.

useLtpaIfJwtAbsent

boolean

false

If the JWT cookie is missing, attempt to process an LTPA cookie if it is present.

authFilter

Specifies the authentication filter reference.

authFilter > cookie

A unique configuration ID.

NameTypeDefaultDescription

id

string

A unique configuration ID.

matchType

  • contains

  • equals

  • notContain

contains

Specifies the match type.

name

string
Required

Specifies the name.

authFilter > host

A unique configuration ID.

NameTypeDefaultDescription

id

string

A unique configuration ID.

matchType

  • contains

  • equals

  • notContain

contains

Specifies the match type.

name

string
Required

Specifies the name.

authFilter > remoteAddress

A unique configuration ID.

NameTypeDefaultDescription

id

string

A unique configuration ID.

ip

string

Specifies the remote host TCP/IP address.

matchType

  • contains

  • equals

  • greaterThan

  • lessThan

  • notContain

contains

Specifies the match type.

authFilter > requestHeader

A unique configuration ID.

NameTypeDefaultDescription

id

string

A unique configuration ID.

matchType

  • contains

  • equals

  • notContain

contains

Specifies the match type.

name

string
Required

Specifies the name.

value

string

The value attribute specifies the value of the request header. If the value is not specified, then the name attribute is used for matching, for example, <requestHeader id="sample" name="email" matchType="contains"/>.

authFilter > requestUrl

A unique configuration ID.

NameTypeDefaultDescription

id

string

A unique configuration ID.

matchType

  • contains

  • equals

  • notContain

contains

Specifies the match type.

urlPattern

string
Required

Specifies the URL pattern. The * character is not supported to be used as a wildcard.

authFilter > userAgent

A unique configuration ID.

NameTypeDefaultDescription

agent

string
Required

Specifies the browser's user agent to help identify which browser is being used.

id

string

A unique configuration ID.

matchType

  • contains

  • equals

  • notContain

contains

Specifies the match type.

authFilter > webApp

A unique configuration ID.

NameTypeDefaultDescription

id

string

A unique configuration ID.

matchType

  • contains

  • equals

  • notContain

contains

Specifies the match type.

name

string
Required

Specifies the name.