Sun Microsystems 819468310 manual Authentication module

What’s New in This Release

■Number of successful authentications

■Number of failed authentications

■Number of successful logout operations

■Number of failed logout operations

■Transaction time for each module if possible (running and waiting states)

2.Sessions

■Size of the session table (hence maximum number of sessions)

■Number of active sessions (incremental counter)

3.Profile Service

■Maximum cache size

■Transaction time for operations (running and waiting)

4.Policy

■Policy evaluation in and out requests

■Policy connection pool statistics for the subject's plug-in's LDAP server

Authentication module

■Distributed Authentication service not required to stick to one server for load-balanced deployments

■Authentication service and server not required to stick to one server for load—balanced deployments

■Composite advices support among Authentication service, Policy Agents, and Policy service. Includes AuthenticateToRealm condition, AuthenticateToService condition, and realm qualification to all conditions.

■Advising organization (realm qualified Authentication conditions)

■Authentication configurations / authentication chains (AuthServiceCondition)

■Module-based authentication can now be disallowed if Authentication chaining is enforced

■Distributed Authentication service supports Certificate authentication module

■Added CertAuth to Distributed Authentication UI to make it a full featured credential extractor presentation

■New Datastore authentication module as an out-of-box module which authenticates against the configured datastore for a given realm

■Account lockout configuration now persistent across multiple AM server instances

■Chaining of post-processing SPI classes

Policy module

■A new policy condition AuthenticateToServiceCondition added, to enforce the user is authenticated to specifc authentication service chain.