(Not applicable to Online Data Proxy) Configure these properties to allow the operating system's security mechanisms to validate user credentials using NTProxy (Windows Native OS). Access these properties from the Authentication tab of the Security node in SAP Control Center.
Properties | Default Value | Description |
---|---|---|
Extract Domain From Username | true | If set to true, the user name can contain the domain in the form of <username>@<domain>. If set to false, the default domain (described below) is always used, and the supplied user name is sent to through SSPI untouched. |
Default Domain | The domain for the host computer of the Java Virtual Machine. | Specifies the default host name, if not overridden by the a specific user name domain. |
Default Authentication Server | The authentication server for the host computer of the Java Virtual Machine. | The default authentication server from which group memberships are extracted. This can be automatically determined from the local machine environment, but this property to bypass the detection step. |
useFirstPass | false | If set to true, the login module attempts to retrieve only the user name and password from the shared context. It never calls the callback handler. |
tryFirstPass | false | If set to true, the login module first attempts to retrieve the user name and password from the shared context before attempting the callback handler. |
clearPass | false | If set to true, the login module clears the user name and password in the shared context when calling either commit or abort. |
storePass | false | If set to true, the login module stores the user name and password in the shared context after successfully authenticating. |
failAuthenticationIfNoRoles | false | If set to true, the provider fails to authenticate the user if the user is not assigned any physical roles. |
providerDescription | none |
(Optional). When enabled, allows the administrator to associate a description with the provider instance. Using a provider description makes it easier to differentiate between multiple instances of the same provider type: for example, when you have multiple login modules of the same type stacked in a security configuration, each targeting a different repository. |