version 1.49, 2014/10/12 00:04:17
|
version 1.51, 2014/10/30 12:52:17
|
|
|
Pegasus/Config/DefaultPropertyOwner.cpp | Pegasus/Config/DefaultPropertyOwner.cpp |
</ul> | </ul> |
| |
|
<h5>httpAuthType</h5> |
|
<ul> |
|
<b>Description: </b>Type of HTTP authentication. Allowed values are |
|
'basic', indicating basic authentication or 'negotiate' indicating use of |
|
HTPP Negotiate authentication method. This variable is effective only when |
|
'enableAuthentication' variable is set to 'true'.<br> |
|
<b>Default Value: </b>basic<br> |
|
<b>Recommended Default Value (Development Build): </b>basic<br> |
|
<b>Recommended Default Value (Release Build): </b>basic<br> |
|
<b>Recommend To Be Fixed/Hidden (Development Build): </b>No/No<br> |
|
<b>Recommend To Be Fixed/Hidden (Release Build): </b>No<br> |
|
<b>Dynamic?: </b>No<br> |
|
<b>Considerations: </b>Value 'negotiate' is available only when Pegasus |
|
is compiled with PEGASUS_NEGOTIATE_AUTHENTICATION=true.<br> |
|
<b>Source Configuration File: </b> |
|
Pegasus/Config/SecurityPropertyOwner.cpp |
|
</ul> |
|
|
<h5>httpPort</h5> | <h5>httpPort</h5> |
| |
<ul> | <ul> |
|
|
</tbody></table> | </tbody></table> |
</ul> | </ul> |
| |
|
<h5>httpSessionTimeout</h5> |
|
<ul> |
|
<b>Description: </b>If set to a positive integer, this value |
|
specifies a HTTP session lifetime in seconds. |
|
<br> |
|
After initial authentication using standard HTTP mechanisms |
|
(HTTP Basic or Negotiate authentication), the server generates a cookie |
|
and sends it back to the client, as described in RFC 6265. The client |
|
can then use the cookie in subsequent requests to skip the usual HTTP |
|
authentication. The cookie is valid only for period of time specified by |
|
this configuration option. |
|
<br> |
|
If set to zero, session management is turned off and CIM server will not |
|
issue cookies. |
|
<br> |
|
This option is available only when Pegasus was compiled with |
|
PEGASUS_ENABLE_SESSION_COOKIES set to 'true'. |
|
<br> |
|
<b>Recommended Default Value (Development Build): </b>0<br> |
|
<b>Recommended Default Value (Release Build): </b>0<br> |
|
<b>Recommend To Be Fixed/Hidden (Development Build): </b>No/No<br> |
|
<b>Recommend To Be Fixed/Hidden (Release Build): </b>No/No<br> |
|
<b>Dynamic?: </b>Yes<br> |
|
<b>Considerations: </b> |
|
The session timeout should be set to relatively small number (e.g. 30) to |
|
ensure the window, when the a potentially stolen cookie can be re-used, is |
|
quite small. This means every client will be re-authenticated the usual way |
|
(HTTP Basic or Negotiate) at least every 30 seconds. |
|
<br> |
|
</ul> |
|
|
|
|
<h5>idleConnectionTimeout</h5> | <h5>idleConnectionTimeout</h5> |
<ul> | <ul> |
<b>Description: </b>If set to a positive integer, this value | <b>Description: </b>If set to a positive integer, this value |