Skip to main content
Version: 7.2405.x.x LTS

NevisIDMConnectionPool

The NevisIDMConnectionPool provides access to the NevisIDM administration web service and is used by NevisIDMSource and NevisIDMSink. It supports three modes of authentication:

  • Basic authentication uses basic HTTP authentication with a username and password.
  • Client certificate authentication uses a client certification to authenticate for nevisIDM using nevisProxy.
  • Ninja authentication uses the Nevis sectoken as credential to access the nevisIDM web services.

Configuration

NameType, usage constraints, defaultsDescription
endpointrequired: paraVal
default: none
type: connection url
The connection URL pointing to the administration web service of nevisIDM.
wstrustEndpointoptional: paraVal
default: none
type: connection url
The connection URL pointing to the wstrust web services of nevisAuth.
loginModerequired: paraVal
default: none
type: login-mode string
The login-mode determines the kind of authentication the pool uses:
basic: Use basic HTTP authentication.
proxyCert: Use a client certificate and nevisProxy.
ninja: Use a Nevis sectoken.
usernameoptional: paraVal
default: none
type: string
The username used for basic authentication.
passwordoptional: paraVal
default: none
type: string
sensitive: true
The password used for basic authentication.
sslSettingsoptional: paraMap
default: none
type: string/string
The SSL configuration settings used for this connection pool. It uses the Java system property names to set up the key- and truststores.
wstrustSslSettingsoptional: paraMap
default: none
type: connection url
The SSL configuration settings used to perform two-way SSL authentication with the wstrust endpoint. It uses the Java system property names to set up the key and trust stores.

Examples

Example using an unencrypted connection and basic authentication

<object type="NevisIDMConnectionPool" name="adminService">
<dp:paraVal name="endpoint" value="http://localhost:8989/nevisidm/services/v1/AdminService"/>
<dp:paraVal name="loginMode" value="basicAuth"/>
<dp:paraVal name="username" value="techuser"/>
<dp:paraVal name="password" value="secret"/>
</object>

Example using an SSL connection

<object type="NevisIDMConnectionPool" name="adminService">
<dp:paraVal name="endpoint" value="https://localhost/nevisidm/services/v1/AdminService"/>
<dp:paraVal name="loginMode" value="proxyCert"/>
<dp:paraMap name="sslSettings">
<value name="javax.net.ssl.trustStore" value="truststore.jks"/>
<value name="javax.net.ssl.trustStorePassword" value="secret"/>
<value name="javax.net.ssl.trustStoreType" value="jks"/>
<value name="javax.net.ssl.keyStore" value="keystore.jks"/>
<value name="javax.net.ssl.keyStorePassword" value="secret"/>
<value name="javax.net.ssl.keyStoreType" value="jks"/>
</dp:paraMap>
</object>

Example using ninja

<object type="NevisIDMConnectionPool" name="nevisIDMService">
<dp:paraVal name="endpoint" value="https://localhost:8989/nevisidm/services/v1/AdminService"/>
<dp:paraVal name="wstrustEndpoint" value="https://localhost:8991/nevisauth/services/wst14/SecurityTokenService"/>
<dp:paraVal name="loginMode" value="ninja"/>
<!-- Two way SSL is used to access the wstrust endpoint -->
<dp:paraMap name="wstrustSslSettings">
<value name="javax.net.ssl.trustStore" value="nevisauth_truststore.jks"/>
<value name="javax.net.ssl.trustStorePassword" value="secret"/>
<value name="javax.net.ssl.trustStoreType" value="JKS"/>
<value name="javax.net.ssl.keyStore" value="techuser_keystore.jks"/>
<value name="javax.net.ssl.keyStorePassword" value="secret"/>
<value name="javax.net.ssl.keyStoreType" value="JKS"/>
</dp:paraMap>
<!-- One way SSL is used to connect to the admin service -->
<dp:paraMap name="sslSettings">
<value name="javax.net.ssl.trustStore" value="nevisidm_truststore.jks"/>
<value name="javax.net.ssl.trustStorePassword" value="secret"/>
<value name="javax.net.ssl.trustStoreType" value="JKS"/>
</dp:paraMap>
</object>