An account holds a set of properties (name/value pairs) used by an application to connect to a remote service.
You can have an account to connect to your personal mail server using POP3 to get your email, an account to connect to a WebSphere® Portal Server to access composite applications, or an LDAP account to do name look-up from the corporate directory. Some accounts may already exist on the client, either created by applications, or provisioned from Domino® or Portal. Be careful when editing, removing, or creating new accounts, as this could cause some applications to no longer function. If you are not sure what to do, ask your administrator.
Advanced Properties for HTTP / HTTPS Accounts
The advanced properties for HTTP accounts are primarily used to specify additional properties needed to authenticate with either a Portal server directly or an HTTP/Portal server protected by Tivoli® Access Manager (TAM) or Site Minder. Knowing what to enter for these properties requires specific knowledge of the HTTP infrastructure of an organization, and should not be modified by users unless they are given specific instructions from their administrator. This section will provide enough information to use these properties, but assumes some knowledge of the authentication mechanism being used.
HTTP Basic (default)
HTTP Basic is simple user name and password authentication. The authentication is done at the URL specified by the Server value and all other advanced properties are ignored. This is analogous to opening a Web browser to the URL and the browser popping up a dialog asking for a user name and password.J2EE Form (advanced)
Portal Form (advanced)
J2EE-FORM is a standard way of authenticating with a Web application server, such as WebSphere and Portal servers. A form is submitted to a URL that contains a user name and password. For WebSphere and Portal servers, an LTPA token is returned, which can be used for future authentication. J2EE-FORM uses the Authentication URL (auth URL) property to connect to a servlet. The auth URL is used in one of the following two ways:
- If the auth URL is a complete and valid URL (for example, http://myportalserver.com/wps/j_security_check), then the auth URL is used to locate the servlet.
- If the auth URL is a partial URL (for example, /wps/j_security_check), then it is appended to the root of the Server value.
For example, if the server value is http://myserver.com/mycontextroot and the auth URL is /wps/j_security_check, then the URL used will be http://myserver.com/wps/j_security_check.
Portal Form is a more advanced version of J2EE-FORM. The auth URL is set to a slightly different location. This auth URL generates both an LTPA token for authentication and a JSession cookie for session data. Portal form should be used to communicate with portlets, because J2EE-FORM does not provide the session cookie. Use J2EE-FORM to communicate with servlets hosted on Portal and WebSphere servers. TAM Form and Site Minder Form (advanced)
User Name Token (advanced)
TAM Form and Site Minder Form should be used when the HTTP resource is protected by one of these technologies. The HTTP resource should be configured to accept the authentication token provided by TAM or Site Minder. These auth types work in the same way as Portal form, except that a form is submitted that is specific to either TAM or Site Minder. The result of the authentication is a cookie that can be used to authenticate with any of the protected HTTP resources, including WebSphere and Portal servers.
An account with the TAM Form or Site Minder Form authentication type can be further configured to correctly interact with a TAM or Site Minder server that has a custom configuration. The following properties can be set in a TAM or Site Minder account:
The custom username key as specified in the Site Minder Login Formcustom_password_key
The custom password key as specified in the Site Minder Login Formcustom_target_key
The custom target key as specified in the Site Minder Login Formcustom_target
The custom target value to be returned to the Site Minder server as part of the login form response (POST)use_target_as_authurl
directs the TAM, Site Minder, or Portal-Form login module to use the URL requested by the URL handler as the auth url. When this option is specified, the "custom_target" and "authentication URL" account preferences are ignored. The value of this field should be set to "true" or "false".
User Name Token is an authentication mechanism used by Web Services. This authentication type should only be used by child accounts that have selected the Use name and password of an existing account. User name token should only be used if the Web Service does not accept any other form of authentication, since it requires sending the user name and password on every request. This authentication type is rarely used and should be avoided if possible. TAM SPNEGO (advanced)
TAM SPNEGO is supported on Microsoft® Windows® operating systems only. It uses Active Directory to get a token based on the users operating system log-in. It then uses that token to authentication with TAM, rather than using a user name and password. Apart from that, the result of the authentication is the same as for TAM Form.Authentication URL
The authentication URL is only used by J2EE-FORM and PORTAL Form because it needs to know where the authentication servlet is located. The value for this property can either be a complete URL or a path relative to the root of the server URL.
The authentication URL is only required by J2EE-FORM and PORTAL Form because it needs to know where the authentication servlet is located. The value for this property can be either a complete URL or a path relative to the root of the server URL. If the authentication URL is set for TAM Form or Site Minder Form, Expeditor will connect to the authentication URL to authenticate with the server. If the authentication URL is not set for TAM Form or Site Minder Form, Expeditor will use the Account server property as the authentication URL.
Home Portal URL
Some applications require this value to interact properly with a WebSphere Portal server. When accessing a Portal server via a web browser, by default the following URL would be used:
The Home Portal URL in this case is the myportal
part. Since this is configurable by the system administrator, the default value can be altered as needed in the advanced properties.
Enterprise Management Agent Accounts
Device User Name
The identity of a user’s machine for connecting to a Client Management server.Device User Password
The password of a user’s machine for connecting to a Client Management server.Server Address
The server address consists of two parts – a URI and the path to the DM Servlet to contact for enrollment. Use one of the following to specify the Client Management server address:
- IP address
- Host name
- Host name plus domain name
SyncML/DM is the data synchronization protocol that the agent and server use to communicate. When the server has been configured to require authorization using SyncML/DM, append the following value to the Server Address:
If SyncML/DM authorization is not required by the server, append the following value to the Server Address instead:
Parent topic: Managing accounts: XPD621