{ "id":"/axapi/v3/aam/authentication/logon", "type":"object", "node-type":"intermediate", "title":"logon", "operation-not-allowed": ["PUT", "POST", "DELETE"], "partition-visibility":"shared", "auto-created-object":1, "description":"Authentication logon configuration", "properties":{ "http-authenticate":{ "type":"object", "$ref":"/axapi/v3/aam/authentication/logon/http-authenticate", "properties":{ "instance-list":{ "type":"array", "minItems":1, "items":{ "type":"instance" }, "uniqueItems":true, "$ref":"/axapi/v3/aam/authentication/logon/http-authenticate/instance/{name}", "array":[ { "properties":{ "name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify HTTP-Authenticate logon name", "optional":false }, "auth-method":{ "type":"object", "properties":{ "basic":{ "type":"object", "properties":{ "basic-realm":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify realm for basic logon" }, "challenge-response-form":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify challenge-response form for RSA-RADIUS authentication" }, "challenge-page":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "not":"new-pin-page", "description":"Specify challenge page name for RSA-RADIUS" }, "challenge-variable":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify challenge variable name" }, "new-pin-page":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "not":"challenge-page", "description":"Specify new PIN page name for RSA-RADIUS" }, "next-token-page":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify next-token page name for RSA-RADIUS" }, "new-pin-variable":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify new PIN variable name" }, "next-token-variable":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify next-token variable name" }, "basic-enable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable Basic logon" } } }, "ntlm":{ "type":"object", "properties":{ "ntlm-enable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable NTLM logon" } } }, "negotiate":{ "type":"object", "properties":{ "negotiate-enable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable SPENGO logon" } } } } }, "hsts-timeout":{ "type":"number", "format":"number", "minimum":0, "maximum":315360000, "partition-visibility":"shared", "description":"Set HSTS policy expired timeout in seconds, 0 means to disable HSTS policy", "optional":true }, "retry":{ "type":"number", "format":"number", "minimum":1, "maximum":32, "default":3, "partition-visibility":"shared", "description":"Maximum number of consecutive failed logon attempts (default 3)", "optional":true }, "account-lock":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Lock the account when the failed logon attempts is exceeded", "optional":true }, "duration":{ "type":"number", "format":"number", "minimum":1, "maximum":86400, "default":1800, "partition-visibility":"shared", "description":"The time an account remains locked in seconds (default 1800)", "optional":true }, "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object", "optional":true }, "sampling-enable":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "counters1":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'all': all; 'spn_krb_request': SPN Kerberos Request; 'spn_krb_success': SPN Kerberos Success; 'spn_krb_faiure': SPN Kerberos Failure; ", "enum":[ "all", "spn_krb_request", "spn_krb_success", "spn_krb_faiure" ] } } } ] }, "packet-capture-template":{ "type":"string", "format":"string", "minLength":1, "maxLength":128, "partition-visibility":"shared", "$ref":"/axapi/v3/visibility/packet-capture/object-templates/aam-auth-logon-http-ins-tmpl", "description":"Name of the packet capture template to be bind with this object", "optional":true } }, "required":[ "name" ] } ] } } }, "form-based-list":{ "type":"array", "minItems":1, "items":{ "type":"form-based" }, "uniqueItems":true, "$ref":"/axapi/v3/aam/authentication/logon/form-based/{name}", "array":[ { "properties":{ "name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify form-based authentication logon name", "optional":false }, "portal":{ "type":"object", "properties":{ "default-portal":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not":"portal-name", "description":"Use default portal" }, "portal-name":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "not":"default-portal", "description":"Specify portal name" }, "logon":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify logon page name" }, "failpage":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify logon fail page name (portal fail page name)" }, "changepasswordpage":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify change password page name" }, "notifychangepasswordpage":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify change password notification page name" }, "challenge-page":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "not-list":[ "new-pin-page", "next-token-page" ], "description":"Specify challenge page name for RSA-RADIUS" }, "new-pin-page":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "not":"challenge-page", "description":"Specify new PIN page name for RSA-RADIUS" }, "next-token-page":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "not":"challenge-page", "description":"Specify next token page name for RSA-RADIUS" } } }, "csp-support":{ "type":"object", "properties":{ "none":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not-list":[ "self", "specificURI" ], "description":"Set CSP frame-ancestors to none (also X-Frame-Options deny)" }, "self":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not":"none", "description":"Set CSP frame-ancestors to self (also X-Frame-Options same-origin)" }, "specificURI":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "not":"none", "description":"Set customized CSP frame-ancestors (maximum 2 URIs can be set)" }, "optional-second-URI":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "description":"Set optional second customized CSP URI" } } }, "hsts-timeout":{ "type":"number", "format":"number", "minimum":0, "maximum":315360000, "partition-visibility":"shared", "description":"Set HSTS policy expired timeout in seconds, 0 means to disable HSTS policy", "optional":true }, "logon-page-cfg":{ "type":"object", "properties":{ "action-url":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "description":"Specify form submission action url" }, "username-variable":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify username variable name in form submission" }, "password-variable":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify password variable name in form submission" }, "passcode-variable":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify passcode variable name in form submission" }, "captcha-variable":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify captcha variable name in form submission" }, "login-failure-message":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "description":"Specify login failure message shown in logon page (Specify error string, default is \"Invalid username or password. Please try again.\")" }, "authz-failure-message":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "description":"Specify authorization failure message shown in logon page (Specify error string, default is \"Authorization failed. Please contact your system administrator.\")" }, "disable-change-password-link":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Don't display change password link on logon page forcibly even backend authentication server supports it (LDAP or Kerberos)" } } }, "cp-page-cfg":{ "type":"object", "properties":{ "changepassword-url":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "description":"Specify changepassword form submission action url (changepassword action url)" }, "cp-user-enum":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'changepassword-username-variable': Specify username variable name in form submission; ", "enum":[ "changepassword-username-variable" ] }, "cp-user-var":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify username variable name" }, "cp-old-pwd-enum":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'changepassword-old-password-variable': Specify old password variable name in form submission; ", "enum":[ "changepassword-old-password-variable" ] }, "cp-old-pwd-var":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify old password variable name" }, "cp-new-pwd-enum":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'changepassword-new-password-variable': Specify new password variable name in form submission; ", "enum":[ "changepassword-new-password-variable" ] }, "cp-new-pwd-var":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify new password variable name" }, "cp-cfm-pwd-enum":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'changepassword-password-confirm-variable': Specify password confirm variable name in form submission; ", "enum":[ "changepassword-password-confirm-variable" ] }, "cp-cfm-pwd-var":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify password confirm variable name" } } }, "notify-cp-page-cfg":{ "type":"object", "properties":{ "notifychangepassword-change-url":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "description":"Specify change password action url for notifychangepassword form" }, "notifychangepassword-continue-url":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "description":"Specify continue action url for notifychangepassword form" } } }, "challenge-variable":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify challenge variable name in form submission", "optional":true }, "new-pin-variable":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify new-pin variable name in form submission", "optional":true }, "next-token-variable":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify next-token variable name in form submission", "optional":true }, "retry":{ "type":"number", "format":"number", "minimum":1, "maximum":32, "default":3, "partition-visibility":"shared", "description":"Maximum number of consecutive failed logon attempts (default 3)", "optional":true }, "account-lock":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Lock the account when the failed logon attempts is exceeded", "optional":true }, "duration":{ "type":"number", "format":"number", "minimum":1, "maximum":86400, "default":1800, "partition-visibility":"shared", "description":"The time an account remains locked in seconds (default 1800)", "optional":true }, "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object", "optional":true }, "user-tag":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "description":"Customized tag", "optional":true } }, "required":[ "name" ] } ] } } }