Note: this component is designated "advanced", which means that objects of this type are not expected to be created or altered in most environments. If you believe that such a change is necessary, you may want to contact support in order to understand the potential impact of that change.
The UnboundID Certificate Plus Password SASL Mechanism Handler may be used to perform multifactor authentication against the Directory Server using both a client certificate (presented during SSL/TLS negotiation) and a static password.
The UnboundID Certificate Plus Password SASL Mechanism Handler component inherits from the SASL Mechanism Handler
The following components have a direct aggregation relation from UnboundID Certificate Plus Password SASL Mechanism Handlers:
The properties supported by this managed object are as follows:
| Basic Properties: | Advanced Properties: |
|---|---|
| description | None |
| enabled | |
| certificate-mapper |
| Description | A description for this SASL Mechanism Handler |
| Default Value | None |
| Allowed Values | A string |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Description | Indicates whether the SASL mechanism handler is enabled for use. |
| Default Value | None |
| Allowed Values | true false |
| Multi-Valued | No |
| Required | Yes |
| Admin Action Required | None. Modification requires no further action |
| Description | The certificate mapper that will be used to identify the target user based on the certificate that was presented to the server. |
| Default Value | None |
| Allowed Values | The DN of any Certificate Mapper. If this UnboundID Certificate Plus Password SASL Mechanism Handler is enabled, then the associated certificate mapper must also be enabled. |
| Multi-Valued | No |
| Required | Yes |
| Admin Action Required | None. Modification requires no further action |
To list the configured SASL Mechanism Handlers:
dsconfig list-sasl-mechanism-handlers
[--property {propertyName}] ...
To view the configuration for an existing SASL Mechanism Handler:
dsconfig get-sasl-mechanism-handler-prop
--handler-name {name}
[--tab-delimited]
[--script-friendly]
[--property {propertyName}] ...
To update the configuration for an existing SASL Mechanism Handler:
dsconfig set-sasl-mechanism-handler-prop
--handler-name {name}
(--set|--add|--remove) {propertyName}:{propertyValue}
[(--set|--add|--remove) {propertyName}:{propertyValue}] ...