Apache2 CardSpace Authentication Module (mod_cspace) User Guide

Apache2 CardSpace Authentication Module

Configuration Options

UseCardSpaceAuth

Use this directive to enable cardspace for the directory it is used in.

  • This directive takes no arguments.
CardSpaceTVS URL of the token verificaton service.
  • This service is installed with WSO2 Identity Solution, and can be found by default at http://localhost:12080/wsas/services/RelyingPartyService
SSLCertificateKeyFile Path to the key file used to provide HTTPS.
  • Only applicable when Apache version is greater than 2.2.x. (If you have already set up mod_ssl you don't have to worry about this. It is the same directive that is reused here)
  • In case of Apache 2.0.x CardSpaceSSLKeyFile should provide this information.
CardSpaceSSLKeyFile Path to the key file used to provide HTTPS.
  • Only applicable for Apache 2.0.x (see SSLCertificateKeyFile above)
CardSpaceSessionManage Specifies if session management should be handled by the module.
  • Set this directive "on" if the session management needs to be done by the module itself, "off" otherwise.
CardSpaceLoginURI Directory name(s) of the locations that should be omitted from the module's authentication mechanisms.
  • Has no effect when CardSpaceSessionManage directive is set to "off"
  • This directive can be repeated
  • Usually it is used to specify the login page and other resources needed to display the login page properly.
CardSpaceGlobalSessionCache Path to the global session cache sdbm file.
  • Has no effect when CardSpaceSessionManage directive is set to "off"
CardSpaceSessionCache Path to the per-directory session cache sdbm file.
  • Has no effect when CardSpaceSessionManage directive is set to "off"
  • When this directive is set it overrides the CardSpaceGlobalSessionCache
CardSpaceSessionExpireTime Session expiration time (globally) in seconds.
  • Has no effect when CardSpaceSessionManage directive is set to "off"
  • This directive applies to all the directories.
CardSpaceSingleSignOn Enable single sign on within directories
  • Has no effect - currently not implemented.