Common Content for Data Integration
- Common Content for Data Integration 10.5.6.1
- All Products
Option
| Description
|
---|---|
-SamlAssertionSigned
-sas
| Optional. Set to TRUE to enable assertion signing by the identity provider. Default is FALSE.
|
-AuthnContextComparsion
-acc
| Specifies the comparison method used to evaluate the requested authorization statement. Set to MINIMUM, MAXIMUM, BETTER, or EXACT. Default is Exact.
|
-AuthnContextClassRef
-accr
| The authentication context class. Set to PASSWORD or PASSWORDPROTECTEDTRANSPORT.
|
-SignSamlRequest
-ssr
| Set to true to enable signed request.
Default is False
|
-RequestSigningPrivateKeyAlias
-rspa
| Required if you enable signed request. Alias name of the private key present in the node SAML keystore using which SAML request should be signed
|
-RequestSigningPrivateKeyPassword
-rspp
| Required if you enable signed request. Password to access the private key used for signing the SAML request
|
-RequestSigningAlgorithm
-rsa
| Required if you enable signed request. Algorithm used to sign the request. You can set to one of several different values, including RSA_SHA256, DSA_SHA1, and DSA_SHA256.
|
-SamlResponseSigned
-srs
| Set to true to enable signed response.
Default is False.
|
-ResponseSigningCertificateAlias
-rsca
| Required if you enable signed response. Alias name of the certificate present in the gateway node SAML truststore using which SAML response signature will be validated.
|
-SamlAssertionEncrypted
-sae
| Required if you enable signed response. Set to true to enable encrypted assertion.
Default is False.
|
-EncyptedAssertionPrivateKeyAlias
-espa
| Required if you enable encrypted assertion. Alias name of the private key present in the gateway node SAML keystore using which key used for encrypting the assertion will be decrypted.
|
-EncyptedAssertionPrivateKeyPassword
-espp
| Required if you enable encrypted assertion. Password to access the private key used for decrypting the assertion encryption key
|
Option
| Description
|
---|---|
-SamlKeyStoreDir
-skd
| Required if you use a custom keystore for SAML authentication. Path to the SAML keystore.
|
-SamlKeyStorePassword
-skp
| Required if you use a custom keystore for SAML authentication. Password to the SAML keystore.
If you currently run scripts that use defineGatewayNode to enable a custom keystore for SAML authentication, you must update them to include this option.
|
Option
| Description
|
---|---|
-EnableSaml
-saml
| Optional. Enables or disables SAML authentication in the Informatica domain.
Set to true or false. Default is false.
|
-SamlTrustStoreDir
-std
| Optional. The directory containing the custom truststore file required to use SAML authentication on the gateway node. Specify the directory only, not the full path to the file.
The default Informatica truststore is used if no truststore is specified.
|
-SamlTrustStorePassword
-stp
| Required if you use a custom truststore for SAML authentication. The password for the custom truststore.
|
-SamlKeyStoreDir
-skd
| Optional. The directory containing the custom keystore file required to use SAML authentication on the gateway node. Specify the directory only, not the full path to the file.
|
-SamlKeyStorePassword
-skp
| Required if you use a custom keystore for SAML authentication. Password to the SAML keystore.
If you currently run scripts that use defineWorkerNode to enable a custom keystore for SAML authentication, you must update them to include this option.
|
Option
| Description
|
---|---|
-SamlKeyStoreDir
-skd
| Optional. The directory containing the custom keystore file required to use SAML authentication on the gateway node. Specify the directory only, not the full path to the file.
|
-SamlKeyStorePassword
-skp
| Required if you use a custom keystore for SAML authentication. Password to the SAML keystore.
|
Option
| Description
|
---|---|
-CipherWhiteList
-cwl
| Optional. Comma-separated list of JSSE cipher suites that you want to add to the effective list.
The list must contain at least one valid JRE or OpenSSL cipher suite.
|
-CipherBlackList
-cbl
| Optional. Comma-separated list of JSSE cipher suites that you want to remove from the effective list.
The effective list must contain at least one valid JRE or OpenSSL cipher suite.
|
-CipherWhiteListFile
-cwlf
| Optional. Absolute file name of the plain text file that contains a comma-separated list of cipher suites that you want to add to the effective list.
The list must contain at least one valid JRE or OpenSSL cipher suite.
|
-CipherBlackListFile
-cblf
| Optional. Absolute file name of the plain text file that contains a comma-separated list of cipher suites that you want to remove from the effective list.
The effective list must contain at least one valid JRE or OpenSSL cipher suite.
|
-EnableSaml
-saml
| Optional. Enables or disables SAML authentication in the Informatica domain.
Set to true or false. Default is false.
|
-SamlKeyStoreDir
-skd
| Optional. The directory containing the custom keystore file required to use SAML authentication on the gateway node. Specify the directory only, not the full path to the file.
|
-SamlKeyStorePassword
-skp
| Required if you use a custom keystore for SAML authentication. Password to the SAML keystore.
If you currently run scripts that use updateWorkerNode to enable a custom keystore for SAML authentication, you must update them to include this option.
|
Option
| Description
|
---|---|
-SamlAssertionSigned
-sas
| Optional. Set to TRUE to enable assertion signing by the identity provider. Default is FALSE.
|
-SamlKeyStoreDir
-skd
| Optional. The directory containing the custom keystore file required to use SAML authentication on the gateway node. Specify the directory only, not the full path to the file.
|
-SamlKeyStorePassword
-skp
| Required if you use a custom keystore for SAML authentication. Password to the SAML keystore.
If you currently run scripts that use updateDomainSamlConfig to enable a custom keystore for SAML authentication, you must update them to include this option.
|
-SignSamlRequest
-ssr
| Set to true to enable request signing
Default is False.
|
-RequestSigningPrivateKeyAlias
-rspa
| Required if you enable signed request. Alias name of the private key that Informatica uses to sign the request. This private key resides in the keystore in the gateway node. The corresponding public key, usually a certificate, should be imported to the identity provider.
|
-RequestSigningPrivateKeyPassword
-rspp
| Plaintext password of the private key that Informatica uses to sign the request.
Default is the password of private key present in the keystore file
<Informatica home>\services\shared\security\infa_keystore.jks with the alias "Informatica LLC".
|
-RequestSigningAlgorithm
-rsa
| Required if you enable signed request. Algorithm used to sign the request. You can set to one of several different values, including RSA_SHA256, DSA_SHA1, and DSA_SHA256.
|
-SamlResponseSigned
-srs
| Set to true to specify whether the IDP signs the SAML response.
When set to TRUE, requires the IDP administrator to configure the identify provider to sign the response.
Default is False.
|
-ResponseSigningCertificateAlias
-rsca
| Required if you enable signed response. Alias name of the certificate in the gateway node SAML truststore to use to verify the signature.
|
-SamlAssertionEncrypted
-sae
| Set to true to specify that the IDP encrypts the assertion.
When set to TRUE, requires the IDP administrator to configure the identify provider to encrypt the assertion.
Default is False.
|
-EncyptedAssertionPrivateKeyAlias
-espa
| Alias name of the private key present in the gateway node SAML keystore. The private key is used for encrypting the assertion. The IDP administrator must import the corresponding public key (usually a certificate).
|
-EncyptedAssertionPrivateKeyPassword
-espp
| Plaintext password.
Default is the password of private key present in the keystore file
<Informatica home>\services\shared\security\infa_keystore.jks with the alias "Informatica LLC".
|