Configuring CS Authentication Resource Properties
You can view and edit CS Authentication properties for the global CS Authentication resource.
Note
Many authentication properties are set at the site level. For information about configuring site level authentication properties, see Configuring an Application.
The following authentication properties are set in the App Default Config resource: Site ticket options, Site privacy options, Form login options, AuthManager Auth Ticket Timeout. These properties apply if you are developing a site using the Commerce Server Solutions Sites. For information about configuring these App Default Config properties, see Configuring App Default Config Resource Properties.
To configure the CS Authentication resource properties
Expand Commerce Server Manager, and then open Global Resources.
Right-click CS Authentication resource, and then click Properties.
In the Properties box, select the property for which you want to set a value.
In the Selected Property Value box, type the new value, and then click OK.
The following table lists the CS Authentication properties you can set at the global resource level for a Commerce Server site.
Property | Description |
Login Form | Name of the form to be used for logging on users. You can specify one of the following:
If you use Secure Sockets Layer (SSL), you must specify the full path to the Login.asp page, for example: https://www.microsoft.com/authfilter/login.asp. |
Login Retries | The number of times users are prompted to type their user name and password before a message instructing them to call customer service is displayed. |
Password-Cache Size | The maximum number of users whose credentials can be stored in the AuthFilter User-Password-Cache. This property is only used with Windows Authentication mode. |
Password-Cache TTL | The length of time in minutes that the authentication credentials are stored in the Password-Cache. This property is only used with Windows Authentication mode. |
TimeWindow for Valid Ticket | The default length of time in which the credentials generated by the AuthManager object is valid. |
AuthProfile-Name | Name of the profile object to use when the data source for the Profiling System is partitioned. If using default schema, this value must be Profile Definitions.UserObject. |
AuthFilter Helper Folder | Name of the folder that the AuthFilter uses to store helper files. You must keep all files related to the AuthFilter in this one folder. The default subfolder is \AuthFiles. All the AuthFilter files must always have Anonymous Access enabled. |
Error Form | Name of the form to be used when an access denied error occurs. You can specify one of the following:
|
Help Form | Name of the form that contains help information for logging in. You can specify one of the following:
|
Internal Error Form | Name of the error form to display when there is an internal error. You can specify one of the following:
|
No-Cookie form | Name of the form to display when the browser does not have cookies enabled or does not support cookies. You can specify one of the following:
|
AutoCookie Form | Name of the form to be redirected to when Autocookies are enabled. You can specify one of the following:
|
Profile Cookie Expiration Date | End date after which the cookie is no longer valid. |
Enable Encryption | To enable encryption of cookie data, set this property at the Commerce site level. For instructions, see Configuring an Application. |
Encryption Key for Cookie Data | The encryption key used for encrypting or decrypting cookie data. To generate a new encryption key, see Generating a New Encryption Key. |
Notes
You must keep all files related to the AuthFilter in one folder, specified in Auth Filter Helper Folder property. The default subfolder is \AuthFiles. All the AuthFilter files must always have Anonymous Access enabled.
After you change a global CS Authentication property, and if you are using AuthFilter, you must restart Internet Information Services (IIS) 5.0. For instructions, see Restarting IIS.
After you change an authentication property at the application level, and if you are using AuthManager, you must use API Refresh() or restart IIS to get the updated property values.
See Also
Working with Site Security and Filters