"className"

The class name that implements the Java authentication plugin interface.

The name of the class that the Java plugin developer created to implement the Java authentication plugin interface.

"attributes"

A JSON object comprised of named attribute values that are passed to the init method of the Java plugin. These attributes can provide useful values for initialization, such as an authentication server name, and can be used to configure the plugin for use by multiple authentication servers.

A valid JSON object

"targetUrl"

The URL used to access the LDAP server.

A string that specifies the URL for the LDAP server.

"securityAuthentication"

The authentication mechanism required by the LDAP server.

none | simple | sasl_mech

If none, an authentication mechanism is not used to authenticate against the LDAP server.

If simple, a clear text password is used to authenticate against the LDAP server.

If sasl_mech, the specified SASL authentication mechanism is used to authenticate against the LDAP server. For details, refer to Authentication Mechanisms in The Java Tutorials.

"securityPrincipal"

The principal used to authenticate against the LDAP server.

The principal information required will differ based on the authentication mechanism specified per the securityAuthentication attribute.

If none, this property is ignored.

If simple, the fully qualified domain name.

If sasl_mech, the SASL authorization identity. The authorization identity is the identity of the entity for which access control checks should be made if the authentication succeeds.

"securityCredentials"

The credentials required to authenticate against the LDAP server.

The credential information required will differ based on the authentication mechanism specified per the securityAuthentication attribute.

If none, this property is ignored.

If simple, the password must be specified.

If sasl_mech, the authorization credential key or password must be specified.