| Table of Contents | ||
|---|---|---|
|
...
| Info | ||
|---|---|---|
| ||
| When using the token in the URI path, the operation must be authenticated using either the token within a Cookie header or by using a valid user and password in an Authentication header with the request. The audit log will reflect the name of user that owns the token if the cookie is used or the name of the authenticated user if HTTP basic authentication is used. |
...
- Standardize an attribute within one of the schemas that apply to the user record for which enabled user accounts will always have set to a known value.
Design a test for the value.
Info title Tip Although you could can use a negative test to find disabled accounts, there is less risk of mistakes with the affirmative method (attribute is value). For example, you could can use the pwdPolicy schema with the pwdLockout attribute and use the userFilter to require the pwdLockout attribute to be true.
...
The token administrator defined in the root IDSYS configuration file is allowed to use the x-owner-meta argument in order to perform token listing for any user. Administrators wishing to disable a user account and log them out of the system could can do so by locking their LDAP account and then removing any existing authentication tokens for that user.
...