2.2.4.4 ClientAuthType

ClientAuthType This MUST be used to configure the authentication mechanisms that are enabled or disabled on the Web Services Management Protocol Extensions for Windows Vista client.

The Web Services Management Protocol Extensions for Windows Vista clients MUST implement the following security profiles:

  • wsman:secprofile/http/basic, as specified in [DMTF-DSP0226] Annex C.3.1.

  • wsman:secprofile/https/basic, as specified in [DMTF-DSP0226] Annex C.3.3.

  • wsman:secprofile/https/mutual, as specified in [DMTF-DSP0226] Annex C.3.5.

  • wsman:secprofile/https/spnego-kerberos, as specified in [DMTF-DSP0226] Annex C.3.8.

  • wsman:secprofile/http/spnego-kerberos, as specified in [DMTF-DSP0226] Annex C.3.10.

  • wsman:secprofile/http/digest, as specified in [DMTF-DSP0226] Annex C.3.2.

  • wsman:secprofile/https/digest, as specified in [DMTF-DSP0226] Annex C.3.4.

These configuration settings are used when modifying clientconfiguration as specified in section 3.2.4.1.22.2.

 <xs:complexType name="ClientAuthType">
   <xs:sequence>
     <xs:element name="Basic"
       type="xs:boolean"
       default="true"
      />
     <xs:element name="Digest"
       type="xs:boolean"
       default="true"
      />
     <xs:element name="Kerberos"
       type="xs:boolean"
       default="true"
      />
     <xs:element name="Negotiate"
       type="xs:boolean"
       default="true"
      />
     <xs:element name="Certificate"
       type="xs:boolean"
       default="true"
      />
     <xs:element name="CredSSP"
       type="xs:boolean"
       default="false"
       minOccurs="0"
      />
   </xs:sequence>
 </xs:complexType>
  

Elements

Basic: Enables or disables Basic authentication (as specified in [RFC2617] section 2). The default value of this element SHOULD be true.<4>

Digest: Enables or disables Digest authentication (as specified in [RFC2617] section 3). The default value of this element MUST be true.

Kerberos: Enables or disables Kerberos authentication (as specified in [RFC4559] section 4). The default value of this element MUST be true.

Negotiate: Enables or disables Negotiate authentication (as specified in [RFC4559] section 4). The default value of this element MUST be true.

Certificate: Enables or disables Certificate authentication (as specified in [RFC2246] section 7.4.4). The default value of this element MUST be true.

CredSSP: Enables or disables CredSSP authentication (as specified in [MS-CSSP]). The default value of this element MUST be false.