服务器配置 > Post Install Server Security > Choosing Your Security Policy
  
Choosing Your Security Policy
Your security policy specifies the security scheme for your users. If you are using the same security scheme for all users, all you need to do is specify the authentication domain and transport protocol you want to use as your default.
In security.properties, uncomment mks.security.policy.scheme.default and specify your default policy, for example:
mks.security.policy.scheme.default=mksdomain_clear
Authentication Domain
Transport Protocol
Security Policy
Kerberos
Clear
windows_clear
Kerberos
Private
windows_private
Kerberos Single Sign-on
Clear
windowsSSO_clear
Kerberos Single Sign-on
Private
windowsSSO_private
MKS Domain
Clear
mksdomain_clear
MKS Domain
Private
mksdomain_private
LDAP
Clear
ldap_clear
LDAP
Private
ldap_private
UNIX
Clear
unix_clear
UNIX
Private
unix_private
* 
From version 12.1, Integrity Lifecycle Manager does not have any default security schemes for any operating systems.
If you only have a clear or secure port specified in is.properties, your security scheme must use the appropriate communication method for that port.
Additional Configuration for MKS Domain Security Scheme
Using Multiple Security Schemes
Specifying Security Policies by Client IP Address
Specifying Scheme Order
Specifying Which Security Realm to Use for Group Enumeration
Setting Limits for Fetching Information From External Domains