A shared secret is an object that holds name and value pairs for Form Fill and Identity Injection policies.
If your HTML form prompts a user for more than credential information, you need to create a shared secret to store the values.
If your web server requires some name/value pairs to be injected and these are not available from the HTTP request, you need to create a shared secret to store these name/value pairs so that they can be injected into the header before it is sent to the web server.
Access Manager supports the creation and use of secrets from the following locations:
In the local configuration store
In eDirectory user stores that are running Novell SecretStore
In a user store that has been configured with a custom attribute for secrets
NOTE:Before using Access Manager to store and encrypt secrets, ensure that you choose your Preferred Encryption Method and change the default Encryption Password Hash Key value. If either of these options is changed after any secrets are stored, Access Manager cannot retrieve the secrets.
For more information about configuring Access Manager to store secrets, see Configuring a User Store for Secrets. For more information about configuring the user store to be a secret store, see Configuring Credential Profile Security and Display Settings.
This section describes the following topics: