com.ibm.wsspi.wssecurity.core.config

Interface IssuedTokenConfigConstants


  1. public interface IssuedTokenConfigConstants

Generic Constants and properties used by the generic issued token login modules and callbacks.


Field Summary

Modifier and Type Field and Description
  1. static
  2. java.lang.String
APPLIES_TO
The key is used to specify the AppliesTo for the requested issued Token when using WSSAPI.
  1. static
  2. java.lang.String
CONFIRMATION_METHOD
This is the key used to specify SAML assertion ConfirmationMethod.
  1. static
  2. java.lang.String
ENFORCE_CONFIRMATION_METHOD
This is the key used to specify the option to enforce confirmation method in SAML assertion when doing token exchange The default value for this property is false unless it is set to true.
  1. static
  2. java.lang.String
EXCHANGED_TOKEN_TYPE
This is the key used to specify the token type that should be returned after a successful token validation.
  1. static
  2. java.lang.String
KEY_ALIAS
This is the optional key used to specify the key alias decrypt SAML assertion
  1. static
  2. java.lang.String
KEY_NAME
This is the optional key used to specify the key name decrypt SAML assertion
  1. static
  2. java.lang.String
KEY_PASSWORD
This is the optional key used to specify the key password decrypt SAML assertion
  1. static
  2. java.lang.String
KEY_STORE_PASSWORD
This is the key used to specify keystore password decrypt SAML assertion
  1. static
  2. java.lang.String
KEY_STORE_PATH
This is the key used to specify keystore file path to decrypt SAML assertion
  1. static
  2. java.lang.String
KEY_STORE_TYPE
This is the key used to specify keystore type name decrypt SAML assertion
  1. static
  2. java.lang.String
SAML_APPLIES_TO
The key is used to specify the AppliesTo for the requested SAMLToken when using WSSAPI.
  1. static
  2. java.lang.String
SSL_CONFIG_ALIAS
The key is used to specify the alias to an SSL configuration used by WS-Trust client to request SAMLToken.
  1. static
  2. java.lang.String
STS_ADDRESS
This is the key used to specify the SecurityTokenService address.
  1. static
  2. java.lang.String
TRUST_CLIENT_BINDING
This is the key used to specify WS-trust client's binding name.
  1. static
  2. java.lang.String
TRUST_CLIENT_BINDING_SCOPE
This is the key used to specify binding scope for the policyset attached to WS-Trust client.
  1. static
  2. java.lang.String
TRUST_CLIENT_COLLECTION_REQUEST
This is the key used to specify if RequestSecurityTokenCollection is required in WS-Trust request.
  1. static
  2. java.lang.String
TRUST_CLIENT_POLICY
This is the key used to specify WS-Trust client's policyset name.
  1. static
  2. java.lang.String
TRUST_CLIENT_SOAP_VERSION
This is the key used to specify the SOAP version in WS-Trust request.
  1. static
  2. java.lang.String
TRUST_CLIENT_VALIDATE_BINDING
This is the key used to specify WS-trust client's binding name for Validate.
  1. static
  2. java.lang.String
TRUST_CLIENT_VALIDATE_POLICY
This is the key used to specify WS-Trust client's policyset name for Validate.
  1. static
  2. java.lang.String
TRUST_CLIENT_WSTRUST_NAMESPACE
This is the key used to specify the WS-Trust namespace in WS-Trust request.
  1. static
  2. java.lang.String
TRUST_INCLUDE_TOKEN_TYPE
This is the key used to specify the the returned token type included in trust request message.
  1. static
  2. java.lang.String
TRUST_ISSUER
This is the key used to specify the issuer for the requested token.
  1. static
  2. java.lang.String
TRUST_VALIDATE_TARGET_OPTION
This is the key used to specify the used WS-Trust ValidateTarget, which is one of the following options: token, or base.
  1. static
  2. java.lang.String
TRUSTED_ISSUER_
This is the key used in the custom properties in GenericIssuedTokenConsumeCallbackHandler to specify the trusted issuer name whose name is trustedIssuer_n where n is an integer and started from 0.
  1. static
  2. java.lang.String
TRUSTED_ISSUER_SUBJECTDN
This is the key used in the custom properties in GenericIssuedTokenConsumeCallbackHandler to specify the trusted issuer X509Certificate's SubjectDN name whose name is trustedSubjectDN_n where n is an integer and started from 0.
  1. static
  2. java.lang.String
UNT_PASSWORD_REQUIRED
This is the optional key used to specify if password is required when using UsernameToken from RunAs subject.
  1. static
  2. java.lang.String
USE_RUN_AS_SUBJECT
This is the key used to specify if the generator should use the token from RunAsSubject for outgoing request.
  1. static
  2. java.lang.String
USE_RUN_AS_SUBJECT_ONLY
This is the key used to specify if the generator should only use the token from RunAsSubject for outgoing request.
  1. static
  2. java.lang.String
USE_TOKEN
This is the key used to specify which token ValueType in RunAsSubject is used to generate token for the SOAP requester.
  1. static
  2. java.lang.String
VALIDATE_TOKEN
This is the key used to specify if generator should use WS-Trust to validate the token from RunAsSubject.
  1. static
  2. java.lang.String
WSS_CONSUMING_CONTEXT
The key is used to specify the WSSConsumingContext object used by WS-Trust client to request SAMLToken.
  1. static
  2. java.lang.String
WSS_GENERATION_CONTEXT
The key is used to specify the WSSGenerationContext object used by WS-Trust client to request SAMLToken.

Field Detail

STS_ADDRESS

  1. static final java.lang.String STS_ADDRESS

This is the key used to specify the SecurityTokenService address. The key is used in the CallbackHandler's custom properties in both token generator and consumer bindings.

See Also:

TRUST_CLIENT_POLICY

  1. static final java.lang.String TRUST_CLIENT_POLICY

This is the key used to specify WS-Trust client's policyset name. The key is used in the CallbackHandler's custom properties in both token generator and consumer bindings.

See Also:

TRUST_CLIENT_BINDING

  1. static final java.lang.String TRUST_CLIENT_BINDING

This is the key used to specify WS-trust client's binding name. The key is used in the CallbackHandler's custom properties in both token generator and consumer bindings.

See Also:

TRUST_CLIENT_SOAP_VERSION

  1. static final java.lang.String TRUST_CLIENT_SOAP_VERSION

This is the key used to specify the SOAP version in WS-Trust request. Valid values are "1.1" or "1.2". The default value is the same SOAP version used by application client. The key is used in the CallbackHandler's custom properties in both token generator and consumer bindings.

See Also:

TRUST_CLIENT_WSTRUST_NAMESPACE

  1. static final java.lang.String TRUST_CLIENT_WSTRUST_NAMESPACE

This is the key used to specify the WS-Trust namespace in WS-Trust request. The key is used in the CallbackHandler's custom properties in both token generator and consumer bindings.

See Also:

TRUST_CLIENT_BINDING_SCOPE

  1. static final java.lang.String TRUST_CLIENT_BINDING_SCOPE

This is the key used to specify binding scope for the policyset attached to WS-Trust client. The key is used in the CallbackHandler's custom properties in both token generator and consumer bindings.

See Also:

EXCHANGED_TOKEN_TYPE

  1. static final java.lang.String EXCHANGED_TOKEN_TYPE

This is the key used to specify the token type that should be returned after a successful token validation. The key is used in the CallbackHandler's custom properties in token consumer bindings.

See Also:

TRUST_VALIDATE_TARGET_OPTION

  1. static final java.lang.String TRUST_VALIDATE_TARGET_OPTION

This is the key used to specify the used WS-Trust ValidateTarget, which is one of the following options: token, or base. The key is used in the CallbackHandler's custom properties in both token generator and consumer bindings.

See Also:

TRUST_ISSUER

  1. static final java.lang.String TRUST_ISSUER

This is the key used to specify the issuer for the requested token. The key is used in the CallbackHandler's custom properties in both token generator and consumer bindings.

See Also:

TRUST_INCLUDE_TOKEN_TYPE

  1. static final java.lang.String TRUST_INCLUDE_TOKEN_TYPE

This is the key used to specify the the returned token type included in trust request message. The default implementation always include the required return token ValueType in WS-Trust request message. The key is used in the CallbackHandler's custom properties in both token generator and consumer bindings.

See Also:

USE_RUN_AS_SUBJECT

  1. static final java.lang.String USE_RUN_AS_SUBJECT

This is the key used to specify if the generator should use the token from RunAsSubject for outgoing request. The default behavior is always to try to use validated tokens in RunAs subject first. The key is used in the CallbackHandler's custom properties in token generator bindings.

See Also:

USE_RUN_AS_SUBJECT_ONLY

  1. static final java.lang.String USE_RUN_AS_SUBJECT_ONLY

This is the key used to specify if the generator should only use the token from RunAsSubject for outgoing request. The default behavior is to use WS-Trust Issue to request a token if RunAs subject fails to emit a valid token.

See Also:

USE_TOKEN

  1. static final java.lang.String USE_TOKEN

This is the key used to specify which token ValueType in RunAsSubject is used to generate token for the SOAP requester. If the specified token ValueType is different from the ValueType in the requested token, a token exchange is performed by using ws-trust Validate. If the specified token ValueType is the same as the ValueType in the requested token, a token validation is performed by using ws-trust Validate. Optionally, the token validation could be deferred to service provider. The key is used in the CallbackHandler's custom properties in token generator bindings.

See Also:

VALIDATE_TOKEN

  1. static final java.lang.String VALIDATE_TOKEN

This is the key used to specify if generator should use WS-Trust to validate the token from RunAsSubject. The default behavior is to always Validate the outgoing token from RunAsSubject before sending token to service. The key is used in the CallbackHandler's custom properties in both token generator and consumer bindings.

See Also:

TRUST_CLIENT_VALIDATE_POLICY

  1. static final java.lang.String TRUST_CLIENT_VALIDATE_POLICY

This is the key used to specify WS-Trust client's policyset name for Validate. If this key is not specified, the policyset specified by key TRUST_CLIENT_POLICY is applied. The key is used in the CallbackHandler's custom properties in both token generator and consumer bindings.

See Also:

TRUST_CLIENT_VALIDATE_BINDING

  1. static final java.lang.String TRUST_CLIENT_VALIDATE_BINDING

This is the key used to specify WS-trust client's binding name for Validate. If this key is not specified, the bindings specified by key TRUST_CLIENT_BINDING is applied. The key is used in the CallbackHandler's custom properties in both token generator and consumer bindings.

See Also:

ENFORCE_CONFIRMATION_METHOD

  1. static final java.lang.String ENFORCE_CONFIRMATION_METHOD

This is the key used to specify the option to enforce confirmation method in SAML assertion when doing token exchange The default value for this property is false unless it is set to true.

See Also:

CONFIRMATION_METHOD

  1. static final java.lang.String CONFIRMATION_METHOD

This is the key used to specify SAML assertion ConfirmationMethod. Valid values include "bearer", and "sender-vouches".

See Also:

KEY_STORE_PATH

  1. static final java.lang.String KEY_STORE_PATH

This is the key used to specify keystore file path to decrypt SAML assertion

See Also:

KEY_STORE_TYPE

  1. static final java.lang.String KEY_STORE_TYPE

This is the key used to specify keystore type name decrypt SAML assertion

See Also:

KEY_STORE_PASSWORD

  1. static final java.lang.String KEY_STORE_PASSWORD

This is the key used to specify keystore password decrypt SAML assertion

See Also:

KEY_ALIAS

  1. static final java.lang.String KEY_ALIAS

This is the optional key used to specify the key alias decrypt SAML assertion

See Also:

KEY_NAME

  1. static final java.lang.String KEY_NAME

This is the optional key used to specify the key name decrypt SAML assertion

See Also:

KEY_PASSWORD

  1. static final java.lang.String KEY_PASSWORD

This is the optional key used to specify the key password decrypt SAML assertion

See Also:

UNT_PASSWORD_REQUIRED

  1. static final java.lang.String UNT_PASSWORD_REQUIRED

This is the optional key used to specify if password is required when using UsernameToken from RunAs subject.

See Also:

WSS_GENERATION_CONTEXT

  1. static final java.lang.String WSS_GENERATION_CONTEXT

The key is used to specify the WSSGenerationContext object used by WS-Trust client to request SAMLToken.

See Also:

WSS_CONSUMING_CONTEXT

  1. static final java.lang.String WSS_CONSUMING_CONTEXT

The key is used to specify the WSSConsumingContext object used by WS-Trust client to request SAMLToken.

See Also:

SSL_CONFIG_ALIAS

  1. static final java.lang.String SSL_CONFIG_ALIAS

The key is used to specify the alias to an SSL configuration used by WS-Trust client to request SAMLToken. This key is optional. If this key is not set, the default SSL alias defined in system's SSL Configuration is used.

See Also:

APPLIES_TO

  1. static final java.lang.String APPLIES_TO

The key is used to specify the AppliesTo for the requested issued Token when using WSSAPI.

See Also:

SAML_APPLIES_TO

  1. static final java.lang.String SAML_APPLIES_TO

The key is used to specify the AppliesTo for the requested SAMLToken when using WSSAPI.

See Also:

TRUST_CLIENT_COLLECTION_REQUEST

  1. static final java.lang.String TRUST_CLIENT_COLLECTION_REQUEST

This is the key used to specify if RequestSecurityTokenCollection is required in WS-Trust request. The default behavior is to use RequestSecurityToken instead of RequestSecurityTokenCollection.

See Also:

TRUSTED_ISSUER_

  1. static final java.lang.String TRUSTED_ISSUER_

This is the key used in the custom properties in GenericIssuedTokenConsumeCallbackHandler to specify the trusted issuer name whose name is trustedIssuer_n where n is an integer and started from 0.

See Also:

TRUSTED_ISSUER_SUBJECTDN

  1. static final java.lang.String TRUSTED_ISSUER_SUBJECTDN

This is the key used in the custom properties in GenericIssuedTokenConsumeCallbackHandler to specify the trusted issuer X509Certificate's SubjectDN name whose name is trustedSubjectDN_n where n is an integer and started from 0.

See Also: