com.ibm.wsspi.wssecurity.core.config
Interface IssuedTokenConfigConstants
- public interface IssuedTokenConfigConstants
Generic Constants and properties used by the generic issued token login modules and callbacks.
Field Summary
Modifier and Type | Field and Description |
---|---|
|
APPLIES_TO
The key is used to specify the AppliesTo for the requested issued Token when using WSSAPI.
|
|
CONFIRMATION_METHOD
This is the key used to specify SAML assertion ConfirmationMethod.
|
|
ENFORCE_CONFIRMATION_METHOD
This is the key used to specify the option to enforce confirmation method in SAML assertion when doing token exchange
The default value for this property is false unless it is set to true.
|
|
EXCHANGED_TOKEN_TYPE
This is the key used to specify the token type that should be returned after a successful token validation.
|
|
KEY_ALIAS
This is the optional key used to specify the key alias decrypt SAML assertion
|
|
KEY_NAME
This is the optional key used to specify the key name decrypt SAML assertion
|
|
KEY_PASSWORD
This is the optional key used to specify the key password decrypt SAML assertion
|
|
KEY_STORE_PASSWORD
This is the key used to specify keystore password decrypt SAML assertion
|
|
KEY_STORE_PATH
This is the key used to specify keystore file path to decrypt SAML assertion
|
|
KEY_STORE_TYPE
This is the key used to specify keystore type name decrypt SAML assertion
|
|
SAML_APPLIES_TO
The key is used to specify the AppliesTo for the requested SAMLToken when using WSSAPI.
|
|
SSL_CONFIG_ALIAS
The key is used to specify the alias to an SSL configuration used by WS-Trust client to request
SAMLToken .
|
|
STS_ADDRESS
This is the key used to specify the SecurityTokenService address.
|
|
TRUST_CLIENT_BINDING
This is the key used to specify WS-trust client's binding name.
|
|
TRUST_CLIENT_BINDING_SCOPE
This is the key used to specify binding scope for the policyset attached to WS-Trust client.
|
|
TRUST_CLIENT_COLLECTION_REQUEST
This is the key used to specify if RequestSecurityTokenCollection is required in WS-Trust request.
|
|
TRUST_CLIENT_POLICY
This is the key used to specify WS-Trust client's policyset name.
|
|
TRUST_CLIENT_SOAP_VERSION
This is the key used to specify the SOAP version in WS-Trust request.
|
|
TRUST_CLIENT_VALIDATE_BINDING
This is the key used to specify WS-trust client's binding name for Validate.
|
|
TRUST_CLIENT_VALIDATE_POLICY
This is the key used to specify WS-Trust client's policyset name for Validate.
|
|
TRUST_CLIENT_WSTRUST_NAMESPACE
This is the key used to specify the WS-Trust namespace in WS-Trust request.
|
|
TRUST_INCLUDE_TOKEN_TYPE
This is the key used to specify the the returned token type included in trust request message.
|
|
TRUST_ISSUER
This is the key used to specify the issuer for the requested token.
|
|
TRUST_VALIDATE_TARGET_OPTION
This is the key used to specify the used WS-Trust ValidateTarget, which is one of the following options: token, or base.
|
|
TRUSTED_ISSUER_
This is the key used in the custom properties in
GenericIssuedTokenConsumeCallbackHandler
to specify the trusted issuer name whose name is
trustedIssuer_n where n is an integer and started from 0.
|
|
TRUSTED_ISSUER_SUBJECTDN
This is the key used in the custom properties in
GenericIssuedTokenConsumeCallbackHandler
to specify the trusted issuer X509Certificate's SubjectDN name whose name is
trustedSubjectDN_n where n is an integer and started from 0.
|
|
UNT_PASSWORD_REQUIRED
This is the optional key used to specify if password is required when using UsernameToken from RunAs subject.
|
|
USE_RUN_AS_SUBJECT
This is the key used to specify if the generator should use the token from RunAsSubject for outgoing request.
|
|
USE_RUN_AS_SUBJECT_ONLY
This is the key used to specify if the generator should only use the token from RunAsSubject for outgoing request.
|
|
USE_TOKEN
This is the key used to specify which token ValueType in RunAsSubject is used to generate token for the SOAP requester.
|
|
VALIDATE_TOKEN
This is the key used to specify if generator should use WS-Trust to validate the token from RunAsSubject.
|
|
WSS_CONSUMING_CONTEXT
The key is used to specify the
WSSConsumingContext object used by WS-Trust client to request SAMLToken .
|
|
WSS_GENERATION_CONTEXT
The key is used to specify the
WSSGenerationContext object used by WS-Trust client to request SAMLToken .
|
Field Detail
STS_ADDRESS
- static final java.lang.String STS_ADDRESS
TRUST_CLIENT_POLICY
- static final java.lang.String TRUST_CLIENT_POLICY
This is the key used to specify WS-Trust client's policyset name. The key is used in the CallbackHandler's custom properties in both token generator and consumer bindings.
TRUST_CLIENT_BINDING
- static final java.lang.String TRUST_CLIENT_BINDING
This is the key used to specify WS-trust client's binding name. The key is used in the CallbackHandler's custom properties in both token generator and consumer bindings.
TRUST_CLIENT_SOAP_VERSION
- static final java.lang.String TRUST_CLIENT_SOAP_VERSION
This is the key used to specify the SOAP version in WS-Trust request. Valid values are "1.1" or "1.2". The default value is the same SOAP version used by application client. The key is used in the CallbackHandler's custom properties in both token generator and consumer bindings.
TRUST_CLIENT_WSTRUST_NAMESPACE
- static final java.lang.String TRUST_CLIENT_WSTRUST_NAMESPACE
This is the key used to specify the WS-Trust namespace in WS-Trust request. The key is used in the CallbackHandler's custom properties in both token generator and consumer bindings.
TRUST_CLIENT_BINDING_SCOPE
- static final java.lang.String TRUST_CLIENT_BINDING_SCOPE
This is the key used to specify binding scope for the policyset attached to WS-Trust client. The key is used in the CallbackHandler's custom properties in both token generator and consumer bindings.
EXCHANGED_TOKEN_TYPE
- static final java.lang.String EXCHANGED_TOKEN_TYPE
This is the key used to specify the token type that should be returned after a successful token validation. The key is used in the CallbackHandler's custom properties in token consumer bindings.
TRUST_VALIDATE_TARGET_OPTION
- static final java.lang.String TRUST_VALIDATE_TARGET_OPTION
This is the key used to specify the used WS-Trust ValidateTarget, which is one of the following options: token, or base. The key is used in the CallbackHandler's custom properties in both token generator and consumer bindings.
TRUST_ISSUER
- static final java.lang.String TRUST_ISSUER
This is the key used to specify the issuer for the requested token. The key is used in the CallbackHandler's custom properties in both token generator and consumer bindings.
TRUST_INCLUDE_TOKEN_TYPE
- static final java.lang.String TRUST_INCLUDE_TOKEN_TYPE
This is the key used to specify the the returned token type included in trust request message. The default implementation always include the required return token ValueType in WS-Trust request message. The key is used in the CallbackHandler's custom properties in both token generator and consumer bindings.
USE_RUN_AS_SUBJECT
- static final java.lang.String USE_RUN_AS_SUBJECT
This is the key used to specify if the generator should use the token from RunAsSubject for outgoing request. The default behavior is always to try to use validated tokens in RunAs subject first. The key is used in the CallbackHandler's custom properties in token generator bindings.
USE_RUN_AS_SUBJECT_ONLY
- static final java.lang.String USE_RUN_AS_SUBJECT_ONLY
This is the key used to specify if the generator should only use the token from RunAsSubject for outgoing request. The default behavior is to use WS-Trust Issue to request a token if RunAs subject fails to emit a valid token.
USE_TOKEN
- static final java.lang.String USE_TOKEN
This is the key used to specify which token ValueType in RunAsSubject is used to generate token for the SOAP requester. If the specified token ValueType is different from the ValueType in the requested token, a token exchange is performed by using ws-trust Validate. If the specified token ValueType is the same as the ValueType in the requested token, a token validation is performed by using ws-trust Validate. Optionally, the token validation could be deferred to service provider. The key is used in the CallbackHandler's custom properties in token generator bindings.
VALIDATE_TOKEN
- static final java.lang.String VALIDATE_TOKEN
This is the key used to specify if generator should use WS-Trust to validate the token from RunAsSubject. The default behavior is to always Validate the outgoing token from RunAsSubject before sending token to service. The key is used in the CallbackHandler's custom properties in both token generator and consumer bindings.
TRUST_CLIENT_VALIDATE_POLICY
- static final java.lang.String TRUST_CLIENT_VALIDATE_POLICY
This is the key used to specify WS-Trust client's policyset name for Validate. If this key is not specified, the policyset specified by key TRUST_CLIENT_POLICY is applied. The key is used in the CallbackHandler's custom properties in both token generator and consumer bindings.
TRUST_CLIENT_VALIDATE_BINDING
- static final java.lang.String TRUST_CLIENT_VALIDATE_BINDING
This is the key used to specify WS-trust client's binding name for Validate. If this key is not specified, the bindings specified by key TRUST_CLIENT_BINDING is applied. The key is used in the CallbackHandler's custom properties in both token generator and consumer bindings.
ENFORCE_CONFIRMATION_METHOD
- static final java.lang.String ENFORCE_CONFIRMATION_METHOD
This is the key used to specify the option to enforce confirmation method in SAML assertion when doing token exchange The default value for this property is false unless it is set to true.
CONFIRMATION_METHOD
- static final java.lang.String CONFIRMATION_METHOD
This is the key used to specify SAML assertion ConfirmationMethod. Valid values include "bearer", and "sender-vouches".
KEY_STORE_PATH
- static final java.lang.String KEY_STORE_PATH
This is the key used to specify keystore file path to decrypt SAML assertion
KEY_STORE_TYPE
- static final java.lang.String KEY_STORE_TYPE
This is the key used to specify keystore type name decrypt SAML assertion
KEY_STORE_PASSWORD
- static final java.lang.String KEY_STORE_PASSWORD
This is the key used to specify keystore password decrypt SAML assertion
KEY_ALIAS
- static final java.lang.String KEY_ALIAS
This is the optional key used to specify the key alias decrypt SAML assertion
KEY_NAME
- static final java.lang.String KEY_NAME
This is the optional key used to specify the key name decrypt SAML assertion
KEY_PASSWORD
- static final java.lang.String KEY_PASSWORD
This is the optional key used to specify the key password decrypt SAML assertion
UNT_PASSWORD_REQUIRED
- static final java.lang.String UNT_PASSWORD_REQUIRED
This is the optional key used to specify if password is required when using UsernameToken from RunAs subject.
WSS_GENERATION_CONTEXT
- static final java.lang.String WSS_GENERATION_CONTEXT
The key is used to specify the WSSGenerationContext
object used by WS-Trust client to request SAMLToken
.
WSS_CONSUMING_CONTEXT
- static final java.lang.String WSS_CONSUMING_CONTEXT
The key is used to specify the WSSConsumingContext
object used by WS-Trust client to request SAMLToken
.
SSL_CONFIG_ALIAS
- static final java.lang.String SSL_CONFIG_ALIAS
The key is used to specify the alias to an SSL configuration used by WS-Trust client to request SAMLToken
.
This key is optional. If this key is not set, the default SSL alias defined in system's SSL Configuration is used.
APPLIES_TO
- static final java.lang.String APPLIES_TO
The key is used to specify the AppliesTo for the requested issued Token when using WSSAPI.
SAML_APPLIES_TO
- static final java.lang.String SAML_APPLIES_TO
The key is used to specify the AppliesTo for the requested SAMLToken when using WSSAPI.
TRUST_CLIENT_COLLECTION_REQUEST
- static final java.lang.String TRUST_CLIENT_COLLECTION_REQUEST
This is the key used to specify if RequestSecurityTokenCollection is required in WS-Trust request. The default behavior is to use RequestSecurityToken instead of RequestSecurityTokenCollection.
TRUSTED_ISSUER_
- static final java.lang.String TRUSTED_ISSUER_
This is the key used in the custom properties in GenericIssuedTokenConsumeCallbackHandler
to specify the trusted issuer name whose name is
trustedIssuer_n
where n
is an integer and started from 0.
TRUSTED_ISSUER_SUBJECTDN
- static final java.lang.String TRUSTED_ISSUER_SUBJECTDN
This is the key used in the custom properties in GenericIssuedTokenConsumeCallbackHandler
to specify the trusted issuer X509Certificate's SubjectDN name whose name is
trustedSubjectDN_n
where n
is an integer and started from 0.
This is the key used to specify the SecurityTokenService address. The key is used in the CallbackHandler's custom properties in both token generator and consumer bindings.