|
IBM WebSphere Application ServerTM Release 8 |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
public interface IssuedTokenConfigConstants
Generic Constants and properties used by the generic issued token login modules and callbacks.
Field Summary | |
---|---|
static java.lang.String |
ALWAYS_GENERIC
This key is used by the GenericIssuedTokenConsumeLoginModule and can be set using any of the built-in callback handlers. |
static java.lang.String |
APPLIES_TO
The key is used to specify the AppliesTo for the requested issued Token when using WSSAPI. |
static java.lang.String |
CONFIRMATION_METHOD
This is the key used to specify SAML assertion ConfirmationMethod. |
static java.lang.String |
ENFORCE_CONFIRMATION_METHOD
This is the key used to specify the option to enforce confirmation method in SAML assertion when doing token exchange The default value for this property is false unless it is set to true. |
static java.lang.String |
EXCHANGED_TOKEN_TYPE
This is the key used to specify the token type that should be returned after a successful token validation. |
static java.lang.String |
KEY_ALIAS
This is the optional key used to specify the key alias decrypt SAML assertion |
static java.lang.String |
KEY_NAME
This is the optional key used to specify the key name decrypt SAML assertion |
static java.lang.String |
KEY_PASSWORD
This is the optional key used to specify the key password decrypt SAML assertion |
static java.lang.String |
KEY_STORE_PASSWORD
This is the key used to specify keystore password decrypt SAML assertion |
static java.lang.String |
KEY_STORE_PATH
This is the key used to specify keystore file path to decrypt SAML assertion |
static java.lang.String |
KEY_STORE_TYPE
This is the key used to specify keystore type name decrypt SAML assertion |
static java.lang.String |
PASS_THROUGH_TOKEN
This key is valid for use by both GenericIssuedTokenConsumeLoginModule and GenericIssuedTokenGenerateLoginModule. |
static java.lang.String |
SAML_APPLIES_TO
The key is used to specify the AppliesTo for the requested SAMLToken when using WSSAPI. |
static java.lang.String |
SSL_CONFIG_ALIAS
The key is used to specify the alias to an SSL configuration used by WS-Trust client to request SAMLToken . |
static java.lang.String |
STS_ADDRESS
This is the key used to specify the SecurityTokenService address. |
static java.lang.String |
TRUST_CLIENT_BINDING
This is the key used to specify WS-trust client's binding name. |
static java.lang.String |
TRUST_CLIENT_BINDING_SCOPE
This is the key used to specify binding scope for the policyset attached to WS-Trust client. |
static java.lang.String |
TRUST_CLIENT_COLLECTION_REQUEST
This is the key used to specify if RequestSecurityTokenCollection is required in WS-Trust request. |
static java.lang.String |
TRUST_CLIENT_POLICY
This is the key used to specify WS-Trust client's policyset name. |
static java.lang.String |
TRUST_CLIENT_SOAP_VERSION
This is the key used to specify the SOAP version in WS-Trust request. |
static java.lang.String |
TRUST_CLIENT_VALIDATE_BINDING
This is the key used to specify WS-trust client's binding name for Validate. |
static java.lang.String |
TRUST_CLIENT_VALIDATE_POLICY
This is the key used to specify WS-Trust client's policyset name for Validate. |
static java.lang.String |
TRUST_CLIENT_WSTRUST_NAMESPACE
This is the key used to specify the WS-Trust namespace in WS-Trust request. |
static java.lang.String |
TRUST_INCLUDE_TOKEN_TYPE
This is the key used to specify the the returned token type included in trust request message. |
static java.lang.String |
TRUST_ISSUER
This is the key used to specify the issuer for the requested token. |
static java.lang.String |
TRUST_VALIDATE_TARGET_OPTION
This is the key used to specify the used WS-Trust ValidateTarget, which is one of the following options: token, or base. |
static java.lang.String |
TRUSTED_ISSUER_
This is the key used in the custom properties in GenericIssuedTokenConsumeCallbackHandler
to specify the trusted issuer name whose name is
trustedIssuer_n where n is an integer and started from 0. |
static java.lang.String |
TRUSTED_ISSUER_SUBJECTDN
This is the key used in the custom properties in GenericIssuedTokenConsumeCallbackHandler
to specify the trusted issuer X509Certificate's SubjectDN name whose name is
trustedSubjectDN_n where n is an integer and started from 0. |
static java.lang.String |
UNT_PASSWORD_REQUIRED
This is the optional key used to specify if password is required when using UsernameToken from RunAs subject. |
static java.lang.String |
USE_RUN_AS_SUBJECT
This is the key used to specify if the generator should use the token from RunAsSubject for outgoing request. |
static java.lang.String |
USE_RUN_AS_SUBJECT_ONLY
This is the key used to specify if the generator should only use the token from RunAsSubject for outgoing request. |
static java.lang.String |
USE_TOKEN
This is the key used to specify which token ValueType in RunAsSubject is used to generate token for the SOAP requester. |
static java.lang.String |
VALIDATE_TOKEN
This is the key used to specify if generator should use WS-Trust to validate the token from RunAsSubject. |
static java.lang.String |
WSS_CONSUMING_CONTEXT
The key is used to specify the WSSConsumingContext object used by WS-Trust client to request SAMLToken . |
static java.lang.String |
WSS_GENERATION_CONTEXT
The key is used to specify the WSSGenerationContext object used by WS-Trust client to request SAMLToken . |
Field Detail |
---|
static final java.lang.String STS_ADDRESS
This is the key used to specify the SecurityTokenService address. The key is used in the CallbackHandler's custom properties in both token generator and consumer bindings.
static final java.lang.String TRUST_CLIENT_POLICY
This is the key used to specify WS-Trust client's policyset name. The key is used in the CallbackHandler's custom properties in both token generator and consumer bindings.
static final java.lang.String TRUST_CLIENT_BINDING
This is the key used to specify WS-trust client's binding name. The key is used in the CallbackHandler's custom properties in both token generator and consumer bindings.
static final java.lang.String TRUST_CLIENT_SOAP_VERSION
This is the key used to specify the SOAP version in WS-Trust request. Valid values are "1.1" or "1.2". The default value is the same SOAP version used by application client. The key is used in the CallbackHandler's custom properties in both token generator and consumer bindings.
static final java.lang.String TRUST_CLIENT_WSTRUST_NAMESPACE
This is the key used to specify the WS-Trust namespace in WS-Trust request. The key is used in the CallbackHandler's custom properties in both token generator and consumer bindings.
static final java.lang.String TRUST_CLIENT_BINDING_SCOPE
This is the key used to specify binding scope for the policyset attached to WS-Trust client. The key is used in the CallbackHandler's custom properties in both token generator and consumer bindings.
static final java.lang.String EXCHANGED_TOKEN_TYPE
This is the key used to specify the token type that should be returned after a successful token validation. The key is used in the CallbackHandler's custom properties in token consumer bindings.
static final java.lang.String TRUST_VALIDATE_TARGET_OPTION
This is the key used to specify the used WS-Trust ValidateTarget, which is one of the following options: token, or base. The key is used in the CallbackHandler's custom properties in both token generator and consumer bindings.
static final java.lang.String TRUST_ISSUER
This is the key used to specify the issuer for the requested token. The key is used in the CallbackHandler's custom properties in both token generator and consumer bindings.
static final java.lang.String TRUST_INCLUDE_TOKEN_TYPE
This is the key used to specify the the returned token type included in trust request message. The default implementation always include the required return token ValueType in WS-Trust request message. The key is used in the CallbackHandler's custom properties in both token generator and consumer bindings.
static final java.lang.String USE_RUN_AS_SUBJECT
This is the key used to specify if the generator should use the token from RunAsSubject for outgoing request. The default behavior is always to try to use validated tokens in RunAs subject first. The key is used in the CallbackHandler's custom properties in token generator bindings.
static final java.lang.String USE_RUN_AS_SUBJECT_ONLY
This is the key used to specify if the generator should only use the token from RunAsSubject for outgoing request. The default behavior is to use WS-Trust Issue to request a token if RunAs subject fails to emit a valid token.
static final java.lang.String USE_TOKEN
This is the key used to specify which token ValueType in RunAsSubject is used to generate token for the SOAP requester. If the specified token ValueType is different from the ValueType in the requested token, a token exchange is performed by using ws-trust Validate. If the specified token ValueType is the same as the ValueType in the requested token, a token validation is performed by using ws-trust Validate. Optionally, the token validation could be deferred to service provider. The key is used in the CallbackHandler's custom properties in token generator bindings.
static final java.lang.String VALIDATE_TOKEN
This is the key used to specify if generator should use WS-Trust to validate the token from RunAsSubject. The default behavior is to always Validate the outgoing token from RunAsSubject before sending token to service. The key is used in the CallbackHandler's custom properties in both token generator and consumer bindings.
static final java.lang.String TRUST_CLIENT_VALIDATE_POLICY
This is the key used to specify WS-Trust client's policyset name for Validate. If this key is not specified, the policyset specified by key TRUST_CLIENT_POLICY is applied. The key is used in the CallbackHandler's custom properties in both token generator and consumer bindings.
static final java.lang.String TRUST_CLIENT_VALIDATE_BINDING
This is the key used to specify WS-trust client's binding name for Validate. If this key is not specified, the bindings specified by key TRUST_CLIENT_BINDING is applied. The key is used in the CallbackHandler's custom properties in both token generator and consumer bindings.
static final java.lang.String ENFORCE_CONFIRMATION_METHOD
This is the key used to specify the option to enforce confirmation method in SAML assertion when doing token exchange The default value for this property is false unless it is set to true.
static final java.lang.String CONFIRMATION_METHOD
This is the key used to specify SAML assertion ConfirmationMethod. Valid values include "bearer", and "sender-vouches".
static final java.lang.String KEY_STORE_PATH
This is the key used to specify keystore file path to decrypt SAML assertion
static final java.lang.String KEY_STORE_TYPE
This is the key used to specify keystore type name decrypt SAML assertion
static final java.lang.String KEY_STORE_PASSWORD
This is the key used to specify keystore password decrypt SAML assertion
static final java.lang.String KEY_ALIAS
This is the optional key used to specify the key alias decrypt SAML assertion
static final java.lang.String KEY_NAME
This is the optional key used to specify the key name decrypt SAML assertion
static final java.lang.String KEY_PASSWORD
This is the optional key used to specify the key password decrypt SAML assertion
static final java.lang.String UNT_PASSWORD_REQUIRED
This is the optional key used to specify if password is required when using UsernameToken from RunAs subject.
static final java.lang.String WSS_GENERATION_CONTEXT
The key is used to specify the WSSGenerationContext
object used by WS-Trust client to request SAMLToken
.
static final java.lang.String WSS_CONSUMING_CONTEXT
The key is used to specify the WSSConsumingContext
object used by WS-Trust client to request SAMLToken
.
static final java.lang.String SSL_CONFIG_ALIAS
The key is used to specify the alias to an SSL configuration used by WS-Trust client to request SAMLToken
.
This key is optional. If this key is not set, the default SSL alias defined in system's SSL Configuration is used.
static final java.lang.String APPLIES_TO
The key is used to specify the AppliesTo for the requested issued Token when using WSSAPI.
static final java.lang.String SAML_APPLIES_TO
The key is used to specify the AppliesTo for the requested SAMLToken when using WSSAPI.
static final java.lang.String TRUST_CLIENT_COLLECTION_REQUEST
This is the key used to specify if RequestSecurityTokenCollection is required in WS-Trust request. The default behavior is to use RequestSecurityToken instead of RequestSecurityTokenCollection.
static final java.lang.String TRUSTED_ISSUER_
This is the key used in the custom properties in GenericIssuedTokenConsumeCallbackHandler
to specify the trusted issuer name whose name is
trustedIssuer_n
where n
is an integer and started from 0.
static final java.lang.String TRUSTED_ISSUER_SUBJECTDN
This is the key used in the custom properties in GenericIssuedTokenConsumeCallbackHandler
to specify the trusted issuer X509Certificate's SubjectDN name whose name is
trustedSubjectDN_n
where n
is an integer and started from 0.
static final java.lang.String PASS_THROUGH_TOKEN
This key is valid for use by both GenericIssuedTokenConsumeLoginModule and GenericIssuedTokenGenerateLoginModule. It can be specified on any of the built-in callback handlers. When this key is used for the consumer, it is used to direct if the inbound token should be sent to the STS or not. The default behavior is to always send the inbound token to the STS for validation and/or exchange (depending on other config settings). When this property is set to true, the inbound token will not be sent to the STS at all, in effect, 'passing through' the consumer. Also, when this property is set to true and a built-in token type is used (UsernameToken, Kerberos Token, SAML token, etc), the token will be parsed and available on the WS-Security context for later processing by a caller configuration JAAS login module. When this key is used for the generator, it is used to direct if the outbound token should be obtained from the STS or not. The default behavior is to always obtain the token from the STS. When this property is set to true, the inbound token will be obtained in this order: 1) From the sharedState from a stacked JAAS login module, 2) From the com.ibm.wsspi.wssecurity.token.tokenHolder list on the message context 3) From the inbound SecurityTokens Refer to the following constants in com.ibm.wsspi.wssecurity.core.Constants for more information: com.ibm.wsspi.wssecurity.token.tokenHolder com.ibm.wsspi.wssecurity.token.enableCaptureTokenContext com.ibm.wsspi.wssecurity.token.enableCaptureTokenInboundMsg
static final java.lang.String ALWAYS_GENERIC
This key is used by the GenericIssuedTokenConsumeLoginModule and can be set using any of the built-in callback handlers. When passThroughToken is set to true, if this property is also set to true, the login module will always create a GenericSecurityToken instead of a built-in token type that corresponds to the valueType that is configured for the token. The default value for this property is false.
|
IBM WebSphere Application ServerTM Release 8 |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |