IBM WebSphere Application ServerTM
Release 7

com.ibm.wsspi.wssecurity.saml.config
Interface SamlConstants


public interface SamlConstants

Generic Constants used by the WS-Security SAMLToken Profile support.


Field Summary
static java.lang.String CACHE_CUSHION
           The key is used to specify cushion in milliseconds that a cached token should not be reused, and a new token should be issued.
static java.lang.String CACHE_ENTRIES
           The key is used to indicate how many cache entries could be maintained in an BindingProvider instance.
static java.lang.String CACHE_TOKEN
           The key is used to specify if SAMLToken could be cached for reuse.
static java.lang.String CLOCK_SKEW
           The key is used to specify allowable clock skew.
static java.lang.String CONFIRMATION_METHOD
           This is the key used to specify SAMLToken subject ConfirmationMethod.
static java.lang.String CRLPATH
           The key is revoked certificate list file path name whose name.
static java.lang.String CRLPATH_PREFIX
           The key is revoked certificate list file path name whose name is CRLPATH_n where n is an integer.
static long DEFAULT_SAML_EXPIRES_IN_MILLISECONDS
           The value specify the default SAMLToken lifetime in milliseconds for a self-issued SAMLToken.
static boolean DEFAULT_TRUST_CLIENT_COLLECTION_REQUEST
           This value is to indicate RequestsecurityTokenCollection is not used in WS-Trust request.
static java.lang.String DEFAULT_TRUST_CLIENT_WSTRUST_NAMESPACE
           This value is WS-Trust 1.3 namespace.
static java.lang.String FAILOVER_TO_TOKEN_REQUEST
           The key is used to indicate if ws-security runtime should use attached policyset to issue a new SAMLToken if the input SAMLToken in RequestContext is invalid.
static java.lang.String KEY_ALIAS
           This is the optional key used to specify the key alias for SAMLToken consuming
static java.lang.String KEY_NAME
           This is the optional key used to specify the key name for SAMLToken consuming
static java.lang.String KEY_PASSWORD
           This is the optional key used to specify the key password for SAMLToken consuming
static java.lang.String KEY_SIZE
           This is the key used to specify KeySize when requesting a SecretKey from STS.
static java.lang.String KEY_STORE_PASSWORD
           This is the key used to specify keystore password for SAMLToken consuming
static java.lang.String KEY_STORE_PATH
           This is the key used to specify keystore file path for SAMLToken consuming
static java.lang.String KEY_STORE_REF
           This is the key used to specify keystore reference for SAMLToken consuming
static java.lang.String KEY_STORE_TYPE
           This is the key used to specify keystore type name for SAMLToken consuming
static java.lang.String KEY_TYPE
           This is the key used to specify KeyType when making WS-Trust request to STS.
static java.lang.String SAML_SELF_ISSUER_CONFIG
           The key specifies the required configuration data when generating a self-issued SAML token.
static java.lang.String SAMLTOKEN_IN_MESSAGECONTEXT
           The key is used to set SAMLToken to RequestContext
static java.lang.String SAMLTOKEN_OUT_MESSAGECONTEXT
           The key is used to get SAMLToken from ResponseContext
static java.lang.String SAMLTOKEN_SELF_ISSUER
           The key is the default SAML self-issuer name
static java.lang.String SERVICE_ALIAS
           The key is used to specify Certificate's alias of target service.
static java.lang.String SIGN_SAMLTOKEN_WITH_STRT
           This is the key used to specify if a SAMLToken should be signed with application message.
static java.lang.String SIGNATURE_REQUIRED
           This is the key used to specify if signature on SAML assertion is required.
static java.lang.String STS_ADDRESS
           This is the key used to specify the SecurityTokenService address.
static java.lang.String Token_REQUEST
           This is the key used to specify SAMLToken request method.
static java.lang.String TRUST_ANY_STS_SIGNER
           This is the key used to specify if recipient trust any certificate that signs SAML assertion.
static java.lang.String TRUST_CLIENT_BINDING
           This is the key used to specify WS-trust client's binding name.
static java.lang.String TRUST_CLIENT_BINDING_SCOPE
           This is the key used to specify binding scope for the policyset attached to WS-Trust client.
static java.lang.String TRUST_CLIENT_COLLECTION_REQUEST
           This is the key used to specify if RequestSecurityTokenCollection is required in WS-Trust request.
static java.lang.String TRUST_CLIENT_POLICY
           This is the key used to specify WS-Trust client's policyset name
static java.lang.String TRUST_CLIENT_SOAP_VERSION
           This is the key used to specify the SOAP version in WS-Trust request.
static java.lang.String TRUST_CLIENT_WSTRUST_NAMESPACE
           This is the key used to specify the WS-Trust namespace in WS-Trust request
static java.lang.String TRUST_CLIENT_WSTRUST_NAMESPACE_12
           This value is the alias for WS-Trust 1.2 namespace.
static java.lang.String TRUST_CLIENT_WSTRUST_NAMESPACE_13
           This value is the alias for WS-Trust 1.3 namespace.
static java.lang.String TRUST_STORE_PASSWORD
           This is the key used to specify truststore password for SAMLToken consuming
static java.lang.String TRUST_STORE_PATH
           This is the key used to specify truststore file path for SAMLToken consuming
static java.lang.String TRUST_STORE_REF
           This is the key used to specify truststore reference for SAMLToken consuming
static java.lang.String TRUST_STORE_TYPE
           This is the key used to specify truststore type name for SAMLToken consuming
static java.lang.String TRUSTED_ISSUER_
           The key is trusted issuer name whose name is trustedIssuer_n where n is an integer.
static java.lang.String TRUSTED_ISSUER_SUBJECTDN
           The key is trusted issuer X509Certificate's SubjectDN name whose name is trustedSubjectDN_n where n is an integer.
static java.lang.String TRUSTED_STS_ALIAS
           This is the optional key used to specify the trusted STS certificate's alias for SAMLToken consuming
static java.lang.String USE_KEY_TYPE
           This is the optional key used to specify the Usekey type, which tells client to generate desired type of KeyInfo.
static java.lang.String VALIDATE_AUDIENCE
           The key is used to set the flag to validate AudienceRestriction assertion The default behavior is not to require AudienceRestriction validation.
static java.lang.String VALIDATE_ONETIMEUSE
           The key is used to set the flag to validate OneTimeUse assertion in SAML 2.0, or DoNotCacheCondition in SAML 1.1 The default behavior is to require OneTimeUse assertion validation.
static java.lang.String X509PATH
           The key is intermediate X509Certificate file path name file path name,.
static java.lang.String X509PATH_PREFIX
           The key is intermediate X509Certificate file path name file path name whose name is X509PATH_n where n is an integer.
 

Field Detail

STS_ADDRESS

static final java.lang.String STS_ADDRESS

This is the key used to specify the SecurityTokenService address.

See Also:
Constant Field Values

KEY_TYPE

static final java.lang.String KEY_TYPE

This is the key used to specify KeyType when making WS-Trust request to STS.

See Also:
Constant Field Values

KEY_SIZE

static final java.lang.String KEY_SIZE

This is the key used to specify KeySize when requesting a SecretKey from STS.

See Also:
Constant Field Values

Token_REQUEST

static final java.lang.String Token_REQUEST

This is the key used to specify SAMLToken request method. Valid values include "issue", "propagation", and "issueByWSPrincipal". The default value is "issue".

See Also:
Constant Field Values

CONFIRMATION_METHOD

static final java.lang.String CONFIRMATION_METHOD

This is the key used to specify SAMLToken subject ConfirmationMethod. Valid values include "bearer", "holder-of-key", and "sender-vouches".

See Also:
Constant Field Values

TRUST_CLIENT_POLICY

static final java.lang.String TRUST_CLIENT_POLICY

This is the key used to specify WS-Trust client's policyset name

See Also:
Constant Field Values

TRUST_CLIENT_BINDING

static final java.lang.String TRUST_CLIENT_BINDING

This is the key used to specify WS-trust client's binding name.

See Also:
Constant Field Values

TRUST_STORE_REF

static final java.lang.String TRUST_STORE_REF

This is the key used to specify truststore reference for SAMLToken consuming

See Also:
Constant Field Values

TRUST_STORE_PATH

static final java.lang.String TRUST_STORE_PATH

This is the key used to specify truststore file path for SAMLToken consuming

See Also:
Constant Field Values

TRUST_STORE_TYPE

static final java.lang.String TRUST_STORE_TYPE

This is the key used to specify truststore type name for SAMLToken consuming

See Also:
Constant Field Values

TRUST_STORE_PASSWORD

static final java.lang.String TRUST_STORE_PASSWORD

This is the key used to specify truststore password for SAMLToken consuming

See Also:
Constant Field Values

TRUSTED_STS_ALIAS

static final java.lang.String TRUSTED_STS_ALIAS

This is the optional key used to specify the trusted STS certificate's alias for SAMLToken consuming

See Also:
Constant Field Values

TRUST_ANY_STS_SIGNER

static final java.lang.String TRUST_ANY_STS_SIGNER

This is the key used to specify if recipient trust any certificate that signs SAML assertion.

See Also:
Constant Field Values

SIGNATURE_REQUIRED

static final java.lang.String SIGNATURE_REQUIRED

This is the key used to specify if signature on SAML assertion is required. Valid values are "true" or "false".

See Also:
Constant Field Values

TRUST_CLIENT_SOAP_VERSION

static final java.lang.String TRUST_CLIENT_SOAP_VERSION

This is the key used to specify the SOAP version in WS-Trust request. Valid values are "1.1" or "1.2". The default value is the same SOAP version used by application client.

See Also:
Constant Field Values

TRUST_CLIENT_BINDING_SCOPE

static final java.lang.String TRUST_CLIENT_BINDING_SCOPE

This is the key used to specify binding scope for the policyset attached to WS-Trust client.

See Also:
Constant Field Values

SIGN_SAMLTOKEN_WITH_STRT

static final java.lang.String SIGN_SAMLTOKEN_WITH_STRT

This is the key used to specify if a SAMLToken should be signed with application message.

See Also:
Constant Field Values

DEFAULT_SAML_EXPIRES_IN_MILLISECONDS

static final long DEFAULT_SAML_EXPIRES_IN_MILLISECONDS

The value specify the default SAMLToken lifetime in milliseconds for a self-issued SAMLToken.

See Also:
Constant Field Values

TRUST_CLIENT_WSTRUST_NAMESPACE

static final java.lang.String TRUST_CLIENT_WSTRUST_NAMESPACE

This is the key used to specify the WS-Trust namespace in WS-Trust request

See Also:
Constant Field Values

TRUST_CLIENT_WSTRUST_NAMESPACE_12

static final java.lang.String TRUST_CLIENT_WSTRUST_NAMESPACE_12

This value is the alias for WS-Trust 1.2 namespace.

See Also:
Constant Field Values

TRUST_CLIENT_WSTRUST_NAMESPACE_13

static final java.lang.String TRUST_CLIENT_WSTRUST_NAMESPACE_13

This value is the alias for WS-Trust 1.3 namespace.

See Also:
Constant Field Values

DEFAULT_TRUST_CLIENT_WSTRUST_NAMESPACE

static final java.lang.String DEFAULT_TRUST_CLIENT_WSTRUST_NAMESPACE

This value is WS-Trust 1.3 namespace.

See Also:
Constant Field Values

TRUST_CLIENT_COLLECTION_REQUEST

static final java.lang.String TRUST_CLIENT_COLLECTION_REQUEST

This is the key used to specify if RequestSecurityTokenCollection is required in WS-Trust request. The default behavior is to use RequestSecurityToken instead of RequestSecurityTokenCollection.

See Also:
Constant Field Values

DEFAULT_TRUST_CLIENT_COLLECTION_REQUEST

static final boolean DEFAULT_TRUST_CLIENT_COLLECTION_REQUEST

This value is to indicate RequestsecurityTokenCollection is not used in WS-Trust request.

See Also:
Constant Field Values

KEY_STORE_REF

static final java.lang.String KEY_STORE_REF

This is the key used to specify keystore reference for SAMLToken consuming

See Also:
Constant Field Values

KEY_STORE_PATH

static final java.lang.String KEY_STORE_PATH

This is the key used to specify keystore file path for SAMLToken consuming

See Also:
Constant Field Values

KEY_STORE_TYPE

static final java.lang.String KEY_STORE_TYPE

This is the key used to specify keystore type name for SAMLToken consuming

See Also:
Constant Field Values

KEY_STORE_PASSWORD

static final java.lang.String KEY_STORE_PASSWORD

This is the key used to specify keystore password for SAMLToken consuming

See Also:
Constant Field Values

KEY_ALIAS

static final java.lang.String KEY_ALIAS

This is the optional key used to specify the key alias for SAMLToken consuming

See Also:
Constant Field Values

KEY_NAME

static final java.lang.String KEY_NAME

This is the optional key used to specify the key name for SAMLToken consuming

See Also:
Constant Field Values

KEY_PASSWORD

static final java.lang.String KEY_PASSWORD

This is the optional key used to specify the key password for SAMLToken consuming

See Also:
Constant Field Values

USE_KEY_TYPE

static final java.lang.String USE_KEY_TYPE

This is the optional key used to specify the Usekey type, which tells client to generate desired type of KeyInfo. The valid values are "KeyValue", "X509Certificate", "X509IssuerSerial", "X509SubjectName", "X509SKI", and "Thumbprint".

See Also:
Constant Field Values

SAMLTOKEN_IN_MESSAGECONTEXT

static final java.lang.String SAMLTOKEN_IN_MESSAGECONTEXT

The key is used to set SAMLToken to RequestContext


SAMLTOKEN_OUT_MESSAGECONTEXT

static final java.lang.String SAMLTOKEN_OUT_MESSAGECONTEXT

The key is used to get SAMLToken from ResponseContext


CACHE_CUSHION

static final java.lang.String CACHE_CUSHION

The key is used to specify cushion in milliseconds that a cached token should not be reused, and a new token should be issued.

See Also:
Constant Field Values

CACHE_TOKEN

static final java.lang.String CACHE_TOKEN

The key is used to specify if SAMLToken could be cached for reuse. The default behavior is to allow SAMLToken caching for reuse.

See Also:
Constant Field Values

CACHE_ENTRIES

static final java.lang.String CACHE_ENTRIES

The key is used to indicate how many cache entries could be maintained in an BindingProvider instance.

See Also:
Constant Field Values

SERVICE_ALIAS

static final java.lang.String SERVICE_ALIAS

The key is used to specify Certificate's alias of target service.

See Also:
Constant Field Values

CLOCK_SKEW

static final java.lang.String CLOCK_SKEW

The key is used to specify allowable clock skew.

See Also:
Constant Field Values

VALIDATE_ONETIMEUSE

static final java.lang.String VALIDATE_ONETIMEUSE

The key is used to set the flag to validate OneTimeUse assertion in SAML 2.0, or DoNotCacheCondition in SAML 1.1 The default behavior is to require OneTimeUse assertion validation.

See Also:
Constant Field Values

VALIDATE_AUDIENCE

static final java.lang.String VALIDATE_AUDIENCE

The key is used to set the flag to validate AudienceRestriction assertion The default behavior is not to require AudienceRestriction validation.

See Also:
Constant Field Values

FAILOVER_TO_TOKEN_REQUEST

static final java.lang.String FAILOVER_TO_TOKEN_REQUEST

The key is used to indicate if ws-security runtime should use attached policyset to issue a new SAMLToken if the input SAMLToken in RequestContext is invalid. The default behavior is to always issue a new one if input token is invalid.

See Also:
Constant Field Values

SAMLTOKEN_SELF_ISSUER

static final java.lang.String SAMLTOKEN_SELF_ISSUER

The key is the default SAML self-issuer name


SAML_SELF_ISSUER_CONFIG

static final java.lang.String SAML_SELF_ISSUER_CONFIG

The key specifies the required configuration data when generating a self-issued SAML token.

See Also:
Constant Field Values

TRUSTED_ISSUER_

static final java.lang.String TRUSTED_ISSUER_

The key is trusted issuer name whose name is trustedIssuer_n where n is an integer.

See Also:
Constant Field Values

TRUSTED_ISSUER_SUBJECTDN

static final java.lang.String TRUSTED_ISSUER_SUBJECTDN

The key is trusted issuer X509Certificate's SubjectDN name whose name is trustedSubjectDN_n where n is an integer.

See Also:
Constant Field Values

X509PATH

static final java.lang.String X509PATH

The key is intermediate X509Certificate file path name file path name,.

See Also:
Constant Field Values

CRLPATH

static final java.lang.String CRLPATH

The key is revoked certificate list file path name whose name.

See Also:
Constant Field Values

X509PATH_PREFIX

static final java.lang.String X509PATH_PREFIX

The key is intermediate X509Certificate file path name file path name whose name is X509PATH_n where n is an integer.

See Also:
Constant Field Values

CRLPATH_PREFIX

static final java.lang.String CRLPATH_PREFIX

The key is revoked certificate list file path name whose name is CRLPATH_n where n is an integer.

See Also:
Constant Field Values

IBM WebSphere Application ServerTM
Release 7