a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# Copyright (c) 2007 Sun Microsystems Inc. All Rights Reserved

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# The contents of this file are subject to the terms

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# of the Common Development and Distribution License

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# (the License). You may not use this file except in

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# compliance with the License.

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# You can obtain a copy of the License at

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# https://opensso.dev.java.net/public/CDDLv1.0.html or

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# opensso/legal/CDDLv1.0.txt

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# See the License for the specific language governing

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# permission and limitations under the License.

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# When distributing Covered Code, include this CDDL

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# Header Notice in each file and include the License file

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# at opensso/legal/CDDLv1.0.txt.

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# If applicable, add the following below the CDDL Header,

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# with the fields enclosed by brackets [] replaced by

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# your own identifying information:

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# "Portions Copyrighted [year] [name of copyright owner]"

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# $Id: FederationClient.properties,v 1.7 2009/08/29 07:59:17 mallas Exp $

a4544a5a0e622ef69e38641f87ab1b5685e05911Phill Cunnington# Portions Copyrighted 2015 ForgeRock AS.

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# Specify implementation class for

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# com.sun.identity.plugin.configuration.ConfigurationInstance interface.

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostercom.sun.identity.plugin.configuration.class=@CONFIGURATION_PROVIDER_CLASS@

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# Specify implementation class for

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# com.sun.identity.plugin.datastore.DataStoreProvider interface.

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# This property defines the default datastore provider.

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostercom.sun.identity.plugin.datastore.class.default=@DATASTORE_PROVIDER_CLASS@

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# Specify implementation class for

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# com.sun.identity.plugin.session.SessionProvider interface.

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostercom.sun.identity.plugin.session.class=@SESSION_PROVIDER_CLASS@

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# Specify XML signature provider class

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostercom.sun.identity.saml.xmlsig.signatureprovider.class=com.sun.identity.saml.xmlsig.AMSignatureProvider

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# Specify XML key provider implementation class

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostercom.sun.identity.saml.xmlsig.keyprovider.class=com.sun.identity.saml.xmlsig.JKSKeyProvider

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# Identify SAML XML signature keystore file, keystore password file

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# and key password file

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostercom.sun.identity.saml.xmlsig.keystore=@BASE_DIR@/keystore.jks

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostercom.sun.identity.saml.xmlsig.storepass=@BASE_DIR@/.storepass

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostercom.sun.identity.saml.xmlsig.keypass=@BASE_DIR@/.keypass

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostercom.sun.identity.saml.xmlsig.certalias=test

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# Specify type of KeyStore used for saml xml signature. Default is JKS.

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# com.sun.identity.saml.xmlsig.storetype=JKS

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# Flag for checking the Certificate which is embedded in the

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# KeyInfo against the certificates in the keystore (specified

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# by the "com.sun.identity.saml.xmlsig.keystore" property).

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# Possible values for the key are: on|off. If the flag is "on",

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# the certification must be presented in the keystore for

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# XML signature validation. If the flag is "off", skip

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# the presence checking.

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostercom.sun.identity.saml.checkcert=on

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# XML cannonicalization algorithm. Used for SAML XML signature generation

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# and verification. When not specified, or value is empty, default value

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# will be used. The following is the list of supported algorithms:

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# http://www.w3.org/2001/10/xml-exc-c14n# (default)

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# http://www.w3.org/2001/10/xml-exc-c14n#WithComments

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# http://www.w3.org/TR/2001/REC-xml-c14n-20010315

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostercom.sun.identity.saml.xmlsig.c14nMethod=http://www.w3.org/2001/10/xml-exc-c14n#

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# XML signature algorithm. Used for SAML XML Signature generation and

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# verification. When not specified, or value is empty, default value will be

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# used. The following is the list of supported algorithms:

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# http://www.w3.org/2000/09/xmldsig#rsa-sha1 (default)

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# http://www.w3.org/2000/09/xmldsig#hmac-sha1

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# http://www.w3.org/2000/09/xmldsig#dsa-sha1

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# http://www.w3.org/2001/04/xmldsig-more#rsa-md5

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# http://www.w3.org/2001/04/xmldsig-more#rsa-sha256

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# http://www.w3.org/2001/04/xmldsig-more#rsa-sha384

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# http://www.w3.org/2001/04/xmldsig-more#rsa-sha512

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# http://www.w3.org/2001/04/xmldsig-more#hmac-md5

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# http://www.w3.org/2001/04/xmldsig-more#hmac-sha256

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# http://www.w3.org/2001/04/xmldsig-more#hmac-sha384

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# http://www.w3.org/2001/04/xmldsig-more#hmac-sha512

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostercom.sun.identity.saml.xmlsig.xmlSigAlgorithm=

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# XML transformation algorithm. Used for SAML XML signature generation

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# and verification. When not specified, or value is empty, default value

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# will be used. The following is the list of supported algorithms:

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# http://www.w3.org/2001/10/xml-exc-c14n# (default)

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# http://www.w3.org/2001/10/xml-exc-c14n#WithComments

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# http://www.w3.org/TR/2001/REC-xml-c14n-20010315

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# http://www.w3.org/TR/1999/REC-xslt-19991116

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# http://www.w3.org/2000/09/xmldsig#base64

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# http://www.w3.org/TR/1999/REC-xpath-19991116

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# http://www.w3.org/2000/09/xmldsig#enveloped-signature

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# http://www.w3.org/TR/2001/WD-xptr-20010108

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# http://www.w3.org/2002/04/xmldsig-filter2

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# http://www.w3.org/2002/06/xmldsig-filter2

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# http://www.nue.et-inf.uni-siegen.de/~geuer-pollmann/#xpathFilter

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostercom.sun.identity.saml.xmlsig.transformAlg=http://www.w3.org/2001/10/xml-exc-c14n#

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# SAML2 XML Encryption Provider Implementation class

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostercom.sun.identity.saml2.xmlenc.EncryptionProvider=com.sun.identity.saml2.xmlenc.FMEncProvider

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# SAML2 XML Signing Provider Implementation class.

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostercom.sun.identity.saml2.xmlsig.SignatureProvider=com.sun.identity.saml2.xmlsig.FMSigProvider

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# SAML2 XML Signing Certificate Validation.

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostercom.sun.identity.saml2.crl.check=false

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# SAML2 XML Signing Certificate Validation.

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostercom.sun.identity.saml2.crl.check.ca=false

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# Client ceritificate alias that will be used in SSL connection for Liberty

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# SOAP Binding

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostercom.sun.identity.liberty.ws.soap.certalias=

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# If the message timestamp is before current timestamp by this amount

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# (millisec), it is considered a stale message.

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostercom.sun.identity.liberty.ws.soap.staleTimeLimit=300000

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# All the messageID of a valid message will be stored in a cache with the it

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# is received to avoid duplicate messages. If the current time minus the

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# received time is greater than the above staleTimeLimit, it should be removed

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# from the cache. The is property specify the interval(millisec) that a

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# cleanup thread should check the cache and remove those messageID.

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostercom.sun.identity.liberty.ws.soap.messageIDCacheCleanupInterval=60000

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# Supported SOAP actors. Each actor must be seperated by '|'

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostercom.sun.identity.liberty.ws.soap.supportedActors=http://schemas.xmlsoap.org/soap/actor/next

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# Namespace prefix mapping used when marshalling a JAXB content tree to a

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# DOM tree. The syntax is

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# <prefix>=<namespace>|<prefix>=<namespace>|..........

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostercom.sun.identity.liberty.ws.jaxb.namespacePrefixMappingList=S=http://schemas.xmlsoap.org/soap/envelope/|sb=urn:liberty:sb:2003-08|pp=urn:liberty:id-sis-pp:2003-08|ispp=http://www.sun.com/identity/liberty/pp|is=urn:liberty:is:2003-08

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# JAXB package list used when constructing JAXBContext. Each package must be

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# seperated by ':'.

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostercom.sun.identity.liberty.ws.jaxb.packageList=

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# Liberty ID-WSF security profile,

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# com.sun.identity.liberty.ws.wsc.certalias specifies default certificate

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# alias for issuing web service security token for this web service client

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# com.sun.identity.liberty.ws.ta.certalias specifies certificate

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# alias for trusted authority that will be used to sign SAML or SAML

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# BEARER token of response message.

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# com.sun.identity.liberty.ws.trustedca.certaliases specifies certificate

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# aliases for trusted CA. SAML or SAML BEARER token of incoming request

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# message needs to be signed by a trusted CA in this list. The syntax is

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# <cert alias 1>[:<issuer 1>]|<cert alias 2>[:<issuer 2>]|.....

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# For example, 'myalias1:myissuer1|myalias2|myalias3:myissuer3

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# 'issuer' is used when the token doesn't have a KeyInfo inside the

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# signature. The 'issuer' of the token needs to be in this list and the

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# corresponding cert alias will be used to verify signature. If KeyInfo

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# exists, the keystore needs to contain a cert alias that matches the

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# KeyInfo and the cert alias needs to be in this list.

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# com.sun.identity.liberty.ws.security.TokenProviderImpl specifies

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# implementation for security token provider

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostercom.sun.identity.liberty.ws.wsc.certalias=test

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostercom.sun.identity.liberty.ws.ta.certalias=test

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostercom.sun.identity.liberty.ws.trustedca.certaliases=test:SunSTS|test:@SERVER_HOST@

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostercom.sun.identity.liberty.ws.security.TokenProviderImpl=com.sun.identity.liberty.ws.security.LibSecurityTokenProvider

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# URL for WSPRedirectHandlerServlet to handle Liberty WSF WSP-resource owner

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# interactions based on user agent redirects. This should be running in

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# the same JVM where Liberty SP is running

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostercom.sun.identity.liberty.interaction.wspRedirectHandler=@SERVER_PROTOCOL@://@SERVER_HOST@:@SERVER_PORT@/@DEPLOY_URI@/WSPRedirectHandler

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# indicates whether WSC would participate in interaction

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# valid values are interactIfNeeded | doNotInteract | doNotInteractForData

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# default value:interactIfNeeded

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# value used if an invalid value is specified:interactIfNeeded

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostercom.sun.identity.liberty.interaction.wscSpecifiedInteractionChoice=interactIfNeeded

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# indicates whether WSC would include userInteractionHeader

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# valid values are yes|no (case ignored)

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# default value:yes

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# value used if no value is specified:yes

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostercom.sun.identity.liberty.interaction.wscWillInlcudeUserInteractionHeader=yes

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# indicates whether WSC would redirect user for interaction

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# valid values are yes|no

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# default value:yes

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# value used if no value is specified:yes

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostercom.sun.identity.liberty.interaction.wscWillRedirect=yes

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# WSC's preference on the acceptable duration for interaction(in seconds)

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# default value if the value is not specified or a non integer value is

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# specified : 60

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostercom.sun.identity.liberty.interaction.wscSpecifiedMaxInteractionTime=80

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# indicates whether WSC would enforce that redirected to URL is https

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# valid values are yes|no (case ignored)

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# liberty specification require the value to be yes

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# default value:yes

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# value used if no value is specified:yes

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostercom.sun.identity.liberty.interaction.wscWillEnforceHttpsCheck=no

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# This property is used to determine the Liberty identity web services framework

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# to be used when the framework can not determine from the in-bound message or

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# from the resource offering when AM is acting as the WSC.

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# The default version is 1.1, but the possible values are 1.0 or 1.1

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# com.sun.identity.liberty.wsf.version=1.1

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# Web Services Security Client Properties

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# Login URL for WSS end user authentication use cases

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostercom.sun.identity.loginurl=@SERVER_PROTOCOL@://@SERVER_HOST@:@SERVER_PORT@/@DEPLOY_URI@/UI/Login

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# Login URL redirection ("goto") paramter name for WSS end user authentication use cases

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostercom.sun.identity.loginurl.goto=goto

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster# Authentication web service URL for WSS Liberty use cases

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostercom.sun.identity.liberty.authnsvc.url=@SERVER_PROTOCOL@://@SERVER_HOST@:@SERVER_PORT@/@DEPLOY_URI@/Liberty/authnsvc

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fostercom.sun.identity.jsr196.authenticated.user=AUTHENTICATED_USERS

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster