a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * The contents of this file are subject to the terms
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * of the Common Development and Distribution License
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * (the License). You may not use this file except in
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * compliance with the License.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * You can obtain a copy of the License at
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * https://opensso.dev.java.net/public/CDDLv1.0.html or
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * See the License for the specific language governing
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * permission and limitations under the License.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * When distributing Covered Code, include this CDDL
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Header Notice in each file and include the License file
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * If applicable, add the following below the CDDL Header,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * with the fields enclosed by brackets [] replaced by
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * your own identifying information:
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * "Portions Copyrighted [year] [name of copyright owner]"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * $Id: SAMLConstants.java,v 1.17 2009/06/12 22:21:39 mallas Exp $
12438f5b0ad263011102508a11cfb9273c8c0f8dcweng * Portions Copyrighted 2010-2016 ForgeRock AS.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * This is a common class defining some constants common to all SAML elements.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * String to identify a quote.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * String to identify a new line charactor.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * String to identify a left angle.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * String to identify a right angle.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * String to identify "/>".
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * String to identify "</".
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String START_END_ELEMENT = "</";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * String to identify a space charactor.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SAML assertion namespace URI.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String assertionSAMLNameSpaceURI =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "urn:oasis:names:tc:SAML:1.0:assertion";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SOAP 1.1 namespace URI.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SOAP 1.2 namespace URI.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SOAP envelope prefix.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String SOAP_ENV_PREFIX = "soap-env";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SAML request-response protocol namespace URI.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String PROTOCOL_NAMESPACE_URI =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "urn:oasis:names:tc:SAML:1.0:protocol";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * XML Digital Signature namespace.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String XMLSIG_NAMESPACE_URI =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Element name for xml signature.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String XMLSIG_ELEMENT_NAME = "Signature";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Pointer to Signature name space.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * String which gets incorporated into
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>toString(includeNS, declareNS)</code> when
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>declareNS</code> is true for any assertion element.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String assertionDeclareStr =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster " xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\"";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * String used in the <code>toString(includeNS, declareNS)</code> method.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String PROTOCOL_NAMESPACE_STRING =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster " xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\"";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>NameQualifier</code> in <code>NameIdetifier</code> for
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>X509SubjectName</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * String used in the <code>ActionNamespace</code> attribute to refer to
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * common sets of actions to perform on resources.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Defined actions: <code>Read Write Execute Delete Control</code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * These actions are interpreted in the normal manner, i.e.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <li><code>Read</code>: The subject may read the resource </li>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <li><code>Write</code>: The subject may modify the resource </li>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <li><code>Execute</code>: The subject may execute the resource </li>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <li><code>Delete</code>: The subject may delete the resource </li>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <li><code>Control</code>: The subject may specify the access control
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * policy for the resource.</li>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "urn:oasis:names:tc:SAML:1.0:action:rwedc";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * String used in the <code>ActionNamespace</code> attribute to refer to
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * common sets of actions to perform on resources.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Title: Read/Write/Execute/Delete/Control with Negation
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Defined actions:
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>Read Write Execute Delete Control ~Read ~Write ~Execute ~Delete
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * ~Control</code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <li><code>Read</code>: The subject may read the resource </li>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <li><code>Write</code>: The subject may modify the resource </li>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <li><code>Execute</code>: The subject may execute the resource </li>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <li><code>Delete</code>: The subject may delete the resource </li>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <li><code>Control</code>: The subject may specify the access control
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * policy for the resource </li>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <li><code>~Read</code>: The subject may NOT read the resource </li>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <li><code>~Write</code>: The subject may NOT modify the resource </li>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <li><code>~Execute</code>: The subject may NOT execute the resource </li>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <li><code>~Delete</code>: The subject may NOT delete the resource </li>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <li><code>~Control</code>: The subject may NOT specify the access
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * control policy for the resource </li>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * An application MUST NOT authorize both an action and its negated form.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String ACTION_NAMESPACE_NEGATION =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "urn:oasis:names:tc:SAML:1.0:action:rwedc-negation";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * String used in the <code>ActionNamespace</code> attribute to refer to
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * common sets of actions to perform on resources.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Title: <code>Get/Head/Put/Post</code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Defined actions:
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>GET HEAD PUT POST</code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * These actions bind to the corresponding HTTP operations. For example a
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * subject authorized to perform the GET action on a resource is authorized
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * to retrieve it. The GET and HEAD actions loosely correspond to the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * conventional read permission and the PUT and POST actions to the write
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * permission. The correspondence is not exact however since a HTTP GET
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * operation may cause data to be modified and a POST operation may cause
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * modification to a resource other than the one specified in the request.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * For this reason a separate Action URI specifier is provided.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String ACTION_NAMESPACE_GHPP =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "urn:oasis:names:tc:SAML:1.0:ghpp";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * String used in the <code>ActionNamespace<code> attribute to refer to
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * common sets of actions to perform on resources.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Title: UNIX File Permissions
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Defined actions:
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * The defined actions are the set of UNIX file access permissions
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * expressed in the numeric (octal) notation. The action string is a four
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * digit numeric code: extended user group world
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Where the extended access permission has the value
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <li><code>+2 if sgid is set</code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <li><code>+4 if suid is set</code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * The user group and world access permissions have the value
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <li><code>+1 if execute permission is granted</code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <li><code>+2 if write permission is granted</code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <li><code>+4 if read permission is granted</code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * For example 0754 denotes the UNIX file access permission: user read,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * write and execute, group read and execute and world read.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String ACTION_NAMESPACE_UNIX =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "urn:oasis:names:tc:SAML:1.0:action:unix";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * saml namespace prefix with ":".
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String ASSERTION_PREFIX = "saml:";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * samlp namespace prefix with ":".
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String PROTOCOL_PREFIX = "samlp:";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Assertion version 1.0.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String ASSERTION_VERSION_1_0 = "1.0";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Assertion version 1.1.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String ASSERTION_VERSION_1_1 = "1.1";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Major version of assertion.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final int ASSERTION_MAJOR_VERSION = 1;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Default Assertion minor version.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Assertion minor version 0.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final int ASSERTION_MINOR_VERSION_ZERO = 0;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Assertion minor version 1.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final int ASSERTION_MINOR_VERSION_ONE = 1;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Protocol version 1.0.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String PROTOCOL_VERSION_1_0 = "1.0";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Protocol version 1.1.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String PROTOCOL_VERSION_1_1 = "1.1";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Protocol major version 1.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final int PROTOCOL_MAJOR_VERSION = 1;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Default protocol minor version 1.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Protocol minor version 0.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final int PROTOCOL_MINOR_VERSION_ZERO = 0;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Protocol minor version 1.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final int PROTOCOL_MINOR_VERSION_ONE = 1;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Assertion handle, request id, and response id have this length.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * If server id cannot be found, assertion id has this length also.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * request id, response id, and assertion id will be base64 encoded for
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Length for server id. Used in load balancing.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Default encoding used in the xml string conversion.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String DEFAULT_ENCODING = "UTF-8";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SAML artifact confirmation method identifier URI.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static String CONFIRMATION_METHOD_ARTIFACT =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "urn:oasis:names:tc:SAML:1.0:cm:artifact";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Deprecated SAML Artifact confirmation method identifier URI.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String DEPRECATED_CONFIRMATION_METHOD_ARTIFACT =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "urn:oasis:names:tc:SAML:1.0:cm:artifact-01";
8d3140b524c0e28c0a49dc7c7d481123ef3cfe11Chris Lee * OpenAM confirmation method identifier URI.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String CONFIRMATION_METHOD_IS =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "urn:com:sun:identity";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SAML Bearer confirmation method identifier URI.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String CONFIRMATION_METHOD_BEARER =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "urn:oasis:names:tc:SAML:1.0:cm:bearer";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SAML "Holder of Key" confirmation method identifier URI.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String CONFIRMATION_METHOD_HOLDEROFKEY =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "urn:oasis:names:tc:SAML:1.0:cm:holder-of-key";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SAML "Sender Vouches" confirmation method identifier URI.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String CONFIRMATION_METHOD_SENDERVOUCHES =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "urn:oasis:names:tc:SAML:1.0:cm:sender-vouches";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // used by SAML service schema related operations
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SAML service name.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String SAML_SERVICE_NAME = "SAML1";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * 1.0 version of SAML service.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String SAML_SERVICE_VERSION = "1.0";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SAML service attribute that specifies time skew for not before attribute
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * in assertion.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String NOTBEFORE_TIMESKEW_NAME =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "iplanet-am-saml-notbefore-timeskew";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SAML service attribute that specifies artifact timeout period.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String ARTIFACT_TIMEOUT_NAME =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "iplanet-am-saml-artifact-timeout";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SAML service attribute that specifies assertion timeout period.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String ASSERTION_TIMEOUT_NAME =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "iplanet-am-saml-assertion-timeout";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SAML service attribute that specifies whether needs to remove
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * assertion after it's being dereferenced or not.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String REMOVE_ASSERTION_NAME =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "com.sun.identity.saml.removeassertion";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Default not before time skew. It's in seconds.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final int NOTBEFORE_TIMESKEW_DEFAULT = 300;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Default artifact timeout period. It's in seconds.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final int ARTIFACT_TIMEOUT_DEFAULT = 120;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Default assertion timeout period. It's in seconds.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final int ASSERTION_TIMEOUT_DEFAULT = 60;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SAML service attribute that specifies list of saml site IDs.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String SITE_ID_LIST = "iplanet-am-saml-siteid-list";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SAML service attribute that specifies list of instances.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String INSTANCE_LIST = "iplanet-am-saml-instance-list";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * This site's ID.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String SITE_ID = "mysiteid";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SAML service attribute that specifies list of issuer names.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "iplanet-am-saml-issuername-list";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * This site's issuer name.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String ISSUER_NAME = "mysitename";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SAML service attribute name for list of site ID and issuer names.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String SITE_ID_ISSUER_NAME_LIST =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "iplanet-am-saml-siteid-issuername-list";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Constant for instance id.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String INSTANCEID = "INSTANCEID";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Constant for site id.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Constant for issuer name.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String ISSUERNAME = "ISSUERNAME";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SAML service attribute that specifies site's certificate alias.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "iplanet-am-saml-sitecertalias";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SAML service attribute that specifies whether to sign a request or not.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "iplanet-am-saml-signrequest";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Default is to not sign request.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String SIGN_REQUEST_DEFAULT = "false";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SAML service attribute that specifies whether to sign a response or not.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "iplanet-am-saml-signresponse";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Default is to not sign response.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String SIGN_RESPONSE_DEFAULT = "false";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SAML service attribute that specifies whether to sign an assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "iplanet-am-saml-signassertion";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Default is to not sign the assertion.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String SIGN_ASSERTION_DEFAULT = "false";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SAML service attribute that specifies the name for artifact.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String ARTIFACT_NAME = "iplanet-am-saml-artifact-name";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SAML service attribute that specifies the name id format attribute map.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String NAME_ID_FORMAT_MAP =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "iplanet-am-saml-name-id-format-attr-map";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SAML service attribute that specifies the attribute map.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "iplanet-am-saml-attr-map";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Default SAML artifact name.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String ARTIFACT_NAME_DEFAULT = "SAMLart" ;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SAML service attribute that specifies target parameter.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "iplanet-am-saml-target-specifier" ;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Default parameter for target.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String TARGET_SPECIFIER_DEFAULT = "TARGET" ;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SAML service attribute that specifies list of trusted partners.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * A sample trusted server list entry is like
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * target=.iplanet.com:8080|
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SAMLUrl=http://dsame.red.iplanet.com:8080/amserver/SAMLAwareServlet|
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * POSTUrl=http://dsame.red.iplanet.com:8080/amserver/SAMLPOSTProfileServlet
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String TRUSTED_SERVER_LIST =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "iplanet-am-saml-trusted-server-list";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SAML service attribute that specifies partner urls.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * A sample Parter URL list entry is like:
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SourceID=encoded 20 bytes|
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SOAPUrl=http://dsame2.red.iplanet.com:8080/amserver/SAMLSOAPReceiver
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String PARTNER_URLS = "iplanet-am-saml-partner-urls";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Constants for target.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Constants for url which handles saml web browser artifact profile.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String SAMLURL = "SAMLURL";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Constants for url which handles saml web browser post profile.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String POSTURL = "POSTURL";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * A SAML service attribute parameter. The 20-byte sequence defined as in
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * the SiteID and Issuer name.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String SOURCEID = "SOURCEID";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * A SAML service attribute parameter that defines partner's name.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * iPlanet-PUBLIC-STATIC
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String PARTNERNAME = "PARTNERNAME";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * A SAML service attribute parameter that defines the URL that provides
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * the SAML service. The servlet specified in the URL implements the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Web-browser SSO with Artifact profile defined in the OASIS-SAML
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Bindings and Profiles specification.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String SOAPUrl = "SOAPURL";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * A SAML service attribute parameter that defines the authentication type
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * used in SAML. It should be one of the following:
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SSLWITHBASICAUTH
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * This parameter is optional, and if not specified, the default is NOAUTH.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * If BASICAUTH or SSLWITHBASICAUTH is specified, the User parameter is
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * require and the SOAPUrl should be HTTPS.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String AUTHTYPE = "AUTHTYPE";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * A SAML service attribute parameter that defines the uid of the partner
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * which is used to protect the partner's SOAP Receiver
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * A SAML service attribute parameter that defines the user id of the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * partner which is used for Basic Authentication.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String AUTH_UID = "AUTHUSER";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * A SAML service attribute parameter that defines the password of the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * partner which is used for Basic Authentication.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String AUTH_PASSWORD = "AUTHPASSWORD";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * A SAML service attribute parameter that specifies a pluggable class
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * which defines how the subject of an Assertion is related to an identity
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * at the destination site. By default, it is:
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * com.sun.identity.saml.plugins.DefaultAccountMapper
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String ACCOUNTMAPPER = "ACCOUNTMAPPER";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * A SAML service attribute parameter that specifies a pluggable class
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * which defines how the subject of an Assertion is related to an identity
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * at the destination site and a target URL. By default, it is:
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * com.sun.identity.saml.plugins.DefaultPartnerAccountMapper
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String PARTNERACCOUNTMAPPER = "PARTNERACCOUNTMAPPER";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * A SAML service attribute parameter that specifies the class with the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * path where the siteAttributeMapper is located. Applications can develop
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * a siteAttributeMapper to obtain attributes to be included in the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * assertion during SSO. If no siteAttributeMapper is found, then no
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * attributes will be included in the assertion during SSO.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String SITEATTRIBUTEMAPPER = "siteattributemapper";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String SITEATTRIBUTEMAPPERDEFAULT =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "com.sun.identity.saml.plugins.DefaultSiteAttributeMapper";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * A SAML service attribute parameter that specifies the class with the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * path where the partnerSiteAttributeMapper is located. Applications can
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * develop a partnerSiteAttributeMapper to obtain attributes to be included
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * in the assertion during SSO based on target URL. If no
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * partnerSiteAttributeMapper is found, then no attributes will be included
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * in the assertion during SSO.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String PARTNERSITEATTRIBUTEMAPPER =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "partnersiteattributemapper";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * A SAML service attribute parameter that specifies the class with the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * path where the nameIdentifierMapper is located. Applications can develop
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * a nameIdentifierMapper to obtain a name identifier to be included in the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * assertion during SSO. If no nameIdentifierMapper is found, then a
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * default implementation will be used.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String NAMEIDENTIFIERMAPPER = "nameidentifiermapper";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * A SAML service attribute parameter that lists the IP addresses and/or
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * the certAlias for all of the hosts, within the specified partner site,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * that can send requests to this site. This ensures that the requester is
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * indeed the intended receiver for the SAML artifact.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String HOST_LIST = "hostlist";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * A POST attribute name that specifies an assertion.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String POST_ASSERTION_NAME = "ASSERTION";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * A POST attribute name that specifies attribute names of an assertion.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String POST_ATTR_NAMES = "ATTRIBUTENAMES";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * A SAML service attribute parameter that specifies a certAlias name used
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * for verifying the signature in an assertion, when the assertion is
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * signed by a partner and the certificate of the partner can not be found
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * in the KeyInfo portion of the signed assertion.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String CERTALIAS = "CERTALIAS";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * A SAML service attribute parameter that defines the creator of an
8d3140b524c0e28c0a49dc7c7d481123ef3cfe11Chris Lee * assertion generated within OpenAM. The syntax is
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * hostname:port.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * A SAML service attribute parameter that specifies the class with the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * path to where the attributeMapper is located. Applications can develop
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * an attributeMapper to obtain either an Session ID or an assertion
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * containing AuthenticationStatement from the query. The mapper is then
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * used to retrieve the attributes for the subject. If no attributeMapper
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * is specified, DefaultAttributeMapper will be used.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String ATTRIBUTEMAPPER = "ATTRIBUTEMAPPER";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * A SAML service attribute parameter that specifies the class with the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * path to where the actionMapper is located. Applications can develop an
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * actionMapper to obtain either an Session ID or an assertion containing
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * AuthenticationStatement from the query. The mapper is then used to
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * retrieve the authorization decisions for the actions defined in the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * query. If no actionMapper is specified, DefaultActionMapper will be
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String ACTIONMAPPER = "ACTIONMAPPER";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * A SAML service attribute parameter that specifies SAML version
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String VERSION = "VERSION";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SAML service attribute that specifies action service mapping.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String ACTION_SERVICE_MAPPING =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "iplanet-am-saml-action-service-mapping";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SAML service attribute that specifies POST to Target URLs.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String POST_TO_TARGET_URLS =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "iplanet-am-saml-post-to-target-urls";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SAML service attribute that specifies maximum number of assertions
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * the server can have at a given time.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String ASSERTION_MAX_NUMBER_NAME =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "iplanet-am-saml-assertion-max-number";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Default maximum number of assertions of the server. It means no limit.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final int ASSERTION_MAX_NUMBER_DEFAULT = 0;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SAML service attribute that specifies server clean up interval.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String CLEANUP_INTERVAL_NAME =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "iplanet-am-saml-cleanup-interval";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * System property name that specifies cleanup interval for internal
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * cache, such as assertions, artifacts and keystore etc.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * This property is mapped to the CLEANUP_INTERVAL_NAME attribute in
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SAML service on the server side.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String CLEANUP_INTERVAL_PROPERTY =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "com.sun.identity.saml.cleanup.interval";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Default server cleanup interval. It is in seconds.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final int CLEANUP_INTERVAL_DEFAULT = 180;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Kerberos authentication method.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String AUTH_METHOD_KERBEROS = "Kerberos";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Certificate authentication method.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String AUTH_METHOD_CERT = "Cert";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Certificate authentication method URI.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String AUTH_METHOD_CERT_URI = "urn:ietf:rfc:2246";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Password authentication method URI.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String AUTH_METHOD_PASSWORD_URI =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "urn:oasis:names:tc:SAML:1.0:am:password";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Hardware token authentication method uri.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String AUTH_METHOD_HARDWARE_TOKEN_URI =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "urn:oasis:names:tc:SAML:1.0:am:HardwareToken";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Kerberos authentication method uri.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String AUTH_METHOD_KERBEROS_URI = "urn:ietf:rfc:1510";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Private authentication method prefix.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String AUTH_METHOD_URI_PREFIX =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "urn:com:sun:identity:";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SAML service attribute which identifies basic authentication user.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String USER = "iplanet-am-saml-user";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SAML service attribute which identifies basic authentication password.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String PASSWORD="iplanet-am-saml-password";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * A SAML authentication type that uses HTTP protocol and username/password
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String BASICAUTH= "BASICAUTH";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * A SAML authentication type that uses HTTPS protocol and
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String SSLWITHBASICAUTH = "SSLWITHBASICAUTH";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * A SAML authentication type that uses HTTP protocol
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * A SAML authentication type that uses HTTPS protocol
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Parameter for Name Identifier format used in SAML web browser post
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * profile and SAML web browser artifact profile.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String NAME_ID_FORMAT="NameIDFormat";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Constant for servlet which does SAML web browser artifact profile.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String SAML_AWARE_NAMING="samlawareservlet";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Constant for endpoint which accepts SOAP request.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String SAML_SOAP_NAMING="samlsoapreceiver";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Constant for servlet which does SAML web browser post profile.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String SAML_POST_NAMING="samlpostservlet";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Constant for process which handles all assertion related requests.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String SAML_AM_NAMING = "samlassertionmanager";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Parameter for SAML response used in SAML web browser post profile.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String POST_SAML_RESPONSE_PARAM = "SAMLResponse";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Parameter for SAML TARGET.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String POST_TARGET_PARAM = "TARGET";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // for SAMLPOSTProfileServlet
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Constant which identifies source site.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String SOURCE_SITE_SOAP_ENTRY = "sourceSite";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Constant for assertion parameter.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String POST_ASSERTION = "assertion";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Constant for subject.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String SUBJECT = "subject";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Success status code.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String STATUS_CODE_SUCCESS = "samlp:Success";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Success status code with no namespace prefix.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String STATUS_CODE_SUCCESS_NO_PREFIX = ":Success";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * http protocol.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * https protocol.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // Used for xml digital signing
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String CANONICALIZATION_METHOD =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String TRANSFORM_ALGORITHM=
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "com.sun.identity.saml.xmlsig.transformAlg";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "com.sun.identity.saml.xmlsig.xmlSigAlgorithm";
12438f5b0ad263011102508a11cfb9273c8c0f8dcweng "com.sun.identity.saml.xmlsig.digestAlgorithm";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "com.sun.identity.saml.xmlsig.JKSKeyProvider";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String KEY_PROVIDER_IMPL_CLASS =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "com.sun.identity.saml.xmlsig.keyprovider.class";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String SIGNATURE_PROVIDER_IMPL_CLASS =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "com.sun.identity.saml.xmlsig.signatureprovider.class";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String AM_SIGNATURE_PROVIDER =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "com.sun.identity.saml.xmlsig.AMSignatureProvider";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // constants for XML Signature SignatureMethodURI
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * MAC Algorithm HMAC-SHA1 URI - Required.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String ALGO_ID_MAC_HMAC_SHA1 =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Signature Algorithm DSAwithSHA1 URI - Required.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String ALGO_ID_SIGNATURE_DSA =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Signature Algorithm RSAwithSHA1 URI - Recommended.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String ALGO_ID_SIGNATURE_RSA =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Signature Algorithm RSAwithSHA1 URI.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String ALGO_ID_SIGNATURE_RSA_SHA1 =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Signature Algorithm RSA-MD5 URI.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String ALGO_ID_SIGNATURE_NOT_RECOMMENDED_RSA_MD5 =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "http://www.w3.org/2001/04/xmldsig-more#rsa-md5";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Signature Algorithm RSA-RIPEMD160 URI.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String ALGO_ID_SIGNATURE_RSA_RIPEMD160 =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Signature Algorithm RSA-SHA256 URI.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String ALGO_ID_SIGNATURE_RSA_SHA256 =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Signature Algorithm RSA-SHA384 URI.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String ALGO_ID_SIGNATURE_RSA_SHA384 =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "http://www.w3.org/2001/04/xmldsig-more#rsa-sha384";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Signature Algorithm RSA-SHA512 URI.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String ALGO_ID_SIGNATURE_RSA_SHA512 =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "http://www.w3.org/2001/04/xmldsig-more#rsa-sha512";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * MAC Algorithm HMAC-MD5 URI.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String ALGO_ID_MAC_HMAC_NOT_RECOMMENDED_MD5 =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "http://www.w3.org/2001/04/xmldsig-more#hmac-md5";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * MAC Algorithm HMAC-RIPEMD160 URI.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String ALGO_ID_MAC_HMAC_RIPEMD160 =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * MAC Algorithm HMAC-SHA256 URI.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String ALGO_ID_MAC_HMAC_SHA256 =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "http://www.w3.org/2001/04/xmldsig-more#hmac-sha256";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * MAC Algorithm HMAC-SHA384 URI.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String ALGO_ID_MAC_HMAC_SHA384 =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "http://www.w3.org/2001/04/xmldsig-more#hmac-sha384";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * MAC Algorithm HMAC-SHA512 URI.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String ALGO_ID_MAC_HMAC_SHA512 =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "http://www.w3.org/2001/04/xmldsig-more#hmac-sha512";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Attribute that identifies server protocol in
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>AMConfig.properties</code> file.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "com.iplanet.am.server.protocol";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Attribute that identifies server host in
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>AMConfig.properties</code> file.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String SERVER_HOST = "com.iplanet.am.server.host";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Attribute that identifies server port in
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>AMConfig.properties</code> file.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String SERVER_PORT = "com.iplanet.am.server.port";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Attribute that identifies server port in
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>AMConfig.properties</code> file.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "com.iplanet.am.services.deploymentDescriptor";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Attribute that identifies default version for saml assertion in
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>AMConfig.properties</code> file.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String SAML_ASSERTION_VERSION =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "com.sun.identity.saml.assertion.version";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Attribute that identifies default version for saml protocol in
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>AMConfig.properties</code> file.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String SAML_PROTOCOL_VERSION =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "com.sun.identity.saml.protocol.version";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * XML canonicalization Algorithm URI.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String ALGO_ID_C14N_OMIT_COMMENTS =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "http://www.w3.org/TR/2001/REC-xml-c14n-20010315";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * XML canonicalization with comments Algorithm URI.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String ALGO_ID_C14N_WITH_COMMENTS =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Exclusive XML canonicalization Algorithm URI.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String ALGO_ID_C14N_EXCL_OMIT_COMMENTS =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Exclusive XML canonicalization with comments Algorithm URI.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String ALGO_ID_C14N_EXCL_WITH_COMMENTS =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster ALGO_ID_C14N_EXCL_OMIT_COMMENTS + "WithComments";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster //constants for XML Signature -Transform algorithm
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster //supported in Apache xml security package 1.0.5
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * XML canonicalization Transform URI.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String TRANSFORM_C14N_OMIT_COMMENTS =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * XML canonicalization with comments Transform URI.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String TRANSFORM_C14N_WITH_COMMENTS =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Exclusive XML canonicalization Transform URI.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String TRANSFORM_C14N_EXCL_OMIT_COMMENTS =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Exclusive XML canonicalization with comments Transform URI.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String TRANSFORM_C14N_EXCL_WITH_COMMENTS =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * XSLT Transform URI.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Base64 decoding Transform URI.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String TRANSFORM_BASE64_DECODE =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * XPath Transform URI.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "http://www.w3.org/TR/1999/REC-xpath-19991116";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Enveloped Signature Transform URI.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String TRANSFORM_ENVELOPED_SIGNATURE =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * XPointer Transform URI.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String TRANSFORM_XPOINTER =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * XPath Filter v2.0 Transform URI.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String TRANSFORM_XPATH2FILTER04 =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * XPath Filter v2.0 Transform URI.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String TRANSFORM_XPATH2FILTER =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * XPath Filter v2.0 CHGP Transform URI.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String TRANSFORM_XPATHFILTERCHGP =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "http://www.nue.et-inf.uni-siegen.de/~geuer-pollmann/#xpathFilter";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * XML schema namespace.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String NS_XMLNS = "http://www.w3.org/2000/xmlns/";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SOAP security namespace.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String NS_SEC = "urn:liberty:sec:2003-08";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SOAP utility namespace.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "http://schemas.xmlsoap.org/ws/2003/06/secext";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Liberty security namespace.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "http://schemas.xmlsoap.org/ws/2003/06/utility";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * String that identifies wsu prefix.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * String that identifies ds prefix.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * String that identifies tag name "SecurityTokenReference".
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String TAG_SECURITYTOKENREFERENCE =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "SecurityTokenReference";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * String that identifies tag xmlns.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String TAG_XMLNS = "xmlns";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * String that identifies "xmlns:sec".
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String TAG_XMLNS_SEC = "xmlns:sec";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Usage tag name.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String TAG_USAGE = "Usage";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * MessageAuthentication tag name with namespace prefix.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String TAG_SEC_MESSAGEAUTHENTICATION =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "sec:MessageAuthentication";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Tag name for <code>BinarySecurityToken</code> with namespace prefix.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String TAG_WSSE_BINARYSECURITYTOKEN =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "wsse:BinarySecurityToken";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Tag name for <code>Security</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String TAG_SECURITY = "Security";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Tag name for <code>AssertionIDReference</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String TAG_ASSERTIONIDREFERENCE =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "AssertionIDReference";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Tag name for <code>Assertion</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String TAG_ASSERTION = "Assertion";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * String that identifies <code>AssertionID</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String TAG_ASSERTION_ID = "AssertionID";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Tag name for <code>BinarySecurityToken</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String BINARYSECURITYTOKEN = "BinarySecurityToken";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Tag name for "Id".
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Tag name for <code>Reference</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String TAG_REFERENCE = "Reference";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Tag name for <code>URI</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Tag name for <code>ValueType</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String TAG_VALUETYPE = "ValueType";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Tag name for <code>KeyInfo</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String TAG_KEYINFO = "KeyInfo";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Tag name for <code>KeyName</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String TAG_KEYNAME = "KeyName";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Tag name for <code>KeyValue<code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String TAG_KEYVALUE = "KeyValue";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Tag name for <code>PKCS7</code> with wsse namespace prefix.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String TAG_PKCS7 = "wsse:PKCS7";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Tag name for <code>X509Data</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String TAG_X509DATA = "X509Data";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Tag name for <code>X509Certificate</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String TAG_X509CERTIFICATE = "X509Certificate";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Beginning of certificate string.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String BEGIN_CERT = "-----BEGIN CERTIFICATE-----\n";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * End of certificate string.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String END_CERT = "\n-----END CERTIFICATE-----";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>DSAKeyValue</code> tag name.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String TAG_DSAKEYVALUE = "DSAKeyValue";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>RSAKeyValue</code> tag name.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String TAG_RSAKEYVALUE = "RSAKeyValue";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Attribute which identifies certificate alias of this site.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * This value is configured through <code>AMConfig.properties</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * User Name attribute key in the Attribute Map.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String USER_NAME = "USER_NAME";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SAML component name to be used to get datastore provider.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SAML component default name space.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "urn:com:sun:identity:attrnamespace";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String TAG_USERNAME_TOKEN = "UsernameToken";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Keyname for escaping special characters in <code>AttributeValue</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * If true, escaping special characters. Otherwise, will not. Default
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * value is "true".
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "com.sun.identity.saml.escapeattributevalue";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * HTTP POST binding.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String HTTP_POST = "HTTP-POST";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * HTTP Redirect binding.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String HTTP_REDIRECT = "HTTP-Redirect";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Property to identity the HTTP binding for displaying error page.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String ERROR_PAGE_HTTP_BINDING =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "com.sun.identity.saml.errorpage.httpbinding";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Property to identify the error page url.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "com.sun.identity.saml.errorpage.url";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Default error page url.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String DEFAULT_ERROR_PAGE_URL =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * HTTP status code.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String HTTP_STATUS_CODE = "httpstatuscode";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Error message.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String ERROR_MESSAGE = "errormessage";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Error code.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String ERROR_CODE = "errorcode";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Accept Language HTTP header
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static final String ACCEPT_LANG_HEADER = "Accept-Language";