resources/services/restSTS.xml

9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan<!--
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan   DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan
a4544a5a0e622ef69e38641f87ab1b5685e05911Phill Cunnington    Copyright 2014-2015 ForgeRock AS.
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan    The contents of this file are subject to the terms of the Common Development and
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan    Distribution License (the License). You may not use this file except in compliance with the
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan    License.
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan    You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan    specific language governing permission and limitations under the License.
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan    When distributing Covered Code, include this CDDL Header Notice in each file and include
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan    the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan    Header, with the fields enclosed by brackets [] replaced by your own identifying
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan    information: "Portions Copyrighted [year] [name of copyright owner]"
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan-->
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan<!DOCTYPE ServicesConfiguration PUBLIC "=//iPlanet//Service Management Services (SMS) 1.0 DTD//EN"
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan        "jar://com/sun/identity/sm/sms.dtd">
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan<ServicesConfiguration>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan    <Service name="RestSecurityTokenService" version="1.0">
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan        <Schema
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                serviceHierarchy="/DSAMEConfig/RestSecurityTokenService"
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                i18nFileName="restSTS" revisionNumber="1"
56f76965098d6cc3ae531ce0a73bda588abdf1d3Dirk Hogan                i18nKey="rest_security_token_service_description"
4cc414596f330cc595f62252d964ef97b3795056Dirk Hogan                propertiesViewBeanURL="/sts/RestSTSEdit">
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan            <Organization>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan<!--
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk HoganNote that if this AttributeSchema element is un-commented, then adding the service blows up because no value is
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hoganprovided for required attributes upon service registration.
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                <AttributeSchema name="RequiredValueValidator"
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                                 type="validator"
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                                 syntax="string">
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                    <DefaultValues>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                        <Value>com.sun.identity.sm.RequiredValueValidator</Value>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                    </DefaultValues>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                </AttributeSchema>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan-->
45e9f4e13faca91c1a0f87ef805933e155cf3ae6Dirk Hogan                <AttributeSchema name="persist-issued-tokens-in-cts"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 type="single" syntax="boolean" i18nKey="persist_issued_tokens_in_cts" order="2500">
45e9f4e13faca91c1a0f87ef805933e155cf3ae6Dirk Hogan                </AttributeSchema>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                <AttributeSchema name="supported-token-transforms"
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                                 type="list"
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                                 syntax="string"
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                                 validator="RequiredValueValidator"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 i18nKey="supported_token_transforms"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 order="4900">
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                    <DefaultValues>
56f76965098d6cc3ae531ce0a73bda588abdf1d3Dirk Hogan                        <Value>USERNAME|SAML2|true</Value>
56f76965098d6cc3ae531ce0a73bda588abdf1d3Dirk Hogan                        <Value>OPENIDCONNECT|SAML2|true</Value>
56f76965098d6cc3ae531ce0a73bda588abdf1d3Dirk Hogan                        <Value>OPENAM|SAML2|false</Value>
7b09ff83c4ae53ff29b28d7c359ac90fe015a3a3Dirk Hogan                        <Value>X509|SAML2|true</Value>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                        <Value>USERNAME|OPENIDCONNECT|true</Value>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                        <Value>OPENIDCONNECT|OPENIDCONNECT|true</Value>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                        <Value>OPENAM|OPENIDCONNECT|false</Value>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                        <Value>X509|OPENIDCONNECT|true</Value>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                    </DefaultValues>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                </AttributeSchema>
bf428bd5bd8ff463b3438964b14c7f95ee57fc8cDirk Hogan                <AttributeSchema name="custom-token-validators"
bf428bd5bd8ff463b3438964b14c7f95ee57fc8cDirk Hogan                                 type="list"
bf428bd5bd8ff463b3438964b14c7f95ee57fc8cDirk Hogan                                 syntax="string"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 i18nKey="custom_token_validators"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 order="300">
bf428bd5bd8ff463b3438964b14c7f95ee57fc8cDirk Hogan                </AttributeSchema>
bf428bd5bd8ff463b3438964b14c7f95ee57fc8cDirk Hogan                <AttributeSchema name="custom-token-providers"
bf428bd5bd8ff463b3438964b14c7f95ee57fc8cDirk Hogan                                 type="list"
bf428bd5bd8ff463b3438964b14c7f95ee57fc8cDirk Hogan                                 syntax="string"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 i18nKey="custom_token_providers"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 order="100">
bf428bd5bd8ff463b3438964b14c7f95ee57fc8cDirk Hogan                </AttributeSchema>
bf428bd5bd8ff463b3438964b14c7f95ee57fc8cDirk Hogan                <AttributeSchema name="custom-token-transforms"
bf428bd5bd8ff463b3438964b14c7f95ee57fc8cDirk Hogan                                 type="list"
bf428bd5bd8ff463b3438964b14c7f95ee57fc8cDirk Hogan                                 syntax="string"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 i18nKey="custom_token_transforms"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 order="200">
bf428bd5bd8ff463b3438964b14c7f95ee57fc8cDirk Hogan                </AttributeSchema>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                <AttributeSchema name="deployment-realm"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 type="single" syntax="string" i18nKey="deployment_realm" order="600"
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                                 validator="RequiredValueValidator">
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                </AttributeSchema>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                <AttributeSchema name="deployment-url-element"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 type="single" syntax="string" i18nKey="deployment_url_element" order="800"
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                                 validator="RequiredValueValidator">
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                </AttributeSchema>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                <AttributeSchema name="deployment-auth-target-mappings"
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                                 type="list"
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                                 syntax="string"
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                                 validator="RequiredValueValidator"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 i18nKey="deployment_auth_target_mappings"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 order="400">
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                    <DefaultValues>
56f76965098d6cc3ae531ce0a73bda588abdf1d3Dirk Hogan                        <Value>USERNAME|service|ldapService</Value>
56f76965098d6cc3ae531ce0a73bda588abdf1d3Dirk Hogan                        <Value>OPENIDCONNECT|module|oidc|oidc_id_token_auth_target_header_key=oidc_id_token</Value>
55e32e1d339c1e3417aa96111d48d51eb29be585Dirk Hogan                        <Value>X509|module|cert_module|x509_token_auth_target_header_key=client_cert</Value>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                    </DefaultValues>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                </AttributeSchema>
7b09ff83c4ae53ff29b28d7c359ac90fe015a3a3Dirk Hogan                <AttributeSchema name="deployment-offloaded-two-way-tls-header-key"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 type="single" syntax="string" i18nKey="deployment_offloaded_two_way_tls_header_key" order="500">
7b09ff83c4ae53ff29b28d7c359ac90fe015a3a3Dirk Hogan                </AttributeSchema>
7b09ff83c4ae53ff29b28d7c359ac90fe015a3a3Dirk Hogan                <AttributeSchema name="deployment-tls-offload-engine-hosts"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 type="list" syntax="string" i18nKey="deployment_tls_offload_engine_hosts" order="700">
7b09ff83c4ae53ff29b28d7c359ac90fe015a3a3Dirk Hogan                </AttributeSchema>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                <AttributeSchema name="saml2-name-id-format"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 type="single" syntax="string" i18nKey="saml2_name_id_format" order="4200"
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                                 validator="RequiredValueValidator">
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                </AttributeSchema>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                <!--
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                This AttributeSchema element will represent the issuer name included in SAML2 assertions. As such, following
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                the naming conventions, its name should be saml2-issuer-name. It was defined at the top-level, outside
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                of the scoping of any token-specific configurations, when the sts issued only SAML2 assertions. Now the
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                identifier of the token authority needs to be scoped in token-specific configuration state. This attribute
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                name will not be changed to saml2-issuer-name to avoid a migration task, and because any existing, migrated
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                sts instances will continue to issue SAML2 assertions with an issuer containing the state contained in this
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                attribute. In the 13 release, this attribute will be encapsulated/generated/referenced in the SAML2Config
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                class, instead of in the top-level STSInstanceConfig class, as in the 12 release.
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                -->
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                <AttributeSchema name="issuer-name"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 type="single" syntax="string" i18nKey="issuer_name" order="900"
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                                 validator="RequiredValueValidator">
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                </AttributeSchema>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                <AttributeSchema name="saml2-token-lifetime-seconds"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 type="single" syntax="number" i18nKey="saml2_token_lifetime_seconds" order="4800">
1f08e1627971a4cb3a0d497771fb6b7d2bcb9722Dirk Hogan                    <DefaultValues>
1f08e1627971a4cb3a0d497771fb6b7d2bcb9722Dirk Hogan                        <Value>600</Value>
1f08e1627971a4cb3a0d497771fb6b7d2bcb9722Dirk Hogan                    </DefaultValues>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                </AttributeSchema>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                <AttributeSchema name="saml2-custom-conditions-provider-class-name"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 type="single" syntax="string" i18nKey="saml2_custom_conditions_provider_class_name" order="3200">
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                </AttributeSchema>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                <AttributeSchema name="saml2-custom-subject-provider-class-name"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 type="single" syntax="string" i18nKey="saml2_custom_subject_provider_class_name" order="3300">
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                </AttributeSchema>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                <AttributeSchema name="saml2-custom-authentication-statements-provider-class-name"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 type="single" syntax="string" i18nKey="saml2_custom_authentication_statements_provider_class_name" order="2900">
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                </AttributeSchema>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                <AttributeSchema name="saml2-custom-attribute-statements-provider-class-name"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 type="single" syntax="string" i18nKey="saml2_custom_attribute_statements_provider_class_name" order="2800">
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                </AttributeSchema>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                <AttributeSchema name="saml2-custom-authz-decision-statements-provider-class-name"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 type="single" syntax="string" i18nKey="saml2_custom_authz_decision_statements_provider_class_name" order="3100">
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                </AttributeSchema>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                <AttributeSchema name="saml2-custom-attribute-mapper-class-name"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 type="single" syntax="string" i18nKey="saml2_custom_attribute_mapper_class_name" order="2700">
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                </AttributeSchema>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                <AttributeSchema name="saml2-custom-authn-context-mapper-class-name"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 type="single" syntax="string" i18nKey="saml2_custom_authn_context_mapper_class_name" order="3000">
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                </AttributeSchema>
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                <AttributeSchema name="saml2-sign-assertion"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 type="single" syntax="boolean" i18nKey="saml2_sign_assertion" order="4300">
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                </AttributeSchema>
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                <AttributeSchema name="saml2-sp-entity-id"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 type="single" syntax="string" i18nKey="saml2_sp_entity_id" order="4700"
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                                 validator="RequiredValueValidator">
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                </AttributeSchema>
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                <AttributeSchema name="saml2-sp-acs-url"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 type="single" syntax="string" i18nKey="saml2_sp_acs_url" order="4600">
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                </AttributeSchema>
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                <AttributeSchema name="saml2-encrypt-attributes"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 type="single" syntax="boolean" i18nKey="saml2_encrypt_attributes" order="3500">
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                </AttributeSchema>
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                <AttributeSchema name="saml2-encrypt-assertion"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 type="single" syntax="boolean" i18nKey="saml2_encrypt_assertion" order="3400">
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                </AttributeSchema>
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                <AttributeSchema name="saml2-encrypt-nameid"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 type="single" syntax="boolean" i18nKey="saml2_encrypt_nameid" order="3600">
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                </AttributeSchema>
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                <AttributeSchema name="saml2-encryption-algorithm"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 type="single_choice" syntax="string" i18nKey="saml2_encryption_algorithm" order="3700">
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                    <ChoiceValues>
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                        <ChoiceValue i18nKey="saml2_encryption_algorithm_aes_128">http://www.w3.org/2001/04/xmlenc#aes128-cbc</ChoiceValue>
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                        <ChoiceValue i18nKey="saml2_encryption_algorithm_aes_192">http://www.w3.org/2001/04/xmlenc#aes192-cbc</ChoiceValue>
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                        <ChoiceValue i18nKey="saml2_encryption_algorithm_aes_256">http://www.w3.org/2001/04/xmlenc#aes256-cbc</ChoiceValue>
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                    </ChoiceValues>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                    <DefaultValues>
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                        <Value>http://www.w3.org/2001/04/xmlenc#aes128-cbc</Value>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                    </DefaultValues>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                </AttributeSchema>
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                <AttributeSchema name="saml2-encryption-algorithm-strength"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 type="single" syntax="number" i18nKey="saml2_encryption_algorithm_strength" order="3800">
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                </AttributeSchema>
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                <AttributeSchema name="saml2-keystore-filename"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 type="single" syntax="string" i18nKey="saml2_keystore_filename" order="4000">
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                </AttributeSchema>
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                <AttributeSchema name="saml2-keystore-password"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 type="single" syntax="password" i18nKey="saml2_keystore_password" order="4100">
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                </AttributeSchema>
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                <AttributeSchema name="saml2-encryption-key-alias"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 type="single" syntax="string" i18nKey="saml2_encryption_key_alias" order="3900">
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                </AttributeSchema>
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                <AttributeSchema name="saml2-signature-key-alias"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 type="single" syntax="string" i18nKey="saml2_signature_key_alias" order="4400"
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                                 validator="RequiredValueValidator">
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                </AttributeSchema>
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                <AttributeSchema name="saml2-signature-key-password"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 type="single" syntax="password" i18nKey="saml2_signature_key_password" order="4500">
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                </AttributeSchema>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                <AttributeSchema name="saml2-attribute-map"
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                                 type="list"
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                                 syntax="string"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 i18nKey="saml2_attribute_map"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 order="2600">
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                </AttributeSchema>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                <AttributeSchema name="oidc-issuer"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 type="single" syntax="string" i18nKey="oidc_issuer" order="1700"
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                                 validator="RequiredValueValidator">
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                </AttributeSchema>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                <AttributeSchema name="oidc-token-lifetime-seconds"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 type="single" syntax="number" i18nKey="oidc_token_lifetime_seconds" order="2400">
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                    <DefaultValues>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                        <Value>600</Value>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                    </DefaultValues>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                </AttributeSchema>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                <AttributeSchema name="oidc-signature-algorithm"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 type="single_choice" syntax="string" i18nKey="oidc_signature_algorithm" order="2100">
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                    <ChoiceValues>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                        <ChoiceValue i18nKey="oidc_signature_algorithm_hmac_sha_256">HS256</ChoiceValue>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                        <ChoiceValue i18nKey="oidc_signature_algorithm_hmac_sha_384">HS384</ChoiceValue>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                        <ChoiceValue i18nKey="oidc_signature_algorithm_hmac_sha_512">HS512</ChoiceValue>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                        <ChoiceValue i18nKey="oidc_signature_algorithm_rsa_sha_256">RS256</ChoiceValue>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                    </ChoiceValues>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                    <DefaultValues>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                        <Value>RSA</Value>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                    </DefaultValues>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                </AttributeSchema>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                <AttributeSchema name="oidc-public-key-reference-type"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 type="single_choice" syntax="string" i18nKey="oidc_public_key_reference_type" order="2000">
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                    <ChoiceValues>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                        <ChoiceValue i18nKey="oidc_signature_verification_reference_type_none">NONE</ChoiceValue>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                        <ChoiceValue i18nKey="oidc_signature_verification_reference_type_jwk">JWK</ChoiceValue>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                    </ChoiceValues>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                    <DefaultValues>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                        <Value>none</Value>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                    </DefaultValues>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                </AttributeSchema>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                <AttributeSchema name="oidc-keystore-location"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 type="single" syntax="string" i18nKey="oidc_keystore_location" order="1800">
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                </AttributeSchema>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                <AttributeSchema name="oidc-keystore-password"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 type="single" syntax="password" i18nKey="oidc_keystore_password" order="1900">
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                </AttributeSchema>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                <AttributeSchema name="oidc-signature-key-alias"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 type="single" syntax="string" i18nKey="oidc_signature_key_alias" order="2200">
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                </AttributeSchema>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                <AttributeSchema name="oidc-signature-key-password"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 type="single" syntax="password" i18nKey="oidc_signature_key_password" order="2300">
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                </AttributeSchema>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                <AttributeSchema name="oidc-client-secret"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 type="single" syntax="password" i18nKey="oidc_client_secret" order="1300">
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                </AttributeSchema>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                <AttributeSchema name="oidc-audience"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 type="list" syntax="string" i18nKey="oidc_audience" order="1100">
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                </AttributeSchema>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                <AttributeSchema name="oidc-authorized-party"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 type="single" syntax="string" i18nKey="oidc_authorized_party" order="1200">
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                </AttributeSchema>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                <AttributeSchema name="oidc-claim-map"
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                                 type="list"
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                                 syntax="string"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 i18nKey="oidc_attribute_map"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 order="1000">
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                </AttributeSchema>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                <AttributeSchema name="oidc-custom-claim-mapper-class"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 type="single" syntax="string" i18nKey="oidc_custom_claim_mapper_class" order="1600">
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                </AttributeSchema>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                <AttributeSchema name="oidc-custom-authn-context-mapper-class"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 type="single" syntax="string" i18nKey="oidc_custom_authn_context_mapper_class" order="1400">
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                </AttributeSchema>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                <AttributeSchema name="oidc-custom-authn-method-references-mapper-class"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                 type="single" syntax="string" i18nKey="oidc_custom_authn_method_references_mapper_class" order="1500">
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                </AttributeSchema>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                <!--
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                Appears to be necessary to have multiple rest STS instances per realm, like authN mdoules.
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                -->
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                <SubSchema name="serverconfig" inheritance="multiple">
45e9f4e13faca91c1a0f87ef805933e155cf3ae6Dirk Hogan                    <AttributeSchema name="persist-issued-tokens-in-cts"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     type="single" syntax="boolean" i18nKey="persist_issued_tokens_in_cts" order="2500">
45e9f4e13faca91c1a0f87ef805933e155cf3ae6Dirk Hogan                    </AttributeSchema>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                    <AttributeSchema name="supported-token-transforms"
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                                     type="list"
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                                     syntax="string"
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                                     validator="RequiredValueValidator"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     i18nKey="supported_token_transforms"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     order="4900">
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                        <DefaultValues>
56f76965098d6cc3ae531ce0a73bda588abdf1d3Dirk Hogan                            <Value>USERNAME|SAML2|true</Value>
56f76965098d6cc3ae531ce0a73bda588abdf1d3Dirk Hogan                            <Value>OPENIDCONNECT|SAML2|true</Value>
56f76965098d6cc3ae531ce0a73bda588abdf1d3Dirk Hogan                            <Value>OPENAM|SAML2|false</Value>
7b09ff83c4ae53ff29b28d7c359ac90fe015a3a3Dirk Hogan                            <Value>X509|SAML2|true</Value>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                            <Value>USERNAME|OPENIDCONNECT|true</Value>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                            <Value>OPENIDCONNECT|OPENIDCONNECT|true</Value>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                            <Value>OPENAM|OPENIDCONNECT|false</Value>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                            <Value>X509|OPENIDCONNECT|true</Value>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                        </DefaultValues>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                    </AttributeSchema>
bf428bd5bd8ff463b3438964b14c7f95ee57fc8cDirk Hogan                    <AttributeSchema name="custom-token-validators"
bf428bd5bd8ff463b3438964b14c7f95ee57fc8cDirk Hogan                                     type="list"
bf428bd5bd8ff463b3438964b14c7f95ee57fc8cDirk Hogan                                     syntax="string"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     i18nKey="custom_token_validators"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     order="300">
bf428bd5bd8ff463b3438964b14c7f95ee57fc8cDirk Hogan                    </AttributeSchema>
bf428bd5bd8ff463b3438964b14c7f95ee57fc8cDirk Hogan                    <AttributeSchema name="custom-token-providers"
bf428bd5bd8ff463b3438964b14c7f95ee57fc8cDirk Hogan                                     type="list"
bf428bd5bd8ff463b3438964b14c7f95ee57fc8cDirk Hogan                                     syntax="string"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     i18nKey="custom_token_providers"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     order="100">
bf428bd5bd8ff463b3438964b14c7f95ee57fc8cDirk Hogan                    </AttributeSchema>
bf428bd5bd8ff463b3438964b14c7f95ee57fc8cDirk Hogan                    <AttributeSchema name="custom-token-transforms"
bf428bd5bd8ff463b3438964b14c7f95ee57fc8cDirk Hogan                                     type="list"
bf428bd5bd8ff463b3438964b14c7f95ee57fc8cDirk Hogan                                     syntax="string"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     i18nKey="custom_token_transforms"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     order="200">
bf428bd5bd8ff463b3438964b14c7f95ee57fc8cDirk Hogan                    </AttributeSchema>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                    <AttributeSchema name="deployment-realm"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     type="single" syntax="string" i18nKey="deployment_realm" order="600"
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                                     validator="RequiredValueValidator">
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                    </AttributeSchema>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                    <AttributeSchema name="deployment-url-element"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     type="single" syntax="string" i18nKey="deployment_url_element" order="800"
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                                     validator="RequiredValueValidator">
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                    </AttributeSchema>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                    <AttributeSchema name="deployment-auth-target-mappings"
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                                     type="list"
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                                     syntax="string"
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                                     validator="RequiredValueValidator"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     i18nKey="deployment_auth_target_mappings"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     order="400">
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                        <DefaultValues>
56f76965098d6cc3ae531ce0a73bda588abdf1d3Dirk Hogan                            <Value>USERNAME|service|ldapService</Value>
56f76965098d6cc3ae531ce0a73bda588abdf1d3Dirk Hogan                            <Value>OPENIDCONNECT|module|oidc|oidc_id_token_auth_target_header_key=oidc_id_token</Value>
55e32e1d339c1e3417aa96111d48d51eb29be585Dirk Hogan                            <Value>X509|module|cert_module|x509_token_auth_target_header_key=client_cert</Value>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                        </DefaultValues>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                    </AttributeSchema>
7b09ff83c4ae53ff29b28d7c359ac90fe015a3a3Dirk Hogan                    <AttributeSchema name="deployment-offloaded-two-way-tls-header-key"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     type="single" syntax="string" i18nKey="deployment_offloaded_two_way_tls_header_key" order="500">
7b09ff83c4ae53ff29b28d7c359ac90fe015a3a3Dirk Hogan                    </AttributeSchema>
7b09ff83c4ae53ff29b28d7c359ac90fe015a3a3Dirk Hogan                    <AttributeSchema name="deployment-tls-offload-engine-hosts"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     type="list" syntax="string" i18nKey="deployment_tls_offload_engine_hosts" order="700">
7b09ff83c4ae53ff29b28d7c359ac90fe015a3a3Dirk Hogan                    </AttributeSchema>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                    <AttributeSchema name="issuer-name"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     type="single" syntax="string" i18nKey="issuer_name" order="900"
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                                     validator="RequiredValueValidator">
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                    </AttributeSchema>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                    <AttributeSchema name="saml2-name-id-format"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     type="single" syntax="string" i18nKey="saml2_name_id_format" order="4200"
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                                     validator="RequiredValueValidator">
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                    </AttributeSchema>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                    <AttributeSchema name="saml2-token-lifetime-seconds"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     type="single" syntax="number" i18nKey="saml2_token_lifetime_seconds" order="4800">
1f08e1627971a4cb3a0d497771fb6b7d2bcb9722Dirk Hogan                        <DefaultValues>
1f08e1627971a4cb3a0d497771fb6b7d2bcb9722Dirk Hogan                            <Value>600</Value>
1f08e1627971a4cb3a0d497771fb6b7d2bcb9722Dirk Hogan                        </DefaultValues>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                    </AttributeSchema>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                    <AttributeSchema name="saml2-custom-conditions-provider-class-name"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     type="single" syntax="string" i18nKey="saml2_custom_conditions_provider_class_name" order="3200">
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                    </AttributeSchema>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                    <AttributeSchema name="saml2-custom-subject-provider-class-name"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     type="single" syntax="string" i18nKey="saml2_custom_subject_provider_class_name" order="3300">
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                    </AttributeSchema>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                    <AttributeSchema name="saml2-custom-authentication-statements-provider-class-name"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     type="single" syntax="string" i18nKey="saml2_custom_authentication_statements_provider_class_name" order="2900">
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                    </AttributeSchema>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                    <AttributeSchema name="saml2-custom-attribute-statements-provider-class-name"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     type="single" syntax="string" i18nKey="saml2_custom_attribute_statements_provider_class_name" order="2800">
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                    </AttributeSchema>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                    <AttributeSchema name="saml2-custom-authz-decision-statements-provider-class-name"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     type="single" syntax="string" i18nKey="saml2_custom_authz_decision_statements_provider_class_name" order="3100">
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                    </AttributeSchema>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                    <AttributeSchema name="saml2-custom-attribute-mapper-class-name"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     type="single" syntax="string" i18nKey="saml2_custom_attribute_mapper_class_name" order="2700">
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                    </AttributeSchema>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                    <AttributeSchema name="saml2-custom-authn-context-mapper-class-name"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     type="single" syntax="string" i18nKey="saml2_custom_authn_context_mapper_class_name" order="3000">
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                    </AttributeSchema>
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                    <AttributeSchema name="saml2-sign-assertion"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     type="single" syntax="boolean" i18nKey="saml2_sign_assertion" order="4300">
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                    </AttributeSchema>
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                    <AttributeSchema name="saml2-sp-entity-id"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     type="single" syntax="string" i18nKey="saml2_sp_entity_id" order="4700"
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                                     validator="RequiredValueValidator">
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                    </AttributeSchema>
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                    <AttributeSchema name="saml2-sp-acs-url"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     type="single" syntax="string" i18nKey="saml2_sp_acs_url" order="4600">
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                    </AttributeSchema>
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                    <AttributeSchema name="saml2-encrypt-attributes"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     type="single" syntax="boolean" i18nKey="saml2_encrypt_attributes" order="3500">
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                    </AttributeSchema>
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                    <AttributeSchema name="saml2-encrypt-assertion"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     type="single" syntax="boolean" i18nKey="saml2_encrypt_assertion" order="3400">
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                    </AttributeSchema>
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                    <AttributeSchema name="saml2-encrypt-nameid"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     type="single" syntax="boolean" i18nKey="saml2_encrypt_nameid" order="3600">
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                    </AttributeSchema>
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                    <AttributeSchema name="saml2-encryption-algorithm"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     type="single_choice" syntax="string" i18nKey="saml2_encryption_algorithm" order="3700">
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                        <ChoiceValues>
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                            <ChoiceValue i18nKey="saml2_encryption_algorithm_aes_128">http://www.w3.org/2001/04/xmlenc#aes128-cbc</ChoiceValue>
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                            <ChoiceValue i18nKey="saml2_encryption_algorithm_aes_192">http://www.w3.org/2001/04/xmlenc#aes192-cbc</ChoiceValue>
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                            <ChoiceValue i18nKey="saml2_encryption_algorithm_aes_256">http://www.w3.org/2001/04/xmlenc#aes256-cbc</ChoiceValue>
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                        </ChoiceValues>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                        <DefaultValues>
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                            <Value>http://www.w3.org/2001/04/xmlenc#aes128-cbc</Value>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                        </DefaultValues>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                    </AttributeSchema>
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                    <AttributeSchema name="saml2-encryption-algorithm-strength"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     type="single" syntax="number" i18nKey="saml2_encryption_algorithm_strength" order="3800">
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                    </AttributeSchema>
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                    <AttributeSchema name="saml2-keystore-filename"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     type="single" syntax="string" i18nKey="saml2_keystore_filename" order="4000">
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                    </AttributeSchema>
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                    <AttributeSchema name="saml2-keystore-password"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     type="single" syntax="password" i18nKey="saml2_keystore_password" order="4100">
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                    </AttributeSchema>
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                    <AttributeSchema name="saml2-encryption-key-alias"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     type="single" syntax="string" i18nKey="saml2_encryption_key_alias" order="3900">
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                    </AttributeSchema>
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                    <AttributeSchema name="saml2-signature-key-alias"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     type="single" syntax="string" i18nKey="saml2_signature_key_alias" order="4400"
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                                     validator="RequiredValueValidator">
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                    </AttributeSchema>
dcf0ce40c27bbcd1b429aaf915b5dfa385a59d7eDirk Hogan                    <AttributeSchema name="saml2-signature-key-password"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     type="single" syntax="password" i18nKey="saml2_signature_key_password" order="4500">
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                    </AttributeSchema>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                    <AttributeSchema name="saml2-attribute-map"
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                                     type="list"
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                                     syntax="string"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     i18nKey="saml2_attribute_map"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     order="2600">
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                    </AttributeSchema>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                    <AttributeSchema name="oidc-issuer"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     type="single" syntax="string" i18nKey="oidc_issuer" order="1700"
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                                     validator="RequiredValueValidator">
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                    </AttributeSchema>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                    <AttributeSchema name="oidc-token-lifetime-seconds"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     type="single" syntax="number" i18nKey="oidc_token_lifetime_seconds" order="2400">
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                        <DefaultValues>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                            <Value>600</Value>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                        </DefaultValues>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                    </AttributeSchema>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                    <AttributeSchema name="oidc-signature-algorithm"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     type="single_choice" syntax="string" i18nKey="oidc_signature_algorithm" order="2100">
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                        <ChoiceValues>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                            <ChoiceValue i18nKey="oidc_signature_algorithm_hmac_sha_256">HS256</ChoiceValue>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                            <ChoiceValue i18nKey="oidc_signature_algorithm_hmac_sha_384">HS384</ChoiceValue>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                            <ChoiceValue i18nKey="oidc_signature_algorithm_hmac_sha_512">HS512</ChoiceValue>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                            <ChoiceValue i18nKey="oidc_signature_algorithm_rsa_sha_256">RS256</ChoiceValue>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                        </ChoiceValues>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                        <DefaultValues>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                            <Value>RSA</Value>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                        </DefaultValues>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                    </AttributeSchema>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                    <AttributeSchema name="oidc-public-key-reference-type"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     type="single_choice" syntax="string" i18nKey="oidc_public_key_reference_type" order="2000">
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                        <ChoiceValues>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                            <ChoiceValue i18nKey="oidc_signature_verification_reference_type_none">NONE</ChoiceValue>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                            <ChoiceValue i18nKey="oidc_signature_verification_reference_type_jwk">JWK</ChoiceValue>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                        </ChoiceValues>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                        <DefaultValues>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                            <Value>none</Value>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                        </DefaultValues>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                    </AttributeSchema>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                    <AttributeSchema name="oidc-keystore-location"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     type="single" syntax="string" i18nKey="oidc_keystore_location" order="1800">
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                    </AttributeSchema>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                    <AttributeSchema name="oidc-keystore-password"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     type="single" syntax="password" i18nKey="oidc_keystore_password" order="1900">
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                    </AttributeSchema>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                    <AttributeSchema name="oidc-signature-key-alias"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     type="single" syntax="string" i18nKey="oidc_signature_key_alias" order="2200">
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                    </AttributeSchema>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                    <AttributeSchema name="oidc-signature-key-password"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     type="single" syntax="password" i18nKey="oidc_signature_key_password" order="2300">
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                    </AttributeSchema>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                    <AttributeSchema name="oidc-client-secret"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     type="single" syntax="password" i18nKey="oidc_client_secret" order="1300">
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                    </AttributeSchema>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                    <AttributeSchema name="oidc-audience"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     type="list" syntax="string" i18nKey="oidc_audience" order="1100">
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                    </AttributeSchema>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                    <AttributeSchema name="oidc-authorized-party"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     type="single" syntax="string" i18nKey="oidc_authorized_party" order="1200">
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                    </AttributeSchema>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                    <AttributeSchema name="oidc-claim-map"
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                                     type="list"
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                                     syntax="string"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     i18nKey="oidc_attribute_map"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     order="1000">
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                    </AttributeSchema>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                    <AttributeSchema name="oidc-custom-claim-mapper-class"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     type="single" syntax="string" i18nKey="oidc_custom_claim_mapper_class" order="1600">
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                    </AttributeSchema>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                    <AttributeSchema name="oidc-custom-authn-context-mapper-class"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     type="single" syntax="string" i18nKey="oidc_custom_authn_context_mapper_class" order="1400">
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                    </AttributeSchema>
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                    <AttributeSchema name="oidc-custom-authn-method-references-mapper-class"
3d8ee1629200b24b539b887a7feaec640fe610a8Kajetan Hemzaczek                                     type="single" syntax="string" i18nKey="oidc_custom_authn_method_references_mapper_class" order="1500">
3744900be632496920d4c9aca8f94ba6db4dd882Dirk Hogan                    </AttributeSchema>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan                </SubSchema>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan            </Organization>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan        </Schema>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan    </Service>
9f80f4f537152f3b88b0c3327601c9215474d9f2Dirk Hogan</ServicesConfiguration>