<
ChoiceValue i18nKey="custom_wsdl_file">custom_wsdl_file</
ChoiceValue>
<
AttributeSchema name="deployment-custom-wsdl-location" type="single" syntax="string" i18nKey="deployment_custom_wsdl_location">
<
AttributeSchema name="deployment-am-url" type="single" syntax="string" i18nKey="deployment_am_url" validator="RequiredValueValidator">
<
AttributeSchema name="deployment-realm" type="single" syntax="string" i18nKey="deployment_realm" validator="RequiredValueValidator">
<
AttributeSchema name="deployment-url-element" type="single" syntax="string" i18nKey="deployment_url_element" validator="RequiredValueValidator">
<
AttributeSchema name="deployment-auth-target-mappings" validator="RequiredValueValidator" i18nKey="deployment_auth_target_mappings">
<
Value>USERNAME|service|ldapService</
Value>
<
Value>X509|module|cert_module|x509_token_auth_target_header_key=client_cert</
Value>
<
AttributeSchema name="deployment-offloaded-two-way-tls-header-key" type="single" syntax="string" i18nKey="deployment_offloaded_two_way_tls_header_key">
<
AttributeSchema name="deployment-tls-offload-engine-hosts" type="list" syntax="string" i18nKey="deployment_tls_offload_engine_hosts">
<
AttributeSchema name="delegation-relationship-supported" type="single" syntax="boolean" i18nKey="delegation_relationship_supported">
<
AttributeSchema name="delegation-validated-token-types" i18nKey="delegation_validated_token_types">
<
AttributeSchema name="delegation-custom-token-handlers" i18nKey="delegation_custom_token_handlers">
This AttributeSchema element will represent the issuer name included in SAML2 assertions. As such, following the naming conventions, its name should be saml2-issuer-name. It was defined at the top-level, outside of the scoping of any token-specific configurations, when the sts issued only SAML2 assertions. Now the identifier of the token authority needs to be scoped in token-specific configuration state. This attribute name will not be changed to saml2-issuer-name to avoid a migration task, and because any existing, migrated sts instances will continue to issue SAML2 assertions with an issuer containing the state contained in this class, instead of in the top-level STSInstanceConfig class, as in the 12 release. <
AttributeSchema name="issuer-name" type="single" syntax="string" i18nKey="issuer_name" validator="RequiredValueValidator">
<
AttributeSchema name="saml2-name-id-format" type="single" syntax="string" i18nKey="saml2_name_id_format" validator="RequiredValueValidator">
<
AttributeSchema name="saml2-token-lifetime-seconds" type="single" syntax="number" i18nKey="saml2_token_lifetime_seconds">
<
AttributeSchema name="saml2-custom-conditions-provider-class-name" type="single" syntax="string" i18nKey="saml2_custom_conditions_provider_class_name">
<
AttributeSchema name="saml2-custom-subject-provider-class-name" type="single" syntax="string" i18nKey="saml2_custom_subject_provider_class_name">
<
AttributeSchema name="saml2-custom-authentication-statements-provider-class-name" type="single" syntax="string" i18nKey="saml2_custom_authentication_statements_provider_class_name">
<
AttributeSchema name="saml2-custom-attribute-statements-provider-class-name" type="single" syntax="string" i18nKey="saml2_custom_attribute_statements_provider_class_name">
<
AttributeSchema name="saml2-custom-authz-decision-statements-provider-class-name" type="single" syntax="string" i18nKey="saml2_custom_authz_decision_statements_provider_class_name">
<
AttributeSchema name="saml2-custom-attribute-mapper-class-name" type="single" syntax="string" i18nKey="saml2_custom_attribute_mapper_class_name">
<
AttributeSchema name="saml2-custom-authn-context-mapper-class-name" type="single" syntax="string" i18nKey="saml2_custom_authn_context_mapper_class_name">
<
AttributeSchema name="saml2-sign-assertion" type="single" syntax="boolean" i18nKey="saml2_sign_assertion">
<
AttributeSchema name="saml2-sp-entity-id" type="single" syntax="string" i18nKey="saml2_sp_entity_id" validator="RequiredValueValidator">
<
AttributeSchema name="saml2-sp-acs-url" type="single" syntax="string" i18nKey="saml2_sp_acs_url">
<
AttributeSchema name="saml2-encrypt-attributes" type="single" syntax="boolean" i18nKey="saml2_encrypt_attributes">
<
AttributeSchema name="saml2-encrypt-assertion" type="single" syntax="boolean" i18nKey="saml2_encrypt_assertion">
<
AttributeSchema name="saml2-encrypt-nameid" type="single" syntax="boolean" i18nKey="saml2_encrypt_nameid">
<
AttributeSchema name="saml2-encryption-algorithm" type="single_choice" syntax="string" i18nKey="saml2_encryption_algorithm">
<
AttributeSchema name="saml2-encryption-algorithm-strength" type="single" syntax="number" i18nKey="saml2_encryption_algorithm_strength">
<
AttributeSchema name="saml2-keystore-filename" type="single" syntax="string" i18nKey="saml2_keystore_filename">
<
AttributeSchema name="saml2-keystore-password" type="single" syntax="password" i18nKey="saml2_keystore_password">
<
AttributeSchema name="saml2-encryption-key-alias" type="single" syntax="string" i18nKey="saml2_encryption_key_alias">
<
AttributeSchema name="saml2-signature-key-alias" type="single" syntax="string" i18nKey="saml2_signature_key_alias" validator="RequiredValueValidator">
<
AttributeSchema name="saml2-signature-key-password" type="single" syntax="password" i18nKey="saml2_signature_key_password">
<
AttributeSchema name="saml2-attribute-map" i18nKey="saml2_attribute_map">
<
AttributeSchema name="soap-keystore-filename" type="single" syntax="string" i18nKey="soap_keystore_filename">
<
AttributeSchema name="soap-keystore-password" type="single" syntax="password" i18nKey="soap_keystore_password">
<
AttributeSchema name="soap-encryption-key-alias" type="single" syntax="string" i18nKey="soap_encryption_key_alias">
<
AttributeSchema name="soap-signature-key-alias" type="single" syntax="string" i18nKey="soap_signature_key_alias" validator="RequiredValueValidator">
<
AttributeSchema name="soap-signature-key-password" type="single" syntax="password" i18nKey="soap_signature_key_password">
<
AttributeSchema name="soap-encryption-key-password" type="single" syntax="password" i18nKey="soap_encryption_key_password">
<
AttributeSchema name="oidc-issuer" type="single" syntax="string" i18nKey="oidc_issuer" validator="RequiredValueValidator">
<
AttributeSchema name="oidc-token-lifetime-seconds" type="single" syntax="number" i18nKey="oidc_token_lifetime_seconds">
<
AttributeSchema name="oidc-signature-algorithm" type="single_choice" syntax="string" i18nKey="oidc_signature_algorithm">
<
ChoiceValue i18nKey="oidc_signature_algorithm_hmac_sha_256">HS256</
ChoiceValue>
<
ChoiceValue i18nKey="oidc_signature_algorithm_hmac_sha_384">HS384</
ChoiceValue>
<
ChoiceValue i18nKey="oidc_signature_algorithm_hmac_sha_512">HS512</
ChoiceValue>
<
ChoiceValue i18nKey="oidc_signature_algorithm_rsa_sha_256">RS256</
ChoiceValue>
<
AttributeSchema name="oidc-public-key-reference-type" type="single_choice" syntax="string" i18nKey="oidc_public_key_reference_type">
<
ChoiceValue i18nKey="oidc_signature_verification_reference_type_none">NONE</
ChoiceValue>
<
ChoiceValue i18nKey="oidc_signature_verification_reference_type_jwk">JWK</
ChoiceValue>
<
AttributeSchema name="oidc-keystore-location" type="single" syntax="string" i18nKey="oidc_keystore_location">
<
AttributeSchema name="oidc-keystore-password" type="single" syntax="password" i18nKey="oidc_keystore_password">
<
AttributeSchema name="oidc-signature-key-alias" type="single" syntax="string" i18nKey="oidc_signature_key_alias">
<
AttributeSchema name="oidc-signature-key-password" type="single" syntax="password" i18nKey="oidc_signature_key_password">
<
AttributeSchema name="oidc-client-secret" type="single" syntax="password" i18nKey="oidc_client_secret">
<
AttributeSchema name="oidc-audience" type="list" syntax="string" i18nKey="oidc_audience">
<
AttributeSchema name="oidc-authorized-party" type="single" syntax="string" i18nKey="oidc_authorized_party">
<
AttributeSchema name="oidc-claim-map" i18nKey="oidc_attribute_map">
<
AttributeSchema name="oidc-custom-claim-mapper-class" type="single" syntax="string" i18nKey="oidc_custom_claim_mapper_class">
<
AttributeSchema name="oidc-custom-authn-context-mapper-class" type="single" syntax="string" i18nKey="oidc_custom_authn_context_mapper_class">
<
AttributeSchema name="oidc-custom-authn-method-references-mapper-class" type="single" syntax="string" i18nKey="oidc_custom_authn_method_references_mapper_class">
Necessary to have multiple soap STS instances per realm, like authN modules. <
SubSchema name="serverconfig" inheritance="multiple">
<
AttributeSchema name="persist-issued-tokens-in-cts" type="single" syntax="boolean" i18nKey="persist_issued_tokens_in_cts">
<
AttributeSchema name="issued-token-types" i18nKey="issued_token_types">
<
Value>OPENIDCONNECT</
Value>
<
AttributeSchema name="security-policy-validated-token-config" validator="RequiredValueValidator" i18nKey="validated_token_config">
<
AttributeSchema name="deployment-service-name" type="single" syntax="string" i18nKey="deployment_service_name">
<
AttributeSchema name="deployment-custom-service-name" type="single" syntax="string" i18nKey="deployment_custom_service_name">
<
AttributeSchema name="deployment-service-port" type="single" syntax="string" i18nKey="deployment_service_port_alias">
<
AttributeSchema name="deployment-custom-service-port" type="single" syntax="string" i18nKey="deployment_custom_service_port">
<
AttributeSchema name="deployment-wsdl-location" type="single_choice" syntax="string" i18nKey="deployment_wsdl_location" validator="RequiredValueValidator">
<
ChoiceValue i18nKey="custom_wsdl_file">custom_wsdl_file</
ChoiceValue>
<
AttributeSchema name="deployment-custom-wsdl-location" type="single" syntax="string" i18nKey="deployment_custom_wsdl_location">
<
AttributeSchema name="deployment-am-url" type="single" syntax="string" i18nKey="deployment_am_url" validator="RequiredValueValidator">
<
AttributeSchema name="deployment-realm" type="single" syntax="string" i18nKey="deployment_realm" validator="RequiredValueValidator">
<
AttributeSchema name="deployment-url-element" type="single" syntax="string" i18nKey="deployment_url_element" validator="RequiredValueValidator">
<
AttributeSchema name="deployment-auth-target-mappings" validator="RequiredValueValidator" i18nKey="deployment_auth_target_mappings">
<
Value>USERNAME|service|ldapService</
Value>
<
Value>X509|module|cert_module|x509_token_auth_target_header_key=client_cert</
Value>
<
AttributeSchema name="deployment-offloaded-two-way-tls-header-key" type="single" syntax="string" i18nKey="deployment_offloaded_two_way_tls_header_key">
<
AttributeSchema name="deployment-tls-offload-engine-hosts" type="list" syntax="string" i18nKey="deployment_tls_offload_engine_hosts">
<
AttributeSchema name="delegation-relationship-supported" type="single" syntax="boolean" i18nKey="delegation_relationship_supported">
<
AttributeSchema name="delegation-validated-token-types" i18nKey="delegation_validated_token_types">
<
AttributeSchema name="delegation-custom-token-handlers" i18nKey="delegation_custom_token_handlers">
<
AttributeSchema name="issuer-name" type="single" syntax="string" i18nKey="issuer_name" validator="RequiredValueValidator">
<
AttributeSchema name="saml2-name-id-format" type="single" syntax="string" i18nKey="saml2_name_id_format" validator="RequiredValueValidator">
<
AttributeSchema name="saml2-token-lifetime-seconds" type="single" syntax="number" i18nKey="saml2_token_lifetime_seconds">
<
AttributeSchema name="saml2-custom-conditions-provider-class-name" type="single" syntax="string" i18nKey="saml2_custom_conditions_provider_class_name">
<
AttributeSchema name="saml2-custom-subject-provider-class-name" type="single" syntax="string" i18nKey="saml2_custom_subject_provider_class_name">
<
AttributeSchema name="saml2-custom-authentication-statements-provider-class-name" type="single" syntax="string" i18nKey="saml2_custom_authentication_statements_provider_class_name">
<
AttributeSchema name="saml2-custom-attribute-statements-provider-class-name" type="single" syntax="string" i18nKey="saml2_custom_attribute_statements_provider_class_name">
<
AttributeSchema name="saml2-custom-authz-decision-statements-provider-class-name" type="single" syntax="string" i18nKey="saml2_custom_authz_decision_statements_provider_class_name">
<
AttributeSchema name="saml2-custom-attribute-mapper-class-name" type="single" syntax="string" i18nKey="saml2_custom_attribute_mapper_class_name">
<
AttributeSchema name="saml2-custom-authn-context-mapper-class-name" type="single" syntax="string" i18nKey="saml2_custom_authn_context_mapper_class_name">
<
AttributeSchema name="saml2-sign-assertion" type="single" syntax="boolean" i18nKey="saml2_sign_assertion">
<
AttributeSchema name="saml2-sp-entity-id" type="single" syntax="string" i18nKey="saml2_sp_entity_id" validator="RequiredValueValidator">
<
AttributeSchema name="saml2-sp-acs-url" type="single" syntax="string" i18nKey="saml2_sp_acs_url">
<
AttributeSchema name="saml2-encrypt-attributes" type="single" syntax="boolean" i18nKey="saml2_encrypt_attributes">
<
AttributeSchema name="saml2-encrypt-assertion" type="single" syntax="boolean" i18nKey="saml2_encrypt_assertion">
<
AttributeSchema name="saml2-encrypt-nameid" type="single" syntax="boolean" i18nKey="saml2_encrypt_nameid">
<
AttributeSchema name="saml2-encryption-algorithm" type="single_choice" syntax="string" i18nKey="saml2_encryption_algorithm">
<
AttributeSchema name="saml2-encryption-algorithm-strength" type="single" syntax="number" i18nKey="saml2_encryption_algorithm_strength">
<
AttributeSchema name="saml2-keystore-filename" type="single" syntax="string" i18nKey="saml2_keystore_filename">
<
AttributeSchema name="saml2-keystore-password" type="single" syntax="password" i18nKey="saml2_keystore_password">
<
AttributeSchema name="saml2-encryption-key-alias" type="single" syntax="string" i18nKey="saml2_encryption_key_alias">
<
AttributeSchema name="saml2-signature-key-alias" type="single" syntax="string" i18nKey="saml2_signature_key_alias" validator="RequiredValueValidator">
<
AttributeSchema name="saml2-signature-key-password" type="single" syntax="password" i18nKey="saml2_signature_key_password">
<
AttributeSchema name="saml2-attribute-map" i18nKey="saml2_attribute_map">
<
AttributeSchema name="soap-keystore-filename" type="single" syntax="string" i18nKey="soap_keystore_filename">
<
AttributeSchema name="soap-keystore-password" type="single" syntax="password" i18nKey="soap_keystore_password">
<
AttributeSchema name="soap-encryption-key-alias" type="single" syntax="string" i18nKey="soap_encryption_key_alias">
<
AttributeSchema name="soap-signature-key-alias" type="single" syntax="string" i18nKey="soap_signature_key_alias" validator="RequiredValueValidator">
<
AttributeSchema name="soap-signature-key-password" type="single" syntax="password" i18nKey="soap_signature_key_password">
<
AttributeSchema name="soap-encryption-key-password" type="single" syntax="password" i18nKey="soap_encryption_key_password">
<
AttributeSchema name="oidc-issuer" type="single" syntax="string" i18nKey="oidc_issuer" validator="RequiredValueValidator">
<
AttributeSchema name="oidc-token-lifetime-seconds" type="single" syntax="number" i18nKey="oidc_token_lifetime_seconds">
<
AttributeSchema name="oidc-signature-algorithm" type="single_choice" syntax="string" i18nKey="oidc_signature_algorithm">
<
ChoiceValue i18nKey="oidc_signature_algorithm_hmac_sha_256">HS256</
ChoiceValue>
<
ChoiceValue i18nKey="oidc_signature_algorithm_hmac_sha_384">HS384</
ChoiceValue>
<
ChoiceValue i18nKey="oidc_signature_algorithm_hmac_sha_512">HS512</
ChoiceValue>
<
ChoiceValue i18nKey="oidc_signature_algorithm_rsa_sha_256">RS256</
ChoiceValue>
<
AttributeSchema name="oidc-public-key-reference-type" type="single_choice" syntax="string" i18nKey="oidc_public_key_reference_type">
<
ChoiceValue i18nKey="oidc_signature_verification_reference_type_none">NONE</
ChoiceValue>
<
ChoiceValue i18nKey="oidc_signature_verification_reference_type_jwk">JWK</
ChoiceValue>
<
AttributeSchema name="oidc-keystore-location" type="single" syntax="string" i18nKey="oidc_keystore_location">
<
AttributeSchema name="oidc-keystore-password" type="single" syntax="password" i18nKey="oidc_keystore_password">
<
AttributeSchema name="oidc-signature-key-alias" type="single" syntax="string" i18nKey="oidc_signature_key_alias">
<
AttributeSchema name="oidc-signature-key-password" type="single" syntax="password" i18nKey="oidc_signature_key_password">
<
AttributeSchema name="oidc-client-secret" type="single" syntax="password" i18nKey="oidc_client_secret">
<
AttributeSchema name="oidc-audience" type="list" syntax="string" i18nKey="oidc_audience">
<
AttributeSchema name="oidc-authorized-party" type="single" syntax="string" i18nKey="oidc_authorized_party">
<
AttributeSchema name="oidc-claim-map" i18nKey="oidc_attribute_map">
<
AttributeSchema name="oidc-custom-claim-mapper-class" type="single" syntax="string" i18nKey="oidc_custom_claim_mapper_class">
<
AttributeSchema name="oidc-custom-authn-context-mapper-class" type="single" syntax="string" i18nKey="oidc_custom_authn_context_mapper_class">
<
AttributeSchema name="oidc-custom-authn-method-references-mapper-class" type="single" syntax="string" i18nKey="oidc_custom_authn_method_references_mapper_class">