public final class SecurityConstants
extends org.apache.cxf.rt.security.SecurityConstants
Modifier and Type | Field and Description |
---|---|
static String |
ACTOR
The actor or role name of the wsse:Security header.
|
static String |
ADD_INCLUSIVE_PREFIXES
Whether to add an InclusiveNamespaces PrefixList as a CanonicalizationMethod child when generating
Signatures using WSConstants.C14N_EXCL_OMIT_COMMENTS.
|
static Set<String> |
ALL_PROPERTIES |
static String |
ALWAYS_ENCRYPT_UT
Whether to always encrypt UsernameTokens that are defined as a SupportingToken.
|
static String |
ASYMMETRIC_SIGNATURE_ALGORITHM
This configuration tag allows the user to override the default Asymmetric Signature
algorithm (RSA-SHA1) for use in WS-SecurityPolicy, as the WS-SecurityPolicy specification
does not allow the use of other algorithms at present.
|
static String |
BST_TOKEN_VALIDATOR
The WSS4J Validator instance to use to validate BinarySecurityTokens.
|
static String |
CACHE_CONFIG_FILE
Set this property to point to a configuration file for the underlying caching implementation.
|
static String |
CACHE_IDENTIFIER
The Cache Identifier to use with the TokenStore.
|
static String |
DELEGATED_CREDENTIAL
A delegated credential to use for WS-Security.
|
static String |
DISABLE_REQ_CLIENT_CERT_CHECK
Whether to disable the enforcement of the WS-SecurityPolicy 'RequireClientCertificate' policy.
|
static String |
ENABLE_NONCE_CACHE
Whether to cache UsernameToken nonces.
|
static String |
ENABLE_SAML_ONE_TIME_USE_CACHE
Whether to cache SAML2 Token Identifiers, if the token contains a "OneTimeUse" Condition.
|
static String |
ENABLE_STREAMING_SECURITY
Whether to enable streaming WS-Security.
|
static String |
ENABLE_TIMESTAMP_CACHE
Whether to cache Timestamp Created Strings (these are only cached in conjunction with a message
Signature).The default value is "true" for message recipients, and "false" for message initiators.
|
static String |
IS_BSP_COMPLIANT
Whether to ensure compliance with the Basic Security Profile (BSP) 1.1 or not.
|
static String |
KERBEROS_CLIENT
A reference to the KerberosClient class used to obtain a service ticket.
|
static String |
KERBEROS_IS_USERNAME_IN_SERVICENAME_FORM
Whether the Kerberos username is in servicename form or not.
|
static String |
KERBEROS_JAAS_CONTEXT_NAME
The JAAS Context name to use for Kerberos.
|
static String |
KERBEROS_REQUEST_CREDENTIAL_DELEGATION
Whether to request credential delegation or not in the KerberosClient.
|
static String |
KERBEROS_SPN
The Kerberos Service Provider Name (spn) to use.
|
static String |
KERBEROS_USE_CREDENTIAL_DELEGATION
Whether to use credential delegation or not in the KerberosClient.
|
static String |
MUST_UNDERSTAND
Set this to "false" in order to remove the SOAP mustUnderstand header from security headers generated based on
a WS-SecurityPolicy.
|
static String |
NONCE_CACHE_INSTANCE
This holds a reference to a ReplayCache instance used to cache UsernameToken nonces.
|
static String |
PASSWORD_ENCRYPTOR_INSTANCE
This holds a reference to a PasswordEncryptor instance, which is used to encrypt or
decrypt passwords in the Merlin Crypto implementation (or any custom Crypto implementations).
|
static String |
POLICY_VALIDATOR_MAP
This refers to a Map of QName, SecurityPolicyValidator, which retrieves a SecurityPolicyValidator
implementation to validate a particular security policy, based on the QName of the policy.
|
static String |
RETURN_SECURITY_ERROR
Whether to return the security error message to the client, and not the default error message.
|
static String |
SAML_ONE_TIME_USE_CACHE_INSTANCE
This holds a reference to a ReplayCache instance used to cache SAML2 Token Identifiers, when
the token has a "OneTimeUse" Condition.
|
static String |
SAML1_TOKEN_VALIDATOR
The WSS4J Validator instance to use to validate SAML 1.1 Tokens.
|
static String |
SAML2_TOKEN_VALIDATOR
The WSS4J Validator instance to use to validate SAML 2.0 Tokens.
|
static String |
SCT_TOKEN_VALIDATOR
The WSS4J Validator instance to use to validate SecurityContextTokens.
|
static String |
SECURITY_CONTEXT_CREATOR
A WSS4JSecurityContextCreator implementation that is used to create a CXF SecurityContext
from the set of WSS4J processing results.
|
static String |
SECURITY_TOKEN_LIFETIME
The security token lifetime value (in milliseconds).
|
static String |
SIGNATURE_TOKEN_VALIDATOR
The WSS4J Validator instance to use to validate trust in credentials used in
Signature verification.
|
static String |
SPNEGO_CLIENT_ACTION
The SpnegoClientAction implementation to use for SPNEGO.
|
static String |
STORE_BYTES_IN_ATTACHMENT
Whether to store bytes (CipherData or BinarySecurityToken) in an attachment.
|
static String |
SUBJECT_ROLE_CLASSIFIER
The Subject Role Classifier to use.
|
static String |
SUBJECT_ROLE_CLASSIFIER_TYPE
The Subject Role Classifier Type to use.
|
static String |
SYMMETRIC_SIGNATURE_ALGORITHM
This configuration tag allows the user to override the default Symmetric Signature
algorithm (HMAC-SHA1) for use in WS-SecurityPolicy, as the WS-SecurityPolicy specification
does not allow the use of other algorithms at present.
|
static String |
TIMESTAMP_CACHE_INSTANCE
This holds a reference to a ReplayCache instance used to cache Timestamp Created Strings.
|
static String |
TIMESTAMP_FUTURE_TTL
The time in seconds in the future within which the Created time of an incoming
Timestamp is valid.
|
static String |
TIMESTAMP_TOKEN_VALIDATOR
The WSS4J Validator instance to use to validate Timestamps.
|
static String |
TIMESTAMP_TTL
The time in seconds to append to the Creation value of an incoming Timestamp to determine
whether to accept the Timestamp as valid or not.
|
static String |
TOKEN |
static String |
TOKEN_ELEMENT |
static String |
TOKEN_ID |
static String |
TOKEN_STORE_CACHE_INSTANCE
The TokenStore instance to use to cache security tokens.
|
static String |
USE_ATTACHMENT_ENCRYPTION_CONTENT_ONLY_TRANSFORM
This configuration flag allows the user to decide whether the default Attachment-Complete
transform or the Attachment-Content-Only transform should be used when an Attachment is encrypted
via a WS-SecurityPolicy expression.
|
static String |
USE_STR_TRANSFORM
Whether to use the STR (Security Token Reference) Transform when (externally) signing a SAML Token.
|
static String |
USERNAME_TOKEN_VALIDATOR
The WSS4J Validator instance to use to validate UsernameTokens.
|
static String |
USERNAMETOKEN_FUTURE_TTL
The time in seconds in the future within which the Created time of an incoming
UsernameToken is valid.
|
static String |
USERNAMETOKEN_TTL
The time in seconds to append to the Creation value of an incoming UsernameToken to determine
whether to accept the UsernameToken as valid or not.
|
static String |
VALIDATE_TOKEN
Whether to validate the password of a received UsernameToken or not.
|
AUDIENCE_RESTRICTION_VALIDATION, CACHE_ISSUED_TOKEN_IN_ENDPOINT, CALLBACK_HANDLER, COMMON_PROPERTIES, DISABLE_STS_CLIENT_WSMEX_CALL_USING_EPR_ADDRESS, ENABLE_REVOCATION, ENABLE_UNSIGNED_SAML_ASSERTION_PRINCIPAL, ENABLE_UT_NOPASSWORD_PRINCIPAL, ENCRYPT_CERT, ENCRYPT_CRYPTO, ENCRYPT_PROPERTIES, ENCRYPT_USERNAME, PASSWORD, PREFER_WSMEX_OVER_STS_CLIENT_CONFIG, SAML_CALLBACK_HANDLER, SAML_ROLE_ATTRIBUTENAME, SC_FROM_JAAS_SUBJECT, SIGNATURE_CRYPTO, SIGNATURE_PROPERTIES, SIGNATURE_USERNAME, STS_APPLIES_TO, STS_CLIENT, STS_CLIENT_SOAP12_BINDING, STS_ISSUE_AFTER_FAILED_RENEW, STS_TOKEN_ACT_AS, STS_TOKEN_CACHER_IMPL, STS_TOKEN_CRYPTO, STS_TOKEN_DO_CANCEL, STS_TOKEN_IMMINENT_EXPIRY_VALUE, STS_TOKEN_ON_BEHALF_OF, STS_TOKEN_PROPERTIES, STS_TOKEN_USE_CERT_FOR_KEYINFO, STS_TOKEN_USERNAME, SUBJECT_CERT_CONSTRAINTS, USERNAME, VALIDATE_SAML_SUBJECT_CONFIRMATION
public static final String ACTOR
public static final String VALIDATE_TOKEN
public static final String ALWAYS_ENCRYPT_UT
public static final String IS_BSP_COMPLIANT
public static final String ENABLE_NONCE_CACHE
public static final String ENABLE_TIMESTAMP_CACHE
public static final String ENABLE_STREAMING_SECURITY
public static final String RETURN_SECURITY_ERROR
public static final String MUST_UNDERSTAND
public static final String ENABLE_SAML_ONE_TIME_USE_CACHE
public static final String STORE_BYTES_IN_ATTACHMENT
public static final String USE_ATTACHMENT_ENCRYPTION_CONTENT_ONLY_TRANSFORM
public static final String USE_STR_TRANSFORM
public static final String ADD_INCLUSIVE_PREFIXES
public static final String DISABLE_REQ_CLIENT_CERT_CHECK
public static final String TIMESTAMP_TTL
public static final String TIMESTAMP_FUTURE_TTL
public static final String USERNAMETOKEN_TTL
public static final String USERNAMETOKEN_FUTURE_TTL
public static final String SPNEGO_CLIENT_ACTION
public static final String NONCE_CACHE_INSTANCE
public static final String TIMESTAMP_CACHE_INSTANCE
public static final String SAML_ONE_TIME_USE_CACHE_INSTANCE
public static final String CACHE_CONFIG_FILE
public static final String TOKEN_STORE_CACHE_INSTANCE
public static final String CACHE_IDENTIFIER
public static final String SUBJECT_ROLE_CLASSIFIER
public static final String SUBJECT_ROLE_CLASSIFIER_TYPE
public static final String ASYMMETRIC_SIGNATURE_ALGORITHM
public static final String SYMMETRIC_SIGNATURE_ALGORITHM
public static final String PASSWORD_ENCRYPTOR_INSTANCE
public static final String DELEGATED_CREDENTIAL
public static final String SECURITY_CONTEXT_CREATOR
public static final String SECURITY_TOKEN_LIFETIME
public static final String USERNAME_TOKEN_VALIDATOR
public static final String SAML1_TOKEN_VALIDATOR
public static final String SAML2_TOKEN_VALIDATOR
public static final String TIMESTAMP_TOKEN_VALIDATOR
public static final String SIGNATURE_TOKEN_VALIDATOR
public static final String BST_TOKEN_VALIDATOR
public static final String SCT_TOKEN_VALIDATOR
public static final String POLICY_VALIDATOR_MAP
public static final String KERBEROS_REQUEST_CREDENTIAL_DELEGATION
public static final String KERBEROS_USE_CREDENTIAL_DELEGATION
public static final String KERBEROS_IS_USERNAME_IN_SERVICENAME_FORM
public static final String KERBEROS_JAAS_CONTEXT_NAME
public static final String KERBEROS_SPN
public static final String KERBEROS_CLIENT
public static final String TOKEN
public static final String TOKEN_ID
public static final String TOKEN_ELEMENT
Copyright © 2017 JBoss by Red Hat. All rights reserved.