| <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> |
| <!--NewPage--> |
| <HTML> |
| <HEAD> |
| <META http-equiv="Content-Type" content="text/html; charset=UTF-8"> |
| <TITLE> |
| SecurityConstants (Apache CXF JavaDoc 3.0.0 API) |
| </TITLE> |
| |
| |
| <LINK REL ="stylesheet" TYPE="text/css" HREF="../../../../../stylesheet.css" TITLE="Style"> |
| |
| <SCRIPT type="text/javascript"> |
| function windowTitle() |
| { |
| if (location.href.indexOf('is-external=true') == -1) { |
| parent.document.title="SecurityConstants (Apache CXF JavaDoc 3.0.0 API)"; |
| } |
| } |
| </SCRIPT> |
| <NOSCRIPT> |
| </NOSCRIPT> |
| |
| </HEAD> |
| |
| <BODY BGCOLOR="white" onload="windowTitle();"> |
| <HR> |
| |
| |
| <!-- ========= START OF TOP NAVBAR ======= --> |
| <A NAME="navbar_top"><!-- --></A> |
| <A HREF="#skip-navbar_top" title="Skip navigation links"></A> |
| <TABLE BORDER="0" WIDTH="100%" CELLPADDING="1" CELLSPACING="0" SUMMARY=""> |
| <TR> |
| <TD COLSPAN=2 BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> |
| <A NAME="navbar_top_firstrow"><!-- --></A> |
| <TABLE BORDER="0" CELLPADDING="0" CELLSPACING="3" SUMMARY=""> |
| <TR ALIGN="center" VALIGN="top"> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../overview-summary.html"><FONT CLASS="NavBarFont1"><B>Overview</B></FONT></A> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-summary.html"><FONT CLASS="NavBarFont1"><B>Package</B></FONT></A> </TD> |
| <TD BGCOLOR="#FFFFFF" CLASS="NavBarCell1Rev"> <FONT CLASS="NavBarFont1Rev"><B>Class</B></FONT> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="class-use/SecurityConstants.html"><FONT CLASS="NavBarFont1"><B>Use</B></FONT></A> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-tree.html"><FONT CLASS="NavBarFont1"><B>Tree</B></FONT></A> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../deprecated-list.html"><FONT CLASS="NavBarFont1"><B>Deprecated</B></FONT></A> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../index-all.html"><FONT CLASS="NavBarFont1"><B>Index</B></FONT></A> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../help-doc.html"><FONT CLASS="NavBarFont1"><B>Help</B></FONT></A> </TD> |
| </TR> |
| </TABLE> |
| </TD> |
| <TD ALIGN="right" VALIGN="top" ROWSPAN=3><EM> |
| Apache CXF API</EM> |
| </TD> |
| </TR> |
| |
| <TR> |
| <TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2"> |
| PREV CLASS |
| NEXT CLASS</FONT></TD> |
| <TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2"> |
| <A HREF="../../../../../index.html?org/apache/cxf/ws/security/SecurityConstants.html" target="_top"><B>FRAMES</B></A> |
| <A HREF="SecurityConstants.html" target="_top"><B>NO FRAMES</B></A> |
| <SCRIPT type="text/javascript"> |
| <!-- |
| if(window==top) { |
| document.writeln('<A HREF="../../../../../allclasses-noframe.html"><B>All Classes</B></A>'); |
| } |
| //--> |
| </SCRIPT> |
| <NOSCRIPT> |
| <A HREF="../../../../../allclasses-noframe.html"><B>All Classes</B></A> |
| </NOSCRIPT> |
| |
| |
| </FONT></TD> |
| </TR> |
| <TR> |
| <TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2"> |
| SUMMARY: NESTED | <A HREF="#field_summary">FIELD</A> | CONSTR | <A HREF="#methods_inherited_from_class_java.lang.Object">METHOD</A></FONT></TD> |
| <TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2"> |
| DETAIL: <A HREF="#field_detail">FIELD</A> | CONSTR | METHOD</FONT></TD> |
| </TR> |
| </TABLE> |
| <A NAME="skip-navbar_top"></A> |
| <!-- ========= END OF TOP NAVBAR ========= --> |
| |
| <HR> |
| <!-- ======== START OF CLASS DATA ======== --> |
| <H2> |
| <FONT SIZE="-1"> |
| org.apache.cxf.ws.security</FONT> |
| <BR> |
| Class SecurityConstants</H2> |
| <PRE> |
| <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">java.lang.Object</A> |
| <IMG SRC="../../../../../resources/inherit.gif" ALT="extended by "><B>org.apache.cxf.ws.security.SecurityConstants</B> |
| </PRE> |
| <HR> |
| <DL> |
| <DT><PRE>public final class <B>SecurityConstants</B><DT>extends <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A></DL> |
| </PRE> |
| |
| <P> |
| Configuration tags used to configure the WS-SecurityPolicy layer. Some of them are also |
| used by the non WS-SecurityPolicy approach in the WSS4J(Out|In)Interceptors. |
| <P> |
| |
| <P> |
| <HR> |
| |
| <P> |
| <!-- =========== FIELD SUMMARY =========== --> |
| |
| <A NAME="field_summary"><!-- --></A> |
| <TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY=""> |
| <TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor"> |
| <TH ALIGN="left" COLSPAN="2"><FONT SIZE="+2"> |
| <B>Field Summary</B></FONT></TH> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#ACTOR">ACTOR</A></B></CODE> |
| |
| <BR> |
| The actor or role name of the wsse:Security header.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/util/Set.html?is-external=true" title="class or interface in java.util">Set</A><<A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A>></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#ALL_PROPERTIES">ALL_PROPERTIES</A></B></CODE> |
| |
| <BR> |
| </TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#ALWAYS_ENCRYPT_UT">ALWAYS_ENCRYPT_UT</A></B></CODE> |
| |
| <BR> |
| Whether to always encrypt UsernameTokens that are defined as a SupportingToken.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#ASYMMETRIC_SIGNATURE_ALGORITHM">ASYMMETRIC_SIGNATURE_ALGORITHM</A></B></CODE> |
| |
| <BR> |
| This configuration tag allows the user to override the default Asymmetric Signature |
| algorithm (RSA-SHA1) for use in WS-SecurityPolicy, as the WS-SecurityPolicy specification |
| does not allow the use of other algorithms at present.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#BST_TOKEN_VALIDATOR">BST_TOKEN_VALIDATOR</A></B></CODE> |
| |
| <BR> |
| The WSS4J Validator instance to use to validate BinarySecurityTokens.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#CACHE_CONFIG_FILE">CACHE_CONFIG_FILE</A></B></CODE> |
| |
| <BR> |
| Set this property to point to a configuration file for the underlying caching implementation.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#CACHE_IDENTIFIER">CACHE_IDENTIFIER</A></B></CODE> |
| |
| <BR> |
| The Cache Identifier to use with the TokenStore.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#CACHE_ISSUED_TOKEN_IN_ENDPOINT">CACHE_ISSUED_TOKEN_IN_ENDPOINT</A></B></CODE> |
| |
| <BR> |
| Set this to "false" to not cache a SecurityToken per proxy object in the |
| IssuedTokenInterceptorProvider.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#CALLBACK_HANDLER">CALLBACK_HANDLER</A></B></CODE> |
| |
| <BR> |
| The CallbackHandler implementation class used to obtain passwords, for both outbound and inbound |
| requests.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#DISABLE_STS_CLIENT_WSMEX_CALL_USING_EPR_ADDRESS">DISABLE_STS_CLIENT_WSMEX_CALL_USING_EPR_ADDRESS</A></B></CODE> |
| |
| <BR> |
| Whether to avoid STS client trying send WS-MetadataExchange call using |
| STS EPR WSA address when the endpoint contract contains no WS-MetadataExchange info.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#ENABLE_NONCE_CACHE">ENABLE_NONCE_CACHE</A></B></CODE> |
| |
| <BR> |
| Whether to cache UsernameToken nonces.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#ENABLE_REVOCATION">ENABLE_REVOCATION</A></B></CODE> |
| |
| <BR> |
| Whether to enable Certificate Revocation List (CRL) checking or not when verifying trust |
| in a certificate.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#ENABLE_SAML_ONE_TIME_USE_CACHE">ENABLE_SAML_ONE_TIME_USE_CACHE</A></B></CODE> |
| |
| <BR> |
| Whether to cache SAML2 Token Identifiers, if the token contains a "OneTimeUse" Condition.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#ENABLE_STREAMING_SECURITY">ENABLE_STREAMING_SECURITY</A></B></CODE> |
| |
| <BR> |
| Whether to enable streaming WS-Security.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#ENABLE_TIMESTAMP_CACHE">ENABLE_TIMESTAMP_CACHE</A></B></CODE> |
| |
| <BR> |
| Whether to cache Timestamp Created Strings (these are only cached in conjunction with a message |
| Signature).The default value is "true" for message recipients, and "false" for message initiators.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#ENCRYPT_CRYPTO">ENCRYPT_CRYPTO</A></B></CODE> |
| |
| <BR> |
| A Crypto object to be used for encryption.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#ENCRYPT_PROPERTIES">ENCRYPT_PROPERTIES</A></B></CODE> |
| |
| <BR> |
| The Crypto property configuration to use for encryption, if <CODE>ENCRYPT_CRYPTO</CODE> is not set instead.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#ENCRYPT_USERNAME">ENCRYPT_USERNAME</A></B></CODE> |
| |
| <BR> |
| The user's name for encryption.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#IS_BSP_COMPLIANT">IS_BSP_COMPLIANT</A></B></CODE> |
| |
| <BR> |
| Whether to ensure compliance with the Basic Security Profile (BSP) 1.1 or not.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#KERBEROS_CLIENT">KERBEROS_CLIENT</A></B></CODE> |
| |
| <BR> |
| A reference to the KerberosClient class used to obtain a service ticket.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#KERBEROS_JAAS_CONTEXT_NAME">KERBEROS_JAAS_CONTEXT_NAME</A></B></CODE> |
| |
| <BR> |
| The JAAS Context name to use for Kerberos.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#KERBEROS_SPN">KERBEROS_SPN</A></B></CODE> |
| |
| <BR> |
| The Kerberos Service Provider Name (spn) to use.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#MUST_UNDERSTAND">MUST_UNDERSTAND</A></B></CODE> |
| |
| <BR> |
| Set this to "false" in order to remove the SOAP mustUnderstand header from security headers generated based on |
| a WS-SecurityPolicy.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#NONCE_CACHE_INSTANCE">NONCE_CACHE_INSTANCE</A></B></CODE> |
| |
| <BR> |
| This holds a reference to a ReplayCache instance used to cache UsernameToken nonces.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#PASSWORD">PASSWORD</A></B></CODE> |
| |
| <BR> |
| The user's password when a <CODE>CALLBACK_HANDLER</CODE> is not defined.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#PASSWORD_ENCRYPTOR_INSTANCE">PASSWORD_ENCRYPTOR_INSTANCE</A></B></CODE> |
| |
| <BR> |
| This holds a reference to a PasswordEncryptor instance, which is used to encrypt or |
| decrypt passwords in the Merlin Crypto implementation (or any custom Crypto implementations).</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#RETURN_SECURITY_ERROR">RETURN_SECURITY_ERROR</A></B></CODE> |
| |
| <BR> |
| Whether to return the security error message to the client, and not one of the default error |
| QNames.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#SAML_CALLBACK_HANDLER">SAML_CALLBACK_HANDLER</A></B></CODE> |
| |
| <BR> |
| The SAML CallbackHandler implementation class used to construct SAML Assertions.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#SAML_ONE_TIME_USE_CACHE_INSTANCE">SAML_ONE_TIME_USE_CACHE_INSTANCE</A></B></CODE> |
| |
| <BR> |
| This holds a reference to a ReplayCache instance used to cache SAML2 Token Identifiers, when |
| the token has a "OneTimeUse" Condition.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#SAML_ROLE_ATTRIBUTENAME">SAML_ROLE_ATTRIBUTENAME</A></B></CODE> |
| |
| <BR> |
| The attribute URI of the SAML AttributeStatement where the role information is stored.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#SAML1_TOKEN_VALIDATOR">SAML1_TOKEN_VALIDATOR</A></B></CODE> |
| |
| <BR> |
| The WSS4J Validator instance to use to validate SAML 1.1 Tokens.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#SAML2_TOKEN_VALIDATOR">SAML2_TOKEN_VALIDATOR</A></B></CODE> |
| |
| <BR> |
| The WSS4J Validator instance to use to validate SAML 2.0 Tokens.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#SC_FROM_JAAS_SUBJECT">SC_FROM_JAAS_SUBJECT</A></B></CODE> |
| |
| <BR> |
| Set this to "false" if security context must not be created from JAAS Subject.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#SCT_TOKEN_VALIDATOR">SCT_TOKEN_VALIDATOR</A></B></CODE> |
| |
| <BR> |
| The WSS4J Validator instance to use to validate SecurityContextTokens.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#SIGNATURE_CRYPTO">SIGNATURE_CRYPTO</A></B></CODE> |
| |
| <BR> |
| A Crypto object to be used for signature.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#SIGNATURE_PROPERTIES">SIGNATURE_PROPERTIES</A></B></CODE> |
| |
| <BR> |
| The Crypto property configuration to use for signature, if <CODE>SIGNATURE_CRYPTO</CODE> is not set instead.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#SIGNATURE_TOKEN_VALIDATOR">SIGNATURE_TOKEN_VALIDATOR</A></B></CODE> |
| |
| <BR> |
| The WSS4J Validator instance to use to validate trust in credentials used in |
| Signature verification.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#SIGNATURE_USERNAME">SIGNATURE_USERNAME</A></B></CODE> |
| |
| <BR> |
| The user's name for signature.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#SPNEGO_CLIENT_ACTION">SPNEGO_CLIENT_ACTION</A></B></CODE> |
| |
| <BR> |
| The SpnegoClientAction implementation to use for SPNEGO.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#STS_APPLIES_TO">STS_APPLIES_TO</A></B></CODE> |
| |
| <BR> |
| The "AppliesTo" address to send to the STS.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#STS_CLIENT">STS_CLIENT</A></B></CODE> |
| |
| <BR> |
| A reference to the STSClient class used to communicate with the STS.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#STS_CLIENT_SOAP12_BINDING">STS_CLIENT_SOAP12_BINDING</A></B></CODE> |
| |
| <BR> |
| Switch STS client to send Soap 1.2 messages</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#STS_TOKEN_ACT_AS">STS_TOKEN_ACT_AS</A></B></CODE> |
| |
| <BR> |
| The token to be sent to the STS in an "ActAs" field.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#STS_TOKEN_CRYPTO">STS_TOKEN_CRYPTO</A></B></CODE> |
| |
| <BR> |
| A Crypto object to be used for the STS.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#STS_TOKEN_DO_CANCEL">STS_TOKEN_DO_CANCEL</A></B></CODE> |
| |
| <BR> |
| Whether to cancel a token when using SecureConversation after successful invocation.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#STS_TOKEN_ON_BEHALF_OF">STS_TOKEN_ON_BEHALF_OF</A></B></CODE> |
| |
| <BR> |
| The token to be sent to the STS in an "OnBehalfOf" field.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#STS_TOKEN_PROPERTIES">STS_TOKEN_PROPERTIES</A></B></CODE> |
| |
| <BR> |
| The Crypto property configuration to use for the STS, if <CODE>STS_TOKEN_CRYPTO</CODE> is not |
| set instead.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#STS_TOKEN_USE_CERT_FOR_KEYINFO">STS_TOKEN_USE_CERT_FOR_KEYINFO</A></B></CODE> |
| |
| <BR> |
| Whether to write out an X509Certificate structure in UseKey/KeyInfo, or whether to write |
| out a KeyValue structure.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#STS_TOKEN_USERNAME">STS_TOKEN_USERNAME</A></B></CODE> |
| |
| <BR> |
| The alias name in the keystore to get the user's public key to send to the STS for the |
| PublicKey KeyType case.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#SUBJECT_CERT_CONSTRAINTS">SUBJECT_CERT_CONSTRAINTS</A></B></CODE> |
| |
| <BR> |
| A comma separated String of regular expressions which will be applied to the subject DN of |
| the certificate used for signature validation, after trust verification of the certificate |
| chain associated with the certificate.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#SUBJECT_ROLE_CLASSIFIER">SUBJECT_ROLE_CLASSIFIER</A></B></CODE> |
| |
| <BR> |
| The Subject Role Classifier to use.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#SUBJECT_ROLE_CLASSIFIER_TYPE">SUBJECT_ROLE_CLASSIFIER_TYPE</A></B></CODE> |
| |
| <BR> |
| The Subject Role Classifier Type to use.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#TIMESTAMP_CACHE_INSTANCE">TIMESTAMP_CACHE_INSTANCE</A></B></CODE> |
| |
| <BR> |
| This holds a reference to a ReplayCache instance used to cache Timestamp Created Strings.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#TIMESTAMP_FUTURE_TTL">TIMESTAMP_FUTURE_TTL</A></B></CODE> |
| |
| <BR> |
| The time in seconds in the future within which the Created time of an incoming |
| Timestamp is valid.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#TIMESTAMP_TOKEN_VALIDATOR">TIMESTAMP_TOKEN_VALIDATOR</A></B></CODE> |
| |
| <BR> |
| The WSS4J Validator instance to use to validate Timestamps.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#TIMESTAMP_TTL">TIMESTAMP_TTL</A></B></CODE> |
| |
| <BR> |
| The time in seconds to append to the Creation value of an incoming Timestamp to determine |
| whether to accept the Timestamp as valid or not.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#TOKEN">TOKEN</A></B></CODE> |
| |
| <BR> |
| </TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#TOKEN_ID">TOKEN_ID</A></B></CODE> |
| |
| <BR> |
| </TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#TOKEN_STORE_CACHE_INSTANCE">TOKEN_STORE_CACHE_INSTANCE</A></B></CODE> |
| |
| <BR> |
| The TokenStore instance to use to cache security tokens.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#USERNAME">USERNAME</A></B></CODE> |
| |
| <BR> |
| The user's name.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#USERNAME_TOKEN_VALIDATOR">USERNAME_TOKEN_VALIDATOR</A></B></CODE> |
| |
| <BR> |
| The WSS4J Validator instance to use to validate UsernameTokens.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#USERNAMETOKEN_FUTURE_TTL">USERNAMETOKEN_FUTURE_TTL</A></B></CODE> |
| |
| <BR> |
| The time in seconds in the future within which the Created time of an incoming |
| UsernameToken is valid.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#USERNAMETOKEN_TTL">USERNAMETOKEN_TTL</A></B></CODE> |
| |
| <BR> |
| The time in seconds to append to the Creation value of an incoming UsernameToken to determine |
| whether to accept the UsernameToken as valid or not.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#VALIDATE_SAML_SUBJECT_CONFIRMATION">VALIDATE_SAML_SUBJECT_CONFIRMATION</A></B></CODE> |
| |
| <BR> |
| Whether to validate the SubjectConfirmation requirements of a received SAML Token |
| (sender-vouches or holder-of-key).</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>static <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/cxf/ws/security/SecurityConstants.html#VALIDATE_TOKEN">VALIDATE_TOKEN</A></B></CODE> |
| |
| <BR> |
| Whether to validate the password of a received UsernameToken or not.</TD> |
| </TR> |
| </TABLE> |
| |
| <!-- ========== METHOD SUMMARY =========== --> |
| |
| <A NAME="method_summary"><!-- --></A> |
| <TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY=""> |
| <TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor"> |
| <TH ALIGN="left" COLSPAN="2"><FONT SIZE="+2"> |
| <B>Method Summary</B></FONT></TH> |
| </TR> |
| </TABLE> |
| <A NAME="methods_inherited_from_class_java.lang.Object"><!-- --></A> |
| <TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY=""> |
| <TR BGCOLOR="#EEEEFF" CLASS="TableSubHeadingColor"> |
| <TH ALIGN="left"><B>Methods inherited from class java.lang.<A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A></B></TH> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD><CODE><A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true#clone()" title="class or interface in java.lang">clone</A>, <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true#equals(java.lang.Object)" title="class or interface in java.lang">equals</A>, <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true#finalize()" title="class or interface in java.lang">finalize</A>, <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true#getClass()" title="class or interface in java.lang">getClass</A>, <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true#hashCode()" title="class or interface in java.lang">hashCode</A>, <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true#notify()" title="class or interface in java.lang">notify</A>, <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true#notifyAll()" title="class or interface in java.lang">notifyAll</A>, <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true#toString()" title="class or interface in java.lang">toString</A>, <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true#wait()" title="class or interface in java.lang">wait</A>, <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true#wait(long)" title="class or interface in java.lang">wait</A>, <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true#wait(long, int)" title="class or interface in java.lang">wait</A></CODE></TD> |
| </TR> |
| </TABLE> |
| |
| <P> |
| |
| <!-- ============ FIELD DETAIL =========== --> |
| |
| <A NAME="field_detail"><!-- --></A> |
| <TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY=""> |
| <TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor"> |
| <TH ALIGN="left" COLSPAN="1"><FONT SIZE="+2"> |
| <B>Field Detail</B></FONT></TH> |
| </TR> |
| </TABLE> |
| |
| <A NAME="USERNAME"><!-- --></A><H3> |
| USERNAME</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>USERNAME</B></PRE> |
| <DL> |
| <DD>The user's name. It is used differently by each of the WS-Security functions: |
| a) It is used as the name in the UsernameToken |
| b) It is used as the alias name in the keystore to get the user's cert and private key for signature |
| if <CODE>SIGNATURE_USERNAME</CODE> is not set. |
| c) It is used as the alias name in the keystore to get the user's public key for encryption if |
| <CODE>ENCRYPT_USERNAME</CODE> is not set. |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.USERNAME">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="PASSWORD"><!-- --></A><H3> |
| PASSWORD</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>PASSWORD</B></PRE> |
| <DL> |
| <DD>The user's password when a <CODE>CALLBACK_HANDLER</CODE> is not defined. It is currently only used for |
| the case of adding a password to a UsernameToken. |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.PASSWORD">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="SIGNATURE_USERNAME"><!-- --></A><H3> |
| SIGNATURE_USERNAME</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>SIGNATURE_USERNAME</B></PRE> |
| <DL> |
| <DD>The user's name for signature. It is used as the alias name in the keystore to get the user's cert |
| and private key for signature. If this is not defined, then <CODE>USERNAME</CODE> is used instead. If |
| that is also not specified, it uses the the default alias set in the properties file referenced by |
| <CODE>SIGNATURE_PROPERTIES</CODE>. If that's also not set, and the keystore only contains a single key, |
| that key will be used. |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.SIGNATURE_USERNAME">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="ENCRYPT_USERNAME"><!-- --></A><H3> |
| ENCRYPT_USERNAME</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>ENCRYPT_USERNAME</B></PRE> |
| <DL> |
| <DD>The user's name for encryption. It is used as the alias name in the keystore to get the user's public |
| key for encryption. If this is not defined, then <CODE>USERNAME</CODE> is used instead. If |
| that is also not specified, it uses the the default alias set in the properties file referenced by |
| <CODE>ENCRYPT_PROPERTIES</CODE>. If that's also not set, and the keystore only contains a single key, |
| that key will be used. |
| |
| For the web service provider, the "useReqSigCert" keyword can be used to accept (encrypt to) any |
| client whose public key is in the service's truststore (defined in <CODE>ENCRYPT_PROPERTIES</CODE>). |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.ENCRYPT_USERNAME">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="ACTOR"><!-- --></A><H3> |
| ACTOR</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>ACTOR</B></PRE> |
| <DL> |
| <DD>The actor or role name of the wsse:Security header. If this parameter |
| is omitted, the actor name is not set. |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.ACTOR">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="CALLBACK_HANDLER"><!-- --></A><H3> |
| CALLBACK_HANDLER</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>CALLBACK_HANDLER</B></PRE> |
| <DL> |
| <DD>The CallbackHandler implementation class used to obtain passwords, for both outbound and inbound |
| requests. The value of this tag must be either: |
| a) The class name of a <A HREF="http://docs.oracle.com/javase/6/docs/api/javax/security/auth/callback/CallbackHandler.html?is-external=true" title="class or interface in javax.security.auth.callback"><CODE>CallbackHandler</CODE></A> instance, which must |
| be accessible via the classpath. |
| b) A <A HREF="http://docs.oracle.com/javase/6/docs/api/javax/security/auth/callback/CallbackHandler.html?is-external=true" title="class or interface in javax.security.auth.callback"><CODE>CallbackHandler</CODE></A> instance. |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.CALLBACK_HANDLER">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="SAML_CALLBACK_HANDLER"><!-- --></A><H3> |
| SAML_CALLBACK_HANDLER</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>SAML_CALLBACK_HANDLER</B></PRE> |
| <DL> |
| <DD>The SAML CallbackHandler implementation class used to construct SAML Assertions. The value of this |
| tag must be either: |
| a) The class name of a <A HREF="http://docs.oracle.com/javase/6/docs/api/javax/security/auth/callback/CallbackHandler.html?is-external=true" title="class or interface in javax.security.auth.callback"><CODE>CallbackHandler</CODE></A> instance, which must |
| be accessible via the classpath. |
| b) A <A HREF="http://docs.oracle.com/javase/6/docs/api/javax/security/auth/callback/CallbackHandler.html?is-external=true" title="class or interface in javax.security.auth.callback"><CODE>CallbackHandler</CODE></A> instance. |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.SAML_CALLBACK_HANDLER">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="SIGNATURE_PROPERTIES"><!-- --></A><H3> |
| SIGNATURE_PROPERTIES</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>SIGNATURE_PROPERTIES</B></PRE> |
| <DL> |
| <DD>The Crypto property configuration to use for signature, if <CODE>SIGNATURE_CRYPTO</CODE> is not set instead. |
| The value of this tag must be either: |
| a) A Java Properties object that contains the Crypto configuration. |
| b) The path of the Crypto property file that contains the Crypto configuration. |
| c) A URL that points to the Crypto property file that contains the Crypto configuration. |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.SIGNATURE_PROPERTIES">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="ENCRYPT_PROPERTIES"><!-- --></A><H3> |
| ENCRYPT_PROPERTIES</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>ENCRYPT_PROPERTIES</B></PRE> |
| <DL> |
| <DD>The Crypto property configuration to use for encryption, if <CODE>ENCRYPT_CRYPTO</CODE> is not set instead. |
| The value of this tag must be either: |
| a) A Java Properties object that contains the Crypto configuration. |
| b) The path of the Crypto property file that contains the Crypto configuration. |
| c) A URL that points to the Crypto property file that contains the Crypto configuration. |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.ENCRYPT_PROPERTIES">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="SIGNATURE_CRYPTO"><!-- --></A><H3> |
| SIGNATURE_CRYPTO</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>SIGNATURE_CRYPTO</B></PRE> |
| <DL> |
| <DD>A Crypto object to be used for signature. If this is not defined then the |
| <CODE>SIGNATURE_PROPERTIES</CODE> is used instead. |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.SIGNATURE_CRYPTO">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="ENCRYPT_CRYPTO"><!-- --></A><H3> |
| ENCRYPT_CRYPTO</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>ENCRYPT_CRYPTO</B></PRE> |
| <DL> |
| <DD>A Crypto object to be used for encryption. If this is not defined then the |
| <CODE>ENCRYPT_PROPERTIES</CODE> is used instead. |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.ENCRYPT_CRYPTO">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="VALIDATE_TOKEN"><!-- --></A><H3> |
| VALIDATE_TOKEN</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>VALIDATE_TOKEN</B></PRE> |
| <DL> |
| <DD>Whether to validate the password of a received UsernameToken or not. The default is true. |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.VALIDATE_TOKEN">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="ENABLE_REVOCATION"><!-- --></A><H3> |
| ENABLE_REVOCATION</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>ENABLE_REVOCATION</B></PRE> |
| <DL> |
| <DD>Whether to enable Certificate Revocation List (CRL) checking or not when verifying trust |
| in a certificate. The default value is "false". |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.ENABLE_REVOCATION">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="ALWAYS_ENCRYPT_UT"><!-- --></A><H3> |
| ALWAYS_ENCRYPT_UT</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>ALWAYS_ENCRYPT_UT</B></PRE> |
| <DL> |
| <DD>Whether to always encrypt UsernameTokens that are defined as a SupportingToken. The default |
| is true. This should not be set to false in a production environment, as it exposes the |
| password (or the digest of the password) on the wire. |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.ALWAYS_ENCRYPT_UT">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="IS_BSP_COMPLIANT"><!-- --></A><H3> |
| IS_BSP_COMPLIANT</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>IS_BSP_COMPLIANT</B></PRE> |
| <DL> |
| <DD>Whether to ensure compliance with the Basic Security Profile (BSP) 1.1 or not. The |
| default value is "true". |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.IS_BSP_COMPLIANT">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="ENABLE_NONCE_CACHE"><!-- --></A><H3> |
| ENABLE_NONCE_CACHE</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>ENABLE_NONCE_CACHE</B></PRE> |
| <DL> |
| <DD>Whether to cache UsernameToken nonces. The default value is "true" for message recipients, and |
| "false" for message initiators. Set it to true to cache for both cases. Set this to "false" to |
| not cache UsernameToken nonces. Note that caching only applies when either a UsernameToken |
| WS-SecurityPolicy is in effect, or else that a UsernameToken action has been configured |
| for the non-security-policy case. |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.ENABLE_NONCE_CACHE">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="ENABLE_TIMESTAMP_CACHE"><!-- --></A><H3> |
| ENABLE_TIMESTAMP_CACHE</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>ENABLE_TIMESTAMP_CACHE</B></PRE> |
| <DL> |
| <DD>Whether to cache Timestamp Created Strings (these are only cached in conjunction with a message |
| Signature).The default value is "true" for message recipients, and "false" for message initiators. |
| Set it to true to cache for both cases. Set this to "false" to not cache Timestamp Created Strings. |
| Note that caching only applies when either a "IncludeTimestamp" policy is in effect, or |
| else that a Timestamp action has been configured for the non-security-policy case. |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.ENABLE_TIMESTAMP_CACHE">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="ENABLE_SAML_ONE_TIME_USE_CACHE"><!-- --></A><H3> |
| ENABLE_SAML_ONE_TIME_USE_CACHE</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>ENABLE_SAML_ONE_TIME_USE_CACHE</B></PRE> |
| <DL> |
| <DD>Whether to cache SAML2 Token Identifiers, if the token contains a "OneTimeUse" Condition. |
| The default value is "true" for message recipients, and "false" for message initiators. |
| Set it to true to cache for both cases. Set this to "false" to not cache SAML2 Token Identifiers. |
| Note that caching only applies when either a "SamlToken" policy is in effect, or |
| else that a SAML action has been configured for the non-security-policy case. |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.ENABLE_SAML_ONE_TIME_USE_CACHE">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="VALIDATE_SAML_SUBJECT_CONFIRMATION"><!-- --></A><H3> |
| VALIDATE_SAML_SUBJECT_CONFIRMATION</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>VALIDATE_SAML_SUBJECT_CONFIRMATION</B></PRE> |
| <DL> |
| <DD>Whether to validate the SubjectConfirmation requirements of a received SAML Token |
| (sender-vouches or holder-of-key). The default is true. |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.VALIDATE_SAML_SUBJECT_CONFIRMATION">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="ENABLE_STREAMING_SECURITY"><!-- --></A><H3> |
| ENABLE_STREAMING_SECURITY</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>ENABLE_STREAMING_SECURITY</B></PRE> |
| <DL> |
| <DD>Whether to enable streaming WS-Security. If set to false (the default), the old DOM |
| implementation is used. If set to true, the new streaming (StAX) implementation is used. |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.ENABLE_STREAMING_SECURITY">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="RETURN_SECURITY_ERROR"><!-- --></A><H3> |
| RETURN_SECURITY_ERROR</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>RETURN_SECURITY_ERROR</B></PRE> |
| <DL> |
| <DD>Whether to return the security error message to the client, and not one of the default error |
| QNames. The default is false. |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.RETURN_SECURITY_ERROR">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="TIMESTAMP_TTL"><!-- --></A><H3> |
| TIMESTAMP_TTL</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>TIMESTAMP_TTL</B></PRE> |
| <DL> |
| <DD>The time in seconds to append to the Creation value of an incoming Timestamp to determine |
| whether to accept the Timestamp as valid or not. The default value is 300 seconds (5 minutes). |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.TIMESTAMP_TTL">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="TIMESTAMP_FUTURE_TTL"><!-- --></A><H3> |
| TIMESTAMP_FUTURE_TTL</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>TIMESTAMP_FUTURE_TTL</B></PRE> |
| <DL> |
| <DD>The time in seconds in the future within which the Created time of an incoming |
| Timestamp is valid. The default value is "60", to avoid problems where clocks are |
| slightly askew. To reject all future-created Timestamps, set this value to "0". |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.TIMESTAMP_FUTURE_TTL">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="USERNAMETOKEN_TTL"><!-- --></A><H3> |
| USERNAMETOKEN_TTL</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>USERNAMETOKEN_TTL</B></PRE> |
| <DL> |
| <DD>The time in seconds to append to the Creation value of an incoming UsernameToken to determine |
| whether to accept the UsernameToken as valid or not. The default value is 300 seconds (5 minutes). |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.USERNAMETOKEN_TTL">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="USERNAMETOKEN_FUTURE_TTL"><!-- --></A><H3> |
| USERNAMETOKEN_FUTURE_TTL</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>USERNAMETOKEN_FUTURE_TTL</B></PRE> |
| <DL> |
| <DD>The time in seconds in the future within which the Created time of an incoming |
| UsernameToken is valid. The default value is "60", to avoid problems where clocks are |
| slightly askew. To reject all future-created UsernameTokens, set this value to "0". |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.USERNAMETOKEN_FUTURE_TTL">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="SAML_ROLE_ATTRIBUTENAME"><!-- --></A><H3> |
| SAML_ROLE_ATTRIBUTENAME</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>SAML_ROLE_ATTRIBUTENAME</B></PRE> |
| <DL> |
| <DD>The attribute URI of the SAML AttributeStatement where the role information is stored. |
| The default is "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role". |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.SAML_ROLE_ATTRIBUTENAME">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="KERBEROS_CLIENT"><!-- --></A><H3> |
| KERBEROS_CLIENT</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>KERBEROS_CLIENT</B></PRE> |
| <DL> |
| <DD>A reference to the KerberosClient class used to obtain a service ticket. |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.KERBEROS_CLIENT">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="SPNEGO_CLIENT_ACTION"><!-- --></A><H3> |
| SPNEGO_CLIENT_ACTION</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>SPNEGO_CLIENT_ACTION</B></PRE> |
| <DL> |
| <DD>The SpnegoClientAction implementation to use for SPNEGO. This allows the user to plug in |
| a different implementation to obtain a service ticket. |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.SPNEGO_CLIENT_ACTION">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="KERBEROS_JAAS_CONTEXT_NAME"><!-- --></A><H3> |
| KERBEROS_JAAS_CONTEXT_NAME</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>KERBEROS_JAAS_CONTEXT_NAME</B></PRE> |
| <DL> |
| <DD>The JAAS Context name to use for Kerberos. This is currently only supported for SPNEGO. |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.KERBEROS_JAAS_CONTEXT_NAME">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="KERBEROS_SPN"><!-- --></A><H3> |
| KERBEROS_SPN</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>KERBEROS_SPN</B></PRE> |
| <DL> |
| <DD>The Kerberos Service Provider Name (spn) to use. This is currently only supported for SPNEGO. |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.KERBEROS_SPN">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="NONCE_CACHE_INSTANCE"><!-- --></A><H3> |
| NONCE_CACHE_INSTANCE</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>NONCE_CACHE_INSTANCE</B></PRE> |
| <DL> |
| <DD>This holds a reference to a ReplayCache instance used to cache UsernameToken nonces. The |
| default instance that is used is the EHCacheReplayCache. |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.NONCE_CACHE_INSTANCE">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="TIMESTAMP_CACHE_INSTANCE"><!-- --></A><H3> |
| TIMESTAMP_CACHE_INSTANCE</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>TIMESTAMP_CACHE_INSTANCE</B></PRE> |
| <DL> |
| <DD>This holds a reference to a ReplayCache instance used to cache Timestamp Created Strings. The |
| default instance that is used is the EHCacheReplayCache. |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.TIMESTAMP_CACHE_INSTANCE">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="SAML_ONE_TIME_USE_CACHE_INSTANCE"><!-- --></A><H3> |
| SAML_ONE_TIME_USE_CACHE_INSTANCE</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>SAML_ONE_TIME_USE_CACHE_INSTANCE</B></PRE> |
| <DL> |
| <DD>This holds a reference to a ReplayCache instance used to cache SAML2 Token Identifiers, when |
| the token has a "OneTimeUse" Condition. The default instance that is used is the EHCacheReplayCache. |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.SAML_ONE_TIME_USE_CACHE_INSTANCE">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="CACHE_CONFIG_FILE"><!-- --></A><H3> |
| CACHE_CONFIG_FILE</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>CACHE_CONFIG_FILE</B></PRE> |
| <DL> |
| <DD>Set this property to point to a configuration file for the underlying caching implementation. |
| The default configuration file that is used is cxf-ehcache.xml in this module. |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.CACHE_CONFIG_FILE">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="TOKEN_STORE_CACHE_INSTANCE"><!-- --></A><H3> |
| TOKEN_STORE_CACHE_INSTANCE</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>TOKEN_STORE_CACHE_INSTANCE</B></PRE> |
| <DL> |
| <DD>The TokenStore instance to use to cache security tokens. By default this uses the |
| EHCacheTokenStore if EhCache is available. Otherwise it uses the MemoryTokenStore. |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.TOKEN_STORE_CACHE_INSTANCE">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="CACHE_IDENTIFIER"><!-- --></A><H3> |
| CACHE_IDENTIFIER</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>CACHE_IDENTIFIER</B></PRE> |
| <DL> |
| <DD>The Cache Identifier to use with the TokenStore. CXF uses the following key to retrieve a |
| token store: "org.apache.cxf.ws.security.tokenstore.TokenStore-<identifier>". This key can be |
| used to configure service-specific cache configuration. If the identifier does not match, then it |
| falls back to a cache configuration with key "org.apache.cxf.ws.security.tokenstore.TokenStore". |
| |
| The default "<identifier>" is the QName of the service in question. However to pick up a |
| custom cache configuration (for example, if you want to specify a TokenStore per-client proxy), |
| it can be configured with this identifier instead. |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.CACHE_IDENTIFIER">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="SUBJECT_CERT_CONSTRAINTS"><!-- --></A><H3> |
| SUBJECT_CERT_CONSTRAINTS</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>SUBJECT_CERT_CONSTRAINTS</B></PRE> |
| <DL> |
| <DD>A comma separated String of regular expressions which will be applied to the subject DN of |
| the certificate used for signature validation, after trust verification of the certificate |
| chain associated with the certificate. |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.SUBJECT_CERT_CONSTRAINTS">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="SUBJECT_ROLE_CLASSIFIER"><!-- --></A><H3> |
| SUBJECT_ROLE_CLASSIFIER</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>SUBJECT_ROLE_CLASSIFIER</B></PRE> |
| <DL> |
| <DD>The Subject Role Classifier to use. If one of the WSS4J Validators returns a JAAS Subject |
| from Validation, then the WSS4JInInterceptor will attempt to create a SecurityContext |
| based on this Subject. If this value is not specified, then it tries to get roles using |
| the DefaultSecurityContext in cxf-rt-core. Otherwise it uses this value in combination |
| with the SUBJECT_ROLE_CLASSIFIER_TYPE to get the roles from the Subject. |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.SUBJECT_ROLE_CLASSIFIER">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="SUBJECT_ROLE_CLASSIFIER_TYPE"><!-- --></A><H3> |
| SUBJECT_ROLE_CLASSIFIER_TYPE</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>SUBJECT_ROLE_CLASSIFIER_TYPE</B></PRE> |
| <DL> |
| <DD>The Subject Role Classifier Type to use. If one of the WSS4J Validators returns a JAAS Subject |
| from Validation, then the WSS4JInInterceptor will attempt to create a SecurityContext |
| based on this Subject. Currently accepted values are "prefix" or "classname". Must be |
| used in conjunction with the SUBJECT_ROLE_CLASSIFIER. The default value is "prefix". |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.SUBJECT_ROLE_CLASSIFIER_TYPE">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="ASYMMETRIC_SIGNATURE_ALGORITHM"><!-- --></A><H3> |
| ASYMMETRIC_SIGNATURE_ALGORITHM</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>ASYMMETRIC_SIGNATURE_ALGORITHM</B></PRE> |
| <DL> |
| <DD>This configuration tag allows the user to override the default Asymmetric Signature |
| algorithm (RSA-SHA1) for use in WS-SecurityPolicy, as the WS-SecurityPolicy specification |
| does not allow the use of other algorithms at present. |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.ASYMMETRIC_SIGNATURE_ALGORITHM">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="PASSWORD_ENCRYPTOR_INSTANCE"><!-- --></A><H3> |
| PASSWORD_ENCRYPTOR_INSTANCE</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>PASSWORD_ENCRYPTOR_INSTANCE</B></PRE> |
| <DL> |
| <DD>This holds a reference to a PasswordEncryptor instance, which is used to encrypt or |
| decrypt passwords in the Merlin Crypto implementation (or any custom Crypto implementations). |
| |
| By default, WSS4J uses the JasyptPasswordEncryptor, which must be instantiated with a |
| master password to use to decrypt keystore passwords in the Merlin Crypto properties file. |
| This master password is obtained via the CallbackHandler defined via PW_CALLBACK_CLASS |
| or PW_CALLBACK_REF. |
| |
| The encrypted passwords must be stored in the format "ENC(encoded encrypted password)". |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.PASSWORD_ENCRYPTOR_INSTANCE">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="USERNAME_TOKEN_VALIDATOR"><!-- --></A><H3> |
| USERNAME_TOKEN_VALIDATOR</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>USERNAME_TOKEN_VALIDATOR</B></PRE> |
| <DL> |
| <DD>The WSS4J Validator instance to use to validate UsernameTokens. The default value is the |
| UsernameTokenValidator. |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.USERNAME_TOKEN_VALIDATOR">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="SAML1_TOKEN_VALIDATOR"><!-- --></A><H3> |
| SAML1_TOKEN_VALIDATOR</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>SAML1_TOKEN_VALIDATOR</B></PRE> |
| <DL> |
| <DD>The WSS4J Validator instance to use to validate SAML 1.1 Tokens. The default value is the |
| SamlAssertionValidator. |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.SAML1_TOKEN_VALIDATOR">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="SAML2_TOKEN_VALIDATOR"><!-- --></A><H3> |
| SAML2_TOKEN_VALIDATOR</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>SAML2_TOKEN_VALIDATOR</B></PRE> |
| <DL> |
| <DD>The WSS4J Validator instance to use to validate SAML 2.0 Tokens. The default value is the |
| SamlAssertionValidator. |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.SAML2_TOKEN_VALIDATOR">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="TIMESTAMP_TOKEN_VALIDATOR"><!-- --></A><H3> |
| TIMESTAMP_TOKEN_VALIDATOR</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>TIMESTAMP_TOKEN_VALIDATOR</B></PRE> |
| <DL> |
| <DD>The WSS4J Validator instance to use to validate Timestamps. The default value is the |
| TimestampValidator. |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.TIMESTAMP_TOKEN_VALIDATOR">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="SIGNATURE_TOKEN_VALIDATOR"><!-- --></A><H3> |
| SIGNATURE_TOKEN_VALIDATOR</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>SIGNATURE_TOKEN_VALIDATOR</B></PRE> |
| <DL> |
| <DD>The WSS4J Validator instance to use to validate trust in credentials used in |
| Signature verification. The default value is the SignatureTrustValidator. |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.SIGNATURE_TOKEN_VALIDATOR">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="BST_TOKEN_VALIDATOR"><!-- --></A><H3> |
| BST_TOKEN_VALIDATOR</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>BST_TOKEN_VALIDATOR</B></PRE> |
| <DL> |
| <DD>The WSS4J Validator instance to use to validate BinarySecurityTokens. The default value |
| is the NoOpValidator. |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.BST_TOKEN_VALIDATOR">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="SCT_TOKEN_VALIDATOR"><!-- --></A><H3> |
| SCT_TOKEN_VALIDATOR</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>SCT_TOKEN_VALIDATOR</B></PRE> |
| <DL> |
| <DD>The WSS4J Validator instance to use to validate SecurityContextTokens. The default value is |
| the NoOpValidator. |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.SCT_TOKEN_VALIDATOR">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="STS_CLIENT"><!-- --></A><H3> |
| STS_CLIENT</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>STS_CLIENT</B></PRE> |
| <DL> |
| <DD>A reference to the STSClient class used to communicate with the STS. |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.STS_CLIENT">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="STS_APPLIES_TO"><!-- --></A><H3> |
| STS_APPLIES_TO</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>STS_APPLIES_TO</B></PRE> |
| <DL> |
| <DD>The "AppliesTo" address to send to the STS. The default is the endpoint address of the |
| service provider. |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.STS_APPLIES_TO">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="STS_TOKEN_USE_CERT_FOR_KEYINFO"><!-- --></A><H3> |
| STS_TOKEN_USE_CERT_FOR_KEYINFO</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>STS_TOKEN_USE_CERT_FOR_KEYINFO</B></PRE> |
| <DL> |
| <DD>Whether to write out an X509Certificate structure in UseKey/KeyInfo, or whether to write |
| out a KeyValue structure. The default value is "false". |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.STS_TOKEN_USE_CERT_FOR_KEYINFO">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="STS_TOKEN_DO_CANCEL"><!-- --></A><H3> |
| STS_TOKEN_DO_CANCEL</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>STS_TOKEN_DO_CANCEL</B></PRE> |
| <DL> |
| <DD>Whether to cancel a token when using SecureConversation after successful invocation. The |
| default is "false". |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.STS_TOKEN_DO_CANCEL">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="CACHE_ISSUED_TOKEN_IN_ENDPOINT"><!-- --></A><H3> |
| CACHE_ISSUED_TOKEN_IN_ENDPOINT</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>CACHE_ISSUED_TOKEN_IN_ENDPOINT</B></PRE> |
| <DL> |
| <DD>Set this to "false" to not cache a SecurityToken per proxy object in the |
| IssuedTokenInterceptorProvider. This should be done if a token is being retrieved |
| from an STS in an intermediary. The default value is "true". |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.CACHE_ISSUED_TOKEN_IN_ENDPOINT">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="DISABLE_STS_CLIENT_WSMEX_CALL_USING_EPR_ADDRESS"><!-- --></A><H3> |
| DISABLE_STS_CLIENT_WSMEX_CALL_USING_EPR_ADDRESS</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>DISABLE_STS_CLIENT_WSMEX_CALL_USING_EPR_ADDRESS</B></PRE> |
| <DL> |
| <DD>Whether to avoid STS client trying send WS-MetadataExchange call using |
| STS EPR WSA address when the endpoint contract contains no WS-MetadataExchange info. |
| The default value is "false". |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.DISABLE_STS_CLIENT_WSMEX_CALL_USING_EPR_ADDRESS">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="STS_CLIENT_SOAP12_BINDING"><!-- --></A><H3> |
| STS_CLIENT_SOAP12_BINDING</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>STS_CLIENT_SOAP12_BINDING</B></PRE> |
| <DL> |
| <DD>Switch STS client to send Soap 1.2 messages |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.STS_CLIENT_SOAP12_BINDING">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="STS_TOKEN_CRYPTO"><!-- --></A><H3> |
| STS_TOKEN_CRYPTO</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>STS_TOKEN_CRYPTO</B></PRE> |
| <DL> |
| <DD>A Crypto object to be used for the STS. If this is not defined then the |
| <CODE>STS_TOKEN_PROPERTIES</CODE> is used instead. |
| |
| WCF's trust server sometimes will encrypt the token in the response IN ADDITION TO |
| the full security on the message. These properties control the way the STS client |
| will decrypt the EncryptedData elements in the response. |
| |
| These are also used by the STSClient to send/process any RSA/DSAKeyValue tokens |
| used if the KeyType is "PublicKey" |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.STS_TOKEN_CRYPTO">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="STS_TOKEN_PROPERTIES"><!-- --></A><H3> |
| STS_TOKEN_PROPERTIES</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>STS_TOKEN_PROPERTIES</B></PRE> |
| <DL> |
| <DD>The Crypto property configuration to use for the STS, if <CODE>STS_TOKEN_CRYPTO</CODE> is not |
| set instead. |
| The value of this tag must be either: |
| a) A Java Properties object that contains the Crypto configuration. |
| b) The path of the Crypto property file that contains the Crypto configuration. |
| c) A URL that points to the Crypto property file that contains the Crypto configuration. |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.STS_TOKEN_PROPERTIES">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="STS_TOKEN_USERNAME"><!-- --></A><H3> |
| STS_TOKEN_USERNAME</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>STS_TOKEN_USERNAME</B></PRE> |
| <DL> |
| <DD>The alias name in the keystore to get the user's public key to send to the STS for the |
| PublicKey KeyType case. |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.STS_TOKEN_USERNAME">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="STS_TOKEN_ACT_AS"><!-- --></A><H3> |
| STS_TOKEN_ACT_AS</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>STS_TOKEN_ACT_AS</B></PRE> |
| <DL> |
| <DD>The token to be sent to the STS in an "ActAs" field. It can be either: |
| a) A String (which must be an XML statement like "<wst:OnBehalfOf xmlns:wst=...>...</wst:OnBehalfOf>") |
| b) A DOM Element |
| c) A CallbackHandler object to use to obtain the token |
| |
| In the case of a CallbackHandler, it must be able to handle a |
| org.apache.cxf.ws.security.trust.delegation.DelegationCallback Object, which contains a |
| reference to the current Message. The CallbackHandler implementation is required to set |
| the token Element to be sent in the request on the Callback. |
| |
| Some examples that can be reused are: |
| org.apache.cxf.ws.security.trust.delegation.ReceivedTokenCallbackHandler |
| org.apache.cxf.ws.security.trust.delegation.WSSUsernameCallbackHandler |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.STS_TOKEN_ACT_AS">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="STS_TOKEN_ON_BEHALF_OF"><!-- --></A><H3> |
| STS_TOKEN_ON_BEHALF_OF</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>STS_TOKEN_ON_BEHALF_OF</B></PRE> |
| <DL> |
| <DD>The token to be sent to the STS in an "OnBehalfOf" field. It can be either: |
| a) A String (which must be an XML statement like "<wst:OnBehalfOf xmlns:wst=...>...</wst:OnBehalfOf>") |
| b) A DOM Element |
| c) A CallbackHandler object to use to obtain the token |
| |
| In the case of a CallbackHandler, it must be able to handle a |
| org.apache.cxf.ws.security.trust.delegation.DelegationCallback Object, which contains a |
| reference to the current Message. The CallbackHandler implementation is required to set |
| the token Element to be sent in the request on the Callback. |
| |
| Some examples that can be reused are: |
| org.apache.cxf.ws.security.trust.delegation.ReceivedTokenCallbackHandler |
| org.apache.cxf.ws.security.trust.delegation.WSSUsernameCallbackHandler |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.STS_TOKEN_ON_BEHALF_OF">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="MUST_UNDERSTAND"><!-- --></A><H3> |
| MUST_UNDERSTAND</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>MUST_UNDERSTAND</B></PRE> |
| <DL> |
| <DD>Set this to "false" in order to remove the SOAP mustUnderstand header from security headers generated based on |
| a WS-SecurityPolicy. |
| |
| The default value is "true" which included the SOAP mustUnderstand header. |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.MUST_UNDERSTAND">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="SC_FROM_JAAS_SUBJECT"><!-- --></A><H3> |
| SC_FROM_JAAS_SUBJECT</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>SC_FROM_JAAS_SUBJECT</B></PRE> |
| <DL> |
| <DD>Set this to "false" if security context must not be created from JAAS Subject. |
| |
| The default value is "true". |
| <P> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.SC_FROM_JAAS_SUBJECT">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="TOKEN"><!-- --></A><H3> |
| TOKEN</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>TOKEN</B></PRE> |
| <DL> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.TOKEN">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="TOKEN_ID"><!-- --></A><H3> |
| TOKEN_ID</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>TOKEN_ID</B></PRE> |
| <DL> |
| <DL> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../constant-values.html#org.apache.cxf.ws.security.SecurityConstants.TOKEN_ID">Constant Field Values</A></DL> |
| </DL> |
| <HR> |
| |
| <A NAME="ALL_PROPERTIES"><!-- --></A><H3> |
| ALL_PROPERTIES</H3> |
| <PRE> |
| public static final <A HREF="http://docs.oracle.com/javase/6/docs/api/java/util/Set.html?is-external=true" title="class or interface in java.util">Set</A><<A HREF="http://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A>> <B>ALL_PROPERTIES</B></PRE> |
| <DL> |
| <DL> |
| </DL> |
| </DL> |
| <!-- ========= END OF CLASS DATA ========= --> |
| <HR> |
| |
| |
| <!-- ======= START OF BOTTOM NAVBAR ====== --> |
| <A NAME="navbar_bottom"><!-- --></A> |
| <A HREF="#skip-navbar_bottom" title="Skip navigation links"></A> |
| <TABLE BORDER="0" WIDTH="100%" CELLPADDING="1" CELLSPACING="0" SUMMARY=""> |
| <TR> |
| <TD COLSPAN=2 BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> |
| <A NAME="navbar_bottom_firstrow"><!-- --></A> |
| <TABLE BORDER="0" CELLPADDING="0" CELLSPACING="3" SUMMARY=""> |
| <TR ALIGN="center" VALIGN="top"> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../overview-summary.html"><FONT CLASS="NavBarFont1"><B>Overview</B></FONT></A> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-summary.html"><FONT CLASS="NavBarFont1"><B>Package</B></FONT></A> </TD> |
| <TD BGCOLOR="#FFFFFF" CLASS="NavBarCell1Rev"> <FONT CLASS="NavBarFont1Rev"><B>Class</B></FONT> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="class-use/SecurityConstants.html"><FONT CLASS="NavBarFont1"><B>Use</B></FONT></A> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-tree.html"><FONT CLASS="NavBarFont1"><B>Tree</B></FONT></A> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../deprecated-list.html"><FONT CLASS="NavBarFont1"><B>Deprecated</B></FONT></A> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../index-all.html"><FONT CLASS="NavBarFont1"><B>Index</B></FONT></A> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../help-doc.html"><FONT CLASS="NavBarFont1"><B>Help</B></FONT></A> </TD> |
| </TR> |
| </TABLE> |
| </TD> |
| <TD ALIGN="right" VALIGN="top" ROWSPAN=3><EM> |
| Apache CXF API</EM> |
| </TD> |
| </TR> |
| |
| <TR> |
| <TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2"> |
| PREV CLASS |
| NEXT CLASS</FONT></TD> |
| <TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2"> |
| <A HREF="../../../../../index.html?org/apache/cxf/ws/security/SecurityConstants.html" target="_top"><B>FRAMES</B></A> |
| <A HREF="SecurityConstants.html" target="_top"><B>NO FRAMES</B></A> |
| <SCRIPT type="text/javascript"> |
| <!-- |
| if(window==top) { |
| document.writeln('<A HREF="../../../../../allclasses-noframe.html"><B>All Classes</B></A>'); |
| } |
| //--> |
| </SCRIPT> |
| <NOSCRIPT> |
| <A HREF="../../../../../allclasses-noframe.html"><B>All Classes</B></A> |
| </NOSCRIPT> |
| |
| |
| </FONT></TD> |
| </TR> |
| <TR> |
| <TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2"> |
| SUMMARY: NESTED | <A HREF="#field_summary">FIELD</A> | CONSTR | <A HREF="#methods_inherited_from_class_java.lang.Object">METHOD</A></FONT></TD> |
| <TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2"> |
| DETAIL: <A HREF="#field_detail">FIELD</A> | CONSTR | METHOD</FONT></TD> |
| </TR> |
| </TABLE> |
| <A NAME="skip-navbar_bottom"></A> |
| <!-- ======== END OF BOTTOM NAVBAR ======= --> |
| |
| <HR> |
| Apache CXF |
| </BODY> |
| </HTML> |
