| <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> |
| <!-- NewPage --> |
| <html lang="en"> |
| <head> |
| <meta http-equiv="Content-Type" content="text/html" charset="UTF-8"> |
| <title>SecurityConstants (Apache CXF JavaDoc 3.1.0 API)</title> |
| <link rel="stylesheet" type="text/css" href="../../../../../stylesheet.css" title="Style"> |
| </head> |
| <body> |
| <script type="text/javascript"><!-- |
| if (location.href.indexOf('is-external=true') == -1) { |
| parent.document.title="SecurityConstants (Apache CXF JavaDoc 3.1.0 API)"; |
| } |
| //--> |
| </script> |
| <noscript> |
| <div>JavaScript is disabled on your browser.</div> |
| </noscript> |
| <!-- ========= START OF TOP NAVBAR ======= --> |
| <div class="topNav"><a name="navbar_top"> |
| <!-- --> |
| </a><a href="#skip-navbar_top" title="Skip navigation links"></a><a name="navbar_top_firstrow"> |
| <!-- --> |
| </a> |
| <ul class="navList" title="Navigation"> |
| <li><a href="../../../../../overview-summary.html">Overview</a></li> |
| <li><a href="package-summary.html">Package</a></li> |
| <li class="navBarCell1Rev">Class</li> |
| <li><a href="class-use/SecurityConstants.html">Use</a></li> |
| <li><a href="package-tree.html">Tree</a></li> |
| <li><a href="../../../../../deprecated-list.html">Deprecated</a></li> |
| <li><a href="../../../../../index-all.html">Index</a></li> |
| <li><a href="../../../../../help-doc.html">Help</a></li> |
| </ul> |
| <div class="aboutLanguage"><em>Apache CXF API</em></div> |
| </div> |
| <div class="subNav"> |
| <ul class="navList"> |
| <li>Prev Class</li> |
| <li>Next Class</li> |
| </ul> |
| <ul class="navList"> |
| <li><a href="../../../../../index.html?org/apache/cxf/rt/security/SecurityConstants.html" target="_top">Frames</a></li> |
| <li><a href="SecurityConstants.html" target="_top">No Frames</a></li> |
| </ul> |
| <ul class="navList" id="allclasses_navbar_top"> |
| <li><a href="../../../../../allclasses-noframe.html">All Classes</a></li> |
| </ul> |
| <div> |
| <script type="text/javascript"><!-- |
| allClassesLink = document.getElementById("allclasses_navbar_top"); |
| if(window==top) { |
| allClassesLink.style.display = "block"; |
| } |
| else { |
| allClassesLink.style.display = "none"; |
| } |
| //--> |
| </script> |
| </div> |
| <div> |
| <ul class="subNavList"> |
| <li>Summary: </li> |
| <li>Nested | </li> |
| <li><a href="#field_summary">Field</a> | </li> |
| <li><a href="#constructor_summary">Constr</a> | </li> |
| <li><a href="#methods_inherited_from_class_java.lang.Object">Method</a></li> |
| </ul> |
| <ul class="subNavList"> |
| <li>Detail: </li> |
| <li><a href="#field_detail">Field</a> | </li> |
| <li><a href="#constructor_detail">Constr</a> | </li> |
| <li>Method</li> |
| </ul> |
| </div> |
| <a name="skip-navbar_top"> |
| <!-- --> |
| </a></div> |
| <!-- ========= END OF TOP NAVBAR ========= --> |
| <!-- ======== START OF CLASS DATA ======== --> |
| <div class="header"> |
| <div class="subTitle">org.apache.cxf.rt.security</div> |
| <h2 title="Class SecurityConstants" class="title">Class SecurityConstants</h2> |
| </div> |
| <div class="contentContainer"> |
| <ul class="inheritance"> |
| <li><a href="http://docs.oracle.com/javase/7/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">java.lang.Object</a></li> |
| <li> |
| <ul class="inheritance"> |
| <li>org.apache.cxf.rt.security.SecurityConstants</li> |
| </ul> |
| </li> |
| </ul> |
| <div class="description"> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <dl> |
| <dt>Direct Known Subclasses:</dt> |
| <dd><a href="../../../../../org/apache/cxf/ws/security/SecurityConstants.html" title="class in org.apache.cxf.ws.security">SecurityConstants</a></dd> |
| </dl> |
| <hr> |
| <br> |
| <pre>public class <span class="strong">SecurityConstants</span> |
| extends <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</a></pre> |
| <div class="block">This class contains some configuration tags that can be used to configure various security properties. These |
| tags are shared between the SOAP stack (WS-SecurityPolicy configuration), as well as the REST stack (JAX-RS |
| XML Security). |
| |
| The configuration tags largely relate to properties for signing, encryption as well as SAML tokens. Most of |
| the signing/encryption tags refer to Apache WSS4J "Crypto" objects, which are used by both stacks to control |
| how certificates/keys are retrieved, etc. |
| |
| More specific configuration tags for WS-SecurityPolicy are configured in the SecurityConstants |
| class in the cxf-rt-ws-security module, which extends this class.</div> |
| </li> |
| </ul> |
| </div> |
| <div class="summary"> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <!-- =========== FIELD SUMMARY =========== --> |
| <ul class="blockList"> |
| <li class="blockList"><a name="field_summary"> |
| <!-- --> |
| </a> |
| <h3>Field Summary</h3> |
| <table class="overviewSummary" border="0" cellpadding="3" cellspacing="0" summary="Field Summary table, listing fields, and an explanation"> |
| <caption><span>Fields</span><span class="tabEnd"> </span></caption> |
| <tr> |
| <th class="colFirst" scope="col">Modifier and Type</th> |
| <th class="colLast" scope="col">Field and Description</th> |
| </tr> |
| <tr class="altColor"> |
| <td class="colFirst"><code>static <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a></code></td> |
| <td class="colLast"><code><strong><a href="../../../../../org/apache/cxf/rt/security/SecurityConstants.html#AUDIENCE_RESTRICTION_VALIDATION">AUDIENCE_RESTRICTION_VALIDATION</a></strong></code> |
| <div class="block">Enable SAML AudienceRestriction validation.</div> |
| </td> |
| </tr> |
| <tr class="rowColor"> |
| <td class="colFirst"><code>static <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a></code></td> |
| <td class="colLast"><code><strong><a href="../../../../../org/apache/cxf/rt/security/SecurityConstants.html#CALLBACK_HANDLER">CALLBACK_HANDLER</a></strong></code> |
| <div class="block">The CallbackHandler implementation class used to obtain passwords, for both outbound and inbound |
| requests.</div> |
| </td> |
| </tr> |
| <tr class="altColor"> |
| <td class="colFirst"><code>static <a href="http://docs.oracle.com/javase/7/docs/api/java/util/Set.html?is-external=true" title="class or interface in java.util">Set</a><<a href="http://docs.oracle.com/javase/7/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a>></code></td> |
| <td class="colLast"><code><strong><a href="../../../../../org/apache/cxf/rt/security/SecurityConstants.html#COMMON_PROPERTIES">COMMON_PROPERTIES</a></strong></code> </td> |
| </tr> |
| <tr class="rowColor"> |
| <td class="colFirst"><code>static <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a></code></td> |
| <td class="colLast"><code><strong><a href="../../../../../org/apache/cxf/rt/security/SecurityConstants.html#ENABLE_REVOCATION">ENABLE_REVOCATION</a></strong></code> |
| <div class="block">Whether to enable Certificate Revocation List (CRL) checking or not when verifying trust |
| in a certificate.</div> |
| </td> |
| </tr> |
| <tr class="altColor"> |
| <td class="colFirst"><code>static <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a></code></td> |
| <td class="colLast"><code><strong><a href="../../../../../org/apache/cxf/rt/security/SecurityConstants.html#ENABLE_UNSIGNED_SAML_ASSERTION_PRINCIPAL">ENABLE_UNSIGNED_SAML_ASSERTION_PRINCIPAL</a></strong></code> |
| <div class="block">Whether to allow unsigned saml assertions as SecurityContext Principals.</div> |
| </td> |
| </tr> |
| <tr class="rowColor"> |
| <td class="colFirst"><code>static <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a></code></td> |
| <td class="colLast"><code><strong><a href="../../../../../org/apache/cxf/rt/security/SecurityConstants.html#ENCRYPT_CERT">ENCRYPT_CERT</a></strong></code> |
| <div class="block">A message property for prepared X509 certificate to be used for encryption.</div> |
| </td> |
| </tr> |
| <tr class="altColor"> |
| <td class="colFirst"><code>static <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a></code></td> |
| <td class="colLast"><code><strong><a href="../../../../../org/apache/cxf/rt/security/SecurityConstants.html#ENCRYPT_CRYPTO">ENCRYPT_CRYPTO</a></strong></code> |
| <div class="block">A Crypto object to be used for encryption.</div> |
| </td> |
| </tr> |
| <tr class="rowColor"> |
| <td class="colFirst"><code>static <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a></code></td> |
| <td class="colLast"><code><strong><a href="../../../../../org/apache/cxf/rt/security/SecurityConstants.html#ENCRYPT_PROPERTIES">ENCRYPT_PROPERTIES</a></strong></code> |
| <div class="block">The Crypto property configuration to use for encryption, if <code>ENCRYPT_CRYPTO</code> is not set instead.</div> |
| </td> |
| </tr> |
| <tr class="altColor"> |
| <td class="colFirst"><code>static <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a></code></td> |
| <td class="colLast"><code><strong><a href="../../../../../org/apache/cxf/rt/security/SecurityConstants.html#ENCRYPT_USERNAME">ENCRYPT_USERNAME</a></strong></code> |
| <div class="block">The user's name for encryption.</div> |
| </td> |
| </tr> |
| <tr class="rowColor"> |
| <td class="colFirst"><code>static <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a></code></td> |
| <td class="colLast"><code><strong><a href="../../../../../org/apache/cxf/rt/security/SecurityConstants.html#PASSWORD">PASSWORD</a></strong></code> |
| <div class="block">The user's password when a <code>CALLBACK_HANDLER</code> is not defined.</div> |
| </td> |
| </tr> |
| <tr class="altColor"> |
| <td class="colFirst"><code>static <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a></code></td> |
| <td class="colLast"><code><strong><a href="../../../../../org/apache/cxf/rt/security/SecurityConstants.html#SAML_CALLBACK_HANDLER">SAML_CALLBACK_HANDLER</a></strong></code> |
| <div class="block">The SAML CallbackHandler implementation class used to construct SAML Assertions.</div> |
| </td> |
| </tr> |
| <tr class="rowColor"> |
| <td class="colFirst"><code>static <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a></code></td> |
| <td class="colLast"><code><strong><a href="../../../../../org/apache/cxf/rt/security/SecurityConstants.html#SAML_ROLE_ATTRIBUTENAME">SAML_ROLE_ATTRIBUTENAME</a></strong></code> |
| <div class="block">The attribute URI of the SAML AttributeStatement where the role information is stored.</div> |
| </td> |
| </tr> |
| <tr class="altColor"> |
| <td class="colFirst"><code>static <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a></code></td> |
| <td class="colLast"><code><strong><a href="../../../../../org/apache/cxf/rt/security/SecurityConstants.html#SC_FROM_JAAS_SUBJECT">SC_FROM_JAAS_SUBJECT</a></strong></code> |
| <div class="block">Set this to "false" if security context must not be created from JAAS Subject.</div> |
| </td> |
| </tr> |
| <tr class="rowColor"> |
| <td class="colFirst"><code>static <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a></code></td> |
| <td class="colLast"><code><strong><a href="../../../../../org/apache/cxf/rt/security/SecurityConstants.html#SIGNATURE_CRYPTO">SIGNATURE_CRYPTO</a></strong></code> |
| <div class="block">A Crypto object to be used for signature.</div> |
| </td> |
| </tr> |
| <tr class="altColor"> |
| <td class="colFirst"><code>static <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a></code></td> |
| <td class="colLast"><code><strong><a href="../../../../../org/apache/cxf/rt/security/SecurityConstants.html#SIGNATURE_PROPERTIES">SIGNATURE_PROPERTIES</a></strong></code> |
| <div class="block">The Crypto property configuration to use for signature, if <code>SIGNATURE_CRYPTO</code> is not set instead.</div> |
| </td> |
| </tr> |
| <tr class="rowColor"> |
| <td class="colFirst"><code>static <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a></code></td> |
| <td class="colLast"><code><strong><a href="../../../../../org/apache/cxf/rt/security/SecurityConstants.html#SIGNATURE_USERNAME">SIGNATURE_USERNAME</a></strong></code> |
| <div class="block">The user's name for signature.</div> |
| </td> |
| </tr> |
| <tr class="altColor"> |
| <td class="colFirst"><code>static <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a></code></td> |
| <td class="colLast"><code><strong><a href="../../../../../org/apache/cxf/rt/security/SecurityConstants.html#SUBJECT_CERT_CONSTRAINTS">SUBJECT_CERT_CONSTRAINTS</a></strong></code> |
| <div class="block">A comma separated String of regular expressions which will be applied to the subject DN of |
| the certificate used for signature validation, after trust verification of the certificate |
| chain associated with the certificate.</div> |
| </td> |
| </tr> |
| <tr class="rowColor"> |
| <td class="colFirst"><code>static <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a></code></td> |
| <td class="colLast"><code><strong><a href="../../../../../org/apache/cxf/rt/security/SecurityConstants.html#USERNAME">USERNAME</a></strong></code> |
| <div class="block">The user's name.</div> |
| </td> |
| </tr> |
| <tr class="altColor"> |
| <td class="colFirst"><code>static <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a></code></td> |
| <td class="colLast"><code><strong><a href="../../../../../org/apache/cxf/rt/security/SecurityConstants.html#VALIDATE_SAML_SUBJECT_CONFIRMATION">VALIDATE_SAML_SUBJECT_CONFIRMATION</a></strong></code> |
| <div class="block">Whether to validate the SubjectConfirmation requirements of a received SAML Token |
| (sender-vouches or holder-of-key).</div> |
| </td> |
| </tr> |
| </table> |
| </li> |
| </ul> |
| <!-- ======== CONSTRUCTOR SUMMARY ======== --> |
| <ul class="blockList"> |
| <li class="blockList"><a name="constructor_summary"> |
| <!-- --> |
| </a> |
| <h3>Constructor Summary</h3> |
| <table class="overviewSummary" border="0" cellpadding="3" cellspacing="0" summary="Constructor Summary table, listing constructors, and an explanation"> |
| <caption><span>Constructors</span><span class="tabEnd"> </span></caption> |
| <tr> |
| <th class="colFirst" scope="col">Modifier</th> |
| <th class="colLast" scope="col">Constructor and Description</th> |
| </tr> |
| <tr class="altColor"> |
| <td class="colFirst"><code>protected </code></td> |
| <td class="colLast"><code><strong><a href="../../../../../org/apache/cxf/rt/security/SecurityConstants.html#SecurityConstants()">SecurityConstants</a></strong>()</code> </td> |
| </tr> |
| </table> |
| </li> |
| </ul> |
| <!-- ========== METHOD SUMMARY =========== --> |
| <ul class="blockList"> |
| <li class="blockList"><a name="method_summary"> |
| <!-- --> |
| </a> |
| <h3>Method Summary</h3> |
| <ul class="blockList"> |
| <li class="blockList"><a name="methods_inherited_from_class_java.lang.Object"> |
| <!-- --> |
| </a> |
| <h3>Methods inherited from class java.lang.<a href="http://docs.oracle.com/javase/7/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</a></h3> |
| <code><a href="http://docs.oracle.com/javase/7/docs/api/java/lang/Object.html?is-external=true#clone()" title="class or interface in java.lang">clone</a>, <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/Object.html?is-external=true#equals(java.lang.Object)" title="class or interface in java.lang">equals</a>, <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/Object.html?is-external=true#finalize()" title="class or interface in java.lang">finalize</a>, <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/Object.html?is-external=true#getClass()" title="class or interface in java.lang">getClass</a>, <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/Object.html?is-external=true#hashCode()" title="class or interface in java.lang">hashCode</a>, <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/Object.html?is-external=true#notify()" title="class or interface in java.lang">notify</a>, <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/Object.html?is-external=true#notifyAll()" title="class or interface in java.lang">notifyAll</a>, <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/Object.html?is-external=true#toString()" title="class or interface in java.lang">toString</a>, <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/Object.html?is-external=true#wait()" title="class or interface in java.lang">wait</a>, <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/Object.html?is-external=true#wait(long)" title="class or interface in java.lang">wait</a>, <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/Object.html?is-external=true#wait(long,%20int)" title="class or interface in java.lang">wait</a></code></li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </div> |
| <div class="details"> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <!-- ============ FIELD DETAIL =========== --> |
| <ul class="blockList"> |
| <li class="blockList"><a name="field_detail"> |
| <!-- --> |
| </a> |
| <h3>Field Detail</h3> |
| <a name="USERNAME"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>USERNAME</h4> |
| <pre>public static final <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> USERNAME</pre> |
| <div class="block">The user's name. It is used as follows: |
| a) As the name in the UsernameToken for WS-Security. |
| b) As the alias name in the keystore to get the user's cert and private key for signature |
| if <code>SIGNATURE_USERNAME</code> is not set. |
| c) As the alias name in the keystore to get the user's public key for encryption if |
| <code>ENCRYPT_USERNAME</code> is not set.</div> |
| <dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../../../constant-values.html#org.apache.cxf.rt.security.SecurityConstants.USERNAME">Constant Field Values</a></dd></dl> |
| </li> |
| </ul> |
| <a name="PASSWORD"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>PASSWORD</h4> |
| <pre>public static final <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> PASSWORD</pre> |
| <div class="block">The user's password when a <code>CALLBACK_HANDLER</code> is not defined.</div> |
| <dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../../../constant-values.html#org.apache.cxf.rt.security.SecurityConstants.PASSWORD">Constant Field Values</a></dd></dl> |
| </li> |
| </ul> |
| <a name="SIGNATURE_USERNAME"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>SIGNATURE_USERNAME</h4> |
| <pre>public static final <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> SIGNATURE_USERNAME</pre> |
| <div class="block">The user's name for signature. It is used as the alias name in the keystore to get the user's cert |
| and private key for signature. If this is not defined, then <code>USERNAME</code> is used instead. If |
| that is also not specified, it uses the the default alias set in the properties file referenced by |
| <code>SIGNATURE_PROPERTIES</code>. If that's also not set, and the keystore only contains a single key, |
| that key will be used.</div> |
| <dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../../../constant-values.html#org.apache.cxf.rt.security.SecurityConstants.SIGNATURE_USERNAME">Constant Field Values</a></dd></dl> |
| </li> |
| </ul> |
| <a name="ENCRYPT_USERNAME"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>ENCRYPT_USERNAME</h4> |
| <pre>public static final <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> ENCRYPT_USERNAME</pre> |
| <div class="block">The user's name for encryption. It is used as the alias name in the keystore to get the user's public |
| key for encryption. If this is not defined, then <code>USERNAME</code> is used instead. If |
| that is also not specified, it uses the the default alias set in the properties file referenced by |
| <code>ENCRYPT_PROPERTIES</code>. If that's also not set, and the keystore only contains a single key, |
| that key will be used. |
| |
| For the WS-Security web service provider, the "useReqSigCert" keyword can be used to accept (encrypt to) |
| any client whose public key is in the service's truststore (defined in <code>ENCRYPT_PROPERTIES</code>).</div> |
| <dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../../../constant-values.html#org.apache.cxf.rt.security.SecurityConstants.ENCRYPT_USERNAME">Constant Field Values</a></dd></dl> |
| </li> |
| </ul> |
| <a name="CALLBACK_HANDLER"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>CALLBACK_HANDLER</h4> |
| <pre>public static final <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> CALLBACK_HANDLER</pre> |
| <div class="block">The CallbackHandler implementation class used to obtain passwords, for both outbound and inbound |
| requests. The value of this tag must be either: |
| a) The class name of a <a href="http://docs.oracle.com/javase/7/docs/api/javax/security/auth/callback/CallbackHandler.html?is-external=true" title="class or interface in javax.security.auth.callback"><code>CallbackHandler</code></a> instance, which must |
| be accessible via the classpath. |
| b) A <a href="http://docs.oracle.com/javase/7/docs/api/javax/security/auth/callback/CallbackHandler.html?is-external=true" title="class or interface in javax.security.auth.callback"><code>CallbackHandler</code></a> instance.</div> |
| <dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../../../constant-values.html#org.apache.cxf.rt.security.SecurityConstants.CALLBACK_HANDLER">Constant Field Values</a></dd></dl> |
| </li> |
| </ul> |
| <a name="SAML_CALLBACK_HANDLER"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>SAML_CALLBACK_HANDLER</h4> |
| <pre>public static final <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> SAML_CALLBACK_HANDLER</pre> |
| <div class="block">The SAML CallbackHandler implementation class used to construct SAML Assertions. The value of this |
| tag must be either: |
| a) The class name of a <a href="http://docs.oracle.com/javase/7/docs/api/javax/security/auth/callback/CallbackHandler.html?is-external=true" title="class or interface in javax.security.auth.callback"><code>CallbackHandler</code></a> instance, which must |
| be accessible via the classpath. |
| b) A <a href="http://docs.oracle.com/javase/7/docs/api/javax/security/auth/callback/CallbackHandler.html?is-external=true" title="class or interface in javax.security.auth.callback"><code>CallbackHandler</code></a> instance.</div> |
| <dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../../../constant-values.html#org.apache.cxf.rt.security.SecurityConstants.SAML_CALLBACK_HANDLER">Constant Field Values</a></dd></dl> |
| </li> |
| </ul> |
| <a name="SIGNATURE_PROPERTIES"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>SIGNATURE_PROPERTIES</h4> |
| <pre>public static final <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> SIGNATURE_PROPERTIES</pre> |
| <div class="block">The Crypto property configuration to use for signature, if <code>SIGNATURE_CRYPTO</code> is not set instead. |
| The value of this tag must be either: |
| a) A Java Properties object that contains the Crypto configuration. |
| b) The path of the Crypto property file that contains the Crypto configuration. |
| c) A URL that points to the Crypto property file that contains the Crypto configuration.</div> |
| <dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../../../constant-values.html#org.apache.cxf.rt.security.SecurityConstants.SIGNATURE_PROPERTIES">Constant Field Values</a></dd></dl> |
| </li> |
| </ul> |
| <a name="ENCRYPT_PROPERTIES"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>ENCRYPT_PROPERTIES</h4> |
| <pre>public static final <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> ENCRYPT_PROPERTIES</pre> |
| <div class="block">The Crypto property configuration to use for encryption, if <code>ENCRYPT_CRYPTO</code> is not set instead. |
| The value of this tag must be either: |
| a) A Java Properties object that contains the Crypto configuration. |
| b) The path of the Crypto property file that contains the Crypto configuration. |
| c) A URL that points to the Crypto property file that contains the Crypto configuration.</div> |
| <dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../../../constant-values.html#org.apache.cxf.rt.security.SecurityConstants.ENCRYPT_PROPERTIES">Constant Field Values</a></dd></dl> |
| </li> |
| </ul> |
| <a name="SIGNATURE_CRYPTO"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>SIGNATURE_CRYPTO</h4> |
| <pre>public static final <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> SIGNATURE_CRYPTO</pre> |
| <div class="block">A Crypto object to be used for signature. If this is not defined then the |
| <code>SIGNATURE_PROPERTIES</code> is used instead.</div> |
| <dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../../../constant-values.html#org.apache.cxf.rt.security.SecurityConstants.SIGNATURE_CRYPTO">Constant Field Values</a></dd></dl> |
| </li> |
| </ul> |
| <a name="ENCRYPT_CRYPTO"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>ENCRYPT_CRYPTO</h4> |
| <pre>public static final <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> ENCRYPT_CRYPTO</pre> |
| <div class="block">A Crypto object to be used for encryption. If this is not defined then the |
| <code>ENCRYPT_PROPERTIES</code> is used instead.</div> |
| <dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../../../constant-values.html#org.apache.cxf.rt.security.SecurityConstants.ENCRYPT_CRYPTO">Constant Field Values</a></dd></dl> |
| </li> |
| </ul> |
| <a name="ENCRYPT_CERT"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>ENCRYPT_CERT</h4> |
| <pre>public static final <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> ENCRYPT_CERT</pre> |
| <div class="block">A message property for prepared X509 certificate to be used for encryption. |
| If this is not defined, then the certificate will be either loaded from the |
| keystore <code>ENCRYPT_PROPERTIES</code> or extracted from request (when WS-Security is used and |
| if <code>ENCRYPT_USERNAME</code> has value "useReqSigCert").</div> |
| <dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../../../constant-values.html#org.apache.cxf.rt.security.SecurityConstants.ENCRYPT_CERT">Constant Field Values</a></dd></dl> |
| </li> |
| </ul> |
| <a name="ENABLE_REVOCATION"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>ENABLE_REVOCATION</h4> |
| <pre>public static final <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> ENABLE_REVOCATION</pre> |
| <div class="block">Whether to enable Certificate Revocation List (CRL) checking or not when verifying trust |
| in a certificate. The default value is "false".</div> |
| <dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../../../constant-values.html#org.apache.cxf.rt.security.SecurityConstants.ENABLE_REVOCATION">Constant Field Values</a></dd></dl> |
| </li> |
| </ul> |
| <a name="ENABLE_UNSIGNED_SAML_ASSERTION_PRINCIPAL"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>ENABLE_UNSIGNED_SAML_ASSERTION_PRINCIPAL</h4> |
| <pre>public static final <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> ENABLE_UNSIGNED_SAML_ASSERTION_PRINCIPAL</pre> |
| <div class="block">Whether to allow unsigned saml assertions as SecurityContext Principals. The default is false.</div> |
| <dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../../../constant-values.html#org.apache.cxf.rt.security.SecurityConstants.ENABLE_UNSIGNED_SAML_ASSERTION_PRINCIPAL">Constant Field Values</a></dd></dl> |
| </li> |
| </ul> |
| <a name="VALIDATE_SAML_SUBJECT_CONFIRMATION"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>VALIDATE_SAML_SUBJECT_CONFIRMATION</h4> |
| <pre>public static final <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> VALIDATE_SAML_SUBJECT_CONFIRMATION</pre> |
| <div class="block">Whether to validate the SubjectConfirmation requirements of a received SAML Token |
| (sender-vouches or holder-of-key). The default is true.</div> |
| <dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../../../constant-values.html#org.apache.cxf.rt.security.SecurityConstants.VALIDATE_SAML_SUBJECT_CONFIRMATION">Constant Field Values</a></dd></dl> |
| </li> |
| </ul> |
| <a name="SC_FROM_JAAS_SUBJECT"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>SC_FROM_JAAS_SUBJECT</h4> |
| <pre>public static final <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> SC_FROM_JAAS_SUBJECT</pre> |
| <div class="block">Set this to "false" if security context must not be created from JAAS Subject. |
| |
| The default value is "true".</div> |
| <dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../../../constant-values.html#org.apache.cxf.rt.security.SecurityConstants.SC_FROM_JAAS_SUBJECT">Constant Field Values</a></dd></dl> |
| </li> |
| </ul> |
| <a name="AUDIENCE_RESTRICTION_VALIDATION"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>AUDIENCE_RESTRICTION_VALIDATION</h4> |
| <pre>public static final <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> AUDIENCE_RESTRICTION_VALIDATION</pre> |
| <div class="block">Enable SAML AudienceRestriction validation. If this is set to "true", then IF the |
| SAML Token contains Audience Restriction URIs, one of them must match either the |
| request URL or the Service QName. The default is "true".</div> |
| <dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../../../constant-values.html#org.apache.cxf.rt.security.SecurityConstants.AUDIENCE_RESTRICTION_VALIDATION">Constant Field Values</a></dd></dl> |
| </li> |
| </ul> |
| <a name="SAML_ROLE_ATTRIBUTENAME"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>SAML_ROLE_ATTRIBUTENAME</h4> |
| <pre>public static final <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> SAML_ROLE_ATTRIBUTENAME</pre> |
| <div class="block">The attribute URI of the SAML AttributeStatement where the role information is stored. |
| The default is "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role".</div> |
| <dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../../../constant-values.html#org.apache.cxf.rt.security.SecurityConstants.SAML_ROLE_ATTRIBUTENAME">Constant Field Values</a></dd></dl> |
| </li> |
| </ul> |
| <a name="SUBJECT_CERT_CONSTRAINTS"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>SUBJECT_CERT_CONSTRAINTS</h4> |
| <pre>public static final <a href="http://docs.oracle.com/javase/7/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> SUBJECT_CERT_CONSTRAINTS</pre> |
| <div class="block">A comma separated String of regular expressions which will be applied to the subject DN of |
| the certificate used for signature validation, after trust verification of the certificate |
| chain associated with the certificate.</div> |
| <dl><dt><span class="strong">See Also:</span></dt><dd><a href="../../../../../constant-values.html#org.apache.cxf.rt.security.SecurityConstants.SUBJECT_CERT_CONSTRAINTS">Constant Field Values</a></dd></dl> |
| </li> |
| </ul> |
| <a name="COMMON_PROPERTIES"> |
| <!-- --> |
| </a> |
| <ul class="blockListLast"> |
| <li class="blockList"> |
| <h4>COMMON_PROPERTIES</h4> |
| <pre>public static final <a href="http://docs.oracle.com/javase/7/docs/api/java/util/Set.html?is-external=true" title="class or interface in java.util">Set</a><<a href="http://docs.oracle.com/javase/7/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a>> COMMON_PROPERTIES</pre> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| <!-- ========= CONSTRUCTOR DETAIL ======== --> |
| <ul class="blockList"> |
| <li class="blockList"><a name="constructor_detail"> |
| <!-- --> |
| </a> |
| <h3>Constructor Detail</h3> |
| <a name="SecurityConstants()"> |
| <!-- --> |
| </a> |
| <ul class="blockListLast"> |
| <li class="blockList"> |
| <h4>SecurityConstants</h4> |
| <pre>protected SecurityConstants()</pre> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </div> |
| </div> |
| <!-- ========= END OF CLASS DATA ========= --> |
| <!-- ======= START OF BOTTOM NAVBAR ====== --> |
| <div class="bottomNav"><a name="navbar_bottom"> |
| <!-- --> |
| </a><a href="#skip-navbar_bottom" title="Skip navigation links"></a><a name="navbar_bottom_firstrow"> |
| <!-- --> |
| </a> |
| <ul class="navList" title="Navigation"> |
| <li><a href="../../../../../overview-summary.html">Overview</a></li> |
| <li><a href="package-summary.html">Package</a></li> |
| <li class="navBarCell1Rev">Class</li> |
| <li><a href="class-use/SecurityConstants.html">Use</a></li> |
| <li><a href="package-tree.html">Tree</a></li> |
| <li><a href="../../../../../deprecated-list.html">Deprecated</a></li> |
| <li><a href="../../../../../index-all.html">Index</a></li> |
| <li><a href="../../../../../help-doc.html">Help</a></li> |
| </ul> |
| <div class="aboutLanguage"><em>Apache CXF API</em></div> |
| </div> |
| <div class="subNav"> |
| <ul class="navList"> |
| <li>Prev Class</li> |
| <li>Next Class</li> |
| </ul> |
| <ul class="navList"> |
| <li><a href="../../../../../index.html?org/apache/cxf/rt/security/SecurityConstants.html" target="_top">Frames</a></li> |
| <li><a href="SecurityConstants.html" target="_top">No Frames</a></li> |
| </ul> |
| <ul class="navList" id="allclasses_navbar_bottom"> |
| <li><a href="../../../../../allclasses-noframe.html">All Classes</a></li> |
| </ul> |
| <div> |
| <script type="text/javascript"><!-- |
| allClassesLink = document.getElementById("allclasses_navbar_bottom"); |
| if(window==top) { |
| allClassesLink.style.display = "block"; |
| } |
| else { |
| allClassesLink.style.display = "none"; |
| } |
| //--> |
| </script> |
| </div> |
| <div> |
| <ul class="subNavList"> |
| <li>Summary: </li> |
| <li>Nested | </li> |
| <li><a href="#field_summary">Field</a> | </li> |
| <li><a href="#constructor_summary">Constr</a> | </li> |
| <li><a href="#methods_inherited_from_class_java.lang.Object">Method</a></li> |
| </ul> |
| <ul class="subNavList"> |
| <li>Detail: </li> |
| <li><a href="#field_detail">Field</a> | </li> |
| <li><a href="#constructor_detail">Constr</a> | </li> |
| <li>Method</li> |
| </ul> |
| </div> |
| <a name="skip-navbar_bottom"> |
| <!-- --> |
| </a></div> |
| <!-- ======== END OF BOTTOM NAVBAR ======= --> |
| <p class="legalCopy"><small>Apache CXF</small></p> |
| </body> |
| </html> |