Package com.sun.identity.saml2.common
Interface SAML2Constants
This interface defines constants common to all SAMLv2 elements.
-
Nested Class Summary
Nested ClassesModifier and TypeInterfaceDescriptionstatic classConstants for SAML2 scripted plugins -
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final StringAssertionConsumer service.static final StringAssertionConsumerServiceIndex Parameterstatic final StringDefault namespace attribute forAction.static final StringConstant for actor attributestatic final StringProperty name for the global default AES key wrap algorithm.static final StringConstant for affiliationID parameter namestatic final StringConstant for AllowCreate attributestatic final StringAlways proxy the Authn Requeststatic final StringMap key used in SLO request redirect codestatic final StringString to represent the logout url for external application.static final StringURL parameter name in external application logout URL for requesting user session property.static final StringArtifactResolution service.static final StringKey name for Assertion objectstatic final StringCache Assertionstatic final StringConstant for AssertionConsumerServiceIndex attributestatic final StringConstant for AssertionConsumerServiceURL attributestatic final StringString used to declare SAMLv2 assertion namespace.static final intstatic final Stringstatic final StringConstant for AssertionIDRefstatic final StringConstant for AssertionIDRequeststatic final StringAssertion ID request mapper.static final StringAssertionIDRequest service.static final StringSAMLv2 assertion namespace URI.static final Stringstatic final StringString used to declare SAMLv2 assertion namespace prefix.static final Stringstatic final intstatic final Stringstatic final StringAttribute Authority Rolestatic final StringConstant for AttributeConsumingServiceIndex attributestatic final StringAttributeConsumingServiceIndex Parameterstatic final StringAttribute Query Rolestatic final StringWild card to indicate mapping any attribute name as it is in the Assertionstatic final StringConstant for Attributestatic final StringAttribute authority mapper.static final StringAttribute map configuration.static final StringConstant for AttributeQuerystatic final StringAttribute to be configured in SPSSOConfig for Audience elements.static final Stringstatic final Stringstatic final Stringstatic final Stringstatic final StringConstant for AuthnContext Class Reference namespacestatic final Stringstatic final Stringstatic final Stringstatic final Integerstatic final StringAttribute to be configured in SPSSOConfig for SAML2 authentication module instance name.static final Stringstatic final Stringstatic final StringString to represent the authentication service urlstatic final StringAuthentication Authority Rolestatic final Stringstatic final StringConstant for AuthnQuerystatic final StringConstant for AuthnRequest objectstatic final StringConstant for AuthnRequeststatic final StringAuto federation attribute.static final StringAuto federation enable attribute.static final StringConstant for BaseIDstatic final StringBasic attribute profilestatic final Stringstatic final Stringstatic final Stringstatic final StringBasic name formatstatic final StringConstant for Binding parameter namestatic final StringConstant for Binding namespacestatic final Stringstatic final intstatic final intstatic final Stringxmlsig signing parametersstatic final Stringcertficate alias attribute.static final StringCheck CA Certificate statusstatic final StringCheck Certificate statusstatic final Stringstatic final Stringstatic final Stringstatic final StringConstant for Comparison Attributestatic final StringConstant for Conditions Element.static final StringConstant for Destinationstatic final Stringstatic final Stringstatic final Stringstatic final StringAttribute Query default profilestatic final StringAttribute Query default profile aliasstatic final Stringstatic final Stringstatic final Stringstatic final StringDefault IDP Adapter classstatic final Stringstatic final Stringstatic final Stringstatic final StringDefault class name of IDP Proxy finderstatic final StringDefault IDP Proxy Finder JSPstatic final StringAttribute to be configure in SPSSOConfig for default relay state url.static final intDefault Value for the SAML2 Server Portstatic final Stringstatic final StringDefault SP attribute mapper class namestatic final StringDefault value for Service provider AuthnContext mapper value.static final charstatic final StringConstant for Destinationstatic final Stringstatic final Stringstatic final Stringstatic final StringConstant value for entity acting as both SP and IDP role.static final StringString used to declare ECP namespace.static final StringConstant for ECP end tagstatic final StringECP namespace URI.static final StringString used to declare ECP namespace prefix.static final StringSP Entity Config attribute name.static final StringSP Entity Config attribute name.static final StringSP Entity Config attribute name.static final StringString to represent Email Address Name Identifierstatic final StringEnable IDP Proxystatic final StringFlag to indicate if the IdP must enable the IdP Finder This is the name of the attribute flag in the IDP Extended metadatastatic final Stringstatic final StringString to represent Encrypted Format Name Identifierstatic final StringConstant for EncryptedIDstatic final StringEncryptionstatic final StringThis is an attribute in entity config for the encryption certificate aliasstatic final StringEnd Tag for XML Stringstatic final StringString to represent Entity Name Identifierstatic final StringThis is an attribute in entity config for the entity descriptionstatic final StringConstant for equalstatic final Stringstatic final StringConstant for Extensions Element.static final StringFalse Value Stringstatic final StringHttp request parameter used to indicate whether the intent is federation or not.static final StringFedlet adapter implementation class.static final StringEnvironment (attribute/value pair) for fedlet adapter implementation class.static final StringConstant for forceAuthn attributestatic final StringFORM encodingstatic final StringConstant for GetComplete Element.static final Stringstatic final StringString used to represent HTTP ARTIFACT Binding.static final StringString used to represent HTTP POST Binding.static final StringString used to represent HTTP Redirect Binding.static final StringConstant for IDstatic final intLength for SAMLv2 IDs.static final StringIdentity provider account mapper.static final StringIDP Adapter class attribute namestatic final StringIdentity Provider Adapter Script.static final StringIdentity provider attribute mapper.static final StringIdentity Provider Attribute Mapper Script.static final Stringstatic final Stringstatic final StringFlag to indicate that we do not want to write the federation info in the IdP's local User Data Store.static final Stringstatic final StringIdp finder URLstatic final StringConstant for IDPMetaAlias SSO token propertystatic final StringIDP Proxy Countstatic final StringIDP Proxy finder attribute name in the IDP Extended metadatastatic final StringIDP Proxy finder namestatic final StringIDP Proxy Name Liststatic final StringIdentity Provider Rolestatic final StringKey used to save IDP Session in a mapstatic final StringConstant for SAML2IDPSessionIndex SSO token propertystatic final StringIDP Session Synchronize Enabledstatic final Stringstatic final StringConstant for IDPEntry Element.static final StringConstant for IDPList Element.static final Stringstatic final StringFlag to indicate if the RequestedAuthnContext should be included in an AuthnRequest.static final StringMap key used in fedlet case to specify federation info key.static final StringConstant for InResponseTostatic final StringAttribute to be configured in SPSSOConfig for intermediate url.static final Stringstatic final Stringstatic final StringIs Bearer assertionstatic final StringConstant for IsPassive attributestatic final StringConstant for IssueInstantstatic final StringConstant for Issuerstatic final StringString to represent Kerberos Principal Name Identifierstatic final StringAttribute to be configured in SPSSOConfig for local authentication url.static final Stringstatic final StringConstant for LogoutRequeststatic final StringConstant for LogoutResponsestatic final StringProperty that determines which mask generation function algorithm should AM use.static final intMaximum value of unsigned integer/short type.static final Stringstatic final Stringstatic final Stringstatic final StringManageNameID service.static final StringConstant for mustUnderstand attributestatic final StringNameID format map configuration.static final StringConstant for NameIDMappingRequeststatic final StringConstant for NameIDMappingResponsestatic final StringConstant for NameIDstatic final StringString to represent Name Identifier Format name spacestatic final StringString to represent Name Identifier Format name space version 1.1static final StringNameID info attribute.static final StringNameID info key attribute.static final StringNameIDMapping service.static final StringConstant for NameIDPolicy Elementstatic final StringNameIDPolicy Format Identifier Parameterstatic final Stringstatic final StringConstant for NameIDPolicy Element.static final StringConstant for xml name spacestatic final StringConstant for newlinestatic final Stringstatic final Stringstatic final StringConstant for NotOnOrAfterstatic final intstatic final StringConstant for NotOnOrAfterstatic final StringXML name space URIstatic final StringNamespace declaration for XML Encryptionstatic final StringNamespace declaration for XML Digital Signaturestatic final StringXML Schema Instance namespace URIstatic final StringOne Time Use.static final Stringstatic final StringMap key used in SLO request redirect codestatic final StringString used to represent PAOS Binding.static final StringECP service name in PAOS headerstatic final StringKey used to save session partners in a mapstatic final StringPolicy Decision Point Rolestatic final StringPolicy Enforcement Point Rolestatic final StringString to represent Persitent Name Identifierstatic final Stringstatic final StringConstant for ProtocolBinding attributestatic final StringString used to declare SAMLv2 protocol namespace.static final StringString used to declare SAMLv2 protocol namespace.static final StringString used to declare SAMLv2 protocol namespace prefix.static final StringConstant for ProviderName attributestatic final StringIDP Proxy finder implmentation classe attribute name in the IDP Extended metadatastatic final StringAttribute Name in the extended metadata that takes the value of the JSP that will present the list of IdPs to the userstatic final StringProperty name for the global default query signature algorithm for DSA keys.static final StringProperty name for the global default query signature algorithm for EC keys.static final StringProperty name for the global default query signature algorithm for RSA keys.static final StringConstant for quotestatic final StringRealm Parameterstatic final StringConstant for Reasonstatic final StringRelayState Parameterstatic final StringRelayState Alias Parameterstatic final StringList of valid Relay State Urlsstatic final StringConstant for RequestedAuthnContext Element.static final StringConstant for reqBinding parameter namestatic final Stringstatic final StringConstant for RequesterID Element.static final Stringstatic final Stringstatic final Stringstatic final StringKey name for Response objectstatic final StringConstant for Response Artifact message encoding propertystatic final Stringstatic final StringSession Property name indicating if response is redirected or notstatic final StringUsed when the SAML endpoints are reverse proxied to a non-server/site URL, typically to DASstatic final StringThe entity rolestatic final Stringstatic final StringProperty name for the global default RSA key transport algorithm.static final StringList of SAE appliation name to encrypted secret mapping.static final Stringstatic final StringIDP SAE endpoint url.static final Stringstatic final StringHTTP parameters that will be passed to SAE auth modules.static final StringSP SAE logout url.static final StringSP SAE endpoint url.static final StringSAE : Derived from SAML2 metastatic final StringSAE : Extended meta param : shared secret for symmetric cryptostatic final StringSAE : Extended meta param : SPApp urlstatic final StringParameter name for SAML artifact in http request.static final StringProperty to determine whether SAML SP Decryption Debug mode has been enabled.static final StringProperty name used to store the remote IdP's SAML response as an attribute of the HttpServletRequest.static final StringSAMLRequest query parameter namestatic final StringSAMLResponse query parameter namestatic final StringSAML2 data store provider name.static final StringThe property name for setting custom SAML2 credential resolver implementation.static final StringConstant for SAML2 end tagstatic final StringThe type (typ) value to set on the SAML2 request JWT claimset.static final StringConstant for Scoping Element.static final StringProperty name used for binding the scriptedIDPAdapterto the guice module.static final StringProperty name used for binding the scriptedIDPAttributeMapperto the guice module.static final StringProperty name used for binding the scriptedSPAdapterto the guice module.static final Stringstatic final Stringstatic final StringThis is the unique identifier for assigning secret IDs to an entity role in the secret stores.static final Stringstatic final Stringstatic final StringConstant for SessionIndexstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final StringConstant for Signaturestatic final StringSigningstatic final StringThis is an attribute in entity config for the signing certificate aliasstatic final StringThis is an attribute in entity config for the signing certificate encrypted keypassstatic final Stringproperty name used to store whether or not saml single logout in enabled.static final StringProperty name used to store location of saml single logout urlstatic final StringProperty that controls whether the endpoint validation should be performed for signed authentication requests.static final StringSingleLogout service.static final StringString used to represent SOAP Binding.static final StringSOAP actor.static final StringString used to declare SOAP envelope namespace.static final StringSOAP envelope namespace URI.static final StringString used to declare SOAP envelope namespace prefix.static final Stringstatic final StringService provider account mapper.static final StringService provider adapter implementation classstatic final StringEnvironment (attribute/value pair) for Service provider adapter implementation class.static final StringService Provider Adapter Script.static final StringService provider attribute mapper.static final StringService provider AuthnContext Class Reference and AuthLevel Mapping.static final StringDefault Service provider AuthnContext Class Reference and AuthLevel Mapping value.static final StringService provider AuthnContext Comparison Parameter Namestatic final StringService provider AuthnContext Comparison Type attribute name.static final StringDefault Service provider AuthnContext Comparison Type attribute value.static final StringService provider AuthnContext mapper.static final StringFlag to Indicate that we do not want to write the Federation info in the local User Data Store.static final Stringstatic final StringService Provider Rolestatic final StringSP Session Synchronize Enabledstatic final StringConstant for spacestatic final Stringstatic final StringSingle Sign-On service.static final StringStart Tag for XML Stringstatic final StringConstant for Status Element.static final StringConstant for StatusCode Element.static final StringConstant for StatusDetail Element.static final StringConstant for StatusMessage Element.static final StringConstant for Subject Elementstatic final StringStrings represent subject confirmation methodsstatic final StringConfirmation method for holder of keystatic final StringConfirmation method for sender vouchesstatic final StringStrings represent primitive top-level StatusCode valuesstatic final Stringstatic final StringTransient federation users.static final StringTrue Value Stringstatic final Stringstatic final StringUnknown Rolestatic final StringString to represent Unspecified Name Identifierstatic final StringString used to represent URI Binding.static final StringURI encodingstatic final StringUse Introduction for IDP Proxystatic final StringUse NameID value as local user ID in service provider account mapper.static final StringConstant for Valuestatic final StringConstant for Versionstatic final StringSAMLv2 Version Stringstatic final Stringstatic final StringIdP Entity Config attribute name.static final StringIDP Entity Config attribute name.static final StringSP Entity Config attribute name.static final StringSP Entity Config attribute name.static final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final StringWant XACML Authorization Decision Query Signed.static final StringWant Authorization Decision Response Signed.static final StringString to represent Windows Domain Qualified Name Identifierstatic final StringAttribute Query x509 Subject profilestatic final StringAttribute Query x509 Subject profile aliasstatic final StringAttribute Authority Config attribute name.static final StringString to represent X509 Subejct Name Identifierstatic final Stringstatic final StringString used to declare XML Schema Instance namespace.
-
Field Details
-
NS_XML
XML name space URI- See Also:
-
ASSERTION_PREFIX
String used to declare SAMLv2 assertion namespace prefix.- See Also:
-
ASSERTION_DECLARE_STR
String used to declare SAMLv2 assertion namespace.- See Also:
-
ASSERTION_NAMESPACE_URI
SAMLv2 assertion namespace URI.- See Also:
-
ACTION_NAMESPACE_NEGATION
Default namespace attribute forAction.- See Also:
-
PROTOCOL_PREFIX
String used to declare SAMLv2 protocol namespace prefix.- See Also:
-
PROTOCOL_NAMESPACE
String used to declare SAMLv2 protocol namespace.- See Also:
-
PROTOCOL_DECLARE_STR
String used to declare SAMLv2 protocol namespace.- See Also:
-
HTTP_REDIRECT
String used to represent HTTP Redirect Binding.- See Also:
-
SOAP
String used to represent SOAP Binding.- See Also:
-
PAOS
String used to represent PAOS Binding.- See Also:
-
HTTP_POST
String used to represent HTTP POST Binding.- See Also:
-
HTTP_ARTIFACT
String used to represent HTTP ARTIFACT Binding.- See Also:
-
URI
String used to represent URI Binding.- See Also:
-
NAMEID_FORMAT_NAMESPACE
String to represent Name Identifier Format name space- See Also:
-
NAMEID_FORMAT_NAMESPACE_V_1_1
String to represent Name Identifier Format name space version 1.1- See Also:
-
ENCRYPTED
String to represent Encrypted Format Name Identifier- See Also:
-
PERSISTENT
String to represent Persitent Name Identifier- See Also:
-
UNSPECIFIED
String to represent Unspecified Name Identifier- See Also:
-
EMAIL_ADDRESS
String to represent Email Address Name Identifier- See Also:
-
ENTITY
String to represent Entity Name Identifier- See Also:
-
X509_SUBJECT_NAME
String to represent X509 Subejct Name Identifier- See Also:
-
WINDOWS_DOMAIN_QUALIFIED_NAME
String to represent Windows Domain Qualified Name Identifier- See Also:
-
KERBEROS_PRINCIPAL_NAME
String to represent Kerberos Principal Name Identifier- See Also:
-
AUTH_URL
String to represent the authentication service url- See Also:
-
REVERSE_PROXY_URL
Used when the SAML endpoints are reverse proxied to a non-server/site URL, typically to DAS- See Also:
-
SUCCESS
Strings represent primitive top-level StatusCode values- See Also:
-
REQUESTER
- See Also:
-
RESPONDER
- See Also:
-
NOPASSIVE
- See Also:
-
VERSION_MISMATCH
- See Also:
-
UNKNOWN_PRINCIPAL
- See Also:
-
AUTHN_FAILED
- See Also:
-
INVALID_ATTR_NAME_OR_VALUE
- See Also:
-
INVALID_NAME_ID_POLICY
- See Also:
-
NO_AUTHN_CONTEXT
- See Also:
-
BASIC_NAME_FORMAT
Basic name format- See Also:
-
BASIC_ATTRIBUTE_PROFILE
Basic attribute profile- See Also:
-
DEFAULT_ATTR_QUERY_PROFILE
Attribute Query default profile- See Also:
-
X509_SUBJECT_ATTR_QUERY_PROFILE
Attribute Query x509 Subject profile- See Also:
-
DEFAULT_ATTR_QUERY_PROFILE_ALIAS
Attribute Query default profile alias- See Also:
-
X509_SUBJECT_ATTR_QUERY_PROFILE_ALIAS
Attribute Query x509 Subject profile alias- See Also:
-
SUBJECT_CONFIRMATION_METHOD_BEARER
Strings represent subject confirmation methods- See Also:
-
SUBJECT_CONFIRMATION_METHOD_HOLDER_OF_KEY
Confirmation method for holder of key- See Also:
-
SUBJECT_CONFIRMATION_METHOD_SENDER_VOUCHES
Confirmation method for sender vouches- See Also:
-
RESPONSE_REDIRECTED
Session Property name indicating if response is redirected or not- See Also:
-
ID_LENGTH
static final int ID_LENGTHLength for SAMLv2 IDs.- See Also:
-
VERSION_2_0
SAMLv2 Version String- See Also:
-
SAML_REQUEST
SAMLRequest query parameter name- See Also:
-
SAML_RESPONSE
SAMLResponse query parameter name- See Also:
-
MAX_INT_VALUE
static final int MAX_INT_VALUEMaximum value of unsigned integer/short type.- See Also:
-
START_TAG
Start Tag for XML String- See Also:
-
END_TAG
End Tag for XML String- See Also:
-
SPACE
Constant for space- See Also:
-
EQUAL
Constant for equal- See Also:
-
QUOTE
Constant for quote- See Also:
-
NEWLINE
Constant for newline- See Also:
-
NAMESPACE_PREFIX
Constant for xml name space- See Also:
-
SAML2_END_TAG
Constant for SAML2 end tag- See Also:
-
AUTHNREQUEST
Constant for AuthnRequest- See Also:
-
LOGOUT_REQUEST
Constant for LogoutRequest- See Also:
-
LOGOUT_RESPONSE
Constant for LogoutResponse- See Also:
-
ASSERTION_ID_REQUEST
Constant for AssertionIDRequest- See Also:
-
ATTRIBUTE_QUERY
Constant for AttributeQuery- See Also:
-
AUTHN_QUERY
Constant for AuthnQuery- See Also:
-
NAME_ID_MAPPING_REQUEST
Constant for NameIDMappingRequest- See Also:
-
NAME_ID_MAPPING_RESPONSE
Constant for NameIDMappingResponse- See Also:
-
ASSERTION_ID_REF
Constant for AssertionIDRef- See Also:
-
ATTRIBUTE
Constant for Attribute- See Also:
-
SESSION_INDEX
Constant for SessionIndex- See Also:
-
BASEID
Constant for BaseID- See Also:
-
NAMEID
Constant for NameID- See Also:
-
ENCRYPTEDID
Constant for EncryptedID- See Also:
-
REASON
Constant for Reason- See Also:
-
NOTONORAFTER
Constant for NotOnOrAfter- See Also:
-
NOTBEFORE
Constant for NotOnOrAfter- See Also:
-
INRESPONSETO
Constant for InResponseTo- See Also:
-
ID
Constant for ID- See Also:
-
VERSION
Constant for Version- See Also:
-
ISSUE_INSTANT
Constant for IssueInstant- See Also:
-
DESTINATION
Constant for Destination- See Also:
-
VALUE
Constant for Value- See Also:
-
CONSENT
Constant for Destination- See Also:
-
ISSUER
Constant for Issuer- See Also:
-
SIGNATURE
Constant for Signature- See Also:
-
FORCEAUTHN
Constant for forceAuthn attribute- See Also:
-
ISPASSIVE
Constant for IsPassive attribute- See Also:
-
ALLOWCREATE
Constant for AllowCreate attribute- See Also:
-
PROTOBINDING
Constant for ProtocolBinding attribute- See Also:
-
MUST_UNDERSTAND
Constant for mustUnderstand attribute- See Also:
-
ACTOR
Constant for actor attribute- See Also:
-
BINDING
Constant for Binding parameter name- See Also:
-
REQ_BINDING
Constant for reqBinding parameter name- See Also:
-
AFFILIATION_ID
Constant for affiliationID parameter name- See Also:
-
BINDING_PREFIX
Constant for Binding namespace- See Also:
-
ASSERTION_CONSUMER_SVC_INDEX
Constant for AssertionConsumerServiceIndex attribute- See Also:
-
ASSERTION_CONSUMER_SVC_URL
Constant for AssertionConsumerServiceURL attribute- See Also:
-
ATTR_CONSUMING_SVC_INDEX
Constant for AttributeConsumingServiceIndex attribute- See Also:
-
PROVIDER_NAME
Constant for ProviderName attribute- See Also:
-
SUBJECT
Constant for Subject Element- See Also:
-
AUTHN_REQUEST
Constant for AuthnRequest object- See Also:
-
NAMEID_POLICY
Constant for NameIDPolicy Element- See Also:
-
CONDITIONS
Constant for Conditions Element.- See Also:
-
REQ_AUTHN_CONTEXT
Constant for RequestedAuthnContext Element.- See Also:
-
COMPARISON
Constant for Comparison Attribute- See Also:
-
SCOPING
Constant for Scoping Element.- See Also:
-
EXTENSIONS
Constant for Extensions Element.- See Also:
-
STATUS_DETAIL
Constant for StatusDetail Element.- See Also:
-
STATUS_CODE
Constant for StatusCode Element.- See Also:
-
STATUS
Constant for Status Element.- See Also:
-
STATUS_MESSAGE
Constant for StatusMessage Element.- See Also:
-
GETCOMPLETE
Constant for GetComplete Element.- See Also:
-
IDPENTRY
Constant for IDPEntry Element.- See Also:
-
IDPLIST
Constant for IDPList Element.- See Also:
-
NAMEIDPOLICY
Constant for NameIDPolicy Element.- See Also:
-
REQUESTERID
Constant for RequesterID Element.- See Also:
-
SOURCE_SITE_SOAP_ENTRY
- See Also:
-
POST_ASSERTION
- See Also:
-
NAMEID_INFO
NameID info attribute.- See Also:
-
NAMEID_INFO_KEY
NameID info key attribute.- See Also:
-
SAML2
SAML2 data store provider name.- See Also:
-
AUTO_FED_ATTRIBUTE
Auto federation attribute.- See Also:
-
AUTO_FED_ENABLED
Auto federation enable attribute.- See Also:
-
TRANSIENT_FED_USER
Transient federation users.- See Also:
-
NAMEID_TRANSIENT_FORMAT
- See Also:
-
CERT_ALIAS
certficate alias attribute.- See Also:
-
NAME_ID_FORMAT_MAP
NameID format map configuration.- See Also:
-
ATTRIBUTE_MAP
Attribute map configuration.- See Also:
-
SP_ADAPTER_CLASS
Service provider adapter implementation class- See Also:
-
SP_ADAPTER_ENV
Environment (attribute/value pair) for Service provider adapter implementation class. Those variables will be passed down as Map to the implementation class for initialization.- See Also:
-
SP_ADAPTER_SCRIPT
Service Provider Adapter Script.- See Also:
-
FEDLET_ADAPTER_CLASS
Fedlet adapter implementation class.- See Also:
-
FEDLET_ADAPTER_ENV
Environment (attribute/value pair) for fedlet adapter implementation class. Those variables will be passed down as Map to the implementation class for initialization.- See Also:
-
SP_ACCOUNT_MAPPER
Service provider account mapper.- See Also:
-
USE_NAMEID_AS_SP_USERID
Use NameID value as local user ID in service provider account mapper.- See Also:
-
SP_ATTRIBUTE_MAPPER
Service provider attribute mapper.- See Also:
-
IDP_ACCOUNT_MAPPER
Identity provider account mapper.- See Also:
-
IDP_ATTRIBUTE_MAPPER
Identity provider attribute mapper.- See Also:
-
ATTRIBUTE_AUTHORITY_MAPPER
Attribute authority mapper.- See Also:
-
ASSERTION_ID_REQUEST_MAPPER
Assertion ID request mapper.- See Also:
-
RELAY_STATE
RelayState Parameter- See Also:
-
RELAY_STATE_ALIAS
RelayState Alias Parameter- See Also:
-
REALM
Realm Parameter- See Also:
-
ACS_URL_INDEX
AssertionConsumerServiceIndex Parameter- See Also:
-
ATTR_INDEX
AttributeConsumingServiceIndex Parameter- See Also:
-
NAMEID_POLICY_FORMAT
NameIDPolicy Format Identifier Parameter- See Also:
-
TRUE
True Value String- See Also:
-
FALSE
False Value String- See Also:
-
AUTH_LEVEL
- See Also:
-
ORGANIZATION
- See Also:
-
AUTH_LEVEL_ATTR
- See Also:
-
AUTH_TYPE
- See Also:
-
AUTH_LEVEL_ADVICE
- See Also:
-
AUTH_TYPE_ATTR
- See Also:
-
DECLARE_REF_AUTH_TYPE
- See Also:
-
CLASS_REF_AUTH_TYPE
- See Also:
-
AUTH_CONTEXT_DECL_REF
- See Also:
-
AUTH_CONTEXT_DECL_REF_ATTR
- See Also:
-
AUTH_CONTEXT_CLASS_REF
- See Also:
-
AUTH_CONTEXT_CLASS_REF_ATTR
- See Also:
-
SAML_ART
Parameter name for SAML artifact in http request.- See Also:
-
SP_ROLE
Service Provider Role- See Also:
-
IDP_ROLE
Identity Provider Role- See Also:
-
DUAL_ROLE
Constant value for entity acting as both SP and IDP role.- See Also:
-
PDP_ROLE
Policy Decision Point Role- See Also:
-
PEP_ROLE
Policy Enforcement Point Role- See Also:
-
ATTR_AUTH_ROLE
Attribute Authority Role- See Also:
-
ATTR_QUERY_ROLE
Attribute Query Role- See Also:
-
AUTHN_AUTH_ROLE
Authentication Authority Role- See Also:
-
UNKNOWN_ROLE
Unknown Role- See Also:
-
AUTH_MODULE_NAME
Attribute to be configured in SPSSOConfig for SAML2 authentication module instance name.- See Also:
-
LOCAL_AUTH_URL
Attribute to be configured in SPSSOConfig for local authentication url.- See Also:
-
INTERMEDIATE_URL
Attribute to be configured in SPSSOConfig for intermediate url.- See Also:
-
DEFAULT_RELAY_STATE
Attribute to be configure in SPSSOConfig for default relay state url.- See Also:
-
ENTITY_DESCRIPTION
This is an attribute in entity config for the entity description- See Also:
-
SIGNING_CERT_ALIAS
This is an attribute in entity config for the signing certificate alias- See Also:
-
SIGNING_CERT_KEYPASS
This is an attribute in entity config for the signing certificate encrypted keypass- See Also:
-
ENCRYPTION_CERT_ALIAS
This is an attribute in entity config for the encryption certificate alias- See Also:
-
ROLE
The entity role- See Also:
-
SIG_PROVIDER
- See Also:
-
ENC_PROVIDER
- See Also:
-
SIGNING
Signing- See Also:
-
ENCRYPTION
Encryption- See Also:
-
SECOND_DELIM
- See Also:
-
FEDERATE
Http request parameter used to indicate whether the intent is federation or not. Its values are "true" and "false".- See Also:
-
CANONICALIZATION_METHOD
xmlsig signing parameters- See Also:
-
TRANSFORM_ALGORITHM
- See Also:
-
XMLSIG_ALGORITHM
- See Also:
-
DIGEST_ALGORITHM
- See Also:
-
QUERY_SIGNATURE_ALGORITHM_RSA
Property name for the global default query signature algorithm for RSA keys.- See Also:
-
QUERY_SIGNATURE_ALGORITHM_DSA
Property name for the global default query signature algorithm for DSA keys.- See Also:
-
QUERY_SIGNATURE_ALGORITHM_EC
Property name for the global default query signature algorithm for EC keys.- See Also:
-
AES_KEY_WRAP_ALGORITHM
Property name for the global default AES key wrap algorithm.- See Also:
-
RSA_KEY_TRANSPORT_ALGORITHM
Property name for the global default RSA key transport algorithm.- See Also:
-
DSA
- See Also:
-
RSA
- See Also:
-
SIG_ALG
- See Also:
-
SHA1_WITH_DSA
- See Also:
-
SHA1_WITH_RSA
- See Also:
-
DEFAULT_ENCODING
- See Also:
-
CLIENT_FAULT
- See Also:
-
SERVER_FAULT
- See Also:
-
SESSION
- See Also:
-
ASSERTIONS
- See Also:
-
MAX_SESSION_TIME
- See Also:
-
IN_RESPONSE_TO
- See Also:
-
SP_METAALIAS
- See Also:
-
METAALIAS
- See Also:
-
SPENTITYID
- See Also:
-
IDPENTITYID
- See Also:
-
REQUESTTYPE
- See Also:
-
SECRET_ID_IDENTIFIER
This is the unique identifier for assigning secret IDs to an entity role in the secret stores.- See Also:
-
WANT_ASSERTION_ENCRYPTED
SP Entity Config attribute name. Used to specify whether it wants Assertion encrypted or not.- See Also:
-
WANT_ATTRIBUTE_ENCRYPTED
- See Also:
-
WANT_NAMEID_ENCRYPTED
- See Also:
-
WANT_ARTIFACT_RESOLVE_SIGNED
IDP Entity Config attribute name. Used to specify whether it wants ArtifactResolve signed or not.- See Also:
-
WANT_ARTIFACT_RESPONSE_SIGNED
SP Entity Config attribute name. Used to specify whether it wants ArtifactResponse signed or not.- See Also:
-
WANT_LOGOUT_REQUEST_SIGNED
- See Also:
-
WANT_LOGOUT_RESPONSE_SIGNED
- See Also:
-
WANT_MNI_REQUEST_SIGNED
- See Also:
-
WANT_MNI_RESPONSE_SIGNED
- See Also:
-
WANT_POST_RESPONSE_SIGNED
- See Also:
-
WANT_ARTIFACT_RESOLVE_MTLS
IdP Entity Config attribute name. Used to specify whether it wants mTLS used in an Artifact Resolution Request or not.- See Also:
-
ECP_REQUEST_IDP_LIST
SP Entity Config attribute name. Used to specify IDPList child element of ECP request.- See Also:
-
ECP_REQUEST_IDP_LIST_FINDER_IMPL
SP Entity Config attribute name. Used to specify an implementation class that finds IDPList child element of ECP request.- See Also:
-
ECP_REQUEST_IDP_LIST_GET_COMPLETE
SP Entity Config attribute name. Used to specify attribute 'GetComplete' of IDPList child element of ECP request- See Also:
-
X509_SUBJECT_DATA_STORE_ATTR_NAME
Attribute Authority Config attribute name. Used to specify data store attribute name that contains X509 subject DN.- See Also:
-
IDP_SESSION_INDEX
Constant for SAML2IDPSessionIndex SSO token property- See Also:
-
IDP_META_ALIAS
Constant for IDPMetaAlias SSO token property- See Also:
-
BASIC_AUTH_ON
- See Also:
-
BASIC_AUTH_USER
- See Also:
-
BASIC_AUTH_PASSWD
- See Also:
-
SP_AUTHCONTEXT_MAPPER
Service provider AuthnContext mapper.- See Also:
-
DEFAULT_SP_AUTHCONTEXT_MAPPER
Default value for Service provider AuthnContext mapper value.- See Also:
-
SP_AUTH_CONTEXT_CLASS_REF_ATTR
Service provider AuthnContext Class Reference and AuthLevel Mapping.- See Also:
-
AUTH_CTX_PREFIX
Constant for AuthnContext Class Reference namespace- See Also:
-
SP_AUTHCONTEXT_COMPARISON_TYPE
Service provider AuthnContext Comparison Type attribute name.- See Also:
-
SP_AUTHCONTEXT_COMPARISON_TYPE_VALUE
Default Service provider AuthnContext Comparison Type attribute value.- See Also:
-
INCLUDE_REQUESTED_AUTHN_CONTEXT
Flag to indicate if the RequestedAuthnContext should be included in an AuthnRequest.- See Also:
-
SP_AUTHCONTEXT_COMPARISON
Service provider AuthnContext Comparison Parameter Name- See Also:
-
ASSERTION_TIME_SKEW
- See Also:
-
ASSERTION_TIME_SKEW_DEFAULT
static final int ASSERTION_TIME_SKEW_DEFAULT- See Also:
-
SDK_CLASS_MAPPING
- See Also:
-
ASSERTION_EFFECTIVE_TIME
static final int ASSERTION_EFFECTIVE_TIME- See Also:
-
NOTBEFORE_ASSERTION_SKEW_DEFAULT
static final int NOTBEFORE_ASSERTION_SKEW_DEFAULT- See Also:
-
ASSERTION_EFFECTIVE_TIME_ATTRIBUTE
- See Also:
-
ASSERTION_NOTBEFORE_SKEW_ATTRIBUTE
- See Also:
-
IDP_AUTHNCONTEXT_MAPPER_CLASS
- See Also:
-
IDP_ECP_SESSION_MAPPER_CLASS
- See Also:
-
DEFAULT_IDP_AUTHNCONTEXT_MAPPER_CLASS
- See Also:
-
DEFAULT_IDP_ACCOUNT_MAPPER_CLASS
- See Also:
-
DEFAULT_SP_ACCOUNT_MAPPER_CLASS
- See Also:
-
DEFAULT_SP_ATTRIBUTE_MAPPER_CLASS
Default SP attribute mapper class name- See Also:
-
DEFAULT_IDP_ATTRIBUTE_MAPPER_CLASS
- See Also:
-
DEFAULT_ATTRIBUTE_AUTHORITY_MAPPER_CLASS
- See Also:
-
DEFAULT_ASSERTION_ID_REQUEST_MAPPER_CLASS
- See Also:
-
DEFAULT_IDP_ECP_SESSION_MAPPER_CLASS
- See Also:
-
IDP_AUTHNCONTEXT_CLASSREF_MAPPING
- See Also:
-
CLASSREF_PASSWORD_PROTECTED_TRANSPORT
- See Also:
-
AUTH_LEVEL_ZERO
-
SP_AUTHCONTEXT_CLASSREF_VALUE
Default Service provider AuthnContext Class Reference and AuthLevel Mapping value. -
COT_LIST
- See Also:
-
MESSAGE
- See Also:
-
CACHE_CLEANUP_INTERVAL
- See Also:
-
CACHE_CLEANUP_INTERVAL_DEFAULT
static final int CACHE_CLEANUP_INTERVAL_DEFAULT- See Also:
-
CACHE_CLEANUP_INTERVAL_MINIMUM
static final int CACHE_CLEANUP_INTERVAL_MINIMUM- See Also:
-
LOGOUT_ALL
- See Also:
-
RES_INFO_ID
- See Also:
-
GOTO
- See Also:
-
DELIMITER
static final char DELIMITER- See Also:
-
ESCAPE_DELIMITER
- See Also:
-
NS_XMLENC
Namespace declaration for XML Encryption- See Also:
-
NS_XMLSIG
Namespace declaration for XML Digital Signature- See Also:
-
WANT_XACML_AUTHZ_DECISION_QUERY_SIGNED
Want XACML Authorization Decision Query Signed.- See Also:
-
WANT_XACML_AUTHZ_DECISION_RESPONSED_SIGNED
Want Authorization Decision Response Signed.- See Also:
-
RESPONSE_ARTIFACT_MESSAGE_ENCODING
Constant for Response Artifact message encoding property- See Also:
-
URI_ENCODING
URI encoding- See Also:
-
FORM_ENCODING
FORM encoding- See Also:
-
ASSERTION_CACHE_ENABLED
Cache Assertion- See Also:
-
NS_XSI
XML Schema Instance namespace URI- See Also:
-
XSI_DECLARE_STR
String used to declare XML Schema Instance namespace.- See Also:
-
SAE_APP_SECRET_LIST
List of SAE appliation name to encrypted secret mapping.- See Also:
-
RELAY_STATE_URL_LIST
List of valid Relay State Urls- See Also:
-
SAE_IDP_URL
IDP SAE endpoint url.- See Also:
-
SAE_SP_URL
SP SAE endpoint url.- See Also:
-
SAE_SP_LOGOUT_URL
SP SAE logout url.- See Also:
-
SAE_XMETA_URL
SAE : Extended meta param : SPApp url- See Also:
-
SAE_XMETA_SECRET
SAE : Extended meta param : shared secret for symmetric crypto- See Also:
-
SAE_XMETA_PKEY_ALIAS
SAE : Derived from SAML2 meta- See Also:
-
SAE_REALM
HTTP parameters that will be passed to SAE auth modules.- See Also:
-
SAE_IDP_ENTITYID
- See Also:
-
SAE_IDPAPP_URL
- See Also:
-
ENABLE_IDP_PROXY
Enable IDP Proxy- See Also:
-
ALWAYS_IDP_PROXY
Always proxy the Authn Request- See Also:
-
IDP_PROXY_LIST
IDP Proxy Name List- See Also:
-
IDP_PROXY_COUNT
IDP Proxy Count- See Also:
-
USE_INTRODUCTION_FOR_IDP_PROXY
Use Introduction for IDP Proxy- See Also:
-
IDP_FINDER_URL
Idp finder URL- See Also:
-
IDP_PROXY_FINDER_NAME
IDP Proxy finder name- See Also:
-
DEFAULT_IDP_PROXY_FINDER
Default class name of IDP Proxy finder- See Also:
-
IDP_PROXY_FINDER_ATTR_NAME
IDP Proxy finder attribute name in the IDP Extended metadata- See Also:
-
PROXY_IDP_FINDER_CLASS
IDP Proxy finder implmentation classe attribute name in the IDP Extended metadata- See Also:
-
ENABLE_PROXY_IDP_FINDER_FOR_ALL_SPS
Flag to indicate if the IdP must enable the IdP Finder This is the name of the attribute flag in the IDP Extended metadata- See Also:
-
PROXY_IDP_FINDER_JSP
Attribute Name in the extended metadata that takes the value of the JSP that will present the list of IdPs to the user- See Also:
-
DEFAULT_PROXY_IDP_FINDER
Default IDP Proxy Finder JSP- See Also:
-
IDP_ADAPTER_CLASS
IDP Adapter class attribute name- See Also:
-
DEFAULT_IDP_ADAPTER
Default IDP Adapter class- See Also:
-
IDP_SESSION
Key used to save IDP Session in a map- See Also:
-
PARTNERS
Key used to save session partners in a map- See Also:
-
ECP_PREFIX
String used to declare ECP namespace prefix.- See Also:
-
ECP_NAMESPACE
ECP namespace URI.- See Also:
-
ECP_DECLARE_STR
String used to declare ECP namespace.- See Also:
-
ECP_END_TAG
Constant for ECP end tag- See Also:
-
PAOS_ECP_SERVICE
ECP service name in PAOS header- See Also:
-
SOAP_ENV_PREFIX
String used to declare SOAP envelope namespace prefix.- See Also:
-
SOAP_ENV_NAMESPACE
SOAP envelope namespace URI.- See Also:
-
SOAP_ENV_DECLARE_STR
String used to declare SOAP envelope namespace.- See Also:
-
SOAP_ACTOR_NEXT
SOAP actor.- See Also:
-
CHECK_SAML2_CERTIFICATE_STATUS
Check Certificate status- See Also:
-
CHECK_SAML2_CA_STATUS
Check CA Certificate status- See Also:
-
ATTR_WILD_CARD
Wild card to indicate mapping any attribute name as it is in the Assertion- See Also:
-
RESPONSE
Key name for Response object- See Also:
-
ASSERTION
Key name for Assertion object- See Also:
-
ONETIME
One Time Use.- See Also:
-
IS_BEARER
Is Bearer assertion- See Also:
-
APP_LOGOUT_URL
String to represent the logout url for external application. SAML2 component will send request to the external logout URL using back channel HTTP POST mechanism. This is used when the single logout is initiated from remote party (SP or IDP).- See Also:
-
APP_SESSION_PROPERTY
URL parameter name in external application logout URL for requesting user session property. Value is a session property name whose value will be posted to application as http header and content for its logout use.- See Also:
-
IDP_SESSION_SYNC_ENABLED
IDP Session Synchronize Enabled- See Also:
-
SP_SESSION_SYNC_ENABLED
SP Session Synchronize Enabled- See Also:
-
INFO_KEY
Map key used in fedlet case to specify federation info key.- See Also:
-
SSO_SERVICE
Single Sign-On service.- See Also:
-
NAMEID_MAPPING_SERVICE
NameIDMapping service.- See Also:
-
ASSERTION_ID_REQUEST_SERVICE
AssertionIDRequest service.- See Also:
-
ARTIFACT_RESOLUTION_SERVICE
ArtifactResolution service.- See Also:
-
SLO_SERVICE
SingleLogout service.- See Also:
-
MNI_SERVICE
ManageNameID service.- See Also:
-
ACS_SERVICE
AssertionConsumer service.- See Also:
-
AM_REDIRECT_URL
Map key used in SLO request redirect code- See Also:
-
OUTPUT_DATA
Map key used in SLO request redirect code- See Also:
-
RESPONSE_CODE
- See Also:
-
SP_DO_NOT_WRITE_FEDERATION_INFO
Flag to Indicate that we do not want to write the Federation info in the local User Data Store. This flag is set in the local/remote SP extended metadata configuration.- See Also:
-
IDP_DISABLE_NAMEID_PERSISTENCE
Flag to indicate that we do not want to write the federation info in the IdP's local User Data Store. This flag is set in the local IdP extended metadata configuration.- See Also:
-
SAML_DECRYPTION_DEBUG_MODE
Property to determine whether SAML SP Decryption Debug mode has been enabled.- See Also:
-
SAML_PROXY_IDP_RESPONSE_KEY
Property name used to store the remote IdP's SAML response as an attribute of the HttpServletRequest.- See Also:
-
SINGLE_LOGOUT
property name used to store whether or not saml single logout in enabled.- See Also:
-
SINGLE_LOGOUT_URL
Property name used to store location of saml single logout url- See Also:
-
DEFAULT_SERVER_PORT
static final int DEFAULT_SERVER_PORTDefault Value for the SAML2 Server Port- See Also:
-
AUDIENCE_URI
Attribute to be configured in SPSSOConfig for Audience elements.- See Also:
-
MASK_GENERATION_FUNCTION
Property that determines which mask generation function algorithm should AM use.- See Also:
-
SKIP_ENDPOINT_VALIDATION_WHEN_SIGNED
Property that controls whether the endpoint validation should be performed for signed authentication requests.- See Also:
-
SAML2_REQUEST_JWT_TYPE
The type (typ) value to set on the SAML2 request JWT claimset.- See Also:
-
SAML2_CREDENTIAL_RESOLVER_PROPERTY
The property name for setting custom SAML2 credential resolver implementation.- See Also:
-
IDP_ATTRIBUTE_MAPPER_SCRIPT
Identity Provider Attribute Mapper Script.- See Also:
-
IDP_ADAPTER_SCRIPT
Identity Provider Adapter Script.- See Also:
-
SCRIPTED_IDP_ATTRIBUTE_MAPPER
Property name used for binding the scriptedIDPAttributeMapperto the guice module.- See Also:
-
SCRIPTED_IDP_ADAPTER
Property name used for binding the scriptedIDPAdapterto the guice module.- See Also:
-
SCRIPTED_SP_ADAPTER
Property name used for binding the scriptedSPAdapterto the guice module.- See Also:
-
DO_NOT_REMOVE_SAML2_IDPSESSION
- See Also:
-