Class WsFederationSecurityTokenServiceProperties
java.lang.Object
org.apereo.cas.configuration.model.support.wsfed.WsFederationSecurityTokenServiceProperties
- All Implemented Interfaces:
Serializable
@RequiresModule(name="cas-server-support-ws-sts")
public class WsFederationSecurityTokenServiceProperties
extends Object
implements Serializable
- Since:
- 6.4.0
- See Also:
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionGet how long (in seconds) a client-supplied Created Element is allowed to be in the future.Set the default lifetime in seconds for issued SAML tokens.Set the maximum lifetime in seconds for issued SAML tokens.Crypto settings used to secure calls between the idp and the sts.Collection of fully-qualified claims prefixed with the appropriate namespace that are expected to be released via attribute release policy.Keystore path used to encrypt tokens.Keystore password used to encrypt tokens.getRealm()
Realm definition settings that define this CAS server.Keystore path used to sign tokens.Keystore password used to sign tokens.When generating a SAML token, indicates the subject name-id format to use.When generating a SAML token, indicates the subject name-id qualifier to use.boolean
Set whether client lifetime is accepted.boolean
If requested lifetime exceeds shall it fail (default) or overwrite with maximum lifetime.boolean
Whether tokens generated by STS should encrypted.boolean
Set whether the provided token will be signed or not.setConditionsAcceptClientLifetime
(boolean conditionsAcceptClientLifetime) Set whether client lifetime is accepted.setConditionsFailLifetimeExceedance
(boolean conditionsFailLifetimeExceedance) If requested lifetime exceeds shall it fail (default) or overwrite with maximum lifetime.setConditionsFutureTimeToLive
(String conditionsFutureTimeToLive) Get how long (in seconds) a client-supplied Created Element is allowed to be in the future.setConditionsLifetime
(String conditionsLifetime) Set the default lifetime in seconds for issued SAML tokens.setConditionsMaxLifetime
(String conditionsMaxLifetime) Set the maximum lifetime in seconds for issued SAML tokens.Crypto settings used to secure calls between the idp and the sts.setCustomClaims
(List<String> customClaims) Collection of fully-qualified claims prefixed with the appropriate namespace that are expected to be released via attribute release policy.setEncryptionKeystoreFile
(String encryptionKeystoreFile) Keystore path used to encrypt tokens.setEncryptionKeystorePassword
(String encryptionKeystorePassword) Keystore password used to encrypt tokens.setEncryptTokens
(boolean encryptTokens) Whether tokens generated by STS should encrypted.Realm definition settings that define this CAS server.setSigningKeystoreFile
(String signingKeystoreFile) Keystore path used to sign tokens.setSigningKeystorePassword
(String signingKeystorePassword) Keystore password used to sign tokens.setSignTokens
(boolean signTokens) Set whether the provided token will be signed or not.setSubjectNameIdFormat
(String subjectNameIdFormat) When generating a SAML token, indicates the subject name-id format to use.setSubjectNameQualifier
(String subjectNameQualifier) When generating a SAML token, indicates the subject name-id qualifier to use.
-
Constructor Details
-
WsFederationSecurityTokenServiceProperties
public WsFederationSecurityTokenServiceProperties()
-
-
Method Details
-
getSubjectNameIdFormat
When generating a SAML token, indicates the subject name-id format to use. Accepted values are:- unspecified
- transient
- persistent
- entity
-
getSubjectNameQualifier
When generating a SAML token, indicates the subject name-id qualifier to use. -
isSignTokens
public boolean isSignTokens()Set whether the provided token will be signed or not. Default is true. -
isConditionsAcceptClientLifetime
public boolean isConditionsAcceptClientLifetime()Set whether client lifetime is accepted. -
isConditionsFailLifetimeExceedance
public boolean isConditionsFailLifetimeExceedance()If requested lifetime exceeds shall it fail (default) or overwrite with maximum lifetime. -
getConditionsFutureTimeToLive
Get how long (in seconds) a client-supplied Created Element is allowed to be in the future. The default is 60 seconds to avoid common problems relating to clock skew. -
getConditionsLifetime
Set the default lifetime in seconds for issued SAML tokens. -
getConditionsMaxLifetime
Set the maximum lifetime in seconds for issued SAML tokens. -
isEncryptTokens
public boolean isEncryptTokens()Whether tokens generated by STS should encrypted. -
getSigningKeystoreFile
Keystore path used to sign tokens. -
getSigningKeystorePassword
Keystore password used to sign tokens. -
getEncryptionKeystoreFile
Keystore path used to encrypt tokens. -
getEncryptionKeystorePassword
Keystore password used to encrypt tokens. -
getCrypto
Crypto settings used to secure calls between the idp and the sts. -
getRealm
Realm definition settings that define this CAS server. -
getCustomClaims
Collection of fully-qualified claims prefixed with the appropriate namespace that are expected to be released via attribute release policy. -
setSubjectNameIdFormat
public WsFederationSecurityTokenServiceProperties setSubjectNameIdFormat(String subjectNameIdFormat) When generating a SAML token, indicates the subject name-id format to use. Accepted values are:- unspecified
- transient
- persistent
- entity
- Returns:
this
.
-
setSubjectNameQualifier
public WsFederationSecurityTokenServiceProperties setSubjectNameQualifier(String subjectNameQualifier) When generating a SAML token, indicates the subject name-id qualifier to use.- Returns:
this
.
-
setSignTokens
Set whether the provided token will be signed or not. Default is true.- Returns:
this
.
-
setConditionsAcceptClientLifetime
public WsFederationSecurityTokenServiceProperties setConditionsAcceptClientLifetime(boolean conditionsAcceptClientLifetime) Set whether client lifetime is accepted.- Returns:
this
.
-
setConditionsFailLifetimeExceedance
public WsFederationSecurityTokenServiceProperties setConditionsFailLifetimeExceedance(boolean conditionsFailLifetimeExceedance) If requested lifetime exceeds shall it fail (default) or overwrite with maximum lifetime.- Returns:
this
.
-
setConditionsFutureTimeToLive
public WsFederationSecurityTokenServiceProperties setConditionsFutureTimeToLive(String conditionsFutureTimeToLive) Get how long (in seconds) a client-supplied Created Element is allowed to be in the future. The default is 60 seconds to avoid common problems relating to clock skew.- Returns:
this
.
-
setConditionsLifetime
Set the default lifetime in seconds for issued SAML tokens.- Returns:
this
.
-
setConditionsMaxLifetime
public WsFederationSecurityTokenServiceProperties setConditionsMaxLifetime(String conditionsMaxLifetime) Set the maximum lifetime in seconds for issued SAML tokens.- Returns:
this
.
-
setEncryptTokens
Whether tokens generated by STS should encrypted.- Returns:
this
.
-
setSigningKeystoreFile
public WsFederationSecurityTokenServiceProperties setSigningKeystoreFile(String signingKeystoreFile) Keystore path used to sign tokens.- Returns:
this
.
-
setSigningKeystorePassword
public WsFederationSecurityTokenServiceProperties setSigningKeystorePassword(String signingKeystorePassword) Keystore password used to sign tokens.- Returns:
this
.
-
setEncryptionKeystoreFile
public WsFederationSecurityTokenServiceProperties setEncryptionKeystoreFile(String encryptionKeystoreFile) Keystore path used to encrypt tokens.- Returns:
this
.
-
setEncryptionKeystorePassword
public WsFederationSecurityTokenServiceProperties setEncryptionKeystorePassword(String encryptionKeystorePassword) Keystore password used to encrypt tokens.- Returns:
this
.
-
setCrypto
public WsFederationSecurityTokenServiceProperties setCrypto(EncryptionJwtSigningJwtCryptographyProperties crypto) Crypto settings used to secure calls between the idp and the sts.- Returns:
this
.
-
setRealm
public WsFederationSecurityTokenServiceProperties setRealm(WsFederationSecurityTokenServiceRealmProperties realm) Realm definition settings that define this CAS server.- Returns:
this
.
-
setCustomClaims
Collection of fully-qualified claims prefixed with the appropriate namespace that are expected to be released via attribute release policy.- Returns:
this
.
-