Package org.apereo.cas.configuration.model.support.wsfed

Class WsFederationSecurityTokenServiceProperties

java.lang.Object
org.apereo.cas.configuration.model.support.wsfed.WsFederationSecurityTokenServiceProperties
All Implemented Interfaces:
Serializable
@RequiresModule(name="cas-server-support-ws-sts") public class WsFederationSecurityTokenServiceProperties extends Object implements Serializable
This is WsFederationSecurityTokenServiceProperties.
Since:
6.4.0
See Also:

  • Constructor Details

    • WsFederationSecurityTokenServiceProperties

      public WsFederationSecurityTokenServiceProperties()

  • Method Details

    • getSubjectNameIdFormat

      public String getSubjectNameIdFormat()
      When generating a SAML token, indicates the subject name-id format to use. Accepted values are:
      • unspecified
      • email
      • transient
      • persistent
      • entity

    • getSubjectNameQualifier

      public String getSubjectNameQualifier()
      When generating a SAML token, indicates the subject name-id qualifier to use.

    • isSignTokens

      public boolean isSignTokens()
      Set whether the provided token will be signed or not. Default is true.

    • isConditionsAcceptClientLifetime

      public boolean isConditionsAcceptClientLifetime()
      Set whether client lifetime is accepted.

    • isConditionsFailLifetimeExceedance

      public boolean isConditionsFailLifetimeExceedance()
      If requested lifetime exceeds shall it fail (default) or overwrite with maximum lifetime.

    • getConditionsFutureTimeToLive

      public String getConditionsFutureTimeToLive()
      Get how long (in seconds) a client-supplied Created Element is allowed to be in the future. The default is 60 seconds to avoid common problems relating to clock skew.

    • getConditionsLifetime

      public String getConditionsLifetime()
      Set the default lifetime in seconds for issued SAML tokens.

    • getConditionsMaxLifetime

      public String getConditionsMaxLifetime()
      Set the maximum lifetime in seconds for issued SAML tokens.

    • isEncryptTokens

      public boolean isEncryptTokens()
      Whether tokens generated by STS should encrypted.

    • getSigningKeystoreFile

      public String getSigningKeystoreFile()
      Keystore path used to sign tokens.

    • getSigningKeystorePassword

      public String getSigningKeystorePassword()
      Keystore password used to sign tokens.

    • getEncryptionKeystoreFile

      public String getEncryptionKeystoreFile()
      Keystore path used to encrypt tokens.

    • getEncryptionKeystorePassword

      public String getEncryptionKeystorePassword()
      Keystore password used to encrypt tokens.

    • getCrypto

      public EncryptionJwtSigningJwtCryptographyProperties getCrypto()
      Crypto settings used to secure calls between the idp and the sts.

    • getRealm

      public WsFederationSecurityTokenServiceRealmProperties getRealm()
      Realm definition settings that define this CAS server.

    • getCustomClaims

      public List<String> getCustomClaims()
      Collection of fully-qualified claims prefixed with the appropriate namespace that are expected to be released via attribute release policy.

    • setSubjectNameIdFormat

      public WsFederationSecurityTokenServiceProperties setSubjectNameIdFormat(String subjectNameIdFormat)
      When generating a SAML token, indicates the subject name-id format to use. Accepted values are:
      • unspecified
      • email
      • transient
      • persistent
      • entity
      Returns:
      this.

    • setSubjectNameQualifier

      public WsFederationSecurityTokenServiceProperties setSubjectNameQualifier(String subjectNameQualifier)
      When generating a SAML token, indicates the subject name-id qualifier to use.
      Returns:
      this.

    • setSignTokens

      public WsFederationSecurityTokenServiceProperties setSignTokens(boolean signTokens)
      Set whether the provided token will be signed or not. Default is true.
      Returns:
      this.

    • setConditionsAcceptClientLifetime

      public WsFederationSecurityTokenServiceProperties setConditionsAcceptClientLifetime(boolean conditionsAcceptClientLifetime)
      Set whether client lifetime is accepted.
      Returns:
      this.

    • setConditionsFailLifetimeExceedance

      public WsFederationSecurityTokenServiceProperties setConditionsFailLifetimeExceedance(boolean conditionsFailLifetimeExceedance)
      If requested lifetime exceeds shall it fail (default) or overwrite with maximum lifetime.
      Returns:
      this.

    • setConditionsFutureTimeToLive

      public WsFederationSecurityTokenServiceProperties setConditionsFutureTimeToLive(String conditionsFutureTimeToLive)
      Get how long (in seconds) a client-supplied Created Element is allowed to be in the future. The default is 60 seconds to avoid common problems relating to clock skew.
      Returns:
      this.

    • setConditionsLifetime

      public WsFederationSecurityTokenServiceProperties setConditionsLifetime(String conditionsLifetime)
      Set the default lifetime in seconds for issued SAML tokens.
      Returns:
      this.

    • setConditionsMaxLifetime

      public WsFederationSecurityTokenServiceProperties setConditionsMaxLifetime(String conditionsMaxLifetime)
      Set the maximum lifetime in seconds for issued SAML tokens.
      Returns:
      this.

    • setEncryptTokens

      public WsFederationSecurityTokenServiceProperties setEncryptTokens(boolean encryptTokens)
      Whether tokens generated by STS should encrypted.
      Returns:
      this.

    • setSigningKeystoreFile

      public WsFederationSecurityTokenServiceProperties setSigningKeystoreFile(String signingKeystoreFile)
      Keystore path used to sign tokens.
      Returns:
      this.

    • setSigningKeystorePassword

      public WsFederationSecurityTokenServiceProperties setSigningKeystorePassword(String signingKeystorePassword)
      Keystore password used to sign tokens.
      Returns:
      this.

    • setEncryptionKeystoreFile

      public WsFederationSecurityTokenServiceProperties setEncryptionKeystoreFile(String encryptionKeystoreFile)
      Keystore path used to encrypt tokens.
      Returns:
      this.

    • setEncryptionKeystorePassword

      public WsFederationSecurityTokenServiceProperties setEncryptionKeystorePassword(String encryptionKeystorePassword)
      Keystore password used to encrypt tokens.
      Returns:
      this.

    • setCrypto

      public WsFederationSecurityTokenServiceProperties setCrypto(EncryptionJwtSigningJwtCryptographyProperties crypto)
      Crypto settings used to secure calls between the idp and the sts.
      Returns:
      this.

    • setRealm

      public WsFederationSecurityTokenServiceProperties setRealm(WsFederationSecurityTokenServiceRealmProperties realm)
      Realm definition settings that define this CAS server.
      Returns:
      this.

    • setCustomClaims

      public WsFederationSecurityTokenServiceProperties setCustomClaims(List<String> customClaims)
      Collection of fully-qualified claims prefixed with the appropriate namespace that are expected to be released via attribute release policy.
      Returns:
      this.