...
ws-security.callback-handler | The CallbackHandler implementation class used to obtain passwords. |
ws-security.saml-callback-handler | The SAML CallbackHandler implementation class used to construct SAML Assertions. |
ws-security.signature.properties | The Crypto property configuration to use for signature, if "ws-security.signature.crypto" is not set instead. |
ws-security.encryption.properties | The Crypto property configuration to use for encryption, if "ws-security.encryption.crypto" is not set instead. |
ws-security.signature.crypto | A Crypto object to be used for signature. If this is not defined then "ws-security.signature.properties" is used instead. |
ws-security.encryption.crypto | A Crypto object to be used for encryption. If this is not defined then "ws-security.encryption.properties" is used instead. |
Boolean configuration tags, e.g. the value should be "true" or "false".
ws-security.validate.token | Whether to validate the password of a received UsernameToken or not. The default is true. |
ws-security.enableRevocation | Whether to enable Certificate Revocation List (CRL) checking or not when verifying trust in a certificate. The default value is "false". |
ws-security.username-token.always.encrypted | Whether to always encrypt UsernameTokens whenever possible. The default is true. |
ws-security.is-bsp-compliant | Whether to ensure compliance with the Basic Security Profile (BSP) 1.1 or not. The default value is "true". |
ws-security.self-sign-saml-assertion | Whether to self-sign a SAML Assertion or not. If this is set to true, then an enveloped signature will be generated when the SAML Assertion is constructed. The default is false. |
ws-security.enable.nonce.cache | Whether to cache UsernameToken nonces. See here for more information. |
ws-security.enable.timestamp.cache | Whether to cache Timestamp Created Strings. See here for more information. |
Other properties
ws-security.subject.cert.constraints | This configuration tag is a comma separated String of regular expressions which will be applied to the subject DN of the certificate used for signature validation, after trust verification of the certificate chain associated with the certificate. These constraints are not used when the certificate is contained in the keystore (direct trust). | ws-security.is-bsp-compliant | Whether to ensure compliance with the Basic Security Profile (BSP) 1.1 or not. The default value is "true". |
ws-security.timestamp.futureTimeToLive | This configuration tag specifies the time in seconds in the future within which the Created time of an incoming Timestamp is valid. WSS4J rejects by default any timestamp which is "Created" in the future, and so there could potentially be |
...