...
Boolean WS-Security configuration tags, e.g. the value should be "true" or "false".
constant | default | definition |
ws-security.validate.token | true | Whether to validate the password of a received UsernameToken or not. The default is true. |
ws-security.enableRevocation | false | Whether to enable Certificate Revocation List (CRL) checking or not when verifying trust in a certificate. The default value is "false". |
ws-security.username-token.always.encrypted | true | Whether to always encrypt UsernameTokens that are defined as a SupportingToken. The default is true. This should not be set to false in a production environment, as it exposes the password (or the digest of the password) on the wire. |
ws-security.is-bsp-compliant | true | Whether to ensure compliance with the Basic Security Profile (BSP) 1.1 or not. The default value is "true". |
ws-security.self-sign-saml-assertion | false | Whether to self-sign a SAML Assertion or not. If this is set to true, then an enveloped signature will be generated when the SAML Assertion is constructed. The default is false. |
ws-security.enable.nonce.cache | (varies) | Whether to cache UsernameToken nonces. See here for more information. |
ws-security.enable.timestamp.cache | (varies) | Whether to cache Timestamp Created Strings. See here for more information. |
...