...
constant | default | definition |
security.enableRevocation | false | Whether to enable Certificate Revocation List (CRL) checking or not when verifying trust in a certificate. |
security.enable.unsigned-saml-assertion.principal | false | Whether to allow unsigned saml assertions as SecurityContext Principals. The default is false. |
security.validate.saml.subject.conf | true | Whether to validate the SubjectConfirmation requirements of a received SAML Token. |
security.sc.jaas-subject | true | Set this to "false" if security context must not be created from JAAS Subject. |
security.validate.audience-restriction | (varies) | If this is set to "true", then IF the SAML Token contains Audience Restriction URIs, one of them must match either the request URL or the Service QName. The default is "true" for CXF 3.0.x, and "false" for 2.7.x. |
Non-boolean
...
Security Configuration parameters
security.saml-role-attributename | The attribute URI of the SAML AttributeStatement where the role information is stored. The default is "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role". |
security.subject.cert.constraints | A comma separated String of regular expressions which will be applied to the subject DN of the certificate used for signature validation, after trust verification of the certificate chain associated with the certificate. These constraints are not used when the certificate is contained in the keystore (direct trust). |
...