Versions Compared

Old Version 78

changes.mady.by.user Sergey Beryozkin

Saved on

compared with

New Version 79

changes.mady.by.user Sergey Beryozkin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

rs.security.signature.key.password.provider

A reference to a PrivateKeyPasswordProvider instance used to retrieve passwords to access keys for signature. If this is not specified it falls back to use "rs.security.key.password.provider".

rs.security.signature.algorithmThe signature algorithm to use. The default algorithm if not specified is 'RS256'.
rs.security.signature.include.public.keyInclude the JWK public key for signature in the "jwk" header.
rs.security.signature.include.certInclude the X.509 certificate for signature in the "x5c" header.
rs.security.signature.include.key.idInclude the JWK key id for signature in the "kid" header.
rs.security.signature.include.cert.sha1Include the X.509 certificate SHA-1 digest for signature in the "x5t" header.
rs.security.signature.include.cert.sha256Include the X.509 certificate SHA-256 digest for encryption in the "x5t#S256" header.

Configuration that applies to encryption only

rs.security.decryption.key.password.provider

A reference to a PrivateKeyPasswordProvider instance used to retrieve passwords to access keys for decryption. If this is not specified it falls back to use "rs.security.key.password.provider".

rs.security.encryption.content.algorithmThe encryption content algorithm to use. The default algorithm if not specified is 'A128GCM'.
rs.security.encryption.key.algorithm

The encryption key algorithm to use. The default algorithm if not specified is 'RSA-OAEP' if the key is an RSA key, 'ECDH-ES-A128KW'  if the key is an EC key and 'A128GCMKW' if it is an octet sequence.

rs.security.encryption.zip.algorithmThe encryption zip algorithm to use.
rs.security.encryption.include.public.keyInclude the JWK public key for encryption in the "jwk" header.
rs.security.encryption.include.certInclude the X.509 certificate for encryption in the "x5c" header.
rs.security.encryption.include.key.idInclude the JWK key id for encryption in the "kid" header.
rs.security.encryption.include.cert.sha1Include the X.509 certificate SHA-1 digest for encryption in the "x5t" header.
rs.security.encryption.include.cert.sha256Include the X.509 certificate SHA-256 digest for encryption in the "x5t#S256" header.

Configuration that applies to JWT tokens only

...