Common Federation Configuration (Sun OpenSSO Enterprise 8.0 Administration Reference)

Sun OpenSSO Enterprise 8.0 Administration Reference

Common Federation Configuration

Datastore SPI Implementation Class

This attribute specifies the implementation class for the com.sun.identity.plugin.datastore.DataStoreProvider SPI which is used for managing federation user data store information.

Configuration Instance SPI Implementation Class

This attribute specifies the implementation class for the com.sun.identity.plugin.configuration.ConfigurationInstance SPI which is used for managing federation service configuration data.

Logger SPI Implementation Class

This attribute specifies the implementation class for the com.sun.identity.plugin.log.Logger SPI which is used for managing federation logging.

Session Provider SPI Implementation Class

This specifies the implementation class for the com.sun.identity.plugin.session.SessionProvider SPI which is used for managing federation session.

Maximum Allowed Content Length

This attribute specifies the maximum allowed content length for an HTTP Request that will be used in federation services. Any request whose content exceeds the specified maximum content length will be rejected.

Password Decoder SPI Implementation Class

This attribute specifies the implementation class for the com.sun.identity.saml.xmlsig.PasswordDecoder interface which is used to decode stored password for XML signing keystore and password for basic authentication under SAML 1.x.

Signature Provider SPI Implementation Class

This attribute specifies the SAML XML signature provider class. The default SPI is com.sun.identity.saml.xmlsig.AMSignatureProvider.

Key Provider SPI Implementation Class

This attribute specifies the XML signature key provider class. The default SPI is com.sun.identity.saml.xmlsig.JKSKeyProvider.

Check Presence of Certificates

If set to on, the certificate must be presented to the keystore for XML signature validation. If set to off, presence checking of the certificate is skipped. This applies to SAML1.x only.

XML Cannonicalization Algorithm

This attribute specifies XML cannonicalization algorithm used for SAML XML signature generation and verification. The default value is http://www.w3.org/2001/10/xml-exc-c14n#.

XML Signature Algorithm

This attribute specifies XML signature algorithm used for SAML XML Signature generation and verification. When not specified or value is empty, the default value (http://www.w3.org/2000/09/xmldsig#rsa-sha1) is used.

XML Transformation Algorithm

This attribute specifies transformation algorithm used for SAML XML signature generation and verification. When not specified or the value is empty, the default value (http://www.w3.org/2001/10/xml-exc-c14n#) is used.