IdentityValidatorConfiguration

none 

Specifies a comma-separated list of parameter=value pairs that configure the identity authentication module (RFC 4474). Parameters are as follows:

• maxClockSkew — Specifies the maximum difference in milliseconds allowed between the system clocks of the sender and recipient. The default is 0 (zero).

• timestampFreshnessLimit — Specifies the maximum duration of time in milliseconds after which the timestamp becomes stale. The default is 600000 (600 seconds or 10 minutes).

• enableRevocationCheck — If set to true, uses the default revocation checking mechanism of the underlying PKIX service provider. The default is false.

• certificateValidator — Specifies the class name of a custom certificate validator implementation. This class must implement the org.glassfish.comms.api.security.auth.CertificateValidator interface.

PrincipalMapper

none 

Specifies the name of a custom class that converts user names to a format understood by the SIP container. The class must implement the com.sun.enterprise.security.auth.PrincipalMapper interface.

The Communications Server provides a default PrincipalMapper implementation. Each application using P-asserted identity authentication creates its own instance of the PrincipalMapper implementation class.

NonceManager

none 

Specifies the Nonce Manager configuration. Identity authentication and SIP digest authentication modules need the Nonce Manager to cache nonce and call-id values respectively. The syntax for the property's value attribute is as follows:

id=identity-nonce-config,maxNonceAge=millis;id=sip-nonce-config,maxNonceAge=millis

You can specify identity-nonce-config, sip-nonce-config, or both. The maxNonceAge parameter units are milliseconds. The default for the identity-nonce-config maxNonceAge is 3600000 (1 hour). The default for the sip-nonce-config maxNonceAge is 600000 (10 minutes).