This attribute specifies the duration (in seconds) between each cache cleanup.
Specifies the attribute name used to store name identifier information on a user's entry. If nothing is specified, the default attribute (sun-fm-saml2-nameid-info) will be used. The corresponding datastore bind user must have read/write/search/compare permission to this attribute.
Specifies the attribute name used to store name identifier key on a user's entry. If not specified, the default attribute (sun-fm-saml2-nameid-infokey) will be used. The corresponding datastore bind user must have read/write/search/compare permission to this attribute. You must also must make sure that the equality type index is added.
Specifies the cookie domain for the SAMLv2 IDP discovery cookie.
Specifies cookie type used in SAMLv2 IDP Discovery Service, either Persistent or Session. Default is Session.
Specifies URL scheme used in SAMLv2 IDP Discovery Service.
Specifies implementation class name for the SAMLv2 Encryption Provider interface. The class is used to perform XML encryption and decryption in SAMLv2 profiles.
This is used in the com.sun.identity.saml2.xmlenc.FMEncProvider class. If enabled, it will include EncryptedKey inside a KeyInfo in the EncryptedData element when performing XML encryption operation. If it is not enabled, EncryptedKey is paralleled to the EncryptedData element. Default is enabled.
If enabled, the signing certificate used by identity provider and service provider will be validated against certificate revocation list (CRL) configured in the Security settings under the Sites and Servers tab. If the certificate is not validated and accepted, it will stop and return a validation error without doing further XML signature validation.
If enabled, the SAML identity provider or service provider will validate the certificate that is used in signing . If the certificate is validated and accepted, the provider will validate the signature. If not, it will stop and return a validation error.
If enabled, the signing certificate used by identity provider and service provider will be validated against the trusted CA list. If the certificate is not validated and accepted, it will stop and return a validation error without doing further XML signature validation.