request-policy

zero or one 

Defines the authentication policy requirements of the authentication provider’s request processing. 

response-policy

zero or one 

Defines the authentication policy requirements of the authentication provider’s response processing. 

property

zero or more 

Specifies a property or a variable. 

provider-id

none 

Specifies a unique identifier for this provider-config element.

provider-type

none 

Specifies whether the provider is a client, server, or client-server authentication provider.

class-name

none 

Specifies the Java implementation class of the provider. Client authentication providers must implement the com.sun.enterprise.security.jauth.ClientAuthModule interface. Server authentication providers must implement the com.sun.enterprise.security.jauth.ServerAuthModule interface. Client-server providers must implement both interfaces.

security.config

domain-dir/config/wss-server-config-1.0.xml

Specifies the location of the message security configuration file. To point to a configuration file in the domain-dir/config directory, use the system property ${com.sun.aas.instanceRoot}/config/, for example:

${com.sun.aas.instanceRoot}/config/wss-server-config-1.0.xml

See system-property.

debug

false

If true, enables dumping of server provider debug messages to the server log.

dynamic.username.password

false

If true, signals the provider runtime to collect the user name and password from the CallbackHandler for each request. If false, the user name and password for wsse:UsernameToken(s) is collected once, during module initialization. This property is only applicable for a ClientAuthModule.

encryption.key.alias

s1as

Specifies the encryption key used by the provider. The key is identified by its keystore alias.

signature.key.alias

s1as

Specifies the signature key used by the provider. The key is identified by its keystore alias.