The settings on this tab specify characteristics of the WS-Trust
message. The following fields are available:
Insert Token Type:
Select the type of token requested from the drop-down list. The type of
token selected here is returned in the response from the STS. By
default, the Security Token Context type is used, which is identified by the
URI http://schemas.xmlsoap.org/ws/2005/02/sc/sct .
Binary Exchange:
You can use a <BinaryExchange> when negotiating a
secure channel that involves the transfer of binary blobs as part of another
security negotiation protocol (for example, SPNEGO). The contents of the blob
are always Base64-encoded to ensure safe transmission.
Select the Binary Exchange option if you wish to use a
negotiation-type protocol for the exchange of keys, such as SPNEGO.
The URI selected in the Value Type field identifies the
type of the negotiation in which the blob is used. The URI is placed in
the ValueType attribute of the
<BinaryExchange> element.
Entropy:
The client can provide its own key material (entropy) that the token issuer
may use when generating the token. The issuer can use this entropy as the
key itself, it can derive another key from this entropy, or it can choose
to ignore the entropy provided by the client altogether in favor of generating
its own entropy.
Select this option to generate some entropy, which is included
in the <wst:entropy> element of the
<wst:RequestSecurityToken> block.
Insert Key Size:
The client can request the key size (in number of bits) required in a
<RequestSecurityToken> request. However, the
WS-Trust token issuer does not have to use the requested key size. It is
merely intended as an indication of the strength of security required.
The default request key size is 256 bits.
Insert Lifetime:
Select this option to insert a <Lifetime>
element into the WS-Trust message. Use the associated fields to
specify when the message expires. The lifetime of the WS-Trust message
is expressed in terms of <Created>
and <Expires> elements.
Lifetime Format:
The specified date/time pattern string determines the format of the
<Created> and <Expires>
elements. The default format is yyyy-MM-dd'T'HH:mm:ss.SSS'Z' ,
which can be altered if necessary. For more details on how to use this format,
see the Javadoc for the java.text.SimpleDateFormat Java class
in the Java Platform,
Standard Edition 6 API Specification.
Insert RequestedTokenCancelled:
Select this option to insert a <RequestedTokenCancelled>
element into the generated WS-Trust message.
|