SAML 2.0 Credential Mapping Provider: Provider Specific
Configuration Options Related Tasks Related Topics
Use this page to configure provider-specific information for this SAML 2.0 Credential Mapping provider.
Configuration Options
Name Description Issuer URI The Issuer URI, or name, of this SAML 2.0 Credential Mapping provider. The value that you specify for Issuer URI should match the Entity ID specified in the SAML 2.0 General page that configures the per server SAML 2.0 properties.
MBean Attribute:
SAML2CredentialMapperMBean.IssuerURI
Name Qualifier The Name Qualifier value used by the Name Mapper.
MBean Attribute:
SAML2CredentialMapperMBean.NameQualifier
Default Time To Live The time in seconds that, by default, an assertion should remain valid. The default value is 120 seconds (2 minutes).
MBean Attribute:
SAML2CredentialMapperMBean.DefaultTimeToLive
Minimum value:
0
Default Time To Live Offset The time factor you can use to allow the Credential Mapping provider to compensate for clock differences between the Identity Provider and Service Provider sites.
MBean Attribute:
SAML2CredentialMapperMBean.DefaultTimeToLiveOffset
Web Service Assertion Signing Key Alias The alias used to retrieve from the keystore the key that is used to sign assertions. This attribute is used for Web Services support of SAML Token Profile only.
MBean Attribute:
SAML2CredentialMapperMBean.SigningKeyAlias
Web Service Assertion Signing Key Pass Phrase The credential, or password, used to retrieve from the keystore the keys used to sign assertions. This attribute is used for Web Services support of SAML Token Profile only.
MBean Attribute:
SAML2CredentialMapperMBean.SigningKeyPassPhrase
Name Mapper Class Name The Java class that overrides the default SAML 2.0 credential mapper name mapper class, which maps Subjects to identity information contained in the assertion.
MBean Attribute:
SAML2CredentialMapperMBean.NameMapperClassName
Generate Attributes Specifies whether information, in addition to the username, will be generated in the SAML 2.0 assertion. For example, group information. Note that the Service Provider partner needs to have a SAML Authentication provider configured to be able to extract and use the attribute information contained in the assertion.
MBean Attribute:
SAML2CredentialMapperMBean.GenerateAttributes