Message Attribute Reference

attribute.lookup.list

Name	`attribute.lookup.list`
Description	User attributes can be retrieved from a variety of sources, including LDAP directories, databases, Oracle Entity Store, SAML attribute assertions, and so on. All retrieved attributes are stored in the `attribute.lookup.list` attribute, where they can be looked up at a later stage in the policy.
Type	`java.util.HashMap`
Generated By	Extract Certificate Attributes Retrieve Attributes from Database Retrieve Attributes from Directory Server Retrieve Attributes from SAML Attribute Assertion Retrieve Attributes from SAML PDP Retrieve Attributes from User Store SiteMinder Authorization
Consumed By
Required By	Attribute Authorization Insert SAML Attribute Assertion

attribute.subject.format

Name	`attribute.subject.format`
Description	The format of the subject ID that is used to lookup attributes (for example, X.509 DName or username).
Type	`java.lang.String`
Generated By	Extract Certificate Attributes Retrieve Attributes from Directory Server Retrieve Attributes from SAML Attribute Assertion SiteMinder Authorization
Consumed By
Required By	Insert SAML Attribute Assertion

attribute.subject.id

Name	`attribute.subject.id`
Description	The ID of the subject that is used to look up user attributes. This can either be an X.509 Distinguished Name (DName) or a username.
Type	`java.lang.String`
Generated By	Extract Certificate Attributes Retrieve Attributes from Directory Server Retrieve Attributes from SAML Attribute Assertion SiteMinder Authorization
Consumed By
Required By	Insert SAML Attribute Assertion

authentication.cert

Name	`authentication.cert`
Description	The certificate that was used to authenticate the client.
Type	`java.security.cert.X509Certificate`
Generated By	HTTP Header Authentication
Consumed By
Required By

authentication.issuer.format

Name	`authentication.issuer.format`
Description	The format of the authentication.issuer.id attribute.
Type	`java.lang.String`
Generated By	HTTP Header Authentication SSL Authentication
Consumed By
Required By

authentication.issuer.id

Name	`authentication.issuer.id`
Description	Contains the ID of the issuer of the authenticated client's certificate. This is usually either the X.509 DName or the username of the issuer of the subject's certificate.
Type	`java.lang.String`
Generated By	HTTP Header Authentication SSL Authentication
Consumed By
Required By

authentication.issuer.orig.format

Name	`authentication.issuer.orig.format`
Description	Format of the authentication.issuer.orig.id attribute. This is the format of the issuer's ID before any credential mapping was done to the identifier, e.g. DName to username.
Type	`java.lang.String`
Generated By	HTTP Header Authentication
Consumed By
Required By

authentication.issuer.orig.id

Name	`authentication.issuer.orig.id`
Description	The ID of the issuer of the subject's credential before any credential mapping took place. An example of credential mapping would involve mapping an issuer's username to a DName.
Type	`java.lang.String`
Generated By	HTTP Header Authentication
Consumed By
Required By

authentication.method

Name	`authentication.method`
Description	The method used by the client to authenticate to API Gateway.
Type	`java.lang.String`
Generated By	HTTP Basic Authentication HTTP Digest Authentication HTTP Header Authentication SAML Authentication SSL Authentication SiteMinder Certificate Authentication SiteMinder Session Validation
Consumed By
Required By	SAML Authentication Retrieve Attributes from SAML PDP SAML PDP Authorization

authentication.subject.format

Name	`authentication.subject.format`
Description	The format of the subject's ID, e.g. X.509 DName or username.
Type	`java.lang.String`
Generated By	HTTP Basic Authentication HTTP Digest Authentication HTTP Header Authentication Retrieve Attributes from SAML Attribute Assertion Retrieve Attributes from SAML PDP Retrieve Attributes from Database Retrieve Attributes from Directory Server Retrieve Attributes from User Store SAML Authentication SSL Authentication SiteMinder Certificate Authentication SiteMinder Session Validation
Consumed By
Required By	Retrieve Attributes from Database Retrieve Attributes from Directory Server Retrieve Attributes from SAML Attribute Assertion Retrieve Attributes from SAML PDP Retrieve Attributes from User Store SAML PDP Authorization SAML Authorization Tivoli Authorization

authentication.subject.id

Name	`authentication.subject.id`
Description	Contains the ID of the authenticated subject (for example, the username supplied by the client).
Type	`java.lang.String`
Generated By	HTTP Basic Authentication HTTP Digest Authentication HTTP Header Authentication Retrieve Attributes from SAML Attribute Assertion Retrieve Attributes from SAML PDP Retrieve Attributes from Database Retrieve Attributes from Directory Server Retrieve Attributes from User Store SAML Authentication SSL Authentication SiteMinder Certificate Authentication SiteMinder Session Validation
Consumed By
Required By	Retrieve Attributes from Database Retrieve Attributes from Directory Server Retrieve Attributes from SAML Attribute Assertion Retrieve Attributes from SAML PDP Retrieve Attributes from User Store

authentication.subject.orig.format

Name	`authentication.subject.orig.format`
Description	The ID of the subject before any credential mapping was performed. For example, the subject's ID may be mapped from an X.509 DName to the username stored in an external database. In this case, the subject's original ID was a DName.
Type	`java.lang.String`
Generated By	HTTP Basic Authentication HTTP Digest Authentication HTTP Header Authentication
Consumed By
Required By

authentication.subject.orig.id

Name	`authentication.subject.orig.id`
Description	Contains the ID of the authenticated subject before credential mapping is performed (for example, from username to DName).
Type	`java.lang.String`
Generated By	HTTP Basic Authentication HTTP Digest Authentication HTTP Header Authentication
Consumed By
Required By

authentication.subject.password

Name	`authentication.subject.password`
Description	If a user authenticates to the API Gateway using a username and password combination (either with HTTP digest/basic authentication or with a WS-Security Username token), the user's password is stored in this attribute.
Type	`java.lang.String`
Generated By	HTTP Basic Authentication HTTP Digest Authentication
Consumed By
Required By

authentication.ws.wsblockinfo

Name	`authentication.ws.wsblockinfo`
Description	Contains a WS-Security `<Header>` block that has been extracted from a message.
Type	`java.lang.String`
Generated By	Extract WSS Header
Consumed By
Required By

cert.basic.constraints

Name	`cert.basic.constraints`
Description	If the subject is a Certificate Authority (CA), and the `BasicConstraints` extension exists, this attribute gives the maximum number of CA certificates that may follow this certificate in a certification path. A value of zero indicates that only an end-entity certificate may follow in the path. This contains the value of `pathLenConstraint` if the `BasicConstraints` extension is present in the certificate and the subject of the certificate is a CA, otherwise its value is -1. If the subject of the certificate is a CA and `pathLenConstraint` does not appear, there is no limit to the allowed length of the certification path.
Type	`java.lang.Integer`
Generated By	Extract Certificate Attributes
Consumed By
Required By

cert.extended.key.usage

Name	`cert.extended.key.usage`
Description	A string representing the OBJECT IDENTIFIERs of the `ExtKeyUsageSyntax` field of the extended key usage extension ( `OID = 2.5.29.37` ). It indicates a purpose for which the certified public key may be used, in addition to, or instead of, the basic purposes indicated in the key usage extension field.
Type	`java.lang.String`
Generated By	Extract Certificate Attributes
Consumed By
Required By

cert.hash.md5

Name	`cert.hash.md5`
Description	An MD5 hash of the certificate.
Type	`java.lang.String`
Generated By	Extract Certificate Attributes
Consumed By
Required By

cert.hash.sha1

Name	`cert.hash.sha1`
Description	An SHA1 hash of the certificate.
Type	`java.lang.String`
Generated By	Extract Certificate Attributes
Consumed By
Required By

cert.issuer.alternative.name

Name	`cert.issuer.alternative.name`
Description	An alternative name for the certificate issuer from the `IssuerAltName` extension ( `OID = 2.5.29.18` )
Type	`java.lang.String`
Generated By	Extract Certificate Attributes
Consumed By
Required By

cert.issuer.id

Name	`cert.issuer.id`
Description	The Distinguished Name (DName) of the issuer of the certificate.
Type	`java.lang.String`
Generated By	Extract Certificate Attributes
Consumed By
Required By

cert.issuer.id.c

Name	`cert.issuer.id.c`
Description	The `c` attribute of the issuer of the certificate, if it exists.
Type	`java.lang.String`
Generated By	Extract Certificate Attributes
Consumed By
Required By

cert.issuer.id.cn

Name	`cert.issuer.id.cn`
Description	The `cn` attribute of the issuer of the certificate, if it exists.
Type	`java.lang.String`
Generated By	Extract Certificate Attributes
Consumed By
Required By

cert.issuer.id.emailaddress

Name	`cert.issuer.id.emailaddress`
Description	The `email` or `emailaddress` attribute of the issuer of the certificate, if it exists.
Type	`java.lang.String`
Generated By	Extract Certificate Attributes
Consumed By
Required By

cert.issuer.id.l

Name	`cert.issuer.id.l`
Description	The `l` attribute of the issuer of the certificate, if it exists.
Type	`java.lang.String`
Generated By	Extract Certificate Attributes
Consumed By
Required By

cert.issuer.id.o

Name	`cert.issuer.id.o`
Description	The `o` attribute of the issuer of the certificate, if it exists.
Type	`java.lang.String`
Generated By	Extract Certificate Attributes
Consumed By
Required By

cert.issuer.id.ou

Name	`cert.issuer.id.ou`
Description	The `ou` attribute of the issuer of the certificate, if it exists.
Type	`java.lang.String`
Generated By	Extract Certificate Attributes
Consumed By
Required By

cert.issuer.id.st

Name	`cert.issuer.id.st`
Description	The `st` attribute of the issuer of the certificate, if it exists.
Type	`java.lang.String`
Generated By	Extract Certificate Attributes
Consumed By
Required By

cert.key.usage.cRLSign

Name	`cert.key.usage.cRLSign`
Description	Set to `true` or `false` if the key can be used for `crlSign` .
Type	`java.lang.String`
Generated By	Extract Certificate Attributes
Consumed By
Required By

cert.key.usage.dataEncipherment

Name	`cert.key.usage.dataEncipherment`
Description	Set to `true` or `false` if the key can be used for `dataEncipherment` .
Type	`java.lang.String`
Generated By	Extract Certificate Attributes
Consumed By
Required By

cert.key.usage.decipherOnly

Name	`cert.key.usage.decipherOnly`
Description	Set to `true` or `false` if the key can be used for `decipherOnly` .
Type	`java.lang.String`
Generated By	Extract Certificate Attributes
Consumed By
Required By

cert.key.usage.digitalSignature

Name	`cert.key.usage.digitalSignature`
Description	Set to `true` or `false` if the key can be used for digital signature.
Type	`java.lang.String`
Generated By	Extract Certificate Attributes
Consumed By
Required By

cert.key.usage.encipherOnly

Name	`cert.key.usage.encipherOnly`
Description	Set to `true` or `false` if the key can be used for `encipherOnly` .
Type	`java.lang.String`
Generated By	Extract Certificate Attributes
Consumed By
Required By

cert.key.usage.keyAgreement

Name	`cert.key.usage.keyAgreement`
Description	Set to `true` or `false` if the key can be used for `keyAgreement` .
Type	`java.lang.String`
Generated By	Extract Certificate Attributes
Consumed By
Required By

cert.key.usage.keyCertSign

Name	`cert.key.usage.keyCertSign`
Description	Set to `true` or `false` if the key can be used for `keyCertSign` .
Type	`java.lang.String`
Generated By	Extract Certificate Attributes
Consumed By
Required By

cert.key.usage.keyEncipherment

Name	`cert.key.usage.keyEncipherment`
Description	Set to `true` or `false` if the key can be used for `keyEncipherment` .
Type	`java.lang.String`
Generated By	Extract Certificate Attributes
Consumed By
Required By

cert.key.usage.nonRepudiation

Name	`cert.key.usage.nonRepudiation`
Description	Set to `true` or `false` if the key can be used for non-repudiation.
Type	`java.lang.String`
Generated By	Extract Certificate Attributes
Consumed By
Required By

cert.not.after

Name	`cert.not.after`
Description	Not after date for the validity of the certificate.
Type	`java.lang.String`
Generated By	Extract Certificate Attributes
Consumed By
Required By

cert.not.before

Name	`cert.not.before`
Description	Not before date for the validity of the certificate.
Type	`java.lang.String`
Generated By	Extract Certificate Attributes
Consumed By
Required By

cert.serial.number

Name	`cert.serial.number`
Description	Certificate serial number.
Type	`java.lang.String`
Generated By	Extract Certificate Attributes
Consumed By
Required By

cert.signature.algorithm

Name	`cert.signature.algorithm`
Description	The signature algorithm for the certificate signature.
Type	`java.lang.String`
Generated By	Extract Certificate Attributes
Consumed By
Required By

cert.subject.alternative.name

Name	`cert.subject.alternative.name`
Description	An alternative name for the subject from the `SubjectAltName` extension ( `OID = 2.5.29.17` ).
Type	`java.lang.String`
Generated By	Extract Certificate Attributes
Consumed By
Required By

cert.subject.id

Name	`cert.subject.id`
Description	The Distinguished Name (DName) of the subject of the certificate.
Type	`java.lang.String`
Generated By	Extract Certificate Attributes
Consumed By
Required By

cert.subject.id.c

Name	`cert.subject.id.c`
Description	The `c` attribute of the subject of the certificate, if it exists.
Type	`java.lang.String`
Generated By	Extract Certificate Attributes
Consumed By
Required By

cert.subject.id.cn

Name	`cert.subject.id.cn`
Description	The `cn` attribute of the subject of the certificate, if it exists.
Type	`java.lang.String`
Generated By	Extract Certificate Attributes
Consumed By
Required By

cert.subject.id.emailaddress

Name	`cert.subject.id.emailaddress`
Description	The `emailaddress` attribute of the subject of the certificate, if it exists.
Type	`java.lang.String`
Generated By	Extract Certificate Attributes
Consumed By
Required By

cert.subject.id.l

Name	`cert.subject.id.l`
Description	The `l` attribute of the subject of the certificate, if it exists.
Type	`java.lang.String`
Generated By	Extract Certificate Attributes
Consumed By
Required By

cert.subject.id.o

Name	`cert.subject.id.o`
Description	The `o` attribute of the subject of the certificate, if it exists.
Type	`java.lang.String`
Generated By	Extract Certificate Attributes
Consumed By
Required By

cert.subject.id.ou

Name	`cert.subject.id.ou`
Description	The `ou` attribute of the subject of the certificate, if it exists.
Type	`java.lang.String`
Generated By	Extract Certificate Attributes
Consumed By
Required By

cert.subject.id.st

Name	`cert.subject.id.st`
Description	The `st` attribute of the subject of the certificate, if it exists.
Type	`java.lang.String`
Generated By	Extract Certificate Attributes
Consumed By
Required By

cert.version

Name	`cert.version`
Description	The version of the certificate.
Type	`java.lang.String`
Generated By	Extract Certificate Attributes
Consumed By
Required By

certificate

Name	`certificate`
Description	Used to store a certificate in addition to the certificate stored in the authentication.cert attribute. For example, the Find Certificate filter can extract a certificate from an LDAP directory, HTTP header, or the User Store. By default, it sets this certificate to the certificate attribute.
Type	`java.lang.String`
Generated By	Find Certificate HTTP Header Authentication XML-Signature Verification SAML PDP XML-Signature Response Verification SAML PDP Response XML-Signature Verification SSL Authentication
Consumed By
Required By	Create Thumbprint from Certificate Extract Certificate Attributes SiteMinder Certificate Authentication

certificate.thumbprint

Name	`certificate.thumbprint`
Description	Contains a human-readable thumbprint (or fingerprint), which is generated from the X.509 certificate stored in the `certificate` message attribute.
Type	`java.lang.String`
Generated By	Create Thumbprint from Certificate
Consumed By
Required By

certificates

Name	`certificates`
Description	Contains an array of X.509 certificates for use in the Certificate Chain Check and Certificate Validation filters.
Type	`java.util.ArrayList`
Generated By	Find Certificate HTTP Header Authentication XML-Signature Verification SAML PDP XML-Signature Response Verification SAML PDP Response XML-Signature Verification SSL Authentication
Consumed By
Required By	Certificate Chain Certificate Revocation List (Static) Certificate Revocation List (LDAP) OCSP (Online Certificate Status Protocol) SiteMinder Certificate Authentication XKMS (XML Key Management and Security)

circuit.abort.exception

Name circuit.abort.exception

Description

Whenever a filter throws an exception, the exception is stored in the circuit.abort.exception message attribute. The exception can then be used, for example, to return customized SOAP faults that describe the verbose details of the error.

	Important
	A filter only throws an exception if it cannot carry out its core task. For example, an authentication filter throws an exception if it cannot connect to the authentication repository, a Schema validation filter aborts if the request is not XML, and an attribute retrieval filter aborts if it cannot connect to the user profile store (for example, database, LDAP, and so on).

Type java.lang.String

Generated By circuit.abort.exception can be thrown by all filters.

Consumed By

Required By circuit.abort.exception can be used as a selector in appropriate filters. For example, you can specify a ${circuit.abort.exception} selector in the Set Message filter, which can then be returned to the client using a Reflect filter.

content.body

Name	`content.body`
Description	Contains the parsed body of the incoming HTTP request.
Type	`com.vordel.mime.Body`
Generated By	Load File
Consumed By
Required By	Content Type Filtering Connection Content Validation Entrust GetAccess Authorization Insert SAML Attribute Assertion SAML Authentication Insert SAML Authorization Assertion XML-Signature Verification Throttling McAfee Anti-Virus Operation Name Reflect Reflect Message and Attributes Retrieve Attribute from HTTP Header Retrieve Attribute from Message Retrieve Attributes from SAML Attribute Assertion SAML Authorization Save to File Schema Validation Sign Message SiteMinder Session Validation SSL Authentication XML Complexity XML-Decryption XML-Encryption XSLT Transformation Web Service Filter

decryption.properties

Name	`decryption.properties`
Description	Indicates the XML-Encrypted block(s) to decrypt. The actual decryption is performed by the XML-Decryption filter.
Type	`java.util.Map`
Generated By	XML-Decryption Settings
Consumed By
Required By	XML-Decryption

encryption.properties

Name	`encryption.properties`
Description	Allows the user to encrypt (part of) the message for a number of recipients so that only those recipients can to decrypt the encrypted data. The encryption is performed by the XML-Encryption filter.
Type	`java.util.Map`
Generated By	XML-Encryption Settings
Consumed By
Required By	XML-Encryption

http.destination.host

Name	`http.destination.host`
Description	The host on which the destination Web Service is running.
Type	`java.lang.String`
Generated By	Dynamic Router Static Router Web Service Filter
Consumed By
Required By	Connection

http.destination.port

Name	`http.destination.port`
Description	The port on which the destination Web Service is listening.
Type	`java.lang.String`
Generated By	Dynamic Router Static Router Web Service Filter
Consumed By
Required By	Connection

http.destination.protocol

Name	`http.destination.protocol`
Description	Indicates the protocol to use when routing messages to the destination Web Service. Typically, the protocol is either HTTP or HTTPS.
Type	`java.lang.String`
Generated By	Dynamic Router Static Router Web Service Filter
Consumed By
Required By	Connection

http.headers

Name	`http.headers`
Description	Contains a list of all HTTP headers from the incoming request.
Type	`com.vordel.mime.HeaderSet`
Generated By	Connection Web Service Filter
Consumed By
Required By	Add HTTP Header Connection HTTP Basic Authentication HTTP Digest Authentication HTTP Header Authentication Reflect Reflect Message and Attributes Remove HTTP Header Return WSDL SOAPAction Validate HTTP Headers Web Service Filter

http.request.clientaddr

Name	`http.request.clientaddr`
Description	Contains the IP address of the client machine from which the HTTP request was sent to API Gateway.
Type	`java.net.InetSocketAddress`
Generated By
Consumed By
Required By	IP Address

http.request.connection.error

Name	`http.request.connection.error`
Description	If an error occurs when API Gateway is routing on to the target Web Service, the error status will be recorded in this attribute.
Type	`java.lang.String`
Generated By	Connection Web Service Filter
Consumed By
Required By

http.request.clientcert

Name	`http.request.clientcert`
Description	Contains the certificate used by the client in the HTTP request.
Type	`java.security.cert.X509Certificate`
Generated By
Consumed By
Required By

http.request.path

Name	`http.request.path`
Description	Contains the path on which the HTTP request from the client is received by the API Gateway (for example, `/test`).
Type	`java.lang.String`
Generated By
Consumed By
Required By

http.request.uri

Name	`http.request.uri`
Description	Contains the URI on which the HTTP request is received by the API Gateway (for example, `/test?location=dublin`).
Type	`java.net.URI`
Generated By	Web Service Filter
Consumed By
Required By	Connection Dynamic Router Operation Name Rewrite URL Relative Path Return WSDL

http.request.verb

Name	`http.request.verb`
Description	Contains the HTTP verb used in the client HTTP request to the API Gateway.
Type	`java.lang.String`
Generated By
Consumed By
Required By	Connection HTTP Basic Authentication HTTP Digest Authentication Web Service Filter

http.request.version

Name	`http.request.version`
Description	Contains the HTTP version used in the request from the client to the API Gateway.
Type	`java.lang.String`
Generated By
Consumed By
Required By

http.response.info

Name	`http.response.info`
Description	Contains the `reason-phrase` from the HTTP status-line (for example, `Not found` from the `404 Not found` status-line).
Type	`java.lang.String`
Generated By	Connection Web Service Filter
Consumed By
Required By

http.response.status

Name	`http.response.status`
Description	Stores the HTTP status-code of the response from the Web Service, (for example, `404` from the `404 Not found` status-line).
Type	`java.lang.Integer`
Generated By	Connection Web Service Filter
Consumed By
Required By

http.response.version

Name	`http.response.version`
Description	Stores the HTTP version used in the response from the Web Service.
Type	`java.lang.String`
Generated By	Connection Web Service Filter
Consumed By
Required By

kerberos.client.context.established

Name	`kerberos.client.context.established`
Description	Indicates whether the client-side context has been established (true or false).
Type	`java.lang.String`
Generated By	Kerberos Client Authentication
Consumed By
Required By

kerberos.context

Name	`kerberos.context`
Description	Used on client-side to reload the context to consume the service-side token, if there is one.
Type	`org.ietf.jgss.GSSContext`
Generated By	Kerberos Client Authentication
Consumed By
Required By

kerberos.mechanism.oid

Name	`kerberos.mechanism.oid`
Description	Contains the mechanism OID ( `SPNEFGO` or `Kerberos` ).
Type	`java.lang.String`
Generated By	Kerberos Client Authentication Kerberos Client Authentication
Consumed By
Required By

kerberos.profile.ap.req.bst.id

Name	`kerberos.profile.ap.req.bst.id`
Description	Contains the `wsu:Id` of the `BinarySecurityToken` containing the `AP_REQ` message generated by the `GssInitiatorFilter` .
Type	`java.lang.String`
Generated By	Kerberos Client Authentication
Consumed By
Required By

kerberos.profile.ap.req.sha1

Name	`kerberos.profile.ap.req.sha1`
Description	Contains the SHA1 hash of a Kerberos `AP_REQ` message. This is generated when a Kerberos service consumes it, or when a Kerberos client generates it.
Type	`java.lang.String`
Generated By	Kerberos Client Authentication Kerberos Client Authentication
Consumed By
Required By

kerberos.service.authenticator.principal

Name	`kerberos.service.authenticator.principal`
Description	Contains the principal extracted from the `AP_REQ` message on the Kerberos acceptor side.
Type	`java.lang.String`
Generated By	Kerberos Client Authentication
Consumed By
Required By

kerberos.service.authenticator.realm

Name	`kerberos.service.authenticator.realm`
Description	Contains the realm extracted from the `AP_REQ` message on the Kerberos acceptor side.
Type	`java.lang.String`
Generated By	Kerberos Client Authentication
Consumed By
Required By

kerberos.service.authenticator.time

Name	`kerberos.service.authenticator.time`
Description	Contains the time extracted from the `AP_REQ` message on the Kerberos acceptor side.
Type	`java.lang.String`
Generated By	Kerberos Client Authentication
Consumed By
Required By

kerberos.service.context.established

Name	`kerberos.service.context.established`
Description	Indicates whether the service-side context has been established (true or false).
Type	`java.lang.String`
Generated By	Kerberos Client Authentication
Consumed By
Required By

kerberos.service.subject.id

Name	`kerberos.service.subject.id`
Description	Contains the principal name of the Kerberios service.
Type	`java.lang.String`
Generated By	Kerberos Client Authentication Kerberos Client Authentication
Consumed By
Required By

kerberos.service.ticket.principal

Name	`kerberos.service.ticket.principal`
Description	Contains the principal extracted from the `AP_REQ` message on the Kerberos acceptor side.
Type	`java.lang.String`
Generated By	Kerberos Client Authentication
Consumed By
Required By

kerberos.service.ticket.realm

Name	`kerberos.service.ticket.realm`
Description	Contains the realm extracted from the `AP_REQ` message on the Kerberos acceptor side.
Type	`java.lang.String`
Generated By	Kerberos Client Authentication
Consumed By
Required By

kerberos.session.key

Name	`kerberos.session.key`
Description	On the Kerberos server-side, contains the session key extracted from the service ticket and authenticator in the Kerberos `AP_REQ` message. On the Kerberos client-side, contains the session key extracted from the private credentials of the client subject in the `KerebrosTicket` .
Type	`javax.security.auth.kerberos.KerberosKey`
Generated By	Kerberos Client Authentication Kerberos Client Authentication
Consumed By
Required By

mcafee.status

Name	`mcafee.status`
Description	Stores the overall message status of all message parts after a McAfee virus scan (for example, `NOVIRUS` , `INFECTED` , `REPAIRED` , and `REMOVED` ).
Type	`java.lang.String`
Generated By	McAfee Anti-Virus
Consumed By
Required By

message.key

Name	`message.key`
Description	Contains a hash of the request message. By default, used as the key to search for objects in the cache.
Type	`java.lang.String`
Generated By	Create Key
Consumed By
Required By	Cache Attribute Is Cached? Remove Cached Attribute

saml.assertion

Name	`saml.assertion`
Description	Contains the SAML assertion that was used for authentication, authorization, or attribute extraction.
Type	`org.w3c.dom.Element`
Generated By	Retrieve Attributes from SAML Attribute Assertion SAML Authentication SAML Authorization
Consumed By
Required By

saml.assertion.position

Name	`saml.assertion.position`
Description	Indicates the position of the SAML assertion within a given WS-Security block. There may be more than 1 assertion in a WS-Security block, and so this attribute can be used to select the appropriate one.
Type	`java.lang.Integer`
Generated By	Retrieve Attributes from SAML Attribute Assertion SAML Authentication SAML Authorization
Consumed By
Required By

saml.wsblockinfo

Name	`saml.wsblockinfo`
Description	Stores the WS-Security block that contains the relevant SAML assertion.
Type	`com.vordel.common.util.WSBlockInfo`
Generated By	Retrieve Attributes from SAML Attribute Assertion SAML Authentication SAML Authorization
Consumed By
Required By

samlpdp.response.assertion

Name	`samlpdp.response.assertion`
Description	Contains the SAML assertion from the SAMLP response.
Type	`org.w3c.dom.Element`
Generated By	Retrieve Attributes from SAML Attribute Assertion SAML PDP Authorization
Consumed By
Required By

samlpdp.response.doc

Name	`samlpdp.response.doc`
Description	Contains the SAMLP response from the SAML PDP as an XML Document.
Type	`org.w3c.dom.Document`
Generated By	Retrieve Attributes from SAML PDP SAML PDP Authorization SAML PDP Response XML-Signature Verification SAML PDP XML-Signature Response Verification
Consumed By
Required By

samlpdp.response.namespace.saml

Name	`samlpdp.response.namespace.saml`
Description	Stores the SAML namespace that was used in the SAMLP response.
Type	`java.lang.String`
Generated By	Retrieve Attributes from SAML PDP SAML PDP Authorization
Consumed By
Required By

samlpdp.response.namespace.samlp

Name	`samlpdp.response.namespace.samlp`
Description	Stores the SAMLP namespace that was used in the SAMLP response.
Type	`java.lang.String`
Generated By	Retrieve Attributes from SAML PDP SAML PDP Authorization
Consumed By
Required By

samlpdp.subject.format

Name	`samlpdp.subject.format`
Description	Contains the subject format used in the SAMLP request to the SAML PDP.
Type	`java.lang.String`
Generated By	Retrieve Attributes from SAML PDP SAML PDP Authorization
Consumed By
Required By

samlpdp.subject.id

Name	`samlpdp.subject.id`
Description	Identifies the subject used in the SAMLP request to the SAML PDP.
Type	`java.lang.String`
Generated By	Retrieve Attributes from SAML PDP SAML PDP Authorization
Consumed By
Required By

service.name

Name	`service.name`
Description	Stores the name of the backend Web Service. For example, this is used when the service is displayed in real-time monitoring tools.
Type	`java.lang.String`
Generated By	Set Service Name Set Web Service Context Web Service Filter
Consumed By
Required By

siteminder.agent

Name	`siteminder.agent`
Description	Indicates the name of the agent that API Gateway uses to connect to SiteMinder as.
Type	`java.lang.String`
Generated By	SiteMinder Certificate Authentication SiteMinder Session Validation
Consumed By
Required By	SiteMinder Authorization SiteMinder Logout

siteminder.decision

Name	`siteminder.decision`
Description	API Gateway can ask SiteMinder to make an authorization decision based on whether or not SiteMinder authenticates the user. SiteMinder returns its decision to API Gateway where it is stored in this attribute.
Type	`com.vordel.circuit.siteminder.SiteMinderDecision`
Generated By	SiteMinder Certificate Authentication SiteMinder Session Validation
Consumed By
Required By	SiteMinder Authorization SiteMinder Logout

soap.request.action

Name	`soap.request.action`
Description	Specifies the SOAP Action in the HTTP header.
Type	`java.lang.String`
Generated By	SOAPAction
Consumed By
Required By

soap.request.method

Name	`soap.request.method`
Description	Stores the SOAP operation name. This is the first element under the SOAP body for an RPC encoded SOAP message.
Type	`java.lang.String`
Generated By	Operation Name
Consumed By
Required By

soap.request.method.namespace

Name	`soap.request.method.namespace`
Description	Contains the namespace of the element identified by the value of the `soap.request.method attribute`. In other words, this attribute indicates the namespace of the SOAP operation.
Type	`java.lang.String`
Generated By	Operation Name
Consumed By
Required By

soasecuritymanager.action

Name	`soasecuritymanager.action`
Description	Contains the action to take.
Type	`java.lang.String`
Generated By
Consumed By
Required By

soasecuritymanager.agent

Name	`soasecuritymanager.agent`
Description	Contains the name of the agent used by API Gateway to connect to the CA SOA Security Manager.
Type	`java.lang.String`
Generated By	CA SOA Security Manager Authentication
Consumed By
Required By	CA SOA Security Manager Authorization

soasecuritymanager.decision

Name	`soasecuritymanager.decision`
Description	Contains the authentication/authorization decision made by CA SOA Security Manager.
Type	`java.lang.String`
Generated By	CA SOA Security Manager Authentication
Consumed By
Required By	CA SOA Security Manager Authorization

soasecuritymanager.realmdef

Name	`soasecuritymanager.realmdef`
Description	Contains the authentication/authorization realm of the CA SOA Security Manager.
Type	`java.lang.String`
Generated By	CA SOA Security Manager Authentication
Consumed By
Required By	CA SOA Security Manager Authorization

soasecuritymanager.resource

Name	`soasecuritymanager.resource`
Description	Contains the name of the resource that the client is attempting to access.
Type	`java.lang.String`
Generated By
Consumed By
Required By

soasecuritymanager.resource.context

Name	`soasecuritymanager.resource.context`
Description	Describes the context of the resource that the user is attempting to access.
Type	`java.lang.String`
Generated By	CA SOA Security Manager Authentication
Consumed By
Required By	CA SOA Security Manager Authorization

webservice.context

Name	`webservice.context`
Description	Stores the Web Service context of the backend Web Service. For example, this is used to identify the service in the Web Service Repository when a WSDL request is received.
Type	`java.lang.String`
Generated By	Set Web Service Context Web Service Filter
Consumed By
Required By	Return WSDL Schema Validation

ws.username.token.name

Name	`ws.username.token.name`
Description	Associates the generated `UsernameToken` with the authenticated user.
Type	`java.lang.String`
Generated By	Insert WS-Security Username Token
Consumed By
Required By

wss.timestamp

Name	`wss.timestamp`
Description	The timestamp in the WSS header block that is obtained from the message for a particular SOAP actor/role. Indicates how long the security data remains valid for.
Type	`java.lang.String`
Generated By	Extract WSS Timestamp
Consumed By
Required By

wss.usernameToken

Name	`wss.usernameToken`
Description	The `usernameToken` in the WSS header block that is obtained from the message for a particular SOAP actor/role.
Type	`java.lang.String`
Generated By	Extract WSS Username Token
Consumed By
Required By

xacml.decision

Name	`xacml.decision`
Description	Contains the authorization decision sent by the XACML Policy Decision Point to the XACML Policy Enforcement Point (for example, `Permit` , `Deny` , `Indeterminate` , or `NotApplicable` ).
Type	`java.lang.String`
Generated By	XACML PEP
Consumed By
Required By

xacml.result.xml

Name	`xacml.result.xml`
Description	Contains the XML response message that includes the authorization decision sent by the XACML Policy Decision Point to the XACML Policy Enforcement Point (for example, `Permit` , `Deny` , `Indeterminate` , or `NotApplicable` ).
Type	`java.lang.String`
Generated By	XACML PEP
Consumed By
Required By

xacml.statuscode

Name	`xacml.statuscode`
Description	Contains the XACML status code message (for example, `urn:oasis:names:tc:xacml:1.0:status:ok` `syntax-error` , `processing-error` , or `missing-attribute` ).
Type	`java.lang.String`
Generated By	XACML PEP
Consumed By
Required By

xsd.errors

Name	`xsd.errors`
Description	Stores validation errors generated when a schema validation check fails. For example, you can return an appropriate SOAP Fault to the client by writing out the contents of this attribute. You can configure a Set Message filter to write a custom response message back to the client, and place it on the failure path of the Schema Validation filter.
Type	`java.lang.String`
Generated By	Schema Validation
Consumed By
Required By

Prev	Up	Next
	Home

Oracle® Fusion MiddlewarePart 32. Reference

Message Attribute Reference

Oracle® Fusion Middleware
Part 32. Reference