Description

The DDF Security STS Client Config bundle keeps track and exposes configurations and settings for the CXF STS Client. This client can be used by other services to create their own STS Client. Once a service is registered as a watcher of the configuration, it will be updated whenever the settings change for the sts client.

Configuration

Installation

This bundle is not installed by default and can be added by installing the security-sts-realm feature.

Settings

Settings can be found in the webconsole under Configuration -> Security STS Client.

Configuration Name	Default Value	Additional Information
STS Endpoint Name	{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}STS_Port
STS Service Name	{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}SecurityTokenService
STS Address	https://server:8993/services/SecurityTokenService	The hostname of the remote server should match the certificate that the server is using.
Username		Can be left blank if client is using credentials other than UsernameToken.
Password		Can be left blank if client is using credentials other than UsernameToken.
Signature Username		Must be set. Sets the username to use for the signature, example: client
Signature Properties	etc/ws-security/client/signature.properties
Encryption Username		Must be set. Sets the username to use for encryption, example: tokenissuer
Encryption Properties	etc/ws-security/client/encryption.properties
STS Token Username		Must be set. Sets the username associated with the STS Token, example: client
STS Properties	etc/ws-security/client/signature.properties
Claims	<List of Claims>

Implementation Details

Imported Services

Registered Interface	Availability	Multiple
ddf.catalog.DdfConfigurationWatcher	required	true
org.osgi.service.cm.ConfigurationAdmin	required	false

Exported Services

None

Browser not supported