Description

The DDF Security STS Server is a bundle that starts up an implementation of the CXF STS. The STS obtains many of its configurations (Claims Handlers, Token Validators..etc) from the OSGi service registry as those items are registered as services using the cxf interfaces. The various services that the STS Server imports are listed further down in the Implementation Details section of this page.

The WSDL for the STS is located at the security-sts-server/sr/main/resources/META-INF/sts/wsdl/ws-trust-1.4-service.wsdl within the source code.

Configuration

Installation

This bundle is not installed by default and can be added by installing the security-sts-server feature.

Settings

Configuration settings can be found in the webconsole under Configuration -> Security STS Server.

Configuration Name	Default Value	Additional Information
SAML Assertion Lifetime	1800
JAAS Context	karaf	Setting this value to karaf lets the STS use the same LDAP that the karaf web console uses for managing users.
Token Issuer	tokenissuer
Signature Username	tokenissuer
Encryption Username	server

Implementation Details

Imported Services

Registered Interface	Availability	Multiple
org.apache.cxf.sts.claims.ClaimsHandler	optional	true
org.apache.cxf.sts.token.validator.TokenValidator	optional	true

Exported Services

None

Browser not supported