/
Security STS Server
Security STS Server
- Shaun Morris
- Matthew Ramey
Owned by Shaun Morris
Description
The DDF Security STS Server is a bundle that starts up an implementation of the CXF STS. The STS obtains many of its configurations (Claims Handlers, Token Validators..etc) from the OSGi service registry as those items are registered as services using the cxf interfaces. The various services that the STS Server imports are listed further down in the Implementation Details section of this page.
The WSDL for the STS is located at the security-sts-server/sr/main/resources/META-INF/sts/wsdl/ws-trust-1.4-service.wsdl within the source code.
Configuration
Installation
This bundle is not installed by default and can be added by installing the security-sts-server feature.
Settings
Configuration settings can be found in the webconsole under Configuration -> Security STS Server.
| Configuration Name | Default Value | Additional Information |
|---|---|---|
| SAML Assertion Lifetime | 1800 | |
| JAAS Context | karaf | Setting this value to karaf lets the STS use the same LDAP that the karaf web console uses for managing users. |
| Token Issuer | tokenissuer | |
| Signature Username | tokenissuer | |
| Encryption Username | server |
Implementation Details
Imported Services
| Registered Interface | Availability | Multiple |
|---|---|---|
| org.apache.cxf.sts.claims.ClaimsHandler | optional | true |
| org.apache.cxf.sts.token.validator.TokenValidator | optional | true |
Exported Services
None
, multiple selections available,