Trust service token provider settings
To modify information for an existing token provider. following actions:
- Services > Trust service > Token providers > token_provider_name
- Name
Name of the token provider.
This field displays the unique name of the token provider (for example, Security Context Token). We cannot change the name for any existing token provider.
Data type: String
- Class name
Package and class name of the trust service's Security Context Token provider.
This field displays the configuration class name, including the package information (for example, com.ibm.ws.wssecurity.trust.server.sts.ext.sct.SCTHandlerFactory).
We cannot change the class name for any existing token provider.
Data type: String
- Token type schema URI
Specifies the URI for the token type schema.
This field displays the unique token type schema URI. Use a valid URI format, such as: http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512/sct.
We cannot change the schema URI for any existing token provider.
Data type: String
- Time in cache after expiration
Number of minutes that a token remains in the token cache after the token expires.
This field displays the time, in minutes, that the expired token is kept cached and can still be renewed.
Data type: Integer Default: 120 Minimum: 10 Maximum: 2147483647
- Token timeout
Amount of time, in minutes, that the issued token is valid.
This field displays the maximum timeout, in minutes, for a token to be considered valid.
Data type: Integer Default: 120 Minimum: 10 Maximum: 2147483647
- Allow renewal after timeout
Specifies to enable or disable the renewal of a token.
This check box specifies whether to allow a client to renew an expired token. Note the Time in cache after expiration field specifies the amount of time within which an expired token can still be renewed.
Data type: Check box Default: Do not allow (unchecked)
- Allow postdated tokens
Specifies to enable or disable the use of postdated tokens.
This check box specifies whether a client can request a token to become valid at some point in the future.
Data type: Check box Default: Do not allow (unchecked)
- Support Secure Conversation Token v200502
This check box specifies whether support for the WS-Trust and WS-Secure Conversation Feb 2005 Submission Draft OASIS spec is enabled. The default URI for the token type schema is provided in the non-editable field below the check box.
Data type: Check box Default: Enabled (checked)
- Custom Properties
Specifies additional settings that the token provider might require.
This table lists custom properties. Use custom properties to set internal system configuration properties.
The Secure Context Token default settings are :
Property Name Property Value com.ibm.wsspi.wssecurity.trust.algorithm AES com.ibm.wsspi.wssecurity.trust.keySize 128 com.ibm.wsspi.wssecurity.trust.provider IBMJCE
- Select
Specifies custom properties that we can add to, edit, or delete from the token provider.
Click New to add and define a new custom property.
For existing custom properties, first select the check box for the name of the custom property, and click one of the following actions:
Actions Description Edit Whether to modify existing custom properties. This action requires one or more custom properties to be selected. Delete Removes the selected existing property from the listing in the Name column. This action requires one or more custom properties to be selected.
- Name
Display the names of the custom properties that have been defined for the token provider.
This column displays the name of the custom property (for example, com.ibm.wsspi.wssecurity.trust.keySize). Custom properties are name-value pairs of data that are passed to the token provider during configuration. The name specified must match the name of a configuration property or setting that the provider understands and expects.
Data type: String
- Value
Value for the custom property.
This column displays the value for the custom property (for example, true). Custom properties are name-value pairs of data. The value, which is represented as a string, is a configuration setting that is passed to the provider during configuration.
Data type: String or Boolean
Related tasks
Define a new system policy set
Set the security context token provider for the trust service
Related
System policy set collection