+

Search Tips   |   Advanced Search

Trust service token provider settings

Use this page to modify information for an existing token provider.

To view this administrative console page...


Name

Name of the token provider.

This field displays the unique name of the token provider (for example, Security Context Token). We cannot change the name for any existing token provider.

Information Value
Data type: String


Class name

Package and class name of the trust service's Security Context Token provider.

This field displays the configuration class name, including the package information (for example, com.ibm.ws.wssecurity.trust.server.sts.ext.sct.SCTHandlerFactory).

We cannot change the class name for any existing token provider.

Information Value
Data type: String


Token type schema URI

Specifies the Uniform Resource Identifier (URI) for the token type schema.

This field displays the unique token type schema URI. Use a valid URI format, such as: http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512/sct.

We cannot change the schema URI for any existing token provider.

Information Value
Data type: String


Time in cache after expiration

Number of minutes that a token remains in the token cache after the token expires.

This field displays the time, in minutes, that the expired token is kept cached and can still be renewed.

Information Value
Data type: Integer
Default: 120
Minimum: 10
Maximum: 2147483647


Token timeout

Amount of time, in minutes, that the issued token is valid.

This field displays the maximum timeout, in minutes, for a token to be considered valid.

Information Value
Data type: Integer
Default: 120
Minimum: 10
Maximum: 2147483647


Allow renewal after timeout

Specifies to enable or disable the renewal of a token.

This check box specifies whether to allow a client to renew an expired token. Note the Time in cache after expiration field specifies the amount of time within which an expired token can still be renewed.

Information Value
Data type: Check box
Default: Do not allow (unchecked)


Allow postdated tokens

Specifies to enable or disable the use of postdated tokens.

This check box specifies whether a client can request a token to become valid at some point in the future.

Information Value
Data type: Check box
Default: Do not allow (unchecked)


Support Secure Conversation Token v200502

This check box specifies whether support for the WS-Trust and WS-Secure Conversation Feb 2005 Submission Draft OASIS specification is enabled. The default URI for the token type schema is provided in the non-editable field under the check box.

Information Value
Data type: Check box
Default: Enabled (checked)


Custom Properties

Specifies additional configuration settings that the token provider might require.

This table lists custom properties. Use custom properties to set internal system configuration properties.

The Secure Context Token default configuration settings are :

Property Name Property Value
com.ibm.wsspi.wssecurity.trust.algorithm AES
com.ibm.wsspi.wssecurity.trust.keySize 128
com.ibm.wsspi.wssecurity.trust.provider IBMJCE


Select

Specifies custom properties that we can add to, edit, or delete from the token provider.

Click New to add and define a new custom property.

For existing custom properties, first select the check box for the name of the custom property, and click one of the following actions:

Actions Description
Edit Whether to modify existing custom properties. This action requires one or more custom properties to be selected.
Delete Removes the selected existing property from the listing in the Name column. This action requires one or more custom properties to be selected.


Name

Displays the names of the custom properties that have been defined for the token provider.

This column displays the name of the custom property (for example, com.ibm.wsspi.wssecurity.trust.keySize). Custom properties are name-value pairs of data that are passed to the token provider during configuration. The name specified must match the name of a configuration property or setting that the provider understands and expects.

Information Value
Data type: String


Value

Value for the custom property.

This column displays the value for the custom property (for example, true). Custom properties are name-value pairs of data. The value, which is represented as a string, is a configuration setting that is passed to the provider during configuration.

Information Value
Data type: String or Boolean


Related tasks

  • Define a new system policy set using the administrative console

  • System policy set collection