RampartConfig element can have any of the following child elements. Schema is available here
Parameter | Description | Example |
user | The user's name | Set username of UsernameToken to be used <user> bob</user> |
userCertAlias | The user's cert alias | Set alias of the key to be used to sign <userCertAlias> bob</userCertAlias> |
encryptionUser | The user's name for encryption. | <encryptionUser>alice</encryptionUser> |
passwordCallbackClass | Callback class used to provide the password required to create the UsernameToken or to sign the message | <passwordCallbackClass> org.apache.axis2.security.PWCallback</passwordCallbackClass> |
policyValidatorCbClass | Callback class used to provide custom validater | <policyValidatorCbClass> org.apache.axis2.security.CustomPolicyValidater</policyValidatorCbClass> |
signatureCrypto | properties to needed perform signature, such as crypto provider, keystore and its password |
<signatureCrypto> <crypto provider="org.apache.ws.security.components.crypto.Merlin"> <property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</property> <property name="org.apache.ws.security.crypto.merlin.file">client.jks</property> <property name="org.apache.ws.security.crypto.merlin.keystore.password">apache</property> </crypto> <signatureCrypto> |
encryptionCypto | properties to needed perform signature, such as crypto provider, keystore and its password | <encryptionCypto>....crypto element ......</encryptionCypto> |
decryptionCrypto | properties to needed perform signature, such as crypto provider, keystore and its password | <decryptionCrypto>....crypto element ......</decryptionCrypto> |
timestampTTL | Time to live of Timestamp | The default timestamp time to live is 300 seconds |
timestampMaxSkew | The maximum tolerence limit for timeskew of the timestamp | Rampart allows timestamps created slightly ahead of the reciever's time. This parameter allows to specify the tolerence limit |
tokenStoreClass | ||
sslConfig | SSL Configuration need for Transportbinding | Can specify the properties such as "javax.net.ssl.trustStore" and "javax.net.ssl.trustStorePassword". Please see below for more information. |
org.apache.ws.security.crypto.provider defines the implementation of the org.apache.ws.security.components.crypto.Crypto interface to provide the crypto information required by WSS4J. The other properties defined are the configuration properties used by the implementation class (org.apache.ws.security.components.crypto.Merlin).