Use the trust service custom properties to suit your deployment
requirements
- username.disable.password.validation
- When set to true, this parameter causes the UsernameTokenSTSModule
to skip password validation.
The default is false.
- Value type: Boolean
- Example value: true
- username.jaas.provider.hostname
- Specifies a name for the local host if WebSphere® was not configured with the value
of localhost for the host name.
The default is localhost.
- Value type: String
- Example value: localhost
- username.jaas.provider.port
- Specifies the port configured for the local WebSphere NameServer service.
The default
is 2809.
- Value type: Integer
- Example value: 2809
- pdjrte.context.min.pool.size
- Specifies the minimum size of the Authorization context pool.
This parameter is used by the UsernameTokenSTSModule. Set this parameter
only if a performance evaluation requires it to be set.
- Value type: Integer
- Example value: 5
- pdjrte.context.max.pool.size
- Specifies the maximum size of the Authorization context pool.
This parameter is used by the UsernameTokenSTSModule. Set this parameter
only if a performance evaluation requires it to be set.
- Value type: Integer
- Example value: 50
- ivcred.allow.groupUpdate
- If set to true, attempts to modify the credential by adding groups.
Note: Do
not use this parameter under any circumstances.
- Value type: Boolean
- Example value: false
- ivcred.insert.CRLF76
- When set to true, the base64 encoded IVCred generated
by the Security Token Service module STSTokenIVCred is
split into multiple lines. If this custom property is set to false,
the base64 encoded IVCred generated by the Security
Token Service module STSTokenIVCred is not split
into multiple lines.
Default value: True
- Value type: Boolean
- Example value: False
- saml.use.rst.lifetime
- Directs the SAML modules to use the lifetime of the RequestSecurityToken
element to derive the lifetime of the issued SAML assertion. When
set to false, does not use the RequestSecurityToken lifetime.
Default
value: false
- Value type: Boolean
- Example value: false
- passticket.disable.uppercase.principal
- Uses the local RACF® handler
to direct the PassTicket Module not to transform all the principal
name to uppercase before attempting to generate a PassTicket. When
set to false, always raises the principal to uppercase for the local RACF handler.
Default value:
false
- Value type: Boolean
- Example value: false
- sts.use.issuer.saml20.sso
- Directs the SAML 2.0 module to use the Issuer value, instead of
the NameID NameQualifier value to look up an alias during a single
sign-on operation.
Default value: false
- Value type: Boolean
- Example value: false
- username.wss.namespace.override
- If not specified, the default is the WSS 1.1 token profile namespace.
The key for this property can be used as a prefix to set the scope
of the property to a specific STS Chain; for example, username.wss.namespace.override.uuid1234.
- Value type: String
- Example value: <a_URI_namespace>
- STS.validateMappingRules
- Specifies whether the mapping rule is validated when it is imported
through the console or the command-line interface. If the STS.validateMappingRules parameter
is specified, and the value is equal to the string false,
ignoring the case, then the mapping rule is not validated. Otherwise,
the mapping rule is validated.
- Value type: Boolean
- Example value: false
- authorizationsts.initial.num.context
- Specifies the initial amount of context objects to be created
at startup. This parameter controls the number of connections created
and maintained by the pool.
- Value type: Integer
- Example value: 5
- authorizationsts.max.num.context
- Specifies the maximum amount of context objects to be created
throughout. This parameter controls the number of connections created
and maintained by the pool.
- Value type: Integer
- Example value: 10