Trust service token provider settings

Use this page to modify information for an existing token provider.

To view this administrative console page, complete the following actions:
Name

Specifies the name of the token provider.

This field displays the unique name of the token provider (for example, Security Context Token). You cannot change the name for any existing token provider.

Data type: String
Class name

Specifies the package and class name of the trust service's Security Context Token provider.

This field displays the configuration class name, including the package information (for example, com.ibm.ws.wssecurity.trust.server.sts.ext.sct.SCTHandlerFactory).

It is recommended that you do not change the class name for the Security Context Token (SCT) from the default value.

Data type: String
Token type schema URI

Specifies the Uniform Resource Identifier (URI) for the token type schema.

This field displays the unique token type schema URI. Use a valid URI format, such as: http://schemas.xmlsoap.org/ws/2005/02/sc/sct.

It is recommended that you do not change the token type schema URI for the Security Context Token (SCT) from the default value.

Data type: String
Time in cache after expiration

Specifies the number of minutes that a token remains in the token cache after the token expires.

This field displays the time, in minutes, that the expired token is kept cached and can still be renewed.

Data type: Integer
Default: 120
Minimum: 10
Maximum: 2147483647
Token timeout

Specifies the amount of time, in minutes, that the issued token is valid.

This field displays the maximum timeout, in minutes, for a token to be considered valid.

Data type: Integer
Default: 120
Minimum: 10
Maximum: 2147483647
Allow renewal after timeout

Specifies to enable or disable the renewal of a token.

This check box specifies whether to allow a client to renew an expired token. Note the Time in cache after expiration field specifies the amount of time within which an expired token can still be renewed.

Data type: Check box
Default: Do not allow (unchecked)
Allow postdated tokens

Specifies to enable or disable the use of postdated tokens.

This check box specifies whether a client can request a token to become valid at some point in the future.

Data type: Check box
Default: Do not allow (unchecked)
Distributed cache

Specifies to enable or disable the use of a distributed cache.

This check box specifies whether to use distributed cache if the server is in a clustered environment and whether the tokens are shared across the cluster.

Data type: Check box
Default: No distributed cache (unchecked)
Custom Properties

Specifies additional configuration settings that the token provider might require.

This table lists custom properties. Use custom properties to set internal system configuration properties.

Select

Specifies custom properties that you can add to, edit, or delete from the token provider.

Click New to add and define a new custom property.

For existing custom properties, first select the check box for the name of the custom property, and click one of the following actions:

Actions Description
Edit Specifies whether to modify existing custom properties. This action is not displayed until at least one custom property has been added.
Delete Removes the selected existing property from the listing in the Name column. This action is not displayed if there are no custom properties in the list.
Name

Displays the names of the custom properties that have been defined for the token provider.

This column displays the name of the custom property (for example, cancelActionRST). Custom properties are name-value pairs of data that are passed to the token provider during configuration. The name that you specify must match the name of a configuration property or setting that the provider understands and expects.

Data type: String
Value

Specifies the value for the custom property.

This column displays the value for the custom property (for example, true). Custom properties are name-value pairs of data. The value, which is represented as a string, is a configuration setting that is passed to the provider during configuration.

Data type: String or Boolean



Links marked (online) require access to the Internet.

Related tasks
Related reference
System policy set collection

uwbs_confwstrusttokendetails