RampartConfig element can have any of the following child elements. Schema is available here
| Parameter | Description | Example |
| user | The user's name | Set username of UsernameToken to be used <user> bob</user> |
| userCertAlias | The user's cert alias | Set alias of the key to be used to sign <userCertAlias> bob</userCertAlias> |
| encryptionUser | The user's name for encryption. | <encryptionUser>alice</encryptionUser> |
| passwordCallbackClass | Callback class used to provide the password required to create the UsernameToken or to sign the message |
<passwordCallbackClass>
org.apache.axis2.security.PWCallback
</passwordCallbackClass>
|
| policyValidatorCbClass | Callback class used to provide custom validater |
<policyValidatorCbClass>
org.apache.axis2.security.CustomPolicyValidater
</policyValidatorCbClass>
|
| signatureCrypto | properties to needed perform signature, such as crypto provider, keystore and its password |
<signatureCrypto> <crypto provider="org.apache.ws.security.components.crypto.Merlin"> <property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</property> <property name="org.apache.ws.security.crypto.merlin.file">client.jks</property> <property name="org.apache.ws.security.crypto.merlin.keystore.password">apache</property> </crypto> <signatureCrypto> |
| encryptionCypto | properties to needed perform signature, such as crypto provider, keystore and its password |
<encryptionCypto>
....crypto element ......
</encryptionCypto>
|
| decryptionCrypto | properties to needed perform signature, such as crypto provider, keystore and its password |
<decryptionCrypto>
....crypto element ......
</decryptionCrypto> |
| timestampTTL | Time to live of Timestamp | The default timestamp time to live is 300 seconds |
| timestampMaxSkew | The maximum tolerence limit for timeskew of the timestamp | Rampart allows timestamps created slightly ahead of the reciever's time. This parameter allows to specify the tolerence limit |
| timestampPrecisionInMilliseconds | Whether the timestamps precision should be milliseconds | When this value is set false, generated timestamps doesn't contain milliseconds |
| optimizeParts | ||
| tokenStoreClass | ||
| sslConfig | SSL Configuration need for Transportbinding | Can specify the properties such as "javax.net.ssl.trustStore" and "javax.net.ssl.trustStorePassword". Please see below for more information. |
org.apache.ws.security.crypto.provider defines the implementation of
the org.apache.ws.security.components.crypto.Crypto interface to provide the
crypto information required by WSS4J. The other properties defined are the
configuration properties used by the implementation class
(org.apache.ws.security.components.crypto.Merlin).
