WSS Module Reference - Mule 4

Authenticate User Config

Specific type for the authentication configuration. See AuthenticateUserConfig sub-types.

x

Time To Live

The time difference between creation and expiry time in seconds in the UsernameToken Created element.

30

Check Nonce

Whether to check the Nonce Element in the UsernameToken. A Nonce is a random value that the sender creates to include in each UsernameToken that it sends. Only checked if included.

true

Truststore Config

TrustStore configuration used for validating the signature.

x

Issuer Pattern

Certificate Issuer pattern.

Subject Pattern

Certificate Subject pattern.

Path

x

Password

x

Type

jks

Keystore Config

KeyStore configuration used for decryption.

x

Path

x

Password

x

Alias

Key Password

Type

jks

Time To Live

The time within which the Timestamp element is valid. The default is 5 minutes.

300

Skew Time

The time difference between server and client. The default is 60 seconds.

60

Time Unit

Time unit to be used in the timeToLive configuration.

SECONDS

Strict

If set to true then validates if the timestamp contains an expires element and the semantics are expired.

true

Require Expires Header

Whether timestamp Expires header is required.

true

Precision In Milliseconds

If set to true then use timestamps with milliseconds, otherwise omit the milliseconds.

true

Saml Version

SAML Version.

SAML10

Time To Live

The time in seconds within which a SAML Assertion is valid, if it does not contain a NotOnOrAfter Condition. The default is 30 minutes.

1800

Skew Time

The time difference between server and client. The default is 60 seconds.

60

Time Unit

Time unit to be used in the timeToLive and skewTime configuration.

SECONDS

Require Standard Subject Confirmation Method

If set, at least one of the standard Subject Confirmation Methods in SamlConfirmationMethod must be present in the assertion (Bearer / SenderVouches / HolderOfKey).

false

Require Bearer Signature

If set, an Assertion with a Bearer Subject Confirmation Method must be signed.

false

Validate Signature Against Profile

Whether to validate the signature of the Assertion (if it exists) against the relevant profile. Default is true.

false

Required Subject Confirmation Method

If set, the value must appear as one of the Subject Confirmation Methods SamlConfirmationMethod.

Max Idle Time

A scalar time value for the maximum amount of time a dynamic configuration instance should be allowed to be idle before it’s considered eligible for expiration

Time Unit

A time unit that qualifies the maxIdleTime attribute

Initial Buffer Size

This is the amount of memory that will be allocated in order to consume the stream and provide random access to it. If the stream contains more data than can be fit into this buffer, then it will be expanded by according to the bufferSizeIncrement attribute, with an upper limit of maxInMemorySize.

Buffer Size Increment

This is by how much will be buffer size by expanded if it exceeds its initial size. Setting a value of zero or lower will mean that the buffer should not expand, meaning that a STREAM_MAXIMUM_SIZE_EXCEEDED error will be raised when the buffer gets full.

Max Buffer Size

This is the maximum amount of memory that will be used. If more than that is used then a STREAM_MAXIMUM_SIZE_EXCEEDED error will be raised. A value lower or equal to zero means no limit.

Buffer Unit

The unit in which all these attributes are expressed

In Memory Size

Defines the maximum memory that the stream should use to keep data in memory. If more than that is consumed then it will start to buffer the content on disk.

Buffer Unit

The unit in which maxInMemorySize is expressed

Key Identifier

The key identifier type to use for signature. See SignatureKeyIdentifierConstants

ISSUER_SERIAL

Algorithm

The signature algorithm to use. The default is set by the data in the certificate. See SignatureAlgorithmConstants

Digest Algorithm

The signature digest algorithm to use. See SignatureDigestAlgorithmConstants

SHA1

C14n Algorithm

Defines which signature c14n (canonicalization) algorithm to use. See SignatureC14nAlgorithmConstants

ExclusiveXMLCanonicalization_1_0

Keystore Config

KeyStore configuration used for signing.

x

Wss Parts

Lists of parts to be encrypted. If any part is specified, the SOAP Body will be encrypted.

Encode

CONTENT

Namespace

x

Localname

x

Encryption Key Identifier

The key identifier type to use for encryption.

ISSUER_SERIAL

Encryption Sym Algorithm

The symmetric encryption algorithm to use.

AES_128

Encryption Key Transport Algorithm

The algorithm used to encrypt the generated symmetric key.

KEYTRANSPORT_RSAOAEP

Encryption Digest Algorithm

The encryption digest algorithm to use with the key transport algorithm.

SHA1

Keystore Config

KeyStore configuration used for encryption.

Wss Parts

Lists of parts to be encrypted. If any part is specified, the SOAP Body will be encrypted.

Username

Username.

x

Password

Password.

x

Provider Url

LDAP Server URL.

x

User Dn

User that will authenticate to the directory.

x

Password

Credentials to use for getting authenticated contexts.

x

Search Base

The search base defines the starting point for the search in the directory tree.

x

Search Filter

Filters can be used to restrict the numbers of users or groups that are permitted to access an application.

x

Search In Subtree

Whether to search in subtree.

false