001/**
002 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
003 *
004 * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
005 *
006 * The contents of this file are subject to the terms
007 * of the Common Development and Distribution License
008 * (the License). You may not use this file except in
009 * compliance with the License.
010 *
011 * You can obtain a copy of the License at
012 * https://opensso.dev.java.net/public/CDDLv1.0.html or
013 * opensso/legal/CDDLv1.0.txt
014 * See the License for the specific language governing
015 * permission and limitations under the License.
016 *
017 * When distributing Covered Code, include this CDDL
018 * Header Notice in each file and include the License file
019 * at opensso/legal/CDDLv1.0.txt.
020 * If applicable, add the following below the CDDL Header,
021 * with the fields enclosed by brackets [] replaced by
022 * your own identifying information:
023 * "Portions Copyrighted [year] [name of copyright owner]"
024 *
025 * $Id: SAML2Constants.java,v 1.44 2009/11/24 21:53:02 madan_ranganath Exp $
026 *
027 */
028
029/*
030 * Portions Copyrighted 2010-2014 ForgeRock AS
031 */
032
033package com.sun.identity.saml2.common;
034
035import com.sun.identity.cot.COTConstants;
036
037/**
038 * This interface defines constants common to all SAMLv2 elements.
039 *
040 * @supported.all.api
041 */
042public interface SAML2Constants {
043
044    /**
045     * XML name space URI
046     */
047    public String NS_XML = "http://www.w3.org/2000/xmlns/";
048    
049    /**
050     * String used to declare SAMLv2 assertion namespace prefix.
051     */
052    public String ASSERTION_PREFIX = "saml:";
053    
054    /**
055     * String used to declare SAMLv2 assertion namespace.
056     */
057    public String ASSERTION_DECLARE_STR =
058    " xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\"";
059    
060    /**
061     * SAMLv2 assertion namespace URI.
062     */
063    public String ASSERTION_NAMESPACE_URI =
064    "urn:oasis:names:tc:SAML:2.0:assertion";
065    
066    /**
067     * Default namespace attribute for <code>Action</code>.
068     */
069    public String ACTION_NAMESPACE_NEGATION =
070    "urn:oasis:names:tc:SAML:1.0:action:rwedc-negation";
071    
072    /**
073     * String used to declare SAMLv2 protocol namespace prefix.
074     */
075    public String PROTOCOL_PREFIX = "samlp:";
076    
077    /**
078     * String used to declare SAMLv2 protocol namespace.
079     */
080    public String PROTOCOL_NAMESPACE = "urn:oasis:names:tc:SAML:2.0:protocol";
081    
082    /**
083     * String used to declare SAMLv2 protocol namespace.
084     */
085    public String PROTOCOL_DECLARE_STR =
086                " xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\"";
087    
088    /**
089     * String used to represent HTTP Redirect Binding.
090     */
091    public String HTTP_REDIRECT =
092                "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect";
093
094    /**
095     * String used to represent SOAP Binding.
096     */
097    public String SOAP =
098                "urn:oasis:names:tc:SAML:2.0:bindings:SOAP";
099
100    /**
101     * String used to represent PAOS Binding.
102     */
103    public static final String PAOS =
104                "urn:oasis:names:tc:SAML:2.0:bindings:PAOS";
105
106    /**
107     * String used to represent HTTP POST Binding.
108     */
109    public String HTTP_POST =
110                "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST";
111
112    /**
113     * String used to represent HTTP ARTIFACT Binding.
114     */
115    public String HTTP_ARTIFACT =
116                "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact";
117
118    /**
119     * String used to represent URI Binding.
120     */
121    public String URI =
122                "urn:oasis:names:tc:SAML:2.0:bindings:URI";
123
124    /**
125     * String to represent Name Identifier Format name space
126     */
127    public String NAMEID_FORMAT_NAMESPACE=
128                "urn:oasis:names:tc:SAML:2.0:nameid-format:";
129
130    /**
131     * String to represent Name Identifier Format name space
132     * version 1.1
133     */
134    public static final String NAMEID_FORMAT_NAMESPACE_V_1_1=
135          "urn:oasis:names:tc:SAML:1.1:nameid-format:";
136
137    /**
138     * String to represent Encrypted Format Name Identifier
139     */
140    public String ENCRYPTED =
141                NAMEID_FORMAT_NAMESPACE + "encrypted";
142
143
144    /**
145     * String to represent Persitent Name Identifier
146     */
147    public String PERSISTENT =
148                NAMEID_FORMAT_NAMESPACE + "persistent";
149    
150    /**
151     * String to represent Unspecified Name Identifier
152     */
153    public String UNSPECIFIED =
154        NAMEID_FORMAT_NAMESPACE_V_1_1 + "unspecified";
155  
156    /**
157     * String to represent Email Address Name Identifier
158     */
159    public String EMAIL_ADDRESS =
160        NAMEID_FORMAT_NAMESPACE_V_1_1 + "emailAddress";
161
162    /**
163     * String to represent Entity Name Identifier
164     */
165    public String ENTITY =
166                NAMEID_FORMAT_NAMESPACE + "entity";
167
168    /**
169     * String to represent X509 Subejct Name Identifier
170     */
171    public String X509_SUBJECT_NAME =
172        NAMEID_FORMAT_NAMESPACE_V_1_1 + "X509SubjectName";
173
174    /**
175     * String to represent Windows Domain Qualified Name Identifier
176     */
177    public String WINDOWS_DOMAIN_QUALIFIED_NAME =
178        NAMEID_FORMAT_NAMESPACE_V_1_1 + "WindowsDomainQualifiedName";
179
180    /**
181     * String to represent Kerberos Principal Name Identifier
182     */
183    public String KERBEROS_PRINCIPAL_NAME =
184        NAMEID_FORMAT_NAMESPACE + "kerberos";
185
186    /**
187     * String to represent the authentication service url
188     */
189    public String AUTH_URL = "AuthUrl";
190
191    /**
192     * Used when the SAML endpoints are RP'd to a non-server/site URL, typically
193     * to DAS
194     */
195    public String RP_URL = "RpUrl";
196
197    /**
198     * Strings represent primitive top-level StatusCode values 
199     */
200    public String SUCCESS =
201        "urn:oasis:names:tc:SAML:2.0:status:Success";
202
203    public String REQUESTER =
204        "urn:oasis:names:tc:SAML:2.0:status:Requester";
205
206    public String RESPONDER =
207        "urn:oasis:names:tc:SAML:2.0:status:Responder";
208
209    public String NOPASSIVE =
210        "urn:oasis:names:tc:SAML:2.0:status:NoPassive";
211    
212    public String VERSION_MISMATCH =
213        "urn:oasis:names:tc:SAML:2.0:status:VersionMismatch";
214
215    public String UNKNOWN_PRINCIPAL =
216        "urn:oasis:names:tc:SAML:2.0:status:UnknownPrincipal";
217
218    public String AUTHN_FAILED =
219        "urn:oasis:names:tc:SAML:2.0:status:AuthnFailed";
220
221    public String INVALID_ATTR_NAME_OR_VALUE =
222        "urn:oasis:names:tc:SAML:2.0:status:InvalidAttrNameOrValue";
223
224    public String INVALID_NAME_ID_POLICY =
225        "urn:oasis:names:tc:SAML:2.0:status:InvalidNameIDPolicy";
226
227    public String NO_AUTHN_CONTEXT =
228        "urn:oasis:names:tc:SAML:2.0:status:NoAuthnContext";
229
230    /**
231     * Basic name format
232     */
233    public String BASIC_NAME_FORMAT =
234        "urn:oasis:names:tc:SAML:2.0:attrname-format:basic";
235
236    /**
237     * Basic attribute profile
238     */
239    public String BASIC_ATTRIBUTE_PROFILE =
240        "urn:oasis:names:tc:SAML:2.0:profiles:attribute:basic";
241
242    /**
243     * Attribute Query default profile
244     */
245    public static final String DEFAULT_ATTR_QUERY_PROFILE =
246        "urn:oasis:names:tc:SAML:2.0:profiles:query";
247
248    /**
249     * Attribute Query x509 Subject profile
250     */
251    public static final String X509_SUBJECT_ATTR_QUERY_PROFILE =
252        "urn:oasis:names:tc:SAML:2.0:profiles:query:attribute:X509";
253
254    /**
255     * Attribute Query default profile alias
256     */
257    public static final String DEFAULT_ATTR_QUERY_PROFILE_ALIAS =
258        "default";
259
260    /**
261     * Attribute Query x509 Subject profile alias
262     */
263    public static final String X509_SUBJECT_ATTR_QUERY_PROFILE_ALIAS =
264        "x509Subject";
265
266    /**
267     * Strings represent subject confirmation methods
268     */
269    public String SUBJECT_CONFIRMATION_METHOD_BEARER =
270        "urn:oasis:names:tc:SAML:2.0:cm:bearer";
271    
272    /**
273     * Confirmation method for holder of key
274     */
275    public String SUBJECT_CONFIRMATION_METHOD_HOLDER_OF_KEY =
276        "urn:oasis:names:tc:SAML:2.0:cm:holder-of-key";
277    
278    /**
279     * Confirmation method for sender vouches
280     */
281    public String SUBJECT_CONFIRMATION_METHOD_SENDER_VOUCHES =
282        "urn:oasis:names:tc:SAML:2.0:cm:sender-vouches";
283    
284    /**
285     * Session Property name indicating if response is redirected or not
286     */
287    public String RESPONSE_REDIRECTED = "SAML2ResponseRedirected";
288
289    /**
290     * Length for SAMLv2 IDs.
291     */
292    public int ID_LENGTH = 20;
293    
294    /**
295     * SAMLv2 Version String
296     */
297    public String VERSION_2_0 = "2.0";
298
299    /**
300     * SAMLRequest query parameter name
301     */
302    public String SAML_REQUEST = "SAMLRequest";
303
304    /**
305     * SAMLResponse query parameter name
306     */
307    public String SAML_RESPONSE = "SAMLResponse";
308    
309    
310    /**
311     * Maximum value of unsigned integer/short type.
312     */
313    public int MAX_INT_VALUE=65535;
314    
315    /**
316     * Start Tag for XML String
317     */
318    public String START_TAG="<";
319    /**
320     * End Tag for XML String
321     */
322    public String END_TAG =">";
323    
324    /**
325     * Constant for space
326     */
327    public String SPACE=" ";
328    /**
329     * Constant for equal
330     */
331    public String EQUAL= "=";
332    
333    /**
334     * Constant for quote
335     */
336    public String QUOTE = "\"";
337    
338    /**
339     * Constant for newline
340     */
341    public String NEWLINE= "\n";
342    
343    /**
344     * Constant for xml name space
345     */
346    public String NAMESPACE_PREFIX="xmlns";
347    
348    /**
349     * Constant for SAML2 end tag
350     */
351    public String SAML2_END_TAG="</samlp:";
352    
353    /**
354     * Constant for AuthnRequest
355     */
356    public String AUTHNREQUEST="AuthnRequest";
357
358    /**
359     * Constant for LogoutRequest
360     */
361    public String LOGOUT_REQUEST="LogoutRequest";
362
363    /**
364     * Constant for LogoutResponse
365     */
366    public String LOGOUT_RESPONSE="LogoutResponse";
367
368    /**
369     * Constant for AssertionIDRequest
370     */
371    public String ASSERTION_ID_REQUEST = "AssertionIDRequest";
372
373    /**
374     * Constant for AttributeQuery
375     */
376    public String ATTRIBUTE_QUERY = "AttributeQuery";
377
378    /**
379     * Constant for AuthnQuery
380     */
381    public String AUTHN_QUERY = "AuthnQuery";
382
383    /**
384     * Constant for NameIDMappingRequest
385     */
386    public String NAME_ID_MAPPING_REQUEST = "NameIDMappingRequest";
387
388    /**
389     * Constant for NameIDMappingResponse
390     */
391    public String NAME_ID_MAPPING_RESPONSE = "NameIDMappingResponse";
392
393    /**
394     * Constant for AssertionIDRef
395     */
396    public String ASSERTION_ID_REF = "AssertionIDRef";
397
398    /**
399     * Constant for Attribute
400     */
401    public String ATTRIBUTE="Attribute";
402
403    /**
404     * Constant for SessionIndex
405     */
406    public String SESSION_INDEX="SessionIndex";
407
408    /**
409     * Constant for BaseID
410     */
411    public String BASEID="BaseID";
412
413    /**
414     * Constant for NameID
415     */
416    public String NAMEID="NameID";
417
418    /**
419     * Constant for EncryptedID
420     */
421    public String ENCRYPTEDID="EncryptedID";
422    
423    /**
424     * Constant for Reason
425     */
426    public String REASON="Reason";
427
428    /**
429     * Constant for NotOnOrAfter
430     */
431    public String NOTONORAFTER="NotOnOrAfter";
432
433    /**
434     * Constant for NotOnOrAfter
435     */
436    public String NOTBEFORE="NotBefore";
437
438    /**
439     * Constant for InResponseTo
440     */
441    public String INRESPONSETO="InResponseTo";
442   
443    /**
444     * Constant for ID
445     */
446    public String ID="ID";
447    
448    
449    /**
450     * Constant for Version
451     */
452    public String VERSION="Version";
453    
454    
455    /**
456     * Constant for IssueInstant
457     */
458    public String ISSUE_INSTANT="IssueInstant";
459    
460    /**
461     * Constant for Destination
462     */
463    public String DESTINATION="Destination";
464    
465    /**
466     * Constant for Value
467     */
468    public String VALUE="Value";
469    
470    /**
471     * Constant for Destination
472     */
473    public String CONSENT="Consent";
474    
475    /**
476     * Constant for Issuer
477     */
478    public String ISSUER="Issuer";
479    
480    
481    /**
482     * Constant for Signature
483     */
484    public String SIGNATURE="Signature";
485    
486    /**
487     * Constant for forceAuthn attribute
488     */
489    public String FORCEAUTHN="ForceAuthn";
490    
491    /**
492     * Constant for IsPassive attribute
493     */
494    public String ISPASSIVE="IsPassive";
495    
496    /**
497     * Constant for AllowCreate attribute
498     */
499    public String ALLOWCREATE="AllowCreate";
500
501    /**
502     * Constant for ProtocolBinding attribute
503     */
504    public String PROTOBINDING="ProtocolBinding";
505    
506    /**
507     * Constant for mustUnderstand attribute
508     */
509    public static final String MUST_UNDERSTAND = "mustUnderstand";
510
511    /**
512     * Constant for actor attribute
513     */
514    public static final String ACTOR = "actor";
515
516    /**
517     * Constant for Binding parameter name
518     */
519    public String BINDING="binding";
520
521    /**
522     * Constant for reqBinding parameter name
523     */
524    public String REQ_BINDING = "reqBinding";
525
526    /**
527     * Constant for affiliationID parameter name
528     */
529    public String AFFILIATION_ID = "affiliationID";
530
531    /**
532     * Constant for Binding namespace
533     */
534    public String BINDING_PREFIX =
535    "urn:oasis:names:tc:SAML:2.0:bindings:";
536
537    /**
538     * Constant for AssertionConsumerServiceIndex attribute
539     */
540    public String ASSERTION_CONSUMER_SVC_INDEX=
541    "AssertionConsumerServiceIndex";
542    /**
543     * Constant for AssertionConsumerServiceURL attribute
544     */
545    public String ASSERTION_CONSUMER_SVC_URL=
546    "AssertionConsumerServiceURL";
547    /**
548     * Constant for AttributeConsumingServiceIndex attribute
549     */
550    public String ATTR_CONSUMING_SVC_INDEX=
551    "AttributeConsumingServiceIndex";
552    /**
553     * Constant for ProviderName attribute
554     */
555    public String PROVIDER_NAME="ProviderName";
556    
557    /**
558     * Constant for Subject Element
559     */
560    public String SUBJECT="Subject";
561
562    /**
563     * Constant for AuthnRequest object
564     */
565    public String AUTHN_REQUEST = "AuthnRequest";
566    
567    /**
568     * Constant for NameIDPolicy Element
569     */
570    public String NAMEID_POLICY="NameIDPolicy";
571    
572    /**
573     * Constant for Conditions Element.
574     */
575    public String CONDITIONS="Conditions";
576    
577    /**
578     * Constant for RequestedAuthnContext Element.
579     */
580    public String REQ_AUTHN_CONTEXT="RequestedAuthnContext";
581
582    /** 
583     * Constant for Comparison Attribute
584     */
585    public String COMPARISON ="Comparison";
586
587    /**
588     * Constant for Scoping Element.
589     */
590    public String SCOPING="Scoping";
591    
592    /**
593     * Constant for Extensions Element.
594     */
595    public String EXTENSIONS="Extensions";
596    
597    /**
598     * Constant for StatusDetail Element.
599     */
600    public String STATUS_DETAIL="StatusDetail";
601    
602    /**
603     * Constant for StatusCode Element.
604     */
605    public String STATUS_CODE="StatusCode";
606    
607    /**
608     * Constant for Status Element.
609     */
610    public String STATUS="Status";
611    
612    /**
613     * Constant for StatusMessage Element.
614     */
615    public String STATUS_MESSAGE="StatusMessage";
616    
617    /**
618     * Constant for GetComplete Element.
619     */
620    public String GETCOMPLETE="GetComplete";
621    
622    /**
623     * Constant for IDPEntry Element.
624     */
625    public String IDPENTRY="IDPEntry";
626    
627    /**
628     * Constant for IDPList Element.
629     */
630    public String IDPLIST="IDPList";
631    
632    /**
633     * Constant for NameIDPolicy Element.
634     */
635    public String NAMEIDPOLICY="NameIDPolicy";
636    
637    /**
638     * Constant for RequesterID Element.
639     */
640    public String REQUESTERID="RequesterID";
641
642    // for SAMLPOSTProfileServlet
643    public String SOURCE_SITE_SOAP_ENTRY = "sourceSite";
644    public String POST_ASSERTION = "assertion";
645    public String CLEANUP_INTERVAL_NAME =
646                                "iplanet-am-saml-cleanup-interval";
647
648    /**
649     * NameID info attribute.
650     */ 
651    public String NAMEID_INFO = "sun-fm-saml2-nameid-info";
652
653    /**
654     * NameID info key attribute.
655     */
656    public String NAMEID_INFO_KEY = "sun-fm-saml2-nameid-infokey";
657
658    /**
659     * SAML2 data store provider name.
660     */ 
661    public String SAML2 = "saml2";
662
663    /**
664     * Auto federation attribute.
665     */
666    public String AUTO_FED_ATTRIBUTE = 
667                        "autofedAttribute";
668
669    /**
670     * Auto federation enable attribute.
671     */
672    public String AUTO_FED_ENABLED =
673                        "autofedEnabled";
674
675    /**
676     * Transient federation users.
677     */
678    public String TRANSIENT_FED_USER =
679                        "transientUser";
680
681    public String NAMEID_TRANSIENT_FORMAT = 
682         NAMEID_FORMAT_NAMESPACE + "transient";
683
684    /**
685     * certficate alias attribute.
686     */
687    public String CERT_ALIAS = "sun-fm-saml2-cert-alias";
688 
689    /**
690     * NameID format map configuration.
691     */
692    public String NAME_ID_FORMAT_MAP = "nameIDFormatMap";
693
694    /**
695     * Attribute map configuration.
696     */
697    public String ATTRIBUTE_MAP = "attributeMap";
698
699    /**
700     * Service provider adapter implementation class
701     */
702    public String SP_ADAPTER_CLASS = "spAdapter";
703    
704    /**
705     * Environment (attribute/value pair) for Service provider adapter 
706     * implementation class. Those variables will be passed down as
707     * Map to the implementation class for initialization.
708     */
709    public String SP_ADAPTER_ENV = "spAdapterEnv";
710    
711    /**
712     * Fedlet adapter implementation class.
713     */
714    public String FEDLET_ADAPTER_CLASS = "fedletAdapter";
715    
716    /**
717     * Environment (attribute/value pair) for fedlet adapter 
718     * implementation class. Those variables will be passed down as
719     * Map to the implementation class for initialization.
720     */
721    public String FEDLET_ADAPTER_ENV = "fedletAdapterEnv";
722    
723    /**
724     * Service provider account mapper.
725     */
726    public String SP_ACCOUNT_MAPPER = 
727                        "spAccountMapper";
728
729    /**
730     * Use NameID value as local user ID in service provider account mapper.
731     */ 
732    public String USE_NAMEID_AS_SP_USERID = "useNameIDAsSPUserID";
733
734    /**
735     * Service provider attribute mapper.
736     */
737    public String SP_ATTRIBUTE_MAPPER = 
738                        "spAttributeMapper";
739
740    /**
741     * Identity provider account mapper.
742     */
743    public String IDP_ACCOUNT_MAPPER = 
744                        "idpAccountMapper";
745
746    /**
747     * Identity provider attribute mapper.
748     */
749    public String IDP_ATTRIBUTE_MAPPER = 
750                        "idpAttributeMapper";
751
752    /**
753     * Attribute authority mapper.
754     */
755    public String ATTRIBUTE_AUTHORITY_MAPPER = 
756                        "attributeAuthorityMapper";
757
758    /**
759     * Assertion ID request mapper.
760     */
761    public String ASSERTION_ID_REQUEST_MAPPER = 
762                        "assertionIDRequestMapper";
763
764    /**
765     * RelayState Parameter
766     */
767    public String RELAY_STATE="RelayState";
768
769    /**
770     * RelayState Alias Parameter
771     */
772    public String RELAY_STATE_ALIAS="RelayStateAlias";
773
774    /**
775     * Realm Parameter
776     */
777    public String REALM="realm";
778
779    /**
780     * AssertionConsumerServiceIndex Parameter
781     */
782    public String ACS_URL_INDEX="AssertionConsumerServiceIndex";
783
784    /**
785     * AttributeConsumingServiceIndex Parameter
786     */
787    public String ATTR_INDEX="AttributeConsumingServiceIndex";
788
789    /**
790     * NameIDPolicy Format Identifier Parameter
791     */
792    public String NAMEID_POLICY_FORMAT="NameIDFormat";
793
794    /**
795     * True Value String
796     */
797    public String TRUE="true";
798
799    /**
800     * False Value String
801     */
802    public String FALSE="false";
803
804    public String AUTH_LEVEL="AuthLevel";
805    public String ORGANIZATION = "Organization";
806    public String AUTH_LEVEL_ATTR="sunFMAuthContextComparison";
807    public String AUTH_TYPE="authType";
808    public String AUTH_LEVEL_ADVICE = "sunamcompositeadvice";
809
810    public String AUTH_TYPE_ATTR ="sunFMAuthContextType";
811
812    public String DECLARE_REF_AUTH_TYPE = "AuthContextDeclareRef";
813    public String CLASS_REF_AUTH_TYPE = "AuthContextClassRef";
814
815    public String AUTH_CONTEXT_DECL_REF ="AuthContextDeclRef";
816    public String AUTH_CONTEXT_DECL_REF_ATTR 
817                                        ="sunFMAuthContextDeclareRef";
818
819    public String AUTH_CONTEXT_CLASS_REF ="AuthnContextClassRef";
820
821    public String AUTH_CONTEXT_CLASS_REF_ATTR 
822                                        ="sunFMAuthContextClassRef";
823
824    /**
825     * Parameter name for SAML artifact in http request.
826     */
827    public String SAML_ART = "SAMLart";
828
829    /**
830     * Service Provider Role
831     */
832    public String SP_ROLE = "SPRole";
833
834    /**
835     * Identity Provider Role
836     */
837    public String IDP_ROLE = "IDPRole";
838    
839    /**
840     * Constant value for entity acting as both SP and IDP role.
841     */
842    public String DUAL_ROLE ="DualRole";
843
844
845    /**
846     * Policy Decision Point Role
847     */
848    String PDP_ROLE = "PDPRole";
849
850    /**
851     * Policy Enforcement Point Role
852     */
853    String PEP_ROLE = "PEPRole";
854    
855    /**
856     * Attribute Authority Role
857     */
858    String ATTR_AUTH_ROLE = "AttrAuthRole";
859
860    /**
861     * Attribute Query Role
862     */
863    String ATTR_QUERY_ROLE = "AttrQueryRole";
864
865    /**
866     * Authentication Authority Role
867     */
868    String AUTHN_AUTH_ROLE = "AuthnAuthRole";
869
870    /**
871     * Unknown Role
872     */
873    public String UNKNOWN_ROLE = "UNKNOWN";
874    
875
876    /**
877     * Attribute to be configured in SPSSOConfig for SAML2 authentication
878     * module instance name.
879     */
880    public String AUTH_MODULE_NAME = "saml2AuthModuleName";
881
882    /**
883     * Attribute to be configured in SPSSOConfig for local authentication url.
884     */
885    public String LOCAL_AUTH_URL = "localAuthURL";
886
887    /**
888     * Attribute to be configured in SPSSOConfig for intermediate url.
889     */
890    public String INTERMEDIATE_URL = "intermediateUrl";
891
892    /**
893     * Attribute to be configure in SPSSOConfig for default relay state url.
894     */
895    public String DEFAULT_RELAY_STATE = "defaultRelayState";
896
897    /**
898     * This is an attribute in entity config for the
899     * entity description
900     */
901    public String ENTITY_DESCRIPTION = "description";
902
903    /**
904     * This is an attribute in entity config for the
905     * signing certificate alias
906     */
907    public String SIGNING_CERT_ALIAS = "signingCertAlias";
908
909    /**
910     * This is an attribute in entity config for the
911     * signing certificate encrypted keypass
912     */
913    public String SIGNING_CERT_KEYPASS = "signingCertKeyPass";
914
915    /**
916     * This is an attribute in entity config for the
917     * encryption certificate alias
918     */
919    public String ENCRYPTION_CERT_ALIAS = "encryptionCertAlias";
920    
921    /**
922     * The entity role
923     */
924    public String ROLE = "role";
925
926    public String SIG_PROVIDER =
927    "com.sun.identity.saml2.xmlsig.SignatureProvider";
928
929    public String ENC_PROVIDER =
930    "com.sun.identity.saml2.xmlenc.EncryptionProvider";
931    
932    /**
933     * Signing  
934     */
935    public String SIGNING = "signing";
936    
937    /**
938     * Encryption  
939     */
940    public String ENCRYPTION = "encryption";
941    
942    // Delimiter used to separate multiple NameIDKey values.
943    public String SECOND_DELIM = ";";
944
945    /**
946     * Http request parameter used to indicate whether the intent is
947     * federation or not. Its values are "true" and "false".
948     */
949    public String FEDERATE = "federate";
950    
951    /** xmlsig signing parameters*/
952    public String CANONICALIZATION_METHOD =
953         "com.sun.identity.saml.xmlsig.c14nMethod";
954    public String TRANSFORM_ALGORITHM =
955         "com.sun.identity.saml.xmlsig.transformAlg";
956    public String XMLSIG_ALGORITHM =
957         "com.sun.identity.saml.xmlsig.xmlSigAlgorithm";
958    
959    public String DSA = "DSA";
960    public String RSA = "RSA";      
961
962    public String SIG_ALG = "SigAlg"; 
963    public String SHA1_WITH_DSA = "SHA1withDSA";
964    public String SHA1_WITH_RSA = "SHA1withRSA";
965
966    public String DEFAULT_ENCODING = "UTF-8";
967
968    // SOAP fault code for requester error
969    public String CLIENT_FAULT = "Client";
970
971    // SOAP fault code for responder error
972    public String SERVER_FAULT = "Server";
973
974    public String SESSION = "session";
975
976    // more constants defined for auth module
977    public String ASSERTIONS = "assertions";
978    public String MAX_SESSION_TIME = "maxSessionTime";
979    public String IN_RESPONSE_TO = "inResponseTo";
980
981    public String SP_METAALIAS = "spMetaAlias";
982    public String METAALIAS = "metaAlias";
983    public String SPENTITYID = "spEntityID";
984    public String IDPENTITYID = "idpEntityID";
985    public String REQUESTTYPE = "requestType";
986    
987    // Encryption attributes
988    /**
989     * SP Entity Config attribute name. Used to specify whether it wants
990     * Assertion encrypted or not.
991     */
992    public String WANT_ASSERTION_ENCRYPTED = "wantAssertionEncrypted";
993
994    public String WANT_ATTRIBUTE_ENCRYPTED 
995                                   = "wantAttributeEncrypted";
996    public String WANT_NAMEID_ENCRYPTED = "wantNameIDEncrypted";
997
998    // Signing attributes
999    /**
1000     * IDP Entity Config attribute name. Used to specify whether it wants
1001     * ArtifactResolve signed or not.
1002     */
1003    public String WANT_ARTIFACT_RESOLVE_SIGNED = "wantArtifactResolveSigned";
1004
1005    /**
1006     * SP Entity Config attribute name. Used to specify whether it wants
1007     * ArtifactResponse signed or not.
1008     */
1009    public String WANT_ARTIFACT_RESPONSE_SIGNED =
1010                              "wantArtifactResponseSigned";
1011    public String WANT_LOGOUT_REQUEST_SIGNED  
1012                                   = "wantLogoutRequestSigned";
1013    public String WANT_LOGOUT_RESPONSE_SIGNED   
1014                                   = "wantLogoutResponseSigned";
1015    public String WANT_MNI_REQUEST_SIGNED = "wantMNIRequestSigned";
1016    public String WANT_MNI_RESPONSE_SIGNED 
1017                                   = "wantMNIResponseSigned";
1018    public String WANT_POST_RESPONSE_SIGNED = "wantPOSTResponseSigned";
1019    
1020    /**
1021     * SP Entity Config attribute name. Used to specify IDPList child element
1022     * of ECP request.
1023     */
1024    public static final String ECP_REQUEST_IDP_LIST =
1025        "ECPRequestIDPList";
1026
1027    /**
1028     * SP Entity Config attribute name. Used to specify an implementation class
1029     * that finds IDPList child element of ECP request.
1030     */
1031    public static final String ECP_REQUEST_IDP_LIST_FINDER_IMPL =
1032        "ECPRequestIDPListFinderImpl";
1033
1034    /**
1035     * SP Entity Config attribute name. Used to specify attribute 'GetComplete'
1036     * of IDPList child element of ECP request
1037     */
1038    public static final String ECP_REQUEST_IDP_LIST_GET_COMPLETE =
1039        "ECPRequestIDPListGetComplete";
1040
1041    /**
1042     * Attribute Authority Config attribute name. Used to specify data store
1043     * attribute name that contains X509 subject DN.
1044     */
1045    public String X509_SUBJECT_DATA_STORE_ATTR_NAME =
1046        "x509SubjectDataStoreAttrName";
1047
1048    /**
1049     * Constant for SAML2IDPSessionIndex SSO token property
1050     */
1051    public String IDP_SESSION_INDEX = "SAML2IDPSessionIndex";
1052    /**
1053     * Constant for IDPMetaAlias SSO token property
1054     */
1055    public String IDP_META_ALIAS="IDPMetaAlias";
1056
1057    // Basic auth for SOAP binding
1058    public String BASIC_AUTH_ON = "basicAuthOn";
1059    public String BASIC_AUTH_USER = "basicAuthUser";
1060    public String BASIC_AUTH_PASSWD = "basicAuthPassword";
1061
1062    /**
1063     * Service provider AuthnContext mapper.
1064     */
1065    public String SP_AUTHCONTEXT_MAPPER =
1066                        "spAuthncontextMapper";
1067
1068    /**
1069     * Default value for Service provider AuthnContext mapper value.
1070     */
1071    public String DEFAULT_SP_AUTHCONTEXT_MAPPER =
1072        "com.sun.identity.saml2.plugins.DefaultSPAuthnContextMapper";
1073
1074    /**
1075     * Service provider AuthnContext Class Reference and AuthLevel Mapping.
1076     */
1077    public String SP_AUTH_CONTEXT_CLASS_REF_ATTR=
1078                        "spAuthncontextClassrefMapping";
1079
1080    /**
1081     * Constant for AuthnContext Class Reference namespace
1082     */
1083    public String AUTH_CTX_PREFIX =
1084    "urn:oasis:names:tc:SAML:2.0:ac:classes:";
1085
1086    /**
1087     * Default Service provider AuthnContext Class Reference and 
1088     * AuthLevel Mapping value.
1089     */
1090    public String SP_AUTHCONTEXT_CLASSREF_VALUE=
1091        "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport|0|default";
1092    /**
1093     * Service provider AuthnContext Comparison Type attribute name.
1094     */
1095    public String SP_AUTHCONTEXT_COMPARISON_TYPE =
1096                        "spAuthncontextComparisonType";
1097
1098    /**
1099     * Default Service provider AuthnContext Comparison Type 
1100     * attribute value.
1101     */
1102    public String SP_AUTHCONTEXT_COMPARISON_TYPE_VALUE = "exact";
1103
1104    /**
1105     * Service provider AuthnContext Comparison Parameter Name
1106     */
1107    public String SP_AUTHCONTEXT_COMPARISON = "AuthComparison";
1108
1109    // Time Skew for Assertion NotOnOrAfter. In seconds.
1110    public String ASSERTION_TIME_SKEW = "assertionTimeSkew";
1111    public int ASSERTION_TIME_SKEW_DEFAULT = 300;
1112
1113    // key for SAML2 SDK class mapping
1114    public String SDK_CLASS_MAPPING = 
1115        "com.sun.identity.saml2.sdk.mapping.";
1116
1117    // Default assertion effective time in seconds
1118    public int ASSERTION_EFFECTIVE_TIME = 600;
1119
1120    // Default assertion NotBefore skew in seconds
1121    public int NOTBEFORE_ASSERTION_SKEW_DEFAULT = 600;
1122
1123    // Assertion effective time attribute name
1124    public String ASSERTION_EFFECTIVE_TIME_ATTRIBUTE = 
1125                            "assertionEffectiveTime";
1126
1127    // NotBefore Assertion skew attribute name
1128    public String ASSERTION_NOTBEFORE_SKEW_ATTRIBUTE =
1129                             "assertionNotBeforeTimeSkew";
1130
1131    // IDP authn context mapper class attribute name
1132    public String IDP_AUTHNCONTEXT_MAPPER_CLASS =
1133                            "idpAuthncontextMapper";
1134
1135    // IDP ECP Session mapper class attribute name
1136    public static final String IDP_ECP_SESSION_MAPPER_CLASS =
1137                            "idpECPSessionMapper";
1138
1139    // Default IDP authn context mapper class name
1140    public String DEFAULT_IDP_AUTHNCONTEXT_MAPPER_CLASS =
1141        "com.sun.identity.saml2.plugins.DefaultIDPAuthnContextMapper";
1142
1143    // Default IDP account mapper class name
1144    public String DEFAULT_IDP_ACCOUNT_MAPPER_CLASS =
1145        "com.sun.identity.saml2.plugins.DefaultIDPAccountMapper";
1146
1147    // Default SP account mapper class name
1148    public String DEFAULT_SP_ACCOUNT_MAPPER_CLASS =
1149        "com.sun.identity.saml2.plugins.DefaultSPAccountMapper";
1150
1151    /**
1152     * Default SP attribute mapper class name
1153     */
1154    public String DEFAULT_SP_ATTRIBUTE_MAPPER_CLASS = "com.sun.identity.saml2.plugins.DefaultSPAttributeMapper";
1155
1156    // Default IDP attribute mapper class name
1157    public String DEFAULT_IDP_ATTRIBUTE_MAPPER_CLASS =
1158        "com.sun.identity.saml2.plugins.DefaultIDPAttributeMapper";
1159
1160    // Default Attribute Authority mapper class name
1161    public static final String DEFAULT_ATTRIBUTE_AUTHORITY_MAPPER_CLASS =
1162        "com.sun.identity.saml2.plugins.DefaultAttributeAuthorityMapper";
1163
1164    // Default Assertion ID request mapper class name
1165    public static final String DEFAULT_ASSERTION_ID_REQUEST_MAPPER_CLASS =
1166        "com.sun.identity.saml2.plugins.DefaultAssertionIDRequestMapper";
1167
1168    // Default IDP ECP Session mapper class name
1169    public static final String DEFAULT_IDP_ECP_SESSION_MAPPER_CLASS =
1170        "com.sun.identity.saml2.plugins.DefaultIDPECPSessionMapper";
1171
1172    // IDP authn context class reference mapping attribute name
1173    public String IDP_AUTHNCONTEXT_CLASSREF_MAPPING =
1174                            "idpAuthncontextClassrefMapping";
1175
1176    // AuthnContext Class Reference names
1177    public String CLASSREF_PASSWORD_PROTECTED_TRANSPORT =
1178        "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport";
1179        
1180    // COT List
1181    public String COT_LIST = COTConstants.COT_LIST;
1182
1183    // http parameter to default.jsp
1184    public String MESSAGE = "message";
1185
1186    // Cache Cleanup interval attribute name in AMConfig.properties.
1187    // value in seconds
1188    public String CACHE_CLEANUP_INTERVAL = 
1189                "com.sun.identity.saml2.cacheCleanUpInterval";
1190
1191    // default Cache cleanup interval in seconds
1192    public int CACHE_CLEANUP_INTERVAL_DEFAULT = 3600;
1193
1194    // IDP SLO parameter name for logout all sessions
1195    public String LOGOUT_ALL = "logoutAll";
1196
1197    // IDP response info ID
1198    public String RES_INFO_ID = "resInfoID";
1199     
1200    // Default query parameter to use for RelayState if
1201    // RelayState is no specified and if RelayState cannot
1202    // be obtained from query parameters list specified in 
1203    // RelayStateAlias 
1204
1205    public String GOTO = "goto";
1206    
1207    // Delimiter for values of multi-valued property set in SSO token
1208    public char DELIMITER = '|';
1209
1210    // Escape string for the <code>DELIMITER</code> contained in the values
1211    // of multi-valued property set in SSO token
1212    public String ESCAPE_DELIMITER = "&#124;";
1213
1214    /**
1215     * Namespace declaration for XML Encryption
1216     */
1217    public String NS_XMLENC = "http://www.w3.org/2001/04/xmlenc#";
1218
1219    /**
1220     * Namespace declaration for XML Digital Signature
1221     */
1222    public String NS_XMLSIG = "http://www.w3.org/2000/09/xmldsig#";
1223
1224    /**
1225     * Want XACML Authorization Decision Query Signed.
1226     */
1227    String WANT_XACML_AUTHZ_DECISION_QUERY_SIGNED =
1228        "wantXACMLAuthzDecisionQuerySigned";
1229
1230    /**
1231     * Want Authorization Decision Response Signed.
1232     */
1233    String WANT_XACML_AUTHZ_DECISION_RESPONSED_SIGNED =
1234        "wantXACMLAuthzDecisionResponseSigned";
1235
1236    /**
1237     * Generate Discovery Bootstrapping
1238     */
1239    public String DISCO_BOOTSTRAPPING_ENABLED =
1240        "discoveryBootstrappingEnabled";
1241
1242    /**
1243     * Constant for Response Artifact message encoding property
1244     */
1245    public String RESPONSE_ARTIFACT_MESSAGE_ENCODING =
1246        "responseArtifactMessageEncoding";
1247
1248    /**
1249     * URI encoding
1250     */
1251    public String URI_ENCODING = "URI";
1252
1253    /**
1254     * FORM encoding 
1255     */
1256    public String FORM_ENCODING = "FORM";
1257
1258    /**
1259     * Cache Assertion
1260     */
1261    public String ASSERTION_CACHE_ENABLED =
1262        "assertionCacheEnabled";
1263
1264    /**
1265     * Attribute name format for ID-WSF 1.1 Discovery bootstrap
1266     */    
1267    public String DISCOVERY_BOOTSTRAP_ATTRIBUTE_NAME_FORMAT =
1268        "urn:oasis:names:tc:SAML:2.0:attrname-format:uri";
1269
1270    /**
1271     * Attribute name for ID-WSF 1.1 Discovery bootstrap
1272     */    
1273    public String DISCOVERY_BOOTSTRAP_ATTRIBUTE_NAME =
1274        "urn:liberty:disco:2003-08:DiscoveryResourceOffering";
1275
1276    /**
1277     * Constant for Discovery bootstrap credentials SSO token
1278     * property
1279     */
1280    public String DISCOVERY_BOOTSTRAP_CREDENTIALS =
1281        "DiscoveryBootstrapCrendentials";
1282    
1283    /**
1284     * XML Schema Instance namespace URI
1285     */
1286    public String NS_XSI = 
1287        "http://www.w3.org/2001/XMLSchema-instance";
1288
1289    /**
1290     * String used to declare XML Schema Instance namespace.
1291     */
1292    public String XSI_DECLARE_STR =
1293        "xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"";
1294
1295    /**
1296     * List of SAE appliation name to encrypted secret mapping.
1297     */
1298    public String SAE_APP_SECRET_LIST = "saeAppSecretList";
1299
1300    /**
1301     * List of valid Relay State Urls
1302     */
1303    public String RELAY_STATE_URL_LIST = "relayStateUrlList";
1304
1305    /**
1306     * IDP SAE endpoint url.
1307     */
1308    public String SAE_IDP_URL = "saeIDPUrl";
1309
1310    /**
1311     * SP SAE endpoint url.
1312     */
1313    public String SAE_SP_URL = "saeSPUrl";
1314
1315    /**
1316     * SP SAE logout url.
1317     */
1318    public String SAE_SP_LOGOUT_URL = "saeSPLogoutUrl";
1319
1320    /**
1321     * SAE : Extended meta param : SPApp url
1322     */
1323    public String SAE_XMETA_URL = "url";
1324
1325    /**
1326     * SAE : Extended meta param : shared secret for symmetric crypto
1327     */
1328    public String SAE_XMETA_SECRET = "secret";
1329
1330    /**
1331     * SAE : Derived from SAML2 meta
1332     */
1333    public String SAE_XMETA_PKEY_ALIAS = "privatekeyalias";
1334
1335    /**
1336     * HTTP parameters that will be passed to SAE auth modules.
1337     */
1338    public String SAE_REALM = "realm";
1339    public String SAE_IDP_ENTITYID = "idpEntityID";
1340    public String SAE_IDPAPP_URL = "idpAppUrl";
1341            
1342    /**
1343     * Enable IDP Proxy
1344     */
1345    public String ENABLE_IDP_PROXY = "enableIDPProxy";
1346
1347    /**
1348     * Always proxy the Authn Request
1349     */
1350    public String ALWAYS_IDP_PROXY = "alwaysIdpProxy";
1351
1352    /**
1353     *IDP Proxy Name List
1354     */
1355    public String IDP_PROXY_LIST = "idpProxyList";
1356 
1357    /**
1358     * IDP Proxy Count
1359     */
1360    public String IDP_PROXY_COUNT = "idpProxyCount";
1361 
1362    /**
1363     * Use Introduction for IDP Proxy
1364     */
1365    public String USE_INTRODUCTION_FOR_IDP_PROXY =
1366        "useIntroductionForIDPProxy";      
1367
1368    /**
1369     * Idp finder URL
1370     */
1371    public String IDP_FINDER_URL ="/idpfinder";
1372    
1373    /**
1374     * IDP Proxy finder name
1375     */
1376    public String IDP_PROXY_FINDER_NAME = 
1377         "com.sun.identity.saml2.idpproxy"; 
1378         
1379    /**
1380     * Default class name of IDP Proxy finder   
1381     */     
1382    public String  DEFAULT_IDP_PROXY_FINDER = 
1383        "com.sun.identity.saml2.plugins.SAML2IDPProxyImpl";
1384
1385    /**
1386     * IDP Proxy finder attribute name in the IDP Extended metadata
1387     */
1388    public String IDP_PROXY_FINDER_ATTR_NAME = "idpProxyFinder";
1389
1390    /**
1391     * IDP Proxy finder implmentation classe attribute name
1392     * in the IDP Extended metadata
1393     */
1394    public static final String PROXY_IDP_FINDER_CLASS = "proxyIDPFinderClass";
1395    
1396    /**
1397     * Flag to indicate if the IdP must enable the IdP Finder
1398     * This is the name of the attribute flag in the IDP Extended metadata
1399     */
1400    public static final String ENABLE_PROXY_IDP_FINDER_FOR_ALL_SPS =
1401            "enableProxyIDPFinderForAllSPs";
1402    
1403    /**
1404     * Attribute Name in the extended metadata that takes the value of
1405     * the JSP that will present the list of IdPs to the user
1406     */
1407    public static final String PROXY_IDP_FINDER_JSP =
1408            "proxyIDPFinderJSP";
1409
1410    /**
1411     * Default IDP Proxy Finder JSP
1412     */
1413    public static final String DEFAULT_PROXY_IDP_FINDER = "proxyidpfinder.jsp";
1414
1415    /**
1416     * IDP Adapter class attribute name
1417     */
1418    public static final String IDP_ADAPTER_CLASS = "idpAdapter";
1419
1420    /**
1421     * Default IDP Adapter class
1422     */
1423    public static final String DEFAULT_IDP_ADAPTER = "com.sun.identity.saml2.plugins.DefaultIDPAdapter";
1424
1425    /**
1426     * Key used to save IDP Session in a map
1427     */    
1428    public String IDP_SESSION = "IDPSESSION"; 
1429    
1430    /**
1431     * Key used to save session partners in a map 
1432     */
1433    public String  PARTNERS = "PARTNERS";        
1434
1435    /**
1436     * String used to declare ECP namespace prefix.
1437     */
1438    public static final String ECP_PREFIX = "ecp:";
1439    
1440    /**
1441     * ECP namespace URI.
1442     */
1443    public static final String ECP_NAMESPACE =
1444        "urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp";
1445    
1446    /**
1447     * String used to declare ECP namespace.
1448     */
1449    public static final String ECP_DECLARE_STR =
1450        "xmlns:ecp=\"urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp\"";
1451
1452    /**
1453     * Constant for ECP end tag
1454     */
1455    public static final String ECP_END_TAG="</ecp:";
1456
1457    /**
1458     * ECP service name in PAOS header
1459     */
1460    public static final String PAOS_ECP_SERVICE =
1461        "urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp";
1462
1463    /**
1464     * String used to declare SOAP envelope namespace prefix.
1465     */
1466    public static final String SOAP_ENV_PREFIX = "soap-env:";
1467    
1468    /**
1469     * SOAP envelope namespace URI.
1470     */
1471    public static final String SOAP_ENV_NAMESPACE =
1472        "http://schemas.xmlsoap.org/soap/envelope/";
1473    
1474    /**
1475     * String used to declare SOAP envelope namespace.
1476     */
1477    public static final String SOAP_ENV_DECLARE_STR =
1478        "xmlns:soap-env=\"http://schemas.xmlsoap.org/soap/envelope/\"";
1479
1480    /**
1481     * SOAP actor.
1482     */
1483    public static final String SOAP_ACTOR_NEXT =
1484        "http://schemas.xmlsoap.org/soap/actor/next";
1485    
1486    /**
1487     * Check Certificate status
1488     */
1489    public static final String CHECK_SAML2_CERTIFICATE_STATUS =
1490        "com.sun.identity.saml2.crl.check";
1491
1492    /**
1493     * Check CA Certificate status
1494     */
1495    public static final String CHECK_SAML2_CA_STATUS =
1496        "com.sun.identity.saml2.crl.check.ca";
1497
1498    /**
1499     * Wild card to indicate mapping any attribute name as it is in
1500     * the Assertion
1501     */
1502    public String ATTR_WILD_CARD = "*";
1503
1504    /**
1505     * Key name for Response object
1506     */
1507    public String RESPONSE = "Response"; 
1508
1509    /**
1510     * Key name for Assertion object
1511     */
1512    public String ASSERTION = "Assertion"; 
1513    
1514    /**
1515     * One Time Use.
1516     */
1517    public String ONETIME="ONE"; 
1518    /**
1519     * Is Bearer assertion
1520     */
1521    public String IS_BEARER="isBearer";  
1522
1523    /**
1524     * String to represent the logout url for external application.
1525     * SAML2 component will send request to the external logout URL 
1526     * using back channel HTTP POST mechanism.
1527     * This is used when the single logout is initiated from remote party
1528     * (SP or IDP).
1529     */
1530    public String APP_LOGOUT_URL = "appLogoutUrl";
1531
1532    /**
1533     * URL parameter name in external application logout URL for requesting 
1534     * user session property. Value is a session property name whose
1535     * value will be posted to application as http header and content for its 
1536     * logout use.
1537     */
1538    public String APP_SESSION_PROPERTY = "appsessionproperty";
1539  
1540    /**
1541     * IDP Session Synchronize Enabled
1542     */
1543    public String IDP_SESSION_SYNC_ENABLED =
1544            "idpSessionSyncEnabled";
1545
1546    /**
1547     * SP Session Synchronize Enabled
1548     */
1549    public String SP_SESSION_SYNC_ENABLED =
1550            "spSessionSyncEnabled";
1551
1552    /**
1553     * Map key used in fedlet case to specify federation info key.
1554     */
1555    public String INFO_KEY = "infoKey";
1556
1557    /**
1558     * Single Sign-On service.
1559     */
1560    public String SSO_SERVICE = "sso";
1561
1562    /**
1563     * NameIDMapping service.
1564     */
1565    public String NAMEID_MAPPING_SERVICE = "nip";
1566
1567    /**
1568     * AssertionIDRequest service.
1569     */
1570    public String ASSERTION_ID_REQUEST_SERVICE = "air";
1571
1572    /**
1573     * ArtifactResolution service.
1574     */
1575    public String ARTIFACT_RESOLUTION_SERVICE = "ars";
1576
1577    /**
1578     * SingleLogout service.
1579     */
1580    public String SLO_SERVICE = "slo";
1581
1582    /**
1583     * ManageNameID service.
1584     */
1585    public String MNI_SERVICE = "mni";
1586
1587    /**
1588     * AssertionConsumer service.
1589     */
1590    public String ACS_SERVICE = "acs";
1591
1592    /**
1593     * Map key used in SLO request redirect code
1594     */
1595    public static final String AM_REDIRECT_URL = "AM_REDIRECT_URL";
1596
1597    /**
1598     * Map key used in SLO request redirect code
1599     */
1600    public static final String OUTPUT_DATA = "OUTPUT_DATA";
1601
1602    public static final String RESPONSE_CODE = "RESPONSE_CODE";
1603
1604    /**
1605     * Flag to Indicate that we do not want to write the Federation info
1606     * in the SP local User Data Store. This flag is set in the local SP
1607     * extended metadata configuration
1608     */
1609    public static final String SP_DO_NOT_WRITE_FEDERATION_INFO =
1610            "spDoNotWriteFederationInfo";
1611} 




























































Copyright © 2010-2017, ForgeRock All Rights Reserved.