Versions Compared

Old Version 1

changes.mady.by.user Scott Cantor

Saved on

compared with

New Version Current

changes.mady.by.user Scott Cantor

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Each Credential type has two variants, one whose parameters are inline data and one whose parameters are resources.

BasicX509Credential

The parent beans for the two primary bean factories are net.shibboleth.idp.profile.spring.factoryare:

  • shibboleth.BasicX509CredentialFactoryBean (

...

V4.3 introduces new parent beans to indirect the class names:

  • shibboleth.BasicX509CredentialFactoryBean

  • shibboleth.X509InlineCredentialFactoryBean

...

  • relies on external resources for the keys)

  • shibboleth.X509InlineCredentialFactoryBean (allows inline definition of keys)

They have the following bean properties:

Parameter Name

Type (Inline/Resource)

Description

certificates

List (String/Resource)

A list of certificates. These may PEM or DER encoded

cRLs

List (String/Resource)

A list of CRLs. These must be base 64 encoded without PEM headers and footers

entity

String/Resource

The entity certificate

entityID

String

The entityID

keyNames

List<String>

The names for the key represented by the credential.

privateKey

byte[]/Resource

The private key in DER, PEM, or PKCS#8 (encrypted or not) format or PEM encoded OpenSSL "traditional" format

privateKeyPassword

byte[]

The password (if any) for the private key

usageType

"encryption" or "signing"

 

BasicCredential

The parent beans for the two primary bean factories are net.shibboleth.idp.profile.spring.factoryare:

  • shibboleth.BasicResourceCredentialFactoryBean

...

  • (

...

V4.3 introduces new parent beans to indirect the class names:

  • shibboleth.BasicResourceCredentialFactoryBean

  • shibboleth.BasicInlineCredentialFactoryBean

...

  • relies on external resources for the keys)

  • shibboleth.BasicInlineCredentialFactoryBean (allows inline definition of keys)

They have the following bean properties:

Parameter Name

Type (Inline/Resource)

Description

entityID

String

The entity ID

keyNames

List<String>

The names for the key represented by the credential.

privateKeyInfo

byte[]/Resource

The private key in DER, PEM, or PKCS#8 (encrypted or not) format or PEM encoded OpenSSL "traditional" format

privateKeyPassword

byte[]

The password (if any) for the private key

publicKeyInfo

byte[]/Respource

The public key in DER or PEM format

secretKeyAlgorithm

String

The JCA key Algorithm (AES, DES or DESede)

secretKeyEncoding

String

The way in which the secret key is encoded: "binary" (UTF8), "hex", or "base64"

secretKeyInfo

byte[]/Resource

The secret key

usageType

"encryption" or "signing"