com.soa.console.policy.httpsecurity.JWT.custom.claims.header
Custom Claims
com.soa.console.policy.httpsecurity.JWT.detail.help
<p>Select from the list of required standard claims. Add and remove non-standard claims. Select the signature/MAC algorithm (if desired). Select content and key encryption algorithms (if desired). Click a "Subject Category" radio button. Enter a subject category URI if you choose the "User Defined" option. After completing your selections, click "Next" to continue, or "Finish" to complete the configuration session.</p>
com.soa.console.policy.httpsecurity.JWT.detail.title
JWT Bearer Token Authentication
com.soa.console.policy.httpsecurity.JWT.help.paragraph
<p>The "Specify JWT Bearer Token Options" page allows you to configure use of Java Web Token (JWT) Bearer Token Authentication, specifically the subject category the authenticated identity will be used as.</p><p>Java Web Tokens can contain a set of claims. To specify the claims that MUST be part of the token, select from the list of standard claims or enter your own non-standard (custom) ones.</p><p>Java Web Tokens can be protected for integrity (using a signature or MAC) and confidentially (using encryption). To ensure token integrity select and algorithm from the Signature/MAC Algorithm pull-down. Select None if not needed. To ensure confidentiality select an algorithm from the Content Encryption Algorithm pull-down.Select None if not needed. If encrypting the content, you must select an algorithm in the Key Encryption Algorithm pull-down. Select Direct if the key will be unencrypted.</p><p>Note that all RSA based algorithms require a minimum key length of 2048 bits. When using the Policy Manager JWT issuer ensure that that pmdomain private key is at least 2048 bits. Also note that the Policy Manager JWT Issuer currently only supports RSA based algorithms.</p><p>The "Subject Category" option allows you to assign a category name to authenticated identity. Predefined categories include Consumer, Service, and End-User. The "User-Defined" option allows you to specify a custom category name.</p>
com.soa.console.policy.httpsecurity.JWT.help.title
Specify JWT Bearer Token Options
com.soa.console.policy.httpsecurity.JWT.required.claims
Required Claims
com.soa.console.policy.httpsecurity.JWT.standard.claims.JWTID
JWT ID
com.soa.console.policy.httpsecurity.JWT.standard.claims.audience
Audience
com.soa.console.policy.httpsecurity.JWT.standard.claims.expiration
Expiration
com.soa.console.policy.httpsecurity.JWT.standard.claims.header
Standard Claims
com.soa.console.policy.httpsecurity.JWT.standard.claims.issuedAt
Issued At
com.soa.console.policy.httpsecurity.JWT.standard.claims.issuer
Issuer
com.soa.console.policy.httpsecurity.JWT.standard.claims.notBefore
Not Before
com.soa.console.policy.httpsecurity.JWT.standard.claims.subject
Subject
com.soa.console.policy.httpsecurity.JWT.token.protection
Token Protection
com.soa.console.policy.httpsecurity.JWT.token.protection.encrypt.alg
Content Encryption Algorithm
com.soa.console.policy.httpsecurity.JWT.token.protection.key.encrypt.alg
Key Encryption Algorithm
com.soa.console.policy.httpsecurity.JWT.token.protection.sig.mac.alg
Signature/MAC Algorithm
com.soa.console.policy.httpsecurity.SSL.certfromcontext.title
Use client's X.509 certificate from the SSL context
com.soa.console.policy.httpsecurity.SSL.certfromheader.title
Get client's X.509 certificate from HTTP header
com.soa.console.policy.httpsecurity.SSL.certheader.label
Certificate header name
com.soa.console.policy.httpsecurity.SSL.certviaissuer.title
Get "Issuer DN" and "Serial Number" of client's X.509 certificate from HTTP headers
com.soa.console.policy.httpsecurity.SSL.checkbox.title
Require Client Certificate Authentication
com.soa.console.policy.httpsecurity.SSL.detail.help
<p>To enable Client Certificate Authentication, click the "Require Client Certificate Authentication" checkbox, select an authentication method, and choose a "Subject Category". After completing your selections, click "Next" to continue, or "Finish" to complete the configuration session.</p>
com.soa.console.policy.httpsecurity.SSL.detail.title
Client Certificate Options
com.soa.console.policy.httpsecurity.SSL.help.paragraph
<p>The "Specify Client Certificate Authentication" screen allows you to authenticate based on a client-supplied X.509 certificate. This certificate can be taken from the Secure Sockets Layer (SSL) protocol context. This option requires that your client application use SSL to make a secure connection with the application server. The application server must enable mutual authentication for the SSL connection.</p><p>The Client Certificate can also be specified using HTTP headers containing either the client's certificate or the Issuer DN and Serial Number extracted from the certificate. These headers are commonly set by the network device (load balancer, etc.) that is terminating the SSL session.</p><p>The "Subject Category" option allows you to assign a category name to the token definition. Predefined categories include Consumer, Service, and End-User. The "User-Defined" option allows you to specify a custom category name.</p>
com.soa.console.policy.httpsecurity.SSL.help.title
Specify Client Certificate Authentication
com.soa.console.policy.httpsecurity.SSL.issuerdnheader.label
Issuer DN header name
com.soa.console.policy.httpsecurity.SSL.serialnoheader.label
Serial Number header name
com.soa.console.policy.httpsecurity.audit.help.paragraph
<p>The "Specify Security Audit Options" screen allows you to configure whether you want audit data captured for all message exchanges or only when errors occur on a message exchange. Select one of the following options:</p><p>Generate Audit Data - Captures success and failure audit data for all message exchanges.</p><p>Audit on Error Only - Captures audit data only when an error occurs on a message exchange.</p><p>Select an option and click "Finish."</p>
com.soa.console.policy.httpsecurity.audit.help.title
Specify Security Audit Options
com.soa.console.policy.httpsecurity.audit.options.title
Security Audit Options
com.soa.console.policy.httpsecurity.authentication.basic
Basic
com.soa.console.policy.httpsecurity.authentication.basicauth
Basic Authentication
com.soa.console.policy.httpsecurity.authentication.checkbox.cookie.title
Require Cookie for Response
com.soa.console.policy.httpsecurity.authentication.checkbox.title
Require Authentication Scheme:
com.soa.console.policy.httpsecurity.authentication.client.certificate
Client Certificate
com.soa.console.policy.httpsecurity.authentication.cookie
Cookie Authentication
com.soa.console.policy.httpsecurity.authentication.cookie.required
Cookie name is required when Require Cookie for Response is checked.
com.soa.console.policy.httpsecurity.authentication.detail.help
<p>To enable HTTP Authentication, click the "Require Authentication Scheme" checkbox, select an "Authentication Scheme" from the drop-down list box, and click a "Subject Category" radio button. After completing your selections, click "Next" to continue, or "Finish" to complete the configuration session.</p>
com.soa.console.policy.httpsecurity.authentication.detail.title
Authentication Scheme
com.soa.console.policy.httpsecurity.authentication.digest
Digest
com.soa.console.policy.httpsecurity.authentication.digestauth
Digest Authentication
com.soa.console.policy.httpsecurity.authentication.help.paragraph
<p>The "Select Authentication Options" screen allows you to choose what forms of authentication you would like to be supported.</p><p>The HTTP Basic Authentication option allows a client to provide credentials in the form of a username and password when making a request.</p><p>The HTTP Digest Authentication option allows a client to negotiate credentials using the HTTP protocol. It supersedes unencrypted use of Basic Authentication and allows a user identity to be established securely without the requirement of sending a password in plaintext over the network.</p><p>The SAML Bearer Token option allows a client to provide credentials in the form of a SaML token that uses the Bearer subject confirmation method when making a request.</p><p>The JWT Bearer Token option allows a client to provide credentials in the form of a JSON Web Token (JWT) in the HTTP Authorization header with the Bearer scheme when making a request.</p><p>The Client Certificate option allows a client to authenticate based on a client-supplied X.509 certificate.</p><p>The Cookies option allows a client to authenticate with a cookie established by the server and/or to dictate the cookie to be returned to the client.</p><p>The options can all be required (enforced), or only one of the options can be required.</p>
com.soa.console.policy.httpsecurity.authentication.help.title
Select Authentication options
com.soa.console.policy.httpsecurity.authentication.http.basic
HTTP Basic Authentication
com.soa.console.policy.httpsecurity.authentication.http.basic.help.paragraph
<p>The "Specify HTTP Basic Authentication Options" page allows you to configure the use of HTTP Basic Auth, specifically the subject category the authenticated identity will be used as.</p><p>The "Subject Category" option allows you to assign a category name to the authenticated identity. Predefined categories include Consumer, Service, and End-User. The "User-Defined" option allows you to specify a custom category name.</p>
com.soa.console.policy.httpsecurity.authentication.http.basic.help.title
Specify HTTP Basic Authentication Options
com.soa.console.policy.httpsecurity.authentication.http.digest
HTTP Digest Authentication
com.soa.console.policy.httpsecurity.authentication.http.digest.help.paragraph
<p>The "Specify HTTP Digest Authentication Options" page allows you to configure the use of HTTP Digest Authentication, specifically the subject category the authenticated identity will be used as.</p><p>The "Subject Category" option allows you to assign a category name to the authenticated identity. Predefined categories include Consumer, Service, and End-User. The "User-Defined" option allows you to specify a custom category name.</p>
com.soa.console.policy.httpsecurity.authentication.http.digest.help.title
Specify HTTP Digest Authentication Options
com.soa.console.policy.httpsecurity.authentication.jwt.bearer.token
JWT Bearer Token
com.soa.console.policy.httpsecurity.authentication.jwtbearerauth
JWT Bearer
com.soa.console.policy.httpsecurity.authentication.options.enforcement
Options Enforcement
com.soa.console.policy.httpsecurity.authentication.saml.bearer.token
SAML Bearer Token
com.soa.console.policy.httpsecurity.authentication.saml.help.paragraph
<p>The "Specify SAML Bearer Token Options" page allows you to configure the use of a SAML Bearer Token for HTTP authentication, specifically the subject category the authenticated identity will be used as.</p><p>The "Subject Category" option allows you to assign a category name to the authenticated identity. Predefined categories include Consumer, Service, and End-User. The "User-Defined" option allows you to specify a custom category name.</p>
com.soa.console.policy.httpsecurity.authentication.saml.help.title
Specify SAML Bearer Token Options
com.soa.console.policy.httpsecurity.authentication.samlbearerauth
SAML Bearer
com.soa.console.policy.httpsecurity.authentication.summary.require
Require Authentication
com.soa.console.policy.httpsecurity.authentication.summary.scheme
Authentication Scheme
com.soa.console.policy.httpsecurity.authentication.summary.title1
HTTP Authentication Options
com.soa.console.policy.httpsecurity.category.title
Subject Category
com.soa.console.policy.httpsecurity.category.title.basic
Basic Subject Category
com.soa.console.policy.httpsecurity.category.title.client
Client Subject Category
com.soa.console.policy.httpsecurity.category.title.digest
Digest Subject Category
com.soa.console.policy.httpsecurity.choose.authentication.options.heading
Click a "Subject Category" radio button. Enter a subject category URI if you choose the "User Defined" option. After completing your selections, click "Next" to continue, or "Finish" to complete the configuration session.
com.soa.console.policy.httpsecurity.cookie.actions
Actions
com.soa.console.policy.httpsecurity.cookie.add.paragraph
<p>The "Add Cookie for Authentication" screen allows you to add an authentication cookie. Newly added cookies are added to the "Cookie Authentication" table on the "Specify Cookie Authentication Options" screen.</p><p>The "Cookie Name" field allows you to enter a name for the Authentication Cookie. Single word / alpha-numeric characters are supported.</p><p>The "Subject Category" option allows you to assign a category name to the cookie definition. Predefined categories include Consumer, Service, and End-User. The "User-Defined" option allows you to specify a custom category name.</p>
com.soa.console.policy.httpsecurity.cookie.add.title
Add Cookie for Authentication
com.soa.console.policy.httpsecurity.cookie.authentication
Authentication Cookie
com.soa.console.policy.httpsecurity.cookie.detail.help
<br/><p>To add an HTTP cookie, click "Add." The "Add Authentication Cookie" screen displays. To manage cookie definitions, select "Modify" or "Delete" from the drop-down list box next to each cookie line item.</p><br/>
com.soa.console.policy.httpsecurity.cookie.detail.title
Cookie Authentication Options
com.soa.console.policy.httpsecurity.cookie.help.paragraph
<br/><p>The "Specify Cookie Authentication Options" screen allows you to authenticate by passing user credentials through HTTP Cookies when making a request. The Cookies are typically issued to clients by a Third-Party Identity and Access Manager software for Single-Sign-On purposes.</p><p>Cookies are defined using an "Add" function which launches the "Add Cookie for Authentication" screen and are stored as text. Each cookie represents a token. A cookie definition is composed of a "Cookie Name" and "Subject Category." Multiple cookies can be defined within one policy and can represent multiple identities.</p><p>The "Cookie Name" represents the name of the cookie that is checked by the server to authenticate the user. </p><p>Cookie definitions can be managed by selecting "Modify" or "Delete" from the drop-down list box next to each cookie line item in the "Cookie Authentication Options" table.</p>
com.soa.console.policy.httpsecurity.cookie.help.title
Specify Cookie Authentication Options
com.soa.console.policy.httpsecurity.cookie.modify.paragraph
<p>The "Modify Cookie for Authentication" screen allows you to update an authentication cookie definition. The cookie to be updated was initially selected on the "Specify Cookie Authentication Options" screen by clicking "Modify" from the drop-down list box in the "Cookie Authentication" table.</p><p>The "Cookie Name" field allows you to enter a name for the Authentication Cookie. Single word / alpha-numeric characters are supported.</p><p>The "Subject Category" option allows you to assign a category name to the cookie definition. Predefined categories include Consumer, Service, and End-User. The "User-Defined" option allows you to specify a custom category name.</p>
com.soa.console.policy.httpsecurity.cookie.modify.title
Modify Cookie for Authentication
com.soa.console.policy.httpsecurity.cookie.name
Cookie Name
com.soa.console.policy.httpsecurity.cookie.name.help
<p>Enter a "Cookie Name" and click a "Subject Category" radio button. After completing your selections, click "Finish" to complete the configuration session.</p>
com.soa.console.policy.httpsecurity.cookie.none
No cookies found.
com.soa.console.policy.httpsecurity.cookie.request.title
Request Cookies
com.soa.console.policy.httpsecurity.cookie.response.title
Response Cookies
com.soa.console.policy.httpsecurity.cookie.summary.title
Cookie Authentication
com.soa.console.policy.httpsecurity.finish.detail
You have successfully completed the "Modify HTTP Security Policy Wizard". Review the summary information for policy configuration details.
com.soa.console.policy.httpsecurity.finish.title
Completion Summary
com.soa.console.policy.httpsecurity.modify.helpid
543
com.soa.console.policy.httpsecurity.modify.label
Modify
com.soa.console.policy.httpsecurity.modify.title
Modify HTTP Security Policy Wizard
com.soa.console.policy.httpsecurity.onerroronly.checkbox.title
On Error Only
com.soa.console.policy.httpsecurity.options.label
Options
com.soa.console.policy.httpsecurity.policy.content.not.defined
Policy content not defined.
com.soa.console.policy.httpsecurity.policy.key
Policy Key
com.soa.console.policy.httpsecurity.policy.type.consumer
Consumer
com.soa.console.policy.httpsecurity.policy.type.enduser
End-User
com.soa.console.policy.httpsecurity.policy.type.none
None
com.soa.console.policy.httpsecurity.policy.type.userdefined
User Defined
com.soa.console.policy.httpsecurity.rcookie.add.paragraph
<p>The "Add Response Cookie" screen allows you to add a cookie to be included in the outgoing service response. Newly added cookies are added to the "Response Cookie" table on the "Specify Response Cookie Options" screen.</p><p>The "Cookie Name" field allows you to enter a name for the Response Cookie. Single word / alpha-numeric characters are supported.</p><p>The "Subject Category" option allows you to specify the category name of the subject to use for the Response Cookie. Predefined categories include Consumer, Service, and End-User. The "User-Defined" option allows you to specify a custom category name.</p>
com.soa.console.policy.httpsecurity.rcookie.add.title
Add Response Cookie
com.soa.console.policy.httpsecurity.rcookie.authentication
Response Cookie
com.soa.console.policy.httpsecurity.rcookie.detail.help
<br/><p>To add an HTTP cookie to the response message, click "Add." The "Add Response Cookie" screen displays. To manage cookie definitions, select "Modify" or "Delete" from the drop-down list box next to each cookie line item.</p><br/>
com.soa.console.policy.httpsecurity.rcookie.detail.title
Response Cookie Options
com.soa.console.policy.httpsecurity.rcookie.help.paragraph
<br/><p>The "Specify Response Cookie Options" screen allows you to configure HTTP Cookies that will be included in the response message being sent back to the service consumer. These Cookies are typically generated by a Third-Party Identity and Access Manager software and contain specified subject identities for Single-Sign-On purposes.</p><p>A Cookie response is defined using the "Add" function which launches the "Add Cookie Response" screen. Here you define a cookie to be included in the outgoing service response.</p><p>Cookie response definitions can be managed by selecting "Modify" or "Delete" from the drop-down list box next to each cookie line item in the "Response Cookie Options" table.</p>
com.soa.console.policy.httpsecurity.rcookie.help.title
Specify Response Cookie Options
com.soa.console.policy.httpsecurity.rcookie.modify.paragraph
<p>The "Modify Response Cookie" screen allows you to update a response cookie definition. The cookie to be updated was initially selected on the "Specify Response Cookie Options" screen by clicking "Modify" from the drop-down list box in the "Response Cookie" table.</p><p>The "Cookie Name" field allows you to enter a name for the Response Cookie. Single word / alpha-numeric characters are supported.</p><p>The "Subject Category" option allows you to specify the category name of the subject to use for the Response Cookie. Predefined categories include Consumer, Service, and End-User. The "User-Defined" option allows you to specify a custom category name.</p>
com.soa.console.policy.httpsecurity.rcookie.modify.title
Modify Response Cookie
com.soa.console.policy.httpsecurity.rcookie.name
Cookie Name
com.soa.console.policy.httpsecurity.rcookie.name.help
<p>Enter a "Cookie Name" and click a "Subject Category" radio button. After completing your selections, click "Finish" to complete the configuration session.</p>
com.soa.console.policy.httpsecurity.rcookie.none
No cookies found.
com.soa.console.policy.httpsecurity.rcookie.summary.title
Response Cookie Options
com.soa.console.policy.httpsecurity.securityaudit.checkbox.title
Generate Audit Data
com.soa.console.policy.httpsecurity.ssl.summary.header.cert
Certificate Header Name
com.soa.console.policy.httpsecurity.ssl.summary.header.issuer
Issuer DN Header Name
com.soa.console.policy.httpsecurity.ssl.summary.header.serial
Serial Number Header Name
com.soa.console.policy.httpsecurity.ssl.summary.require
Client Certificate
com.soa.console.policy.httpsecurity.ssl.summary.scheme
X.509 Certificate Source
com.soa.console.policy.httpsecurity.ssl.summary.source.context
Certificate from SSL Context
com.soa.console.policy.httpsecurity.ssl.summary.source.header
Certificate in HTTP Header
com.soa.console.policy.httpsecurity.ssl.summary.source.issuer
Reference to Certificate Issuer
com.soa.console.policy.httpsecurity.ssl.summary.title
Client Certificate Authentication Options
com.soa.console.policy.httpsecurity.summary
Summary
com.soa.console.policy.httpsecurity.view.label
View
com.soa.console.policy.httpsecurity.view.not.authorized
You are not authorized to view policy details
com.soa.console.policy.httpsecurity.view.title
View HTTP Security Policy Wizard
error.field.httpsec.policy.certheader.required
Certificate HTTP header name is required.
error.field.httpsec.policy.issuerheaders.required
Issuer DN and Serial Number HTTP header names are both required.
error.field.httpsec.policy.sslauthtype.required
Type of SSL Client authentication must be selected.
error.modify.httpsec.policy.config
Error in modifying http security policy: {0}
error.modify.httpsec.policy.config.get
Error Getting details for OSGI policy: {0}
error.modify.httpsec.policy.update.cookie.duplicate
Duplicate cookie names are not allowed.
error.modify.httpsec.policy.update.cookie.failed
Failed to update cookies.
error.modify.httpsec.policy.update.cookie.invalidregex
Invalid Regular Expression for cookie name
error.modify.httpsec.policy.update.cookie.required
Cookie name is required.
policy.httpsecurity.name
HTTP Security Policy
