Hi all,
FYI,
With related to issues [1,2] a token persisting mechanism was added in
rampart-trust level and integrated it in to wso2carbon-sts.
Following are the configurations and a folder path added to carbon, please
let me know if you have any objections with related to them.
1. Currently the default persister for standalone server is a file system
based persister and its configurations is set in 'Security' section of
carbon.xml as [3] below:
- One can disable in-memory token store using the parameter
'DisableTokenStore'.
- A custom persister can be plugged in using 'TokenPersister'
configurations. Default persister uses only the defined parameters and any
custom parameters can be defined in 'Properties' section.
- Related configurations in rampart STS level is shown in [4], which
is set in 'saml-issuer-config' of service.xml.
2. The persistence location of the default file system based persister is
set as ${carbon.home}/repository/resources/security/tokenstore. Hence a new
folder named 'tokenstore' is added in the mentioned path.
[1] https://wso2.org/jira/browse/CARBON-11228
[2] https://issues.apache.org/jira/browse/RAMPART-337
[3]
<!--Option to disable storing of tokens issued by STS-->
<DisableTokenStore>false</DisableTokenStore>
<!--
Token Persister configuration for non-volatile storage of SAML tokens issued
by STS:
1. TokenPersister class
2. TokenStorage path
3. Maximum number of tokens in volatile storage
4. Any other custom properties
-->
<TokenPersister>
<Class>org.apache.rahas.impl.FSBasedRetiredTokenPersister</Class>
<StoragePath>${carbon.home}/repository/resources/security/tokenstore</StoragePath>
<InMemoryThreshold>500</InMemoryThreshold>
<!--Properties>
<Property>
<Name>propName</Name>
<Value>propValue</Value>
</Property>
</Properties-->
</TokenPersister>
[4]
<!--Option to disable storing of tokens issued by STS-->
<DisableTokenStore>true</DisableTokenStore>
<!--
Token Persister configuration for non-volatile storage of tokens
1. TokenPersister class
2. TokenStorage path
3. Maximum number of tokens in volatile storage before retiring
tokens
-->
<TokenPersister
class="org.apache.rahas.impl.FSBasedRetiredTokenPersister">
<property
name="StoragePath">/home/hasini/Desktop/trust/tokens</property>
<property name="InMemoryThreshold">5</property>
</TokenPersister>
Thanks,
Hasini.
_______________________________________________
Carbon-dev mailing list
[email protected]
http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
