Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [higgins-dev] Problem deploying TokenService M6

Sorry for the late reply,

I have used the ConfigurationFiles that come inside org.eclipse.higgins.stst.binding.axis1x.service and I changed all the params to match my configuration. I have to say that I made it before asking you for help so I guess that the "root cause" may not be there.

Also, there are no big differences between 1.1M1 ManagedConfiguration file and 1.1M6. The changes are this ones:
  • There isn't the Base64Extension setting inside ComponentSettings
  • There are a few more token settings that are for SAML2.0
  • ALFClaimHandler has disappeared.
I'll try to find out the solution myself in the next hours but if you want I'll send you both of my config files M1 and M6 ones.

---
David Campos


On Thu, Jul 16, 2009 at 16:55, Sergey Lyakhov <slyakhov@xxxxxxxxxxxxxx> wrote:
Paul,
 
> But what was the “root cause” here? Are the build instructions, etc. wrong? What do you think happened?
 
The “root cause" is that configuration mechanism of IdASRegistry/JNDI CP has been changed since 1.1M1.  I suppose David needs to use org.eclipse.higgins.sts.binding.axis1x.service\WebContent\ConfigurationFiles\ManagedConfiguration.xml file from 1.1M6, however I do not have an experience to deploy STS with JNDI CP since 1.1M0 and do not know which additional changes where there.
 
Thanks,
Sergey Lyakhov
----- Original Message -----
Sent: Thursday, July 16, 2009 4:44 PM
Subject: Re: [higgins-dev] Problem deploying TokenService M6

Thanks Sergey. But what was the “root cause” here? Are the build instructions, etc. wrong? What do you think happened?


On 7/16/09 9:38 AM, "Sergey Lyakhov" <slyakhov@xxxxxxxxxxxxxx> wrote:

David,

It looks you missed "ContextTypes" list for JNDI context cactory in your configuration file.

........................
   <Setting Name="IdentityAttributeService" Type="htf:map">
    <Setting Name="ContextFactoryInstancesList" Type="htf:list">
     <Setting Name="JNDIContextFactory" Type="htf:map">
      <Setting Name="Instance" Type="xsd:string">JNDIContextFactory</Setting>
      <Setting Name="ContextTypes" Type="htf:list">
       <Setting Name="LDAPContextType" Type="xsd:string">$context+ldap</Setting>
      </Setting>
     </Setting>
    </Setting>
........................

Thanks,
Sergey Lyakhov

----- Original Message -----
 
From:  David Campos <mailto:noymn.the.archangel@xxxxxxxxx>  
 
To: Higgins (Trust Framework) Project  developer discussions <mailto:higgins-dev@xxxxxxxxxxx>  
 
Sent: Thursday, July 16, 2009 4:16  PM
 
Subject: [higgins-dev] Problem deploying  TokenService M6
 

Hello all,

After a long time using Higgins TokenService  1.1M1 we have decided to migrate to the last milestone available. I have done  all proper configurations and add the right libraries (including the ones that  don't come into the war package).

The problem I've found is that the  app fails on configuration while is trying to configure the IdasRegistry  component.

This is the trace of the log:

 
5:10:57,790  DEBUG MapHandler.getSetting (117):] Adding Map Entry for Name:  ComponentSettings
[15:10:57,791 DEBUG SingletonHandler.getSetting (45):]  Setting Name: XMLSecurityExtension Value:  org.eclipse.higgins.sts.xmlsecurity.apache.XMLSecurityApacheExtensionFactory
[15:10:57,797  DEBUG LogHelper.trace (71):]  XMLSecurityApacheExtension:XMLSecurityApacheExtension
[15:10:57,800 DEBUG  LogHelper.trace (71):] XMLSecurityApacheExtension:configure
[15:10:57,857  DEBUG LogHelper.trace (71):] SignatureAlgorithm: http://www.w3.org/2000/09/xmldsig#rsa-sha1
[15:10:57,858  DEBUG LogHelper.trace (71):] SignatureCanonicalizationAlgorithm: http://www.w3.org/2001/10/xml-exc-c14n#
[15:10:57,858  DEBUG LogHelper.trace (71):] ReferenceCanonicalizationAlgorithm: http://www.w3.org/2001/10/xml-exc-c14n#
[15:10:57,858  DEBUG LogHelper.trace (71):] ReferenceDigestAlgorithm: http://www.w3.org/2000/09/xmldsig#sha1
[15:10:57,859  DEBUG LogHelper.trace (71):] EncryptionAlgorithm: http://www.w3.org/2001/04/xmlenc#aes256-cbc
[15:10:57,859  DEBUG LogHelper.trace (71):] EncryptionAlgorithmProvider:  null
[15:10:57,860 DEBUG LogHelper.trace (71):]  EncryptionDigestAlgorithm: http://www.w3.org/2000/09/xmldsig#sha1
[15:10:57,860  DEBUG LogHelper.trace (71):] EncryptionKeyGeneratorAlgorithm:  AES
[15:10:57,860 DEBUG LogHelper.trace (71):]  EncryptionKeyGeneratorSize: 256
[15:10:57,861 DEBUG LogHelper.trace  (71):] EncryptionKeyGeneratorAlgorithmProvider: null
[15:10:57,861 DEBUG  LogHelper.trace (71):] EncryptionKeyWrapAlgorithm: http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p
[15:10:57,863  DEBUG LogHelper.trace (71):] EncryptionKeyWrapAlgorithmProvider:  null
[15:10:57,863 DEBUG MapHandler.getSetting (117):] Adding Map Entry  for Name: XMLSecurityExtension
[15:10:57,864 DEBUG  ClassInstanceHandler.getSetting (80):] Setting Name: JNDIContextFactory  Value: org.eclipse.higgins.idas.cp.jndi.JNDIContextFactory
[15:10:57,870  DEBUG MapHandler.getSetting (117):] Adding Map Entry for Name:  JNDIContextFactory
[15:10:57,870 DEBUG ClassSingletonHandler.getSetting  (46):] Setting Name: IdentityAttributeService Value:  org.eclipse.higgins.idas.registry.IdASRegistry
[15:10:57,877 ERROR  ConfigurationHandler.configure (439):]
[15:10:57,877 ERROR  LogHelper.error (119):] modifyProfile: null
[15:10:57,878 ERROR  LogHelper.error (119):] java.lang.NullPointerException
[15:10:57,881  ERROR LogHelper.error (119):]  org.eclipse.higgins.idas.registry.IdASRegistry::registerContextFactory  IdASRegistry.java:467.
[15:10:57,882 ERROR LogHelper.error (119):]  org.eclipse.higgins.idas.registry.IdASRegistry::configure  IdASRegistry.java:291.
[15:10:57,882 ERROR LogHelper.error (119):]  org.eclipse.higgins.configuration.xml.ClassSingletonHandler::getSetting  ClassSingletonHandler.java:81.
[15:10:57,883 ERROR LogHelper.error  (119):] org.eclipse.higgins.configuration.xml.MapHandler::getSetting  MapHandler.java:108.
[15:10:57,883 ERROR LogHelper.error (119):]  org.eclipse.higgins.configuration.xml.ConfigurationHandler::configure  ConfigurationHandler.java:425.
[15:10:57,884 ERROR LogHelper.error  (119):]  org.eclipse.higgins.configuration.xml.ConfigurationHandler::configure  ConfigurationHandler.java:291.
[15:10:57,884 ERROR LogHelper.error  (119):] org.eclipse.higgins.sts.utilities.Configuration::configure  Configuration.java:60.

I don't know which is the reason of  this error... could you help me?

---
David Campos
 

 



_______________________________________________
higgins-dev mailing  list
higgins-dev@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/higgins-dev


_______________________________________________
higgins-dev mailing list
higgins-dev@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/higgins-dev

_______________________________________________
higgins-dev mailing list
higgins-dev@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/higgins-dev


<!--
/*******************************************************************************
 * Copyright (c) 2006 IBM Corporation.
 * All rights reserved. This program and the accompanying materials
 * are made available under the terms of the Eclipse Public License v1.0
 * which accompanies this distribution, and is available at
 * http://www.eclipse.org/legal/epl-v10.html
 *
 * Contributors:
 *    Michael McIntosh (IBM Corporation) - initial definition
 *******************************************************************************/ 
 --> 
<Configuration
	xmlns:xsd="http://www.w3.org/2001/XMLSchema";
	xmlns="http://higgins.eclipse.org/sts/Configuration";
	xmlns:htf="http://higgins.eclipse.org/sts/Configuration";
	xsd:schemaLocation="http://higgins.eclipse.org/sts/Configuration Configuration.xsd ">
	
	<!--  The setting handlers are classes that consume Setting elements where the Type matches and generate an object of the Class -->
	<SettingHandlers>
		<SettingHandler Type="htf:map" Class="java.util.Map" Handler="org.eclipse.higgins.configuration.xml.MapHandler"/>
		<SettingHandler Type="htf:list" Class="java.util.List" Handler="org.eclipse.higgins.configuration.xml.ListHandler"/>
		<SettingHandler Type="xsd:string" Class="java.lang.String" Handler="org.eclipse.higgins.configuration.xml.StringHandler"/>
		<SettingHandler Type="xsd:boolean" Class="java.lang.Boolean" Handler="org.eclipse.higgins.configuration.xml.BooleanHandler"/>
		<SettingHandler Type="xsd:anyURI" Class="java.net.URI" Handler="org.eclipse.higgins.configuration.xml.URIHandler"/>
		<SettingHandler Type="htf:file" Class="java.io.FileInputStream" Handler="org.eclipse.higgins.configuration.xml.FileHandler"/>
		<SettingHandler Type="htf:keystore" Class="java.security.KeyStore" Handler="org.eclipse.higgins.configuration.xml.KeyStoreHandler"/>
		<SettingHandler Type="htf:certificate" Class="java.lang.String" Handler="org.eclipse.higgins.configuration.xml.CertificateHandler"/>
		<SettingHandler Type="htf:privatekey" Class="java.security.PrivateKey" Handler="org.eclipse.higgins.configuration.xml.PrivateKeyHandler"/>
		<SettingHandler Type="htf:singleton" Class="java.lang.Object" Handler="org.eclipse.higgins.configuration.xml.SingletonHandler"/>
		<SettingHandler Type="htf:instance" Class="java.lang.Object" Handler="org.eclipse.higgins.configuration.xml.InstanceHandler"/>
		<SettingHandler Type="htf:extensionmap" Class="java.util.Map" Handler="org.eclipse.higgins.sts.server.mapper.extension.ExtensionMapHandler"/>
		<SettingHandler Type="htf:extensionmapkey" Class="org.eclipse.higgins.sts.impl.ExtensionMapKey" Handler="org.eclipse.higgins.sts.server.mapper.extension.ExtensionMapKeyHandler"/>
		<SettingHandler Type="htf:appliestomap" Class="java.util.Map" Handler="org.eclipse.higgins.sts.server.mapper.appliesto.AppliesToMapHandler"/>
		<SettingHandler Type="htf:appliestomapping" Class="java.util.Map" Handler="org.eclipse.higgins.sts.server.mapper.appliesto.AppliesToMappingHandler"/>
		<SettingHandler Type="htf:classinstance" Class="java.lang.Object" Handler="org.eclipse.higgins.configuration.xml.ClassInstanceHandler"/>
		<SettingHandler Type="htf:classsingleton" Class="java.lang.Object" Handler="org.eclipse.higgins.configuration.xml.ClassSingletonHandler"/>
		<SettingHandler Type="htf:jscriptexec" Class="org.eclipse.higgins.util.jscript.JScriptExec" Handler="org.eclipse.higgins.util.idas.cp.jscript.JScriptExecSettingHandler"/>
		<SettingHandler Type="htf:jscriptscope" Class="org.eclipse.higgins.util.jscript.JScriptScope" Handler="org.eclipse.higgins.util.idas.cp.jscript.JScriptScopeSettingHandler"/>
	</SettingHandlers>
	
	<Setting Name="STSConfiguration" Type="htf:map">

		<!-- The logical name of the Token Issuer to be placed into generated cards
			- optionally change "higgins.eclipse.org" to the hostname where the STS will be deployed
			- need not resolve to actual endpoint
			- used for matching when RP specifies an Issuer -->
		<Setting Name="TokenServiceIssuerURI" Type="xsd:anyURI">https://semanticon.safelayer.lan/SWP_InteridyIdP/services/Trust</Setting>
		<!-- The WS-Trust endpoint URL to be placed into generated cards
			- change "localhost" to the hostname if not collocated with identity selector
			- note that the SSL certificate must match the machine name -->
		<Setting Name="TokenServiceTrustURI" Type="xsd:anyURI">https://semanticon.safelayer.lan/SWP_InteridyIdP/services/Trust</Setting>
		<!-- The WS-Transfer endpoint URL to be placed into generated cards
			- when Username Tokens are used to authenticate to the IP/STS
			- change "localhost" to the hostname if not collocated with identity selector
			- note that the SSL certificate must match the machine name -->
		<Setting Name="UsernameTokenMetadataURI" Type="xsd:anyURI">https://semanticon.safelayer.lan/SWP_InteridyIdP/services/MetadataUsernameToken</Setting>
		<!-- The WS-Transfer endpoint URL to be placed into generated cards
			- when SelfSignedSAML Tokens are used to authenticate to the IP/STS
			- change "localhost" to the hostname if not collocated with identity selector
			- note that the SSL certificate must match the machine name -->
		<Setting Name="SelfSignedSAMLTokenMetadataURI" Type="xsd:anyURI">https://semanticon.safelayer.lan/SWP_InteridyIdP/services/MetadataSelfSignedSAMLToken</Setting>

		<!-- The WS-Transfer endpoint URL to be placed into generated cards
			- when X509 Tokens are used to authenticate to the IP/STS
			- change "localhost" to the hostname if not collocated with identity selector
			- note that the SSL certificate must match the machine name -->
		<Setting Name="X509TokenMetadataURI" Type="xsd:anyURI">https://semanticon.safelayer.lan/SWP_InteridyIdP/services/MetadataX509Token</Setting>

		<!-- Note about keystores:  You may use two keystores  
			one (IssuerKeystore) for the signing of cards, 
			and another (SSLKeystore) for transport security 
			or you may use the same keystore for both
		    Change "localhost.jks" to your keystore's filename.  
			Note: this must be the keystore file or a soft link 
			to the keystore file. Either way, it must be in the 
			same directory as this file (Configuration.xml) -->
		<!--  The Key Store that contains the Issuer and SSL Certificate(s) and Private Key -->
		<Setting Name="STSKeyStore" Type="htf:keystore">
			<!-- The type of the Key Store -->
			<Setting Name="Type" Type="xsd:string">JKS</Setting>
			<!-- The file that contains the Key Store
				- location relative to the Configuration directory -->
			<Setting Name="File" Type="htf:file">InteridyIdP.jks</Setting>
			<!-- The password for the Key Store -->
			<Setting Name="Password" Type="xsd:string">demodemo</Setting>
		</Setting>
		
		<!--  The Issuer Certificate -->
		<Setting Name="IssuerCertificate" Type="htf:certificate">
			<!--  The Name of the Key Store that contains the Certificate -->
			<Setting Name="KeyStoreName" Type="xsd:string">STSKeyStore</Setting>
			<!-- The alias for the Certificate in the Key Store -->
			<Setting Name="Alias" Type="xsd:string">interidy</Setting>	
		</Setting>
		
		<!--  The Issuer Key -->
		<Setting Name="IssuerPrivateKey" Type="htf:privatekey">
			<!--  The Key Store that contains the Private Key -->
			<Setting Name="KeyStoreName" Type="xsd:string">STSKeyStore</Setting>
			<!-- The alias for the Private Key in the Key Store -->
			<Setting Name="Alias" Type="xsd:string">interidy</Setting>	
			<!-- The password for the Key in the Key Store -->
			<Setting Name="Password" Type="xsd:string">demodemo</Setting>
		</Setting>
		
		<!--  The SSL Certificate -->
		<Setting Name="SSLCertificate" Type="htf:certificate">
			<!--  The Name of the Key Store that contains the Certificate -->
			<Setting Name="KeyStoreName" Type="xsd:string">STSKeyStore</Setting>
			<!-- The alias for the Certificate in the Key Store -->
			<Setting Name="Alias" Type="xsd:string">interidy</Setting>	
		</Setting>
				
		<!-- Provides the AttributeName, AttributeNamespace, and DisplayName" for each Attribute/Claim -->
		<Setting Name="AttributeClaimMap" Type="htf:map">
			<Setting Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">givenname</Setting>
				<Setting Name="AttributeName" Type="xsd:string">givenname</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">First Name</Setting>
			</Setting>
			<Setting Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">surname</Setting>
				<Setting Name="AttributeName" Type="xsd:string">sn</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Last Name</Setting>
			</Setting>
			<Setting Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">emailaddress</Setting>
				<Setting Name="AttributeName" Type="xsd:string">mail</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Email Address</Setting>
			</Setting>
			<Setting Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/streetaddress"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">streetaddress</Setting>
				<Setting Name="AttributeName" Type="xsd:string">street</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Street Address</Setting>
			</Setting>
			<Setting Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/locality"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">locality</Setting>
				<Setting Name="AttributeName" Type="xsd:string">l</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Locality Name or City</Setting>
			</Setting>
			<Setting Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/stateorprovince"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">stateorprovince</Setting>
				<Setting Name="AttributeName" Type="xsd:string">st</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">State or Province</Setting>
			</Setting>
			<Setting Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/postalcode"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">postalcode</Setting>
				<Setting Name="AttributeName" Type="xsd:string">postalcode</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Postal Code</Setting>
			</Setting>
			<Setting Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/country"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">country</Setting>
				<Setting Name="AttributeName" Type="xsd:string">c</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Country</Setting>
			</Setting>			
			<Setting Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/homephone"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">homephone</Setting>
				<Setting Name="AttributeName" Type="xsd:string">homephone</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Primary or Home Telephone Number</Setting>
			</Setting>
			<Setting Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/mobilephone"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">mobilephone</Setting>
				<Setting Name="AttributeName" Type="xsd:string">mobile</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Mobile Telephone Number</Setting>
			</Setting>
			<Setting Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/dateofbirth"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">dateofbirth</Setting>
				<Setting Name="AttributeName" Type="xsd:string">dateofbirth</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Date of Birth</Setting>
			</Setting>
			<Setting Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/gender"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">gender</Setting>
				<Setting Name="AttributeName" Type="xsd:string">gender</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Gender</Setting>
			</Setting>
			<Setting Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">privatepersonalidentifier</Setting>
				<!-- <Setting Name="AttributeName" Type="xsd:string">privatepersonalidentifier</Setting> -->
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Private Personal Identifier</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/isadult"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">isadult</Setting>
				<Setting Name="AttributeName" Type="xsd:string">isadult</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Is Adult</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/birthday"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">birthday</Setting>
				<Setting Name="AttributeName" Type="xsd:string">birthday</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Birthday</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/dni"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">dni</Setting>
				<Setting Name="AttributeName" Type="xsd:string">dni</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">DNI</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/nationality"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">nationality</Setting>
				<Setting Name="AttributeName" Type="xsd:string">nationality</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Nationality</Setting>
			</Setting>
			<!--			
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/issfly_employee"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">issfly_employee</Setting>
				<Setting Name="AttributeName" Type="xsd:string">issfly_employee</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Works for Safelayer</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/hasdiploma"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">hasdiploma</Setting>
				<Setting Name="AttributeName" Type="xsd:string">hasdiploma</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Has a Diploma</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/hascredit"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">hascredit</Setting>
				<Setting Name="AttributeName" Type="xsd:string">hascredit</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Has available credit</Setting>
			</Setting>
			-->
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/verified_givenname"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">verified_givenname</Setting>
				<Setting Name="AttributeName" Type="xsd:string">verifiedGivenname</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Verified Givenname</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/verified_surname"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">verified_surname</Setting>
				<Setting Name="AttributeName" Type="xsd:string">verifiedSurname</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Verified Surname</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/verified_emailaddress"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">verified_emailaddress</Setting>
				<Setting Name="AttributeName" Type="xsd:string">verifiedEmailaddress</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Verified Email Address</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/verified_streetaddress"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">verified_streetaddress</Setting>
				<Setting Name="AttributeName" Type="xsd:string">verifiedStreetaddress</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Verified Street Address</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/verified_locality"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">verified_locality</Setting>
				<Setting Name="AttributeName" Type="xsd:string">verifiedLocality</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Verified Locality</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/verified_stateorprovince"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">verified_stateorprovince</Setting>
				<Setting Name="AttributeName" Type="xsd:string">verifiedStateorprovince</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Verified State or Province</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/verified_postalcode"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">verified_postalcode</Setting>
				<Setting Name="AttributeName" Type="xsd:string">verifiedPostalcode</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Verified Postal Code</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/verified_country"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">verified_country</Setting>
				<Setting Name="AttributeName" Type="xsd:string">verifiedCountry</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Verified Country</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/verified_homephone"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">verified_homephone</Setting>
				<Setting Name="AttributeName" Type="xsd:string">verifiedHomephone</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Verified Home Phone</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/verified_mobilephone"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">verified_mobilephone</Setting>
				<Setting Name="AttributeName" Type="xsd:string">verifiedMobilephone</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Verified Mobile Phone</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/verified_dateofbirth"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">verified_dateofbirth</Setting>
				<Setting Name="AttributeName" Type="xsd:string">verifiedDateofbirth</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Verified Date of Birth</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/verified_gender"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">verified_gender</Setting>
				<Setting Name="AttributeName" Type="xsd:string">verifiedGender</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Verified Gender</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/verified_isadult"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">verified_isadult</Setting>
				<Setting Name="AttributeName" Type="xsd:string">verifiedIsadult</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Verified Is Adult</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/verified_birthday"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">verified_birthday</Setting>
				<Setting Name="AttributeName" Type="xsd:string">verifiedBirthday</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Verified Birthday</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/verified_dni"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">verified_dni</Setting>
				<Setting Name="AttributeName" Type="xsd:string">verifiedDni</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Verified DNI</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/verified_nationality"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">verified_nationality</Setting>
				<Setting Name="AttributeName" Type="xsd:string">verifiedNationality</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Verified Nationality</Setting>
			</Setting>
			<!--
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/verified_issfly_employee"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">verified_issfly_employee</Setting>
				<Setting Name="AttributeName" Type="xsd:string">verified_issfly_employee</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Verified Works for Safelayer</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/verified_hasdiploma"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">verified_hasdiploma</Setting>
				<Setting Name="AttributeName" Type="xsd:string">verified_hasdiploma</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Verified Has a Diploma</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/verified_hascredit"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">verified_hascredit</Setting>
				<Setting Name="AttributeName" Type="xsd:string">verified_hascredit</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Verified has available credit</Setting>
			</Setting>
			-->
		</Setting>
		<Setting Name="ComponentSettings" Type="htf:map">
			<Setting Name="XMLSecurityExtension" Type="htf:map"/>
			<Setting Name="JNDIContextFactory" Type="htf:map"/>
			<Setting Name="IdentityAttributeService" Type="htf:map">
				<Setting Name="ContextFactoryInstancesList" Type="htf:list">
					<Setting Name="JNDIContextFactory" Type="htf:map">
						<Setting Name="Instance" Type="xsd:string">JNDIContextFactory</Setting>
						<Setting Name="ContextTypes" Type="htf:list">
							<Setting Name="LDAPContextType" Type="xsd:string">$context+ldap</Setting>
						</Setting>
					</Setting>
				</Setting>
				<Setting Name="ContextIdsList" Type="htf:list">
					<Setting Name="urn:Higgins-LDAP-Server" Type="htf:map">
						<Setting Name="ContextId" Type="xsd:string">urn:Higgins-LDAP-Server</Setting>
						<Setting Name="ContextTypes" Type="htf:list">
							<Setting Name="LDAPContextType" Type="xsd:string">$context+ldap</Setting>
						</Setting>
						<Setting Name="ContextUris" Type="htf:list">
							<Setting Name="DefaultContextUri" Type="xsd:anyURI">urn:Higgins-LDAP-Server</Setting>
						</Setting>
						<Setting Name="Connection" Type="htf:map">
							<Setting Name="ConnectionType" Type="xsd:string">LDAP</Setting>
							<Setting Name="AddressList" Type="htf:list">
								<Setting Name="Address" Type="xsd:string">ldap://swp-ldap:389</Setting>
							</Setting>
							<Setting Name="jndiProvider" Type="xsd:string">com.sun.jndi.ldap.LdapCtxFactory</Setting>
						</Setting>
						<Setting Name="env" Type="htf:map">
							<Setting Name="java.naming.security.authentication" Type="xsd:string">simple</Setting>
							<Setting Name="java.naming.security.principal" Type="xsd:string">cn=admin,dc=safelayer,dc=com</Setting>
							<Setting Name="java.naming.security.credentials" Type="xsd:string">demodemo</Setting>
							<Setting Name="java.naming.ldap.attributes.binary" Type="xsd:string">guid</Setting>
						</Setting>
						<Setting Name="JSPolicyAction" Type="htf:map">
							<Setting Name="JSSharedScope" Type="htf:jscriptscope">
								<![CDATA[
									var multimap = {
										consumer: [],
										provider: []
										};
									multimap.consumer["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname";] =
										["givenname", "givenName", "2.5.4.42"];
									multimap.consumer["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname";] =
										["sn", "surname", "2.5.4.4"];
									multimap.consumer["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress";] =
										["mail", "email", "emailaddress", "internetaddress", 
										 "1.2.840.113549.1.9.1", "rfc822mailbox", "0.9.2342.19200300.100.1.3"];
									multimap.consumer["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/streetaddress";] =
										["street", "streetaddress", "2.5.4.9"];
									multimap.consumer["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/locality";] =
										["localityName", "2.5.4.7"];
									multimap.consumer["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/stateorprovince";] =
										["st", "stateprovincename", "2.5.4.8"];
									multimap.consumer["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/postalcode";] =
										["postalcode", "2.5.4.17"];
									multimap.consumer["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/country";] =
										["countryname", "2.5.4.6"];
									multimap.consumer["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/homephone";] =
										["homephone", "telephonenumber", "2.5.4.20"];
									multimap.consumer["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/mobilephone";] =
										["mobile", "mobilephone", "0.9.2342.19200300.100.1.41"];
									multimap.consumer["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/dateofbirth";] =
										["dateofbirth"];
									multimap.consumer["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/gender";] =
										["gender"];
									multimap.consumer["http://www.safelayer.com/higgins/2008/05/identity/claims/isadult";] =
										["isadult"];
									multimap.consumer["http://www.safelayer.com/higgins/2008/05/identity/claims/dni";] =
										["dni"];
									multimap.consumer["http://www.safelayer.com/higgins/2008/05/identity/claims/nationality";] =
										["nationality"];
									multimap.consumer["http://www.safelayer.com/higgins/2008/05/identity/claims/birthday";] =
										["birthday"];
									multimap.consumer["http://www.safelayer.com/higgins/2008/05/identity/claims/verified_givenname";] =
										["verifiedGivenname"];
									multimap.consumer["http://www.safelayer.com/higgins/2008/05/identity/claims/verified_surname";] =
										["verifiedSurname"];
									multimap.consumer["http://www.safelayer.com/higgins/2008/05/identity/claims/verified_emailaddress";] =
										["verifiedEmailaddress"];
									multimap.consumer["http://www.safelayer.com/higgins/2008/05/identity/claims/verified_streetaddress";] =
										["verifiedStreetaddress"];
									multimap.consumer["http://www.safelayer.com/higgins/2008/05/identity/claims/verified_locality";] =
										["verifiedLocality"];
									multimap.consumer["http://www.safelayer.com/higgins/2008/05/identity/claims/verified_stateorprovince";] =
										["verifiedStateorprovince"];
									multimap.consumer["http://www.safelayer.com/higgins/2008/05/identity/claims/verified_postalcode";] =
										["verifiedPostalcode"];
									multimap.consumer["http://www.safelayer.com/higgins/2008/05/identity/claims/verified_country";] =
										["verifiedCountry"];
									multimap.consumer["http://www.safelayer.com/higgins/2008/05/identity/claims/verified_homephone";] =
										["verifiedHomephone"];
									multimap.consumer["http://www.safelayer.com/higgins/2008/05/identity/claims/verified_mobilephone";] =
										["verifiedMobilephone"];
									multimap.consumer["http://www.safelayer.com/higgins/2008/05/identity/claims/verified_dateofbirth";] =
										["verifiedDateofbirth"];
									multimap.consumer["http://www.safelayer.com/higgins/2008/05/identity/claims/verified_gender";] =
										["verifiedGender"];
									multimap.consumer["http://www.safelayer.com/higgins/2008/05/identity/claims/verified_isadult";] =
										["verifiedIsadult"];
									multimap.consumer["http://www.safelayer.com/higgins/2008/05/identity/claims/verified_dni";] =
										["verifiedDni"];
									multimap.consumer["http://www.safelayer.com/higgins/2008/05/identity/claims/verified_nationality";] =
										["verifiedNationality"];
									multimap.consumer["http://www.safelayer.com/higgins/2008/05/identity/claims/verified_birthday";] =
										["verifiedBirthday"];
									for (elem in multimap.consumer)
									{
										for (provider in multimap.consumer[elem])
											multimap.provider[multimap.consumer[elem][provider]] = elem;
									}
								]]>
							</Setting>
							<Setting Name="consumerEntityIDToProvider" Type="htf:jscriptexec">
								<![CDATA[
									RESULT = "uid=" + consumerID + ",ou=identities,dc=higgins,dc=safelayer,dc=com"
								]]>
							</Setting>
							<Setting Name="providerEntityIDToConsumer" Type="htf:jscriptexec">
								<![CDATA[
									var re = new RegExp("^uid=(.*),ou=identities,dc=higgins,dc=safelayer,dc=com$", "i");
									RESULT = String(providerID.toString()).replace(re, "$1");
								]]>
							</Setting>
							<Setting Name="consumerAIDToProvider" Type="htf:jscriptexec">
								<![CDATA[
									map = multimap.consumer[String(consumerID.toString())];
									if (!map)
									{
										var re = new RegExp("^http://www.eclipse.org/higgins/ontologies/2006/higgins/ldap#attr_";, "i");
										map = String(consumerID.toString()).replace(re, "");
									}
									RESULT = map;
								]]>
							</Setting>
							<Setting Name="providerAIDToConsumer" Type="htf:jscriptexec">
								<![CDATA[
									map = multimap.provider[String(providerID.toString()).toLowerCase()];
									if (!map)
										map = "http://www.eclipse.org/higgins/ontologies/2006/higgins/ldap#attr_"; + providerID.toString();
									RESULT = map;
								]]>
							</Setting>
							<Setting Name="consumerEntityTypeToProvider" Type="htf:jscriptexec">
								<![CDATA[
									var re = new RegExp("^http://www.eclipse.org/higgins/ontologies/2006/higgins/ldap#class_";, "i");
									RESULT = String(consumerType.toString()).replace(re, "");
								]]>
							</Setting>
							<Setting Name="providerEntityTypeToConsumer" Type="htf:jscriptexec">
								<![CDATA[
									RESULT = "http://www.eclipse.org/higgins/ontologies/2006/higgins/ldap#class_"; + String(providerType.toString());
								]]>
							</Setting>
						</Setting>
					</Setting>
				</Setting>
			</Setting>
			<Setting Name="AppliesToMapper" Type="htf:map">
				<!-- The Extension Maps - used to map RSTs by their content to Token Extensions -->
				<Setting Name="AppliesToMap" Type="htf:appliestomap">
					<Setting Name="MikesSite" Type="htf:map">
						<Setting Name="AppliesTo" Type="xsd:anyURI">http://mikes.com/</Setting>
						<Setting Name="AppliesToMapping" Type="htf:appliestomapping">
							<Setting Name="TokenType" Type="xsd:anyURI">urn:oasis:names:tc:SAML:1.0:assertion</Setting>
							<Setting Name="Issuer" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/issuer/self</Setting>
						</Setting>
					</Setting>
				</Setting>
			</Setting>
			<Setting Name="ExtensionMapper" Type="htf:map">
				<!-- The Extension Maps - used to map RSTs by their content to Token Extensions -->
				<Setting Name="ExtensionMap" Type="htf:extensionmap">
					<Setting Name="SAML1.0Assertion-Null-Issue-Null" Type="htf:map">
						<Setting Name="ExtensionMapKey" Type="htf:extensionmapkey">
							<Setting Name="TokenType" Type="xsd:anyURI">urn:oasis:names:tc:SAML:1.0:assertion</Setting>
							<Setting Name="RequestType" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</Setting>
						</Setting>
						<Setting Name="ExtensionName" Type="xsd:string">SAMLIssue</Setting>
					</Setting>
					<Setting Name="SAML1.0Assertion-Issue-Issue-Null" Type="htf:map">
						<Setting Name="ExtensionMapKey" Type="htf:extensionmapkey">
							<Setting Name="TokenType" Type="xsd:anyURI">urn:oasis:names:tc:SAML:1.0:assertion</Setting>
							<Setting Name="Action" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue</Setting>
							<Setting Name="RequestType" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</Setting>
						</Setting>
						<Setting Name="ExtensionName" Type="xsd:string">SAMLIssue</Setting>
					</Setting>
					<Setting Name="SAML1.1Token-Issue-Issue-Null" Type="htf:map">
						<Setting Name="ExtensionMapKey" Type="htf:extensionmapkey">
							<Setting Name="TokenType" Type="xsd:anyURI">http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1</Setting>
							<Setting Name="Action" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue</Setting>
							<Setting Name="RequestType" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</Setting>
						</Setting>
						<Setting Name="ExtensionName" Type="xsd:string">SAMLIssue</Setting>
					</Setting>
					
					<Setting Name="SAML1.1Token-Null-Issue-Null" Type="htf:map">
						<Setting Name="ExtensionMapKey" Type="htf:extensionmapkey">
							<Setting Name="TokenType" Type="xsd:anyURI">http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1</Setting>
							<Setting Name="RequestType" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</Setting>
						</Setting>
						<Setting Name="ExtensionName" Type="xsd:string">SAMLIssue</Setting>
					</Setting>
					<Setting Name="Null-Issue-Issue-Null" Type="htf:map">
						<Setting Name="ExtensionMapKey" Type="htf:extensionmapkey">
							<Setting Name="Action" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue</Setting>
							<Setting Name="RequestType" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</Setting>
						</Setting>
						<Setting Name="ExtensionName" Type="xsd:string">SAMLIssue</Setting>
					</Setting>
					<Setting Name="Null-Null-Issue-Null" Type="htf:map">
						<Setting Name="ExtensionMapKey" Type="htf:extensionmapkey">
							<Setting Name="RequestType" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</Setting>
						</Setting>
						<Setting Name="ExtensionName" Type="xsd:string">SAMLIssue</Setting>
					</Setting>
					<Setting Name="SAML1.0Assertion-Null-Issue-Provider" Type="htf:map">
						<Setting Name="ExtensionMapKey" Type="htf:extensionmapkey">
							<Setting Name="TokenType" Type="xsd:anyURI">urn:oasis:names:tc:SAML:1.0:assertion</Setting>
							<Setting Name="RequestType" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</Setting>
							<Setting Name="Issuer" Type="xsd:anyURI">https://semanticon.safelayer.lan/SWP_InteridyIdP/services/Trust</Setting>
						</Setting>
						<Setting Name="ExtensionName" Type="xsd:string">SAMLIssue</Setting>
					</Setting>	
					<Setting Name="SAML2.0Assertion-Null-Issue-Null" Type="htf:map">
						<Setting Name="ExtensionMapKey" Type="htf:extensionmapkey">
							<Setting Name="TokenType" Type="xsd:anyURI">urn:oasis:names:tc:SAML:2.0:assertion</Setting>
							<Setting Name="RequestType" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</Setting>
						</Setting>
						<Setting Name="ExtensionName" Type="xsd:string">SAMLIssue</Setting>
					</Setting>
					<Setting Name="SAML2.0Assertion-Issue-Issue-Null" Type="htf:map">
						<Setting Name="ExtensionMapKey" Type="htf:extensionmapkey">
							<Setting Name="TokenType" Type="xsd:anyURI">urn:oasis:names:tc:SAML:2.0:assertion</Setting>
							<Setting Name="Action" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue</Setting>
							<Setting Name="RequestType" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</Setting>
						</Setting>
						<Setting Name="ExtensionName" Type="xsd:string">SAMLIssue</Setting>
					</Setting>
					<Setting Name="SAML2.0Token-Issue-Issue-Null" Type="htf:map">
						<Setting Name="ExtensionMapKey" Type="htf:extensionmapkey">
							<Setting Name="TokenType" Type="xsd:anyURI">http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0</Setting>
							<Setting Name="Action" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue</Setting>
							<Setting Name="RequestType" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</Setting>
						</Setting>
						<Setting Name="ExtensionName" Type="xsd:string">SAMLIssue</Setting>
					</Setting>
					<Setting Name="SAML2.0Token-Null-Issue-Null" Type="htf:map">
						<Setting Name="ExtensionMapKey" Type="htf:extensionmapkey">
							<Setting Name="TokenType" Type="xsd:anyURI">http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0</Setting>
							<Setting Name="RequestType" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</Setting>
						</Setting>
						<Setting Name="ExtensionName" Type="xsd:string">SAMLIssue</Setting>
					</Setting>
					<Setting Name="SAML2.0Assertion-Null-Issue-Provider" Type="htf:map">
						<Setting Name="ExtensionMapKey" Type="htf:extensionmapkey">
							<Setting Name="TokenType" Type="xsd:anyURI">urn:oasis:names:tc:SAML:2.0:assertion</Setting>
							<Setting Name="RequestType" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</Setting>
							<Setting Name="Issuer" Type="xsd:anyURI">https://semanticon.safelayer.lan/SWP_InteridyIdP/services/Trust</Setting>
						</Setting>
						<Setting Name="ExtensionName" Type="xsd:string">SAMLIssue</Setting>
					</Setting>	
					<Setting Name="SAML2.0Protocol-Null-Issue-Null" Type="htf:map">
						<Setting Name="ExtensionMapKey" Type="htf:extensionmapkey">
							<Setting Name="TokenType" Type="xsd:anyURI">urn:oasis:names:tc:SAML:2.0:protocol</Setting>
							<Setting Name="RequestType" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</Setting>
						</Setting>
						<Setting Name="ExtensionName" Type="xsd:string">SAMLIssue</Setting>
					</Setting>
					<Setting Name="SAML2.0Protocol-Issue-Issue-Null" Type="htf:map">
						<Setting Name="ExtensionMapKey" Type="htf:extensionmapkey">
							<Setting Name="TokenType" Type="xsd:anyURI">urn:oasis:names:tc:SAML:2.0:protocol</Setting>
							<Setting Name="Action" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue</Setting>
							<Setting Name="RequestType" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</Setting>
						</Setting>
						<Setting Name="ExtensionName" Type="xsd:string">SAMLIssue</Setting>
					</Setting>
					<Setting Name="SAML2.0Protocol-Null-Issue-Provider" Type="htf:map">
						<Setting Name="ExtensionMapKey" Type="htf:extensionmapkey">
							<Setting Name="TokenType" Type="xsd:anyURI">urn:oasis:names:tc:SAML:2.0:protocol</Setting>
							<Setting Name="RequestType" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</Setting>
							<Setting Name="Issuer" Type="xsd:anyURI">https://semanticon.safelayer.lan/SWP_InteridyIdP/services/Trust</Setting>
						</Setting>
						<Setting Name="ExtensionName" Type="xsd:string">SAMLIssue</Setting>
					</Setting>		
				</Setting>
			</Setting>
			<Setting Name="PollingMapper" Type="htf:map">
				<Setting Name="ExtensionList" Type="htf:list">
					<Setting Name="ExtensionName" Type="xsd:string">SAMLIssue</Setting>
				</Setting>			
			</Setting>
			<!-- Consumes incoming credentials and generates an IDigitalIdentity -->
			<Setting Name="DigitalIdentityHandler" Type="htf:map">
				<!-- "Special" user allowed to access IDigitalIdentity information on behalf of other users -->
				<Setting Name="TrustedDelegator" Type="xsd:string">mikemci@xxxxxxxxxx</Setting>
				<!-- ContextRef used when CardId is not present in RST -->
				<Setting Name="DefaultContextRef" Type="xsd:anyURI">urn:Higgins-LDAP-Server</Setting>
				<!-- Name of the Attribute used to provide a SubjectNameIdentifier -->
				<!--
				<Setting Name="SubjectNameIdentifierAttribute" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress</Setting>
				-->
			</Setting>
			<!-- Consumes an IDigitalIdentity and generates a Provider Signed SAML Token -->
			<Setting Name="TokenGeneratorHandler" Type="htf:map">
				<!-- KeyType used when not specified in RST -->
				<Setting Name="DefaultKeyType" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/NoProofKey</Setting>
				<!-- Whether the SubjectNameIdentifier should be included in bearer tokens (note CardSpace Conformance requires false) -->
				<Setting Name="IncludeBearerSubjectName" Type="xsd:boolean">false</Setting>
				<!-- TokenIssuer "logical name" (need not be resolved - added into tokens as the Issuer) -->
				<Setting Name="TokenIssuer" Type="xsd:anyURI">https://semanticon.safelayer.lan/SWP_InteridyIdP/services/Trust</Setting>
				<!-- When the STS should encrypt the response token (assuming the AppliesTo contains the certificate) -->
				<Setting Name="EncryptToken" Type="xsd:boolean">true</Setting>
				<!-- Name of the Attribute used to provide a SubjectNameIdentifier -->
				<!--
				<Setting Name="SubjectNameIdentifierAttribute" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress</Setting>
				-->
				<!-- Format of the Attribute used to provide a SubjectNameIdentifier -->
				<Setting Name="SubjectNameIdentifierFormat" Type="xsd:anyURI">urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</Setting>
			</Setting>
			<Setting Name="TokenEncryptHandler" Type="htf:map">
			</Setting>
			<!-- Consumes incoming credentials and generates a Provider Signed SAML Token -->
			<Setting Name="SAMLIssue" Type="htf:map">
				<Setting Name="ExtensionList" Type="htf:list">
					<Setting Name="First" Type="xsd:string">DigitalIdentityHandler</Setting>
					<Setting Name="Third" Type="xsd:string">TokenGeneratorHandler</Setting>
					<Setting Name="Fourth" Type="xsd:string">TokenEncryptHandler</Setting>
				</Setting>
			</Setting>
			<Setting Name="MetadataExchangeService" Type="htf:map">
				<!-- The file that contains the template for the WSDL returned by the WS-Transfer Endpoint
					- location relative to the Configuration directory -->
				<Setting Name="MetadataWSDLFile" Type="htf:file">metadata-wsdl.xml</Setting>
				<!-- The file that contains the Schema returned by the WS-Transfer Endpoint
					- location relative to the Configuration directory -->
				<Setting Name="MetadataSchemaFile" Type="htf:file">metadata-schema.xml</Setting>
				<!-- The file that contains the template for the WSDL returned by the WS-Transfer Endpoint
					- when UsernameTokens are used to authenticate to the IP/STS
					- location relative to the Configuration directory -->
				<Setting Name="UsernameTokenIssuePolicyFile" Type="htf:file">metadata-issue-username-supported.xml</Setting>
				<!-- The file that contains the template for the WSDL returned by the WS-Transfer Endpoint
					- when SelfSignedSAML Tokens are used to authenticate to the IP/STS
					- location relative to the Configuration directory -->
				<Setting Name="SelfSignedSAMLTokenIssuePolicyFile" Type="htf:file">metadata-issue-selfsignedsaml-supported.xml</Setting>
				
				<Setting Name="X509TokenIssuePolicyFile" Type="htf:file">metadata-issue-x509-supported.xml</Setting>
			</Setting>
			<Setting Name="SecurityTokenService" Type="htf:map">
				<Setting Name="ExtensionMapperList" Type="htf:list">
					<Setting Name="First" Type="xsd:string">AppliesToMapper</Setting>
					<Setting Name="Second" Type="xsd:string">ExtensionMapper</Setting>
					<Setting Name="Third" Type="xsd:string">PollingMapper</Setting>
				</Setting>
			</Setting>
			
			<Setting Name="ProfileService" Type="htf:map">
				<!-- The CardId to be placed into generated cards
					- see JNDI CP documentation for details
					- must point to JNDI CP config file -->
				<Setting Name="CardId" Type="xsd:anyURI">urn:Higgins-LDAP-Server</Setting>
				<!-- The file that contains the image to be placed into generated cards
					- location relative to the Configuration directory -->
				<Setting Name="CardImageFile" Type="htf:file">logo.jpg</Setting>
				<!-- The LDAP Server Endpoint where the Web Application stores User Profiles
					- this is temporary until the Context Providers are writable -->
				<Setting Name="LDAPProvider" Type="xsd:anyURI">ldap://swp-ldap:389</Setting>
				<!-- The LDAP Principal to be used to authenticate to the LDAP Server -->
				<Setting Name="LDAPPrincipal" Type="xsd:string">cn=admin,dc=safelayer,dc=com</Setting>
				<!-- The LDAP Credential to be user to authenticate to the LDAP Server -->
				<Setting Name="LDAPCredential" Type="xsd:string">demodemo</Setting>
				<!-- The initial part of the DN for the entry for each User Profile in the LDAP Store -->
				<Setting Name="LDAPEntryPrefix" Type="xsd:string">uid=</Setting>
				<!-- The final part of the DN for the endtry for each User Profile in the LDAP Store -->
				<Setting Name="LDAPEntrySuffix" Type="xsd:string">,ou=identities,dc=higgins,dc=safelayer,dc=com</Setting>
				<!-- <Setting Name="LDAPTrustedStore" Type="xsd:string">LDAPTrustStore.jks</Setting> 
				<Setting Name="LDAPTrustedStorePassword" Type="xsd:string">changeit</Setting> -->	
				<Setting Name="SupportedClaimList" Type="htf:list">
					<Setting Name="givenname" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname</Setting>
					<Setting Name="surname" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname</Setting>
					<Setting Name="emailaddress" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress</Setting>
					<Setting Name="streetaddress" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims/streetaddress</Setting>				
					<Setting Name="locality" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims/locality</Setting>
					<Setting Name="stateorprovince" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims/stateorprovince</Setting>
					<Setting Name="postalcode" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims/postalcode</Setting>
					<Setting Name="country" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims/country</Setting>
					<Setting Name="homephone" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims/homephone</Setting>						
					<Setting Name="mobilephone" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims/mobilephone</Setting>
					<Setting Name="dateofbirth" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims/dateofbirth</Setting>
					<Setting Name="gender" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims/gender</Setting>
					<Setting Name="isadult" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims/isadult</Setting>
					<Setting Name="dni" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims/dni</Setting>
					<Setting Name="nationality" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims/nationality</Setting>
					<Setting Name="birthday" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims/birthday</Setting>
					<Setting Name="privatepersonalidentifier" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier</Setting>
					<Setting Name="verified_givenname" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims/verified_givenname</Setting>
					<Setting Name="verified_surname" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims/verified_surname</Setting>
					<Setting Name="verified_emailaddress" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims/verified_emailaddress</Setting>
					<Setting Name="verified_streetaddress" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims/verified_streetaddress</Setting>
					<Setting Name="verified_locality" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims/verified_locality</Setting>
					<Setting Name="verified_stateorprovince" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims/verified_stateorprovince</Setting>
					<Setting Name="verified_postalcode" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims/verified_postalcode</Setting>
					<Setting Name="verified_country" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims/verified_country</Setting>
					<Setting Name="verified_homephone" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims/verified_homephone</Setting>
					<Setting Name="verified_mobilephone" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims/verified_mobilephone</Setting>
					<Setting Name="verified_dateofbirth" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims/verified_dateofbirth</Setting>
					<Setting Name="verified_gender" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims/verified_gender</Setting>
					<Setting Name="verified_isadult" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims/verified_isadult</Setting>
					<Setting Name="verified_dni" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims/verified_dni</Setting>
					<Setting Name="verified_nationality" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims/verified_nationality</Setting>
					<Setting Name="verified_birthday" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims/verified_birthday</Setting>
				</Setting>
				<Setting Name="EntryObjectClassList" Type="htf:list">
					<Setting Name="top" Type="xsd:string">top</Setting>
					<Setting Name="person" Type="xsd:string">person</Setting>
					<Setting Name="organizationalPerson" Type="xsd:string">organizationalPerson</Setting>
					<Setting Name="inetOrgPerson" Type="xsd:string">inetOrgPerson</Setting>
					<Setting Name="ePerson" Type="xsd:string">ePerson</Setting>
					<Setting Name="higginsPerson" Type="xsd:string">higginsPerson</Setting>
					<Setting Name="safelayerPerson" Type="xsd:string">safelayerPerson</Setting>
				</Setting>
			</Setting>
		</Setting>
		
		<!-- The name of the class that provides the factory for the class that implements the Apache XML Security Extension -->
		<Setting Name="XMLSecurityExtension" Type="htf:singleton">org.eclipse.higgins.sts.xmlsecurity.apache.XMLSecurityApacheExtensionFactory</Setting>		

		<!-- The name of the class that provides the factory for the class that implements the JNDI Context Provider -->
		<Setting Name="JNDIContextFactory" Type="htf:classinstance">org.eclipse.higgins.idas.cp.jndi.JNDIContextFactory</Setting>

		<!-- The name of the class that provides the factory for the class that implements the IdASRegistry -->
		<Setting Name="IdentityAttributeService" Type="htf:classsingleton">org.eclipse.higgins.idas.registry.IdASRegistry</Setting>

		<!-- The name of the class that provides the factory for the class that implements the AppliesTo Mapper -->
		<Setting Name="AppliesToMapper" Type="htf:singleton">org.eclipse.higgins.sts.server.mapper.appliesto.AppliesToMapperFactory</Setting>

		<!-- The name of the class that provides the factory for the class that implements the Extension Mapper -->
		<Setting Name="ExtensionMapper" Type="htf:singleton">org.eclipse.higgins.sts.server.mapper.extension.ExtensionMapperFactory</Setting>

		<!-- The name of the class that provides the factory for the class that implements the Polling Mapper -->
		<Setting Name="PollingMapper" Type="htf:singleton">org.eclipse.higgins.sts.server.mapper.polling.PollingMapperFactory</Setting>

		<!-- The name of the class that provides the factory for the class that implements the Digital Identity Token Extension -->
		<Setting Name="DigitalIdentityHandler" Type="htf:instance">org.eclipse.higgins.sts.server.token.identity.DigitalIdentityHandlerFactory</Setting>

		<!-- The name of the class that provides the factory for the class that implements the SAML Generator Token Extension -->
		<Setting Name="TokenGeneratorHandler" Type="htf:instance">org.eclipse.higgins.sts.server.token.saml.TokenGeneratorHandlerFactory</Setting>	
		
		<!-- The name of the class that provides the factory for the class that implements the Encrypt Token Extension -->
		<Setting Name="TokenEncryptHandler" Type="htf:instance">org.eclipse.higgins.sts.server.token.encrypt.TokenEncryptHandlerFactory</Setting>	
		
		<!-- The name of the class that provides the factory for the class that implements the SAML Token Extension -->
		<Setting Name="SAMLIssue" Type="htf:instance">org.eclipse.higgins.sts.server.token.compound.CompoundHandlerFactory</Setting>
		
		<!-- The name of the class that provides the factory for the class that implements the ProfileService -->
		<Setting Name="ProfileService" Type="htf:singleton">org.eclipse.higgins.sts.server.profile.ProfileServiceFactory</Setting>
		
		<!-- The name of the class that provides the factory for the class that implements the MetadataExchangeService -->
		<Setting Name="MetadataExchangeService" Type="htf:singleton">org.eclipse.higgins.sts.server.metadata.MetadataExchangeServiceFactory</Setting>

		<!-- The name of the class that provides the factory for the class that implements the SecurityTokenService -->
		<Setting Name="SecurityTokenService" Type="htf:singleton">org.eclipse.higgins.sts.server.trust.SecurityTokenServiceFactory</Setting>
	</Setting>
	
</Configuration>
<!--
/*******************************************************************************
 * Copyright (c) 2006 IBM Corporation.
 * All rights reserved. This program and the accompanying materials
 * are made available under the terms of the Eclipse Public License v1.0
 * which accompanies this distribution, and is available at
 * http://www.eclipse.org/legal/epl-v10.html
 *
 * Contributors:
 *    Michael McIntosh (IBM Corporation) - initial definition
 *******************************************************************************/ 
 --> 
<Configuration
	xmlns:xsd="http://www.w3.org/2001/XMLSchema";
	xmlns="http://higgins.eclipse.org/sts/Configuration";
	xmlns:htf="http://higgins.eclipse.org/sts/Configuration";
	xsd:schemaLocation="http://higgins.eclipse.org/sts/Configuration Configuration.xsd ">
	
	<!--  The setting handlers are classes that consume Setting elements where the Type matches and generate an object of the Class -->
	<SettingHandlers>
		<SettingHandler Type="htf:map" Class="java.util.Map" Handler="org.eclipse.higgins.configuration.xml.MapHandler"/>
		<SettingHandler Type="htf:list" Class="java.util.List" Handler="org.eclipse.higgins.configuration.xml.ListHandler"/>
		<SettingHandler Type="xsd:string" Class="java.lang.String" Handler="org.eclipse.higgins.configuration.xml.StringHandler"/>
		<SettingHandler Type="xsd:boolean" Class="java.lang.Boolean" Handler="org.eclipse.higgins.configuration.xml.BooleanHandler"/>
		<SettingHandler Type="xsd:anyURI" Class="java.net.URI" Handler="org.eclipse.higgins.configuration.xml.URIHandler"/>
		<SettingHandler Type="htf:file" Class="java.io.FileInputStream" Handler="org.eclipse.higgins.configuration.xml.FileHandler"/>
		<SettingHandler Type="htf:keystore" Class="java.security.KeyStore" Handler="org.eclipse.higgins.configuration.xml.KeyStoreHandler"/>
		<SettingHandler Type="htf:certificate" Class="java.lang.String" Handler="org.eclipse.higgins.configuration.xml.CertificateHandler"/>
		<SettingHandler Type="htf:privatekey" Class="java.security.PrivateKey" Handler="org.eclipse.higgins.configuration.xml.PrivateKeyHandler"/>
		<SettingHandler Type="htf:singleton" Class="java.lang.Object" Handler="org.eclipse.higgins.configuration.xml.SingletonHandler"/>
		<SettingHandler Type="htf:instance" Class="java.lang.Object" Handler="org.eclipse.higgins.configuration.xml.InstanceHandler"/>
		<SettingHandler Type="htf:extensionmap" Class="java.util.Map" Handler="org.eclipse.higgins.sts.server.mapper.extension.ExtensionMapHandler"/>
		<SettingHandler Type="htf:extensionmapkey" Class="org.eclipse.higgins.sts.impl.ExtensionMapKey" Handler="org.eclipse.higgins.sts.server.mapper.extension.ExtensionMapKeyHandler"/>
		<SettingHandler Type="htf:appliestomap" Class="java.util.Map" Handler="org.eclipse.higgins.sts.server.mapper.appliesto.AppliesToMapHandler"/>
		<SettingHandler Type="htf:appliestomapping" Class="java.util.Map" Handler="org.eclipse.higgins.sts.server.mapper.appliesto.AppliesToMappingHandler"/>
		<SettingHandler Type="htf:classinstance" Class="java.lang.Object" Handler="org.eclipse.higgins.configuration.xml.ClassInstanceHandler"/>
		<SettingHandler Type="htf:classsingleton" Class="java.lang.Object" Handler="org.eclipse.higgins.configuration.xml.ClassSingletonHandler"/>
		<SettingHandler Type="htf:jscriptexec" Class="org.eclipse.higgins.util.jscript.JScriptExec" Handler="org.eclipse.higgins.util.idas.cp.jscript.JScriptExecSettingHandler"/>
		<SettingHandler Type="htf:jscriptscope" Class="org.eclipse.higgins.util.jscript.JScriptScope" Handler="org.eclipse.higgins.util.idas.cp.jscript.JScriptScopeSettingHandler"/>
	</SettingHandlers>
	
	<Setting Name="STSConfiguration" Type="htf:map">

		<!-- The logical name of the Token Issuer to be placed into generated cards
			- optionally change "higgins.eclipse.org" to the hostname where the STS will be deployed
			- need not resolve to actual endpoint
			- used for matching when RP specifies an Issuer -->
		<Setting Name="TokenServiceIssuerURI" Type="xsd:anyURI">https://semanticon.safelayer.lan/SWP_InteridyIdP/services/Trust</Setting>
		<!-- The WS-Trust endpoint URL to be placed into generated cards
			- change "localhost" to the hostname if not collocated with identity selector
			- note that the SSL certificate must match the machine name -->
		<Setting Name="TokenServiceTrustURI" Type="xsd:anyURI">https://semanticon.safelayer.lan/SWP_InteridyIdP/services/Trust</Setting>
		<!-- The WS-Transfer endpoint URL to be placed into generated cards
			- when Username Tokens are used to authenticate to the IP/STS
			- change "localhost" to the hostname if not collocated with identity selector
			- note that the SSL certificate must match the machine name -->
		<Setting Name="UsernameTokenMetadataURI" Type="xsd:anyURI">https://semanticon.safelayer.lan/SWP_InteridyIdP/services/MetadataUsernameToken</Setting>
		<!-- The WS-Transfer endpoint URL to be placed into generated cards
			- when SelfSignedSAML Tokens are used to authenticate to the IP/STS
			- change "localhost" to the hostname if not collocated with identity selector
			- note that the SSL certificate must match the machine name -->
		<Setting Name="SelfSignedSAMLTokenMetadataURI" Type="xsd:anyURI">https://semanticon.safelayer.lan/SWP_InteridyIdP/services/MetadataSelfSignedSAMLToken</Setting>

		<!-- The WS-Transfer endpoint URL to be placed into generated cards
			- when X509 Tokens are used to authenticate to the IP/STS
			- change "localhost" to the hostname if not collocated with identity selector
			- note that the SSL certificate must match the machine name -->
		<Setting Name="X509TokenMetadataURI" Type="xsd:anyURI">https://semanticon.safelayer.lan/SWP_InteridyIdP/services/MetadataX509Token</Setting>

		<!-- Note about keystores:  You may use two keystores  
			one (IssuerKeystore) for the signing of cards, 
			and another (SSLKeystore) for transport security 
			or you may use the same keystore for both
		    Change "localhost.jks" to your keystore's filename.  
			Note: this must be the keystore file or a soft link 
			to the keystore file. Either way, it must be in the 
			same directory as this file (Configuration.xml) -->
		<!--  The Key Store that contains the Issuer and SSL Certificate(s) and Private Key -->
		<Setting Name="STSKeyStore" Type="htf:keystore">
			<!-- The type of the Key Store -->
			<Setting Name="Type" Type="xsd:string">JKS</Setting>
			<!-- The file that contains the Key Store
				- location relative to the Configuration directory -->
			<Setting Name="File" Type="htf:file">InteridyIdP.jks</Setting>
			<!-- The password for the Key Store -->
			<Setting Name="Password" Type="xsd:string">demodemo</Setting>
		</Setting>
		
		<!--  The Issuer Certificate -->
		<Setting Name="IssuerCertificate" Type="htf:certificate">
			<!--  The Name of the Key Store that contains the Certificate -->
			<Setting Name="KeyStoreName" Type="xsd:string">STSKeyStore</Setting>
			<!-- The alias for the Certificate in the Key Store -->
			<Setting Name="Alias" Type="xsd:string">interidy</Setting>	
		</Setting>
		
		<!--  The Issuer Key -->
		<Setting Name="IssuerPrivateKey" Type="htf:privatekey">
			<!--  The Key Store that contains the Private Key -->
			<Setting Name="KeyStoreName" Type="xsd:string">STSKeyStore</Setting>
			<!-- The alias for the Private Key in the Key Store -->
			<Setting Name="Alias" Type="xsd:string">interidy</Setting>	
			<!-- The password for the Key in the Key Store -->
			<Setting Name="Password" Type="xsd:string">demodemo</Setting>
		</Setting>
		
		<!--  The SSL Certificate -->
		<Setting Name="SSLCertificate" Type="htf:certificate">
			<!--  The Name of the Key Store that contains the Certificate -->
			<Setting Name="KeyStoreName" Type="xsd:string">STSKeyStore</Setting>
			<!-- The alias for the Certificate in the Key Store -->
			<Setting Name="Alias" Type="xsd:string">interidy</Setting>	
		</Setting>
				
		<!-- Provides the AttributeName, AttributeNamespace, and DisplayName" for each Attribute/Claim -->
		<Setting Name="AttributeClaimMap" Type="htf:map">
			<Setting Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">givenname</Setting>
				<Setting Name="AttributeName" Type="xsd:string">givenname</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">First Name</Setting>
			</Setting>
			<Setting Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">surname</Setting>
				<Setting Name="AttributeName" Type="xsd:string">sn</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Last Name</Setting>
			</Setting>
			<Setting Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">emailaddress</Setting>
				<Setting Name="AttributeName" Type="xsd:string">mail</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Email Address</Setting>
			</Setting>
			<Setting Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/streetaddress"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">streetaddress</Setting>
				<Setting Name="AttributeName" Type="xsd:string">street</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Street Address</Setting>
			</Setting>
			<Setting Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/locality"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">locality</Setting>
				<Setting Name="AttributeName" Type="xsd:string">l</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Locality Name or City</Setting>
			</Setting>
			<Setting Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/stateorprovince"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">stateorprovince</Setting>
				<Setting Name="AttributeName" Type="xsd:string">st</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">State or Province</Setting>
			</Setting>
			<Setting Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/postalcode"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">postalcode</Setting>
				<Setting Name="AttributeName" Type="xsd:string">postalcode</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Postal Code</Setting>
			</Setting>
			<Setting Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/country"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">country</Setting>
				<Setting Name="AttributeName" Type="xsd:string">c</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Country</Setting>
			</Setting>			
			<Setting Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/homephone"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">homephone</Setting>
				<Setting Name="AttributeName" Type="xsd:string">homephone</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Primary or Home Telephone Number</Setting>
			</Setting>
			<Setting Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/mobilephone"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">mobilephone</Setting>
				<Setting Name="AttributeName" Type="xsd:string">mobile</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Mobile Telephone Number</Setting>
			</Setting>
			<Setting Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/dateofbirth"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">dateofbirth</Setting>
				<Setting Name="AttributeName" Type="xsd:string">dateofbirth</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Date of Birth</Setting>
			</Setting>
			<Setting Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/gender"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">gender</Setting>
				<Setting Name="AttributeName" Type="xsd:string">gender</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Gender</Setting>
			</Setting>
			<Setting Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">privatepersonalidentifier</Setting>
				<!-- <Setting Name="AttributeName" Type="xsd:string">privatepersonalidentifier</Setting> -->
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Private Personal Identifier</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/isadult"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">isadult</Setting>
				<Setting Name="AttributeName" Type="xsd:string">isadult</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Is Adult</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/birthday"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">birthday</Setting>
				<Setting Name="AttributeName" Type="xsd:string">birthday</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Birthday</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/dni"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">dni</Setting>
				<Setting Name="AttributeName" Type="xsd:string">dni</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">DNI</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/nationality"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">nationality</Setting>
				<Setting Name="AttributeName" Type="xsd:string">nationality</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Nationality</Setting>
			</Setting>
			<!--			
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/issfly_employee"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">issfly_employee</Setting>
				<Setting Name="AttributeName" Type="xsd:string">issfly_employee</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Works for Safelayer</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/hasdiploma"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">hasdiploma</Setting>
				<Setting Name="AttributeName" Type="xsd:string">hasdiploma</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Has a Diploma</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/hascredit"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">hascredit</Setting>
				<Setting Name="AttributeName" Type="xsd:string">hascredit</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Has available credit</Setting>
			</Setting>
			-->
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/verified_givenname"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">verified_givenname</Setting>
				<Setting Name="AttributeName" Type="xsd:string">verifiedGivenname</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Verified Givenname</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/verified_surname"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">verified_surname</Setting>
				<Setting Name="AttributeName" Type="xsd:string">verifiedSurname</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Verified Surname</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/verified_emailaddress"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">verified_emailaddress</Setting>
				<Setting Name="AttributeName" Type="xsd:string">verifiedEmailaddress</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Verified Email Address</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/verified_streetaddress"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">verified_streetaddress</Setting>
				<Setting Name="AttributeName" Type="xsd:string">verifiedStreetaddress</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Verified Street Address</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/verified_locality"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">verified_locality</Setting>
				<Setting Name="AttributeName" Type="xsd:string">verifiedLocality</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Verified Locality</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/verified_stateorprovince"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">verified_stateorprovince</Setting>
				<Setting Name="AttributeName" Type="xsd:string">verifiedStateorprovince</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Verified State or Province</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/verified_postalcode"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">verified_postalcode</Setting>
				<Setting Name="AttributeName" Type="xsd:string">verifiedPostalcode</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Verified Postal Code</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/verified_country"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">verified_country</Setting>
				<Setting Name="AttributeName" Type="xsd:string">verifiedCountry</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Verified Country</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/verified_homephone"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">verified_homephone</Setting>
				<Setting Name="AttributeName" Type="xsd:string">verifiedHomephone</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Verified Home Phone</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/verified_mobilephone"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">verified_mobilephone</Setting>
				<Setting Name="AttributeName" Type="xsd:string">verifiedMobilephone</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Verified Mobile Phone</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/verified_dateofbirth"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">verified_dateofbirth</Setting>
				<Setting Name="AttributeName" Type="xsd:string">verifiedDateofbirth</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Verified Date of Birth</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/verified_gender"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">verified_gender</Setting>
				<Setting Name="AttributeName" Type="xsd:string">verifiedGender</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Verified Gender</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/verified_isadult"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">verified_isadult</Setting>
				<Setting Name="AttributeName" Type="xsd:string">verifiedIsadult</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Verified Is Adult</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/verified_birthday"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">verified_birthday</Setting>
				<Setting Name="AttributeName" Type="xsd:string">verifiedBirthday</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Verified Birthday</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/verified_dni"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">verified_dni</Setting>
				<Setting Name="AttributeName" Type="xsd:string">verifiedDni</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Verified DNI</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/verified_nationality"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">verified_nationality</Setting>
				<Setting Name="AttributeName" Type="xsd:string">verifiedNationality</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Verified Nationality</Setting>
			</Setting>
			<!--
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/verified_issfly_employee"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">verified_issfly_employee</Setting>
				<Setting Name="AttributeName" Type="xsd:string">verified_issfly_employee</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Verified Works for Safelayer</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/verified_hasdiploma"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">verified_hasdiploma</Setting>
				<Setting Name="AttributeName" Type="xsd:string">verified_hasdiploma</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Verified Has a Diploma</Setting>
			</Setting>
			<Setting Name="http://www.safelayer.com/higgins/2008/05/identity/claims/verified_hascredit"; Type="htf:map">
				<Setting Name="ClaimName" Type="xsd:string">verified_hascredit</Setting>
				<Setting Name="AttributeName" Type="xsd:string">verified_hascredit</Setting>
				<Setting Name="AttributeNamespace" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims</Setting>
				<Setting Name="DisplayName" Type="xsd:string">Verified has available credit</Setting>
			</Setting>
			-->
		</Setting>
		<Setting Name="ComponentSettings" Type="htf:map">
			<Setting Name="Base64Extension" Type="htf:map"/>
			<Setting Name="XMLSecurityExtension" Type="htf:map"/>
			<Setting Name="JNDIContextFactory" Type="htf:map"/>
			<Setting Name="IdentityAttributeService" Type="htf:map">
				<Setting Name="ContextFactoryInstancesList" Type="htf:list">
					<Setting Name="JNDIContextFactory" Type="htf:map">
						<Setting Name="Instance" Type="xsd:string">JNDIContextFactory</Setting>
						<Setting Name="ContextTypes" Type="htf:list">
							<Setting Name="LDAPContextType" Type="xsd:string">$context+ldap</Setting>
						</Setting>
					</Setting>
				</Setting>
				<Setting Name="ContextIdsList" Type="htf:list">
					<Setting Name="urn:Higgins-LDAP-Server" Type="htf:map">
						<Setting Name="ContextId" Type="xsd:string">urn:Higgins-LDAP-Server</Setting>
						<Setting Name="ContextTypes" Type="htf:list">
							<Setting Name="LDAPContextType" Type="xsd:string">$context+ldap</Setting>
						</Setting>
						<Setting Name="ContextUris" Type="htf:list">
							<Setting Name="DefaultContextUri" Type="xsd:anyURI">urn:Higgins-LDAP-Server</Setting>
						</Setting>
						<Setting Name="Connection" Type="htf:map">
							<Setting Name="ConnectionType" Type="xsd:string">LDAP</Setting>
							<Setting Name="AddressList" Type="htf:list">
								<Setting Name="Address" Type="xsd:string">ldap://swp-ldap:389</Setting>
							</Setting>
							<Setting Name="jndiProvider" Type="xsd:string">com.sun.jndi.ldap.LdapCtxFactory</Setting>
						</Setting>
						<Setting Name="env" Type="htf:map">
							<Setting Name="java.naming.security.authentication" Type="xsd:string">simple</Setting>
							<Setting Name="java.naming.security.principal" Type="xsd:string">cn=admin,dc=safelayer,dc=com</Setting>
							<Setting Name="java.naming.security.credentials" Type="xsd:string">demodemo</Setting>
							<Setting Name="java.naming.ldap.attributes.binary" Type="xsd:string">guid</Setting>
						</Setting>
						<Setting Name="JSPolicyAction" Type="htf:map">
							<Setting Name="JSSharedScope" Type="htf:jscriptscope">
								<![CDATA[
									var multimap = {
										consumer: [],
										provider: []
										};
									multimap.consumer["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname";] =
										["givenname", "givenName", "2.5.4.42"];
									multimap.consumer["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname";] =
										["sn", "surname", "2.5.4.4"];
									multimap.consumer["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress";] =
										["mail", "email", "emailaddress", "internetaddress", 
										 "1.2.840.113549.1.9.1", "rfc822mailbox", "0.9.2342.19200300.100.1.3"];
									multimap.consumer["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/streetaddress";] =
										["street", "streetaddress", "2.5.4.9"];
									multimap.consumer["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/locality";] =
										["localityName", "2.5.4.7"];
									multimap.consumer["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/stateorprovince";] =
										["st", "stateprovincename", "2.5.4.8"];
									multimap.consumer["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/postalcode";] =
										["postalcode", "2.5.4.17"];
									multimap.consumer["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/country";] =
										["countryname", "2.5.4.6"];
									multimap.consumer["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/homephone";] =
										["homephone", "telephonenumber", "2.5.4.20"];
									multimap.consumer["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/mobilephone";] =
										["mobile", "mobilephone", "0.9.2342.19200300.100.1.41"];
									multimap.consumer["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/dateofbirth";] =
										["dateofbirth"];
									multimap.consumer["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/gender";] =
										["gender"];
									multimap.consumer["http://www.safelayer.com/higgins/2008/05/identity/claims/isadult";] =
										["isadult"];
									multimap.consumer["http://www.safelayer.com/higgins/2008/05/identity/claims/dni";] =
										["dni"];
									multimap.consumer["http://www.safelayer.com/higgins/2008/05/identity/claims/nationality";] =
										["nationality"];
									multimap.consumer["http://www.safelayer.com/higgins/2008/05/identity/claims/birthday";] =
										["birthday"];
									multimap.consumer["http://www.safelayer.com/higgins/2008/05/identity/claims/verified_givenname";] =
										["verifiedGivenname"];
									multimap.consumer["http://www.safelayer.com/higgins/2008/05/identity/claims/verified_surname";] =
										["verifiedSurname"];
									multimap.consumer["http://www.safelayer.com/higgins/2008/05/identity/claims/verified_emailaddress";] =
										["verifiedEmailaddress"];
									multimap.consumer["http://www.safelayer.com/higgins/2008/05/identity/claims/verified_streetaddress";] =
										["verifiedStreetaddress"];
									multimap.consumer["http://www.safelayer.com/higgins/2008/05/identity/claims/verified_locality";] =
										["verifiedLocality"];
									multimap.consumer["http://www.safelayer.com/higgins/2008/05/identity/claims/verified_stateorprovince";] =
										["verifiedStateorprovince"];
									multimap.consumer["http://www.safelayer.com/higgins/2008/05/identity/claims/verified_postalcode";] =
										["verifiedPostalcode"];
									multimap.consumer["http://www.safelayer.com/higgins/2008/05/identity/claims/verified_country";] =
										["verifiedCountry"];
									multimap.consumer["http://www.safelayer.com/higgins/2008/05/identity/claims/verified_homephone";] =
										["verifiedHomephone"];
									multimap.consumer["http://www.safelayer.com/higgins/2008/05/identity/claims/verified_mobilephone";] =
										["verifiedMobilephone"];
									multimap.consumer["http://www.safelayer.com/higgins/2008/05/identity/claims/verified_dateofbirth";] =
										["verifiedDateofbirth"];
									multimap.consumer["http://www.safelayer.com/higgins/2008/05/identity/claims/verified_gender";] =
										["verifiedGender"];
									multimap.consumer["http://www.safelayer.com/higgins/2008/05/identity/claims/verified_isadult";] =
										["verifiedIsadult"];
									multimap.consumer["http://www.safelayer.com/higgins/2008/05/identity/claims/verified_dni";] =
										["verifiedDni"];
									multimap.consumer["http://www.safelayer.com/higgins/2008/05/identity/claims/verified_nationality";] =
										["verifiedNationality"];
									multimap.consumer["http://www.safelayer.com/higgins/2008/05/identity/claims/verified_birthday";] =
										["verifiedBirthday"];
									for (elem in multimap.consumer)
									{
										for (provider in multimap.consumer[elem])
											multimap.provider[multimap.consumer[elem][provider]] = elem;
									}
								]]>
							</Setting>
							<Setting Name="consumerEntityIDToProvider" Type="htf:jscriptexec">
								<![CDATA[
									RESULT = "uid=" + consumerID + ",ou=identities,dc=higgins,dc=safelayer,dc=com"
								]]>
							</Setting>
							<Setting Name="providerEntityIDToConsumer" Type="htf:jscriptexec">
								<![CDATA[
									var re = new RegExp("^uid=(.*),ou=identities,dc=higgins,dc=safelayer,dc=com$", "i");
									RESULT = String(providerID.toString()).replace(re, "$1");
								]]>
							</Setting>
							<Setting Name="consumerAIDToProvider" Type="htf:jscriptexec">
								<![CDATA[
									map = multimap.consumer[String(consumerID.toString())];
									if (!map)
									{
										var re = new RegExp("^http://www.eclipse.org/higgins/ontologies/2006/higgins/ldap#attr_";, "i");
										map = String(consumerID.toString()).replace(re, "");
									}
									RESULT = map;
								]]>
							</Setting>
							<Setting Name="providerAIDToConsumer" Type="htf:jscriptexec">
								<![CDATA[
									map = multimap.provider[String(providerID.toString()).toLowerCase()];
									if (!map)
										map = "http://www.eclipse.org/higgins/ontologies/2006/higgins/ldap#attr_"; + providerID.toString();
									RESULT = map;
								]]>
							</Setting>
							<Setting Name="consumerEntityTypeToProvider" Type="htf:jscriptexec">
								<![CDATA[
									var re = new RegExp("^http://www.eclipse.org/higgins/ontologies/2006/higgins/ldap#class_";, "i");
									RESULT = String(consumerType.toString()).replace(re, "");
								]]>
							</Setting>
							<Setting Name="providerEntityTypeToConsumer" Type="htf:jscriptexec">
								<![CDATA[
									RESULT = "http://www.eclipse.org/higgins/ontologies/2006/higgins/ldap#class_"; + String(providerType.toString());
								]]>
							</Setting>
						</Setting>
					</Setting>
				</Setting>
			</Setting>
			<Setting Name="AppliesToMapper" Type="htf:map">
				<!-- The Extension Maps - used to map RSTs by their content to Token Extensions -->
				<Setting Name="AppliesToMap" Type="htf:appliestomap">
					<Setting Name="MikesSite" Type="htf:map">
						<Setting Name="AppliesTo" Type="xsd:anyURI">http://mikes.com/</Setting>
						<Setting Name="AppliesToMapping" Type="htf:appliestomapping">
							<Setting Name="TokenType" Type="xsd:anyURI">urn:oasis:names:tc:SAML:1.0:assertion</Setting>
							<Setting Name="Issuer" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/issuer/self</Setting>
						</Setting>
					</Setting>
				</Setting>
			</Setting>
			<Setting Name="ExtensionMapper" Type="htf:map">
				<!-- The Extension Maps - used to map RSTs by their content to Token Extensions -->
				<Setting Name="ExtensionMap" Type="htf:extensionmap">
					<Setting Name="SAML1.0Assertion-Null-Issue-Null" Type="htf:map">
						<Setting Name="ExtensionMapKey" Type="htf:extensionmapkey">
							<Setting Name="TokenType" Type="xsd:anyURI">urn:oasis:names:tc:SAML:1.0:assertion</Setting>
							<Setting Name="RequestType" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</Setting>
						</Setting>
						<Setting Name="ExtensionName" Type="xsd:string">SAMLIssue</Setting>
					</Setting>
					<Setting Name="SAML1.0Assertion-Issue-Issue-Null" Type="htf:map">
						<Setting Name="ExtensionMapKey" Type="htf:extensionmapkey">
							<Setting Name="TokenType" Type="xsd:anyURI">urn:oasis:names:tc:SAML:1.0:assertion</Setting>
							<Setting Name="Action" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue</Setting>
							<Setting Name="RequestType" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</Setting>
						</Setting>
						<Setting Name="ExtensionName" Type="xsd:string">SAMLIssue</Setting>
					</Setting>
					<Setting Name="SAML1.1Token-Issue-Issue-Null" Type="htf:map">
						<Setting Name="ExtensionMapKey" Type="htf:extensionmapkey">
							<Setting Name="TokenType" Type="xsd:anyURI">http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1</Setting>
							<Setting Name="Action" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue</Setting>
							<Setting Name="RequestType" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</Setting>
						</Setting>
						<Setting Name="ExtensionName" Type="xsd:string">SAMLIssue</Setting>
					</Setting>
					
					<Setting Name="SAML1.1Token-Null-Issue-Null" Type="htf:map">
						<Setting Name="ExtensionMapKey" Type="htf:extensionmapkey">
							<Setting Name="TokenType" Type="xsd:anyURI">http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1</Setting>
							<Setting Name="RequestType" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</Setting>
						</Setting>
						<Setting Name="ExtensionName" Type="xsd:string">SAMLIssue</Setting>
					</Setting>
					<Setting Name="Null-Issue-Issue-Null" Type="htf:map">
						<Setting Name="ExtensionMapKey" Type="htf:extensionmapkey">
							<Setting Name="Action" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue</Setting>
							<Setting Name="RequestType" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</Setting>
						</Setting>
						<Setting Name="ExtensionName" Type="xsd:string">SAMLIssue</Setting>
					</Setting>
					<Setting Name="Null-Null-Issue-Null" Type="htf:map">
						<Setting Name="ExtensionMapKey" Type="htf:extensionmapkey">
							<Setting Name="RequestType" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</Setting>
						</Setting>
						<Setting Name="ExtensionName" Type="xsd:string">SAMLIssue</Setting>
					</Setting>
					<Setting Name="SAML1.0Assertion-Null-Issue-Provider" Type="htf:map">
						<Setting Name="ExtensionMapKey" Type="htf:extensionmapkey">
							<Setting Name="TokenType" Type="xsd:anyURI">urn:oasis:names:tc:SAML:1.0:assertion</Setting>
							<Setting Name="RequestType" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</Setting>
							<Setting Name="Issuer" Type="xsd:anyURI">https://semanticon.safelayer.lan/SWP_InteridyIdP/services/Trust</Setting>
						</Setting>
						<Setting Name="ExtensionName" Type="xsd:string">SAMLIssue</Setting>
					</Setting>	
					<Setting Name="SAML2.0Assertion-Null-Issue-Null" Type="htf:map">
						<Setting Name="ExtensionMapKey" Type="htf:extensionmapkey">
							<Setting Name="TokenType" Type="xsd:anyURI">urn:oasis:names:tc:SAML:2.0:assertion</Setting>
							<Setting Name="RequestType" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</Setting>
						</Setting>
						<Setting Name="ExtensionName" Type="xsd:string">SAMLIssue</Setting>
					</Setting>
					<Setting Name="SAML2.0Assertion-Issue-Issue-Null" Type="htf:map">
						<Setting Name="ExtensionMapKey" Type="htf:extensionmapkey">
							<Setting Name="TokenType" Type="xsd:anyURI">urn:oasis:names:tc:SAML:2.0:assertion</Setting>
							<Setting Name="Action" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue</Setting>
							<Setting Name="RequestType" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</Setting>
						</Setting>
						<Setting Name="ExtensionName" Type="xsd:string">SAMLIssue</Setting>
					</Setting>
					<Setting Name="SAML2.0Token-Issue-Issue-Null" Type="htf:map">
						<Setting Name="ExtensionMapKey" Type="htf:extensionmapkey">
							<Setting Name="TokenType" Type="xsd:anyURI">http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0</Setting>
							<Setting Name="Action" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue</Setting>
							<Setting Name="RequestType" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</Setting>
						</Setting>
						<Setting Name="ExtensionName" Type="xsd:string">SAMLIssue</Setting>
					</Setting>
					<Setting Name="SAML2.0Token-Null-Issue-Null" Type="htf:map">
						<Setting Name="ExtensionMapKey" Type="htf:extensionmapkey">
							<Setting Name="TokenType" Type="xsd:anyURI">http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0</Setting>
							<Setting Name="RequestType" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</Setting>
						</Setting>
						<Setting Name="ExtensionName" Type="xsd:string">SAMLIssue</Setting>
					</Setting>
					<Setting Name="SAML2.0Assertion-Null-Issue-Provider" Type="htf:map">
						<Setting Name="ExtensionMapKey" Type="htf:extensionmapkey">
							<Setting Name="TokenType" Type="xsd:anyURI">urn:oasis:names:tc:SAML:2.0:assertion</Setting>
							<Setting Name="RequestType" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</Setting>
							<Setting Name="Issuer" Type="xsd:anyURI">https://semanticon.safelayer.lan/SWP_InteridyIdP/services/Trust</Setting>
						</Setting>
						<Setting Name="ExtensionName" Type="xsd:string">SAMLIssue</Setting>
					</Setting>		
				</Setting>
			</Setting>
			<Setting Name="PollingMapper" Type="htf:map">
				<Setting Name="ExtensionList" Type="htf:list">
					<Setting Name="ExtensionName" Type="xsd:string">SAMLIssue</Setting>
				</Setting>			
			</Setting>
			<!-- Consumes incoming credentials and generates an IDigitalIdentity -->
			<Setting Name="DigitalIdentityHandler" Type="htf:map">
				<!-- "Special" user allowed to access IDigitalIdentity information on behalf of other users -->
				<Setting Name="TrustedDelegator" Type="xsd:string">mikemci@xxxxxxxxxx</Setting>
				<!-- ContextRef used when CardId is not present in RST -->
				<Setting Name="DefaultContextRef" Type="xsd:anyURI">urn:Higgins-LDAP-Server</Setting>
				<!-- Name of the Attribute used to provide a SubjectNameIdentifier -->
				<!--
				<Setting Name="SubjectNameIdentifierAttribute" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress</Setting>
				-->
			</Setting>
			<Setting Name="ALFClaimHandler" Type="htf:map">
			</Setting>				
			<!-- Consumes an IDigitalIdentity and generates a Provider Signed SAML Token -->
			<Setting Name="TokenGeneratorHandler" Type="htf:map">
				<!-- KeyType used when not specified in RST -->
				<Setting Name="DefaultKeyType" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/NoProofKey</Setting>
				<!-- Whether the SubjectNameIdentifier should be included in bearer tokens (note CardSpace Conformance requires false) -->
				<Setting Name="IncludeBearerSubjectName" Type="xsd:boolean">false</Setting>
				<!-- TokenIssuer "logical name" (need not be resolved - added into tokens as the Issuer) -->
				<Setting Name="TokenIssuer" Type="xsd:anyURI">https://semanticon.safelayer.lan/SWP_InteridyIdP/services/Trust</Setting>
				<!-- When the STS should encrypt the response token (assuming the AppliesTo contains the certificate) -->
				<Setting Name="EncryptToken" Type="xsd:boolean">true</Setting>
				<!-- Name of the Attribute used to provide a SubjectNameIdentifier -->
				<!--
				<Setting Name="SubjectNameIdentifierAttribute" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress</Setting>
				-->
				<!-- Format of the Attribute used to provide a SubjectNameIdentifier -->
				<Setting Name="SubjectNameIdentifierFormat" Type="xsd:anyURI">urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</Setting>
			</Setting>
			<Setting Name="TokenEncryptHandler" Type="htf:map">
			</Setting>
			<!-- Consumes incoming credentials and generates a Provider Signed SAML Token -->
			<Setting Name="SAMLIssue" Type="htf:map">
				<Setting Name="ExtensionList" Type="htf:list">
					<Setting Name="First" Type="xsd:string">DigitalIdentityHandler</Setting>
					<Setting Name="Second" Type="xsd:string">ALFClaimHandler</Setting>
					<Setting Name="Third" Type="xsd:string">TokenGeneratorHandler</Setting>
					<Setting Name="Fourth" Type="xsd:string">TokenEncryptHandler</Setting>
				</Setting>
			</Setting>
			<Setting Name="MetadataExchangeService" Type="htf:map">
				<!-- The file that contains the template for the WSDL returned by the WS-Transfer Endpoint
					- location relative to the Configuration directory -->
				<Setting Name="MetadataWSDLFile" Type="htf:file">metadata-wsdl.xml</Setting>
				<!-- The file that contains the Schema returned by the WS-Transfer Endpoint
					- location relative to the Configuration directory -->
				<Setting Name="MetadataSchemaFile" Type="htf:file">metadata-schema.xml</Setting>
				<!-- The file that contains the template for the WSDL returned by the WS-Transfer Endpoint
					- when UsernameTokens are used to authenticate to the IP/STS
					- location relative to the Configuration directory -->
				<Setting Name="UsernameTokenIssuePolicyFile" Type="htf:file">metadata-issue-username-supported.xml</Setting>
				<!-- The file that contains the template for the WSDL returned by the WS-Transfer Endpoint
					- when SelfSignedSAML Tokens are used to authenticate to the IP/STS
					- location relative to the Configuration directory -->
				<Setting Name="SelfSignedSAMLTokenIssuePolicyFile" Type="htf:file">metadata-issue-selfsignedsaml-supported.xml</Setting>
				
				<Setting Name="X509TokenIssuePolicyFile" Type="htf:file">metadata-issue-x509-supported.xml</Setting>
			</Setting>
			<Setting Name="SecurityTokenService" Type="htf:map">
				<Setting Name="ExtensionMapperList" Type="htf:list">
					<Setting Name="First" Type="xsd:string">AppliesToMapper</Setting>
					<Setting Name="Second" Type="xsd:string">ExtensionMapper</Setting>
					<Setting Name="Third" Type="xsd:string">PollingMapper</Setting>
				</Setting>
			</Setting>
			
			<Setting Name="ProfileService" Type="htf:map">
				<!-- The CardId to be placed into generated cards
					- see JNDI CP documentation for details
					- must point to JNDI CP config file -->
				<Setting Name="CardId" Type="xsd:anyURI">urn:Higgins-LDAP-Server</Setting>
				<!-- The file that contains the image to be placed into generated cards
					- location relative to the Configuration directory -->
				<Setting Name="CardImageFile" Type="htf:file">logo.jpg</Setting>
				<!-- The LDAP Server Endpoint where the Web Application stores User Profiles
					- this is temporary until the Context Providers are writable -->
				<Setting Name="LDAPProvider" Type="xsd:anyURI">ldap://swp-ldap:389</Setting>
				<!-- The LDAP Principal to be used to authenticate to the LDAP Server -->
				<Setting Name="LDAPPrincipal" Type="xsd:string">cn=admin,dc=safelayer,dc=com</Setting>
				<!-- The LDAP Credential to be user to authenticate to the LDAP Server -->
				<Setting Name="LDAPCredential" Type="xsd:string">demodemo</Setting>
				<!-- The initial part of the DN for the entry for each User Profile in the LDAP Store -->
				<Setting Name="LDAPEntryPrefix" Type="xsd:string">uid=</Setting>
				<!-- The final part of the DN for the endtry for each User Profile in the LDAP Store -->
				<Setting Name="LDAPEntrySuffix" Type="xsd:string">,ou=identities,dc=higgins,dc=safelayer,dc=com</Setting>
				<!-- <Setting Name="LDAPTrustedStore" Type="xsd:string">LDAPTrustStore.jks</Setting> 
				<Setting Name="LDAPTrustedStorePassword" Type="xsd:string">changeit</Setting> -->	
				<Setting Name="SupportedClaimList" Type="htf:list">
					<Setting Name="givenname" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname</Setting>
					<Setting Name="surname" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname</Setting>
					<Setting Name="emailaddress" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress</Setting>
					<Setting Name="streetaddress" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims/streetaddress</Setting>				
					<Setting Name="locality" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims/locality</Setting>
					<Setting Name="stateorprovince" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims/stateorprovince</Setting>
					<Setting Name="postalcode" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims/postalcode</Setting>
					<Setting Name="country" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims/country</Setting>
					<Setting Name="homephone" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims/homephone</Setting>						
					<Setting Name="mobilephone" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims/mobilephone</Setting>
					<Setting Name="dateofbirth" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims/dateofbirth</Setting>
					<Setting Name="gender" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims/gender</Setting>
					<Setting Name="isadult" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims/isadult</Setting>
					<Setting Name="dni" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims/dni</Setting>
					<Setting Name="nationality" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims/nationality</Setting>
					<Setting Name="birthday" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims/birthday</Setting>
					<Setting Name="privatepersonalidentifier" Type="xsd:anyURI">http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier</Setting>
					<Setting Name="verified_givenname" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims/verified_givenname</Setting>
					<Setting Name="verified_surname" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims/verified_surname</Setting>
					<Setting Name="verified_emailaddress" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims/verified_emailaddress</Setting>
					<Setting Name="verified_streetaddress" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims/verified_streetaddress</Setting>
					<Setting Name="verified_locality" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims/verified_locality</Setting>
					<Setting Name="verified_stateorprovince" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims/verified_stateorprovince</Setting>
					<Setting Name="verified_postalcode" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims/verified_postalcode</Setting>
					<Setting Name="verified_country" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims/verified_country</Setting>
					<Setting Name="verified_homephone" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims/verified_homephone</Setting>
					<Setting Name="verified_mobilephone" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims/verified_mobilephone</Setting>
					<Setting Name="verified_dateofbirth" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims/verified_dateofbirth</Setting>
					<Setting Name="verified_gender" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims/verified_gender</Setting>
					<Setting Name="verified_isadult" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims/verified_isadult</Setting>
					<Setting Name="verified_dni" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims/verified_dni</Setting>
					<Setting Name="verified_nationality" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims/verified_nationality</Setting>
					<Setting Name="verified_birthday" Type="xsd:anyURI">http://www.safelayer.com/higgins/2008/05/identity/claims/verified_birthday</Setting>
				</Setting>
				<Setting Name="EntryObjectClassList" Type="htf:list">
					<Setting Name="top" Type="xsd:string">top</Setting>
					<Setting Name="person" Type="xsd:string">person</Setting>
					<Setting Name="organizationalPerson" Type="xsd:string">organizationalPerson</Setting>
					<Setting Name="inetOrgPerson" Type="xsd:string">inetOrgPerson</Setting>
					<Setting Name="ePerson" Type="xsd:string">ePerson</Setting>
					<Setting Name="higginsPerson" Type="xsd:string">higginsPerson</Setting>
					<Setting Name="safelayerPerson" Type="xsd:string">safelayerPerson</Setting>
				</Setting>
			</Setting>
		</Setting>
		
		<!-- The name of the class that provides the factory for the class that implements the Apache Base64 Extension -->
		<Setting Name="Base64Extension" Type="htf:singleton">org.eclipse.higgins.sts.base64.apache.Base64ApacheExtensionFactory</Setting>

		<!-- The name of the class that provides the factory for the class that implements the Apache XML Security Extension -->
		<Setting Name="XMLSecurityExtension" Type="htf:singleton">org.eclipse.higgins.sts.xmlsecurity.apache.XMLSecurityApacheExtensionFactory</Setting>		

		<!-- The name of the class that provides the factory for the class that implements the JNDI Context Provider -->
		<Setting Name="JNDIContextFactory" Type="htf:classinstance">org.eclipse.higgins.idas.cp.jndi.JNDIContextFactory</Setting>
		
		<!-- The name of the class that provides the factory for the class that implements the IdASRegistry -->
		<Setting Name="IdentityAttributeService" Type="htf:classsingleton">org.eclipse.higgins.idas.registry.IdASRegistry</Setting>

		<!-- The name of the class that provides the factory for the class that implements the AppliesTo Mapper -->
		<Setting Name="AppliesToMapper" Type="htf:singleton">org.eclipse.higgins.sts.server.mapper.appliesto.AppliesToMapperFactory</Setting>

		<!-- The name of the class that provides the factory for the class that implements the Extension Mapper -->
		<Setting Name="ExtensionMapper" Type="htf:singleton">org.eclipse.higgins.sts.server.mapper.extension.ExtensionMapperFactory</Setting>

		<!-- The name of the class that provides the factory for the class that implements the Polling Mapper -->
		<Setting Name="PollingMapper" Type="htf:singleton">org.eclipse.higgins.sts.server.mapper.polling.PollingMapperFactory</Setting>

		<!-- The name of the class that provides the factory for the class that implements the Digital Identity Token Extension -->
		<Setting Name="DigitalIdentityHandler" Type="htf:instance">org.eclipse.higgins.sts.server.token.identity.DigitalIdentityHandlerFactory</Setting>

		<!-- The name of the class that provides the factory for the class that implements the ALF Claim Token Extension -->
		<Setting Name="ALFClaimHandler" Type="htf:instance">org.eclipse.higgins.sts.server.token.alf.ALFClaimHandlerFactory</Setting>

		<!-- The name of the class that provides the factory for the class that implements the SAML Generator Token Extension -->
		<Setting Name="TokenGeneratorHandler" Type="htf:instance">org.eclipse.higgins.sts.server.token.saml.TokenGeneratorHandlerFactory</Setting>	
		
		<!-- The name of the class that provides the factory for the class that implements the Encrypt Token Extension -->
		<Setting Name="TokenEncryptHandler" Type="htf:instance">org.eclipse.higgins.sts.server.token.encrypt.TokenEncryptHandlerFactory</Setting>	
		
		<!-- The name of the class that provides the factory for the class that implements the SAML Token Extension -->
		<Setting Name="SAMLIssue" Type="htf:instance">org.eclipse.higgins.sts.server.token.compound.CompoundHandlerFactory</Setting>
		
		<!-- The name of the class that provides the factory for the class that implements the ProfileService -->
		<Setting Name="ProfileService" Type="htf:singleton">org.eclipse.higgins.sts.server.profile.ProfileServiceFactory</Setting>
		
		<!-- The name of the class that provides the factory for the class that implements the MetadataExchangeService -->
		<Setting Name="MetadataExchangeService" Type="htf:singleton">org.eclipse.higgins.sts.server.metadata.MetadataExchangeServiceFactory</Setting>

		<!-- The name of the class that provides the factory for the class that implements the SecurityTokenService -->
		<Setting Name="SecurityTokenService" Type="htf:singleton">org.eclipse.higgins.sts.server.trust.SecurityTokenServiceFactory</Setting>

	</Setting>
	
</Configuration>

Back to the top