WildFly Full 26 Model Reference

An SSO authentication mechanism configuration.

Provided capabilities(3)

Name	Dynamic	Other provider points
org.wildfly.extension.undertow.application-security-domain.single-sign-on.credential-store	true	none
org.wildfly.extension.undertow.application-security-domain.single-sign-on.key-store	true	none
org.wildfly.extension.undertow.application-security-domain.single-sign-on.client-ssl-context	true	none

Attributes (9)

client-ssl-context Reference to the SSL context used to secure back-channel logout connection.

Attribute	Value
Capability reference	/subsystem=elytron/server-ssl-sni-context=* /subsystem=elytron/server-ssl-context=* /subsystem=elytron/client-ssl-context=*
Type	STRING
Nillable	true
Expressions Allowed	false
Storage	configuration
Access Type	read-write
Restart Required	no-services

cookie-name Name of the cookie

Attribute	Value
Default Value	JSESSIONIDSSO
Type	STRING
Nillable	true
Expressions Allowed	true
Storage	configuration
Access Type	read-write
Restart Required	all-services

credential-reference The credential reference to decrypt the private key entry.

Attribute	Value
Type	OBJECT
Nillable	false
Expressions Allowed	false
Storage	configuration
Access Type	read-write
Restart Required	no-services

domain The cookie domain that will be used.

Attribute	Value
Type	STRING
Nillable	true
Expressions Allowed	true
Storage	configuration
Access Type	read-write
Restart Required	all-services

http-only Set Cookie httpOnly attribute.

Attribute	Value
Default Value	false
Type	BOOLEAN
Nillable	true
Expressions Allowed	true
Storage	configuration
Access Type	read-write
Restart Required	all-services

key-alias Alias of the private key entry used for signing and verifying back-channel logout connection.

Attribute	Value
Type	STRING
Nillable	false
Expressions Allowed	true
Storage	configuration
Access Type	read-write
Restart Required	no-services

key-store Reference to key store containing a private key entry.

Attribute	Value
Capability reference	/subsystem=elytron/key-store=* /subsystem=elytron/ldap-key-store=* /subsystem=elytron/filtering-key-store=*
Type	STRING
Nillable	false
Expressions Allowed	false
Storage	configuration
Access Type	read-write
Restart Required	no-services

path Cookie path.

Attribute	Value
Default Value	/
Type	STRING
Nillable	true
Expressions Allowed	true
Storage	configuration
Access Type	read-write
Restart Required	all-services

secure Set Cookie secure attribute.

Attribute	Value
Default Value	false
Type	BOOLEAN
Nillable	true
Expressions Allowed	true
Storage	configuration
Access Type	read-write
Restart Required	all-services

Operations (2)

add Adds an SSO authentication mechanism.

Request Parameter	Type	Required	Expressions Allowed	Default value	Description
key-alias	STRING	true	true		Alias of the private key entry used for signing and verifying back-channel logout connection.
key-store	STRING	true	false		Reference to key store containing a private key entry.
client-ssl-context	STRING	false	false		Reference to the SSL context used to secure back-channel logout connection.
domain	STRING	false	true		The cookie domain that will be used.
path	STRING	false	true	/	Cookie path.
http-only	BOOLEAN	false	true	false	Set Cookie httpOnly attribute.
secure	BOOLEAN	false	true	false	Set Cookie secure attribute.
cookie-name	STRING	false	true	JSESSIONIDSSO	Name of the cookie
credential-reference	OBJECT	true	false		The credential reference to decrypt the private key entry.

remove Removes the SSO authentication mechanism.