Defines the Federation type. The federation name. Defines the SAML type. This type defines all configurations about how SAML assertions are processed and created. Defines the clock skew for SAML assertions. The value must be specified in milliseconds. Defines the timeout for SAML assertions. The value must be specified in milliseconds. The RoleGenerator implementation that will be used to load roles and push them to SAML assertions. The FQN of the RoleGenerator type. Defines an alias which maps to a built-in type. Defines the module to be used when loading class-name. The AttributeManager implementation that will be used to load roles and push them to SAML assertions. The FQN of the AttributeManager type. Defines an alias which maps to a built-in type. Defines the module to be used when loading class-name. Defines the KeyStore type. This type defines how key stores are configured. Defines the password for the key store. Defines the alias to be used when signing documents. Defines the password for the sign-key-alias. Defines the file location. One of the system-provided named paths (such as jboss.home.dir, user.home, user.dir) relative to which the absolute path will be calculated for the path specified in the file attribute. Defines the Identity Provider type. A unique name for the Identity Provider. The name must be the deployment unit name. Eg.: idp.war. URL for this Identity Provider. Indicates if signature is supported. Indicates if encryption is supported. The name of a security-domain that will be used to authenticate and authorize users. This attribute is required if the IdP is not external. See the 'external' attribute for more details. Indicates if the the IDP should always respond using HTTP POST binding. Indicates if the configuration is a reference to a external IdP. Enable/Disable SAML Metadata Support. Indicates if the identity provider should also support HTTP CLIENT_CERT authentication. Groups Service Provider types. Defines the Service Provider type. Name for this instance. This name must be the deployment unit name. URL for this Service Provider. Indicates which SAML Binding to use. If is true HTTP POST binding will be used. Othwerwise HTTP REDIRECT binding will be used. Indicates which SAML Binding to use. If is true HTTP POST binding will be used. Othwerwise HTTP REDIRECT binding will be used. Indicates if signature is supported. Enable/Disable SAML Metadata Support. Security Domain name used to authenticate users. Defines a custom error page location. Defines a custom logout page location. Groups Trusted Domain Types. Defines the Truted Domain Type. Defines the domain name. Defines the certificate alias for this domain. Groups Handler Types. Defines the Handler Type. Defines the handler class name. Defines an alias which maps to a built-in type. Defines the Handler Parameter Type. Defines the parameter name. Defines the parameter value.