com.ibm.websphere.wssecurity.callbackhandler
Class GenericIssuedTokenConsumeCallback
- java.lang.Object
-
- com.ibm.websphere.wssecurity.callbackhandler.GenericIssuedTokenConsumeCallback
-
- All Implemented Interfaces:
- javax.security.auth.callback.Callback
public class GenericIssuedTokenConsumeCallback extends java.lang.Object implements javax.security.auth.callback.Callback
This is a Callback class used to collect configuration data associated with the consumer of an incoming generic issued token. It is important to note that an incoming generic token (inbound request) is validated against a SecurityTokenService using WS-Trust Validate.
-
-
Field Summary
Fields Modifier and Type Field and Description java.lang.String[]
validateTargets
-
Constructor Summary
Constructors Constructor and Description GenericIssuedTokenConsumeCallback()
-
Method Summary
Methods Modifier and Type Method and Description boolean
enforceConfirmationMethodInTokenExchange()
Returns the option to check the receiving SAML subject confirmation method if SAMLToken has been exchanged.java.lang.String
getAlias()
Returns the alias name used by the consumer of the SAML token in its keyStore.java.lang.String
getConfirmationMethod()
Returns the ConfirmationMethod to be used when requesting/generating a SAML token.java.lang.String
getExchangedTokenType()
java.lang.String
getIssuer()
Return the token issuer name.java.lang.String
getKeyName()
Returns the name of the key used by the token consumer.char[]
getKeyPassword()
Returns the password for recovering the key.char[]
getKeyStorePassword()
Returns the password for the keyStore used by the consumer of the SAML token.java.lang.String
getKeyStorePath()
Returns the file path for the keyStore used by the consumer of the SAML token.java.lang.String
getKeyStoreReference()
Returns the reference name of the keyStore used by the token consumer (e.g. a service).java.lang.String
getKeyStoreType()
Returns the type of the keyStore used by the consumer of the SAML token.java.util.Map<java.lang.String,java.lang.String>
getProperties()
Return WS-Trust request parameters as defined in RSTTjava.lang.String
getStsBinding()
Returns the name for the policySet binding used by the WS-Trust client's Issue or Validate operation.java.lang.String
getStsBindingScope()
Return the binding scope for WS-Trust client, and it is either "domain" or "application".java.lang.String
getStsPolicy()
Returns the policySet name for WS-Trust client's Issue or Validate operation.java.lang.String
getStsSoapVersion()
Returns the SOAP version for the WS-Trust client.java.lang.String
getStsURI()
Returns the URL of SecurityTokenService that issues SecurityToken.java.lang.String
getStsValidateBinding()
Returns the name for the policySet binding used by the WS-Trust client's Validate operation.java.lang.String
getStsValidatePolicy()
Returns the policySet name for WS-Trust client's Validate operation.com.ibm.wsspi.wssecurity.core.config.TrustedEntryConfig
getTrustedEntries()
java.util.ArrayList<java.lang.String[]>
getTrustedIssuers()
java.lang.String
getValidateTarget()
Return the optional flag that indicate how to pass validation target to STS.java.lang.String
getWstNamespace()
Return the WS-Trust namespace used in the SOAP communication with the Security Token provider.boolean
isCollectionRequest()
void
setAlias(java.lang.String alias)
Sets the key alias name in the consumer's keyStore.void
setCollectionRequest(boolean collectionRequest)
void
setConfirmationMethod(java.lang.String method)
Sets the type of Subject ConfirmationMethod to be used by the token requester.void
setEnforceConfirmationMethodInTokenExchange(boolean option)
Sets the option to check the receiving SAML subject confirmation method if SAMLToken has been exchanged.void
setExchangedTokenType(java.lang.String type)
void
setIssuer(java.lang.String issuer)
Set token issuer name.void
setKeyName(java.lang.String keyName)
Sets the name of the key used by the token consumer.void
setKeyPassword(char[] keyPassword)
Sets the password for recovering the key.void
setKeyStorePassword(char[] keyStorePassword)
Sets the type of the keyStore used by the consumer of the SAML token.void
setKeyStorePath(java.lang.String keyStorePath)
Sets the file path for the keyStore used by the consumer of the SAML token..void
setKeyStoreReference(java.lang.String keyStoreRef)
Sets the reference name of the keyStore used by the token consumer (e.g. a service).void
setKeyStoreType(java.lang.String keyStoreType)
Sets the type of the keyStore by the consumer of the SAML token.void
setProperties(java.util.Map<java.lang.String,java.lang.String> map)
Set RSTT for WS-Trust requestvoid
setStsBinding(java.lang.String binding)
Sets the name of WS-Trust client bindings for WS-Trust's Issue or Validate operation.void
setStsBindingScope(java.lang.String scope)
Sets the binding scope for WS-Trust client, and it could be set to "domain" or "application".void
setStsPolicy(java.lang.String policy)
Sets the name of WS-Trust client policy set for Issue or Validate operation.void
setStsSoapVersion(java.lang.String ns)
Sets the required SOAP version of WS-Trust client.void
setStsURI(java.lang.String uri)
Sets the URL name of SecurityTokenservice.void
setStsValidateBinding(java.lang.String binding)
Sets the name of WS-Trust client bindings for WS-Trust's Validate operation.void
setStsValidatePolicy(java.lang.String policy)
Sets the name of WS-Trust client policy set for Validate operation.void
setTrustedEntries(com.ibm.wsspi.wssecurity.core.config.TrustedEntryConfig te)
void
setTrustedIssuers(java.util.ArrayList<java.lang.String[]> issuers)
Deprecated.void
setValidateTarget(java.lang.String target)
Set flag to indicate how Validate message for WS-Trust request should be formated, the valid options are "token" or "base".void
setWstNamespace(java.lang.String ns)
Set WS-Trust namespace used in the SOAP communication with the Security Token provider.
-
-
-
Method Detail
-
getStsURI
public java.lang.String getStsURI()
Returns the URL of SecurityTokenService that issues SecurityToken.- Returns:
- the URL of SecurityTokenService.
-
setStsURI
public void setStsURI(java.lang.String uri)
Sets the URL name of SecurityTokenservice.- Parameters:
uri
- the URL name of the Security Token Service (STS).
-
getStsPolicy
public java.lang.String getStsPolicy()
Returns the policySet name for WS-Trust client's Issue or Validate operation.- Returns:
- the policySet name for WS-Trust client's Issue or Validate operation.
-
setStsPolicy
public void setStsPolicy(java.lang.String policy)
Sets the name of WS-Trust client policy set for Issue or Validate operation.- Parameters:
the
- name of WS-Trust client policy set for Issue or Validate operation.
-
getStsBinding
public java.lang.String getStsBinding()
Returns the name for the policySet binding used by the WS-Trust client's Issue or Validate operation.- Returns:
- the name of the policySet binding for the WS-Trust client's Issue or Validate operation.
-
setStsBinding
public void setStsBinding(java.lang.String binding)
Sets the name of WS-Trust client bindings for WS-Trust's Issue or Validate operation.- Parameters:
binding
- the name of WS-Trust client bindings for WS-Trust's Issue or Validate operation.
-
getWstNamespace
public java.lang.String getWstNamespace()
Return the WS-Trust namespace used in the SOAP communication with the Security Token provider. wstNamespace is a String value that can be set to "http://schemas.xmlsoap.org/ws/2005/02/trust" for ws-trust 1.2, or "http://docs.oasis-open.org/ws-sx/ws-trust/200512" for ws-trust 1.3.- Returns:
- the WS-Trust namespace.
-
setWstNamespace
public void setWstNamespace(java.lang.String ns)
Set WS-Trust namespace used in the SOAP communication with the Security Token provider. wstNamespace is a String value that can be set to "http://schemas.xmlsoap.org/ws/2005/02/trust" for ws-trust 1.2, or "http://docs.oasis-open.org/ws-sx/ws-trust/200512" for ws-trust 1.3- Parameters:
wstNamespace
- the WS-Trust NameSpace, it is "http://schemas.xmlsoap.org/ws/2005/02/trust" for ws-trust 1.2, or "http://docs.oasis-open.org/ws-sx/ws-trust/200512" for ws-trust 1.3
-
getStsSoapVersion
public java.lang.String getStsSoapVersion()
Returns the SOAP version for the WS-Trust client.- Returns:
- the the SOAP version for the WS-Trust client, the valid values are 1.1 or 1.2
-
setStsSoapVersion
public void setStsSoapVersion(java.lang.String ns)
Sets the required SOAP version of WS-Trust client.- Parameters:
version
- the required SOAP version for WS-Trust client, the valid values are 1.1 or 1.2.
-
getStsBindingScope
public java.lang.String getStsBindingScope()
Return the binding scope for WS-Trust client, and it is either "domain" or "application". A value of domain indicates that the specifiied binding is a general binding, and a value of application indicates that the specified binding is an application specific binding.- Returns:
- the binding scope for WS-Trust client, and it is either "domain" or "application".
-
setStsBindingScope
public void setStsBindingScope(java.lang.String scope)
Sets the binding scope for WS-Trust client, and it could be set to "domain" or "application". A value of domain indicates that the specified binding is a general binding, and a value of application indicates that the specified binding is an application specific binding.- Parameters:
scope
- the binding scope for WS-Trust client, and it is either "domain" or "application".
-
getProperties
public java.util.Map<java.lang.String,java.lang.String> getProperties()
Return WS-Trust request parameters as defined in RSTT- Returns:
- WS-Trust RSTT parameters
-
setProperties
public void setProperties(java.util.Map<java.lang.String,java.lang.String> map)
Set RSTT for WS-Trust request- Parameters:
WS-Trust
- RSTT parameters
-
getExchangedTokenType
public java.lang.String getExchangedTokenType()
-
setExchangedTokenType
public void setExchangedTokenType(java.lang.String type)
-
getValidateTarget
public java.lang.String getValidateTarget()
Return the optional flag that indicate how to pass validation target to STS. The valid options are "token", "base".- Returns:
- flag to indicate how to pass validation target to STS.
-
setValidateTarget
public void setValidateTarget(java.lang.String target)
Set flag to indicate how Validate message for WS-Trust request should be formated, the valid options are "token" or "base".- Parameters:
WS-Trust
- Validate target format.
-
getIssuer
public java.lang.String getIssuer()
Return the token issuer name.- Returns:
- the optional token issuer name.
-
setIssuer
public void setIssuer(java.lang.String issuer)
Set token issuer name.- Parameters:
token
- issuer name.
-
getStsValidatePolicy
public java.lang.String getStsValidatePolicy()
Returns the policySet name for WS-Trust client's Validate operation.- Returns:
- the policySet name for WS-Trust client's Validate operation.
-
setStsValidatePolicy
public void setStsValidatePolicy(java.lang.String policy)
Sets the name of WS-Trust client policy set for Validate operation.- Parameters:
the
- name of WS-Trust client policy set for Validate operation.
-
getStsValidateBinding
public java.lang.String getStsValidateBinding()
Returns the name for the policySet binding used by the WS-Trust client's Validate operation.- Returns:
- the name of the policySet binding for the WS-Trust client's Validate operation.
-
setStsValidateBinding
public void setStsValidateBinding(java.lang.String binding)
Sets the name of WS-Trust client bindings for WS-Trust's Validate operation.- Parameters:
binding
- the name of WS-Trust client bindings for WS-Trust's Validate operation.
-
getKeyStoreReference
public java.lang.String getKeyStoreReference()
Returns the reference name of the keyStore used by the token consumer (e.g. a service).- Returns:
- reference name of the keyStore of the token consumer.
-
setKeyStoreReference
public void setKeyStoreReference(java.lang.String keyStoreRef)
Sets the reference name of the keyStore used by the token consumer (e.g. a service).- Parameters:
keyStoreRef
- string representing the reference name of the keyStore.
-
getKeyStorePath
public java.lang.String getKeyStorePath()
Returns the file path for the keyStore used by the consumer of the SAML token.- Returns:
- String that contains the path of the keyStore.
-
setKeyStorePath
public void setKeyStorePath(java.lang.String keyStorePath)
Sets the file path for the keyStore used by the consumer of the SAML token..- Parameters:
keyStorePath
- string representing the path to the keyStore.
-
getKeyStoreType
public java.lang.String getKeyStoreType()
Returns the type of the keyStore used by the consumer of the SAML token.- Returns:
- type of the keyStore
-
setKeyStoreType
public void setKeyStoreType(java.lang.String keyStoreType)
Sets the type of the keyStore by the consumer of the SAML token.- Parameters:
keyStoreType
- string representing the type of the keyStore
-
getKeyStorePassword
public char[] getKeyStorePassword()
Returns the password for the keyStore used by the consumer of the SAML token.- Returns:
- charcter array that contains the password used to check the integrity or unlock the keyStore used by the consumer of a SAML token.
-
setKeyStorePassword
public void setKeyStorePassword(char[] keyStorePassword)
Sets the type of the keyStore used by the consumer of the SAML token.- Parameters:
keyStorePassword
- character array that contains the password used to check the integrity or unlock the keyStore for the consumer of the SAML token.
-
getAlias
public java.lang.String getAlias()
Returns the alias name used by the consumer of the SAML token in its keyStore.- Returns:
- alias string representing the key alias name.
-
setAlias
public void setAlias(java.lang.String alias)
Sets the key alias name in the consumer's keyStore.- Parameters:
alias
- string representing the alias name.
-
getKeyPassword
public char[] getKeyPassword()
Returns the password for recovering the key.- Returns:
- character array that contains the password used for recovering the key.
-
setKeyPassword
public void setKeyPassword(char[] keyPassword)
Sets the password for recovering the key.- Parameters:
keyPassword
- character array that contains the password for recovering the key.
-
getKeyName
public java.lang.String getKeyName()
Returns the name of the key used by the token consumer.- Returns:
- String that contains the key.
-
setKeyName
public void setKeyName(java.lang.String keyName)
Sets the name of the key used by the token consumer.- Parameters:
keyName
- string that contains the name of the key.
-
getConfirmationMethod
public java.lang.String getConfirmationMethod()
Returns the ConfirmationMethod to be used when requesting/generating a SAML token.- Returns:
- the required Subject ConfirmationMethod. The valid values are "holder-of-key", "bearer", or "sender-vouches"
-
setConfirmationMethod
public void setConfirmationMethod(java.lang.String method)
Sets the type of Subject ConfirmationMethod to be used by the token requester.- Parameters:
method
- a string identifying the Subject ConfirmationMethod.
-
enforceConfirmationMethodInTokenExchange
public boolean enforceConfirmationMethodInTokenExchange()
Returns the option to check the receiving SAML subject confirmation method if SAMLToken has been exchanged.- Returns:
- the option to check the receiving SAML subject confirmation method if SAMLToken has been exchanged.
-
setEnforceConfirmationMethodInTokenExchange
public void setEnforceConfirmationMethodInTokenExchange(boolean option)
Sets the option to check the receiving SAML subject confirmation method if SAMLToken has been exchanged.- Parameters:
boolean
-
-
isCollectionRequest
public boolean isCollectionRequest()
-
setCollectionRequest
public void setCollectionRequest(boolean collectionRequest)
-
getTrustedIssuers
public java.util.ArrayList<java.lang.String[]> getTrustedIssuers()
- Returns:
- a list of trusted SAML Issuers, each contains Issuer name and/or Signer certificate's SubjectDN
-
setTrustedIssuers
@Deprecated public void setTrustedIssuers(java.util.ArrayList<java.lang.String[]> issuers)
Deprecated.
-
setTrustedEntries
public void setTrustedEntries(com.ibm.wsspi.wssecurity.core.config.TrustedEntryConfig te)
-
getTrustedEntries
public com.ibm.wsspi.wssecurity.core.config.TrustedEntryConfig getTrustedEntries()
-
-