com.ibm.websphere.wssecurity.callbackhandler

Class GenericIssuedTokenConsumeCallback

  • java.lang.Object
    • com.ibm.websphere.wssecurity.callbackhandler.GenericIssuedTokenConsumeCallback
  • All Implemented Interfaces:
    javax.security.auth.callback.Callback

    public class GenericIssuedTokenConsumeCallback
extends java.lang.Object
implements javax.security.auth.callback.Callback
    This is a Callback class used to collect configuration data associated with the consumer of an incoming generic issued token. It is important to note that an incoming generic token (inbound request) is validated against a SecurityTokenService using WS-Trust Validate.

    • Field Summary

      Fields 
      Modifier and Type Field and Description
      java.lang.String[] validateTargets 

    • Method Summary

      Methods 
      Modifier and Type Method and Description
      boolean enforceConfirmationMethodInTokenExchange()
      Returns the option to check the receiving SAML subject confirmation method if SAMLToken has been exchanged.
      java.lang.String getAlias()
      Returns the alias name used by the consumer of the SAML token in its keyStore.
      java.lang.String getConfirmationMethod()
      Returns the ConfirmationMethod to be used when requesting/generating a SAML token.
      java.lang.String getExchangedTokenType() 
      java.lang.String getIssuer()
      Return the token issuer name.
      java.lang.String getKeyName()
      Returns the name of the key used by the token consumer.
      char[] getKeyPassword()
      Returns the password for recovering the key.
      char[] getKeyStorePassword()
      Returns the password for the keyStore used by the consumer of the SAML token.
      java.lang.String getKeyStorePath()
      Returns the file path for the keyStore used by the consumer of the SAML token.
      java.lang.String getKeyStoreReference()
      Returns the reference name of the keyStore used by the token consumer (e.g. a service).
      java.lang.String getKeyStoreType()
      Returns the type of the keyStore used by the consumer of the SAML token.
      java.util.Map<java.lang.String,java.lang.String> getProperties()
      Return WS-Trust request parameters as defined in RSTT
      java.lang.String getStsBinding()
      Returns the name for the policySet binding used by the WS-Trust client's Issue or Validate operation.
      java.lang.String getStsBindingScope()
      Return the binding scope for WS-Trust client, and it is either "domain" or "application".
      java.lang.String getStsPolicy()
      Returns the policySet name for WS-Trust client's Issue or Validate operation.
      java.lang.String getStsSoapVersion()
      Returns the SOAP version for the WS-Trust client.
      java.lang.String getStsURI()
      Returns the URL of SecurityTokenService that issues SecurityToken.
      java.lang.String getStsValidateBinding()
      Returns the name for the policySet binding used by the WS-Trust client's Validate operation.
      java.lang.String getStsValidatePolicy()
      Returns the policySet name for WS-Trust client's Validate operation.
      com.ibm.wsspi.wssecurity.core.config.TrustedEntryConfig getTrustedEntries() 
      java.util.ArrayList<java.lang.String[]> getTrustedIssuers() 
      java.lang.String getValidateTarget()
      Return the optional flag that indicate how to pass validation target to STS.
      java.lang.String getWstNamespace()
      Return the WS-Trust namespace used in the SOAP communication with the Security Token provider.
      boolean isCollectionRequest() 
      void setAlias(java.lang.String alias)
      Sets the key alias name in the consumer's keyStore.
      void setCollectionRequest(boolean collectionRequest) 
      void setConfirmationMethod(java.lang.String method)
      Sets the type of Subject ConfirmationMethod to be used by the token requester.
      void setEnforceConfirmationMethodInTokenExchange(boolean option)
      Sets the option to check the receiving SAML subject confirmation method if SAMLToken has been exchanged.
      void setExchangedTokenType(java.lang.String type) 
      void setIssuer(java.lang.String issuer)
      Set token issuer name.
      void setKeyName(java.lang.String keyName)
      Sets the name of the key used by the token consumer.
      void setKeyPassword(char[] keyPassword)
      Sets the password for recovering the key.
      void setKeyStorePassword(char[] keyStorePassword)
      Sets the type of the keyStore used by the consumer of the SAML token.
      void setKeyStorePath(java.lang.String keyStorePath)
      Sets the file path for the keyStore used by the consumer of the SAML token..
      void setKeyStoreReference(java.lang.String keyStoreRef)
      Sets the reference name of the keyStore used by the token consumer (e.g. a service).
      void setKeyStoreType(java.lang.String keyStoreType)
      Sets the type of the keyStore by the consumer of the SAML token.
      void setProperties(java.util.Map<java.lang.String,java.lang.String> map)
      Set RSTT for WS-Trust request
      void setStsBinding(java.lang.String binding)
      Sets the name of WS-Trust client bindings for WS-Trust's Issue or Validate operation.
      void setStsBindingScope(java.lang.String scope)
      Sets the binding scope for WS-Trust client, and it could be set to "domain" or "application".
      void setStsPolicy(java.lang.String policy)
      Sets the name of WS-Trust client policy set for Issue or Validate operation.
      void setStsSoapVersion(java.lang.String ns)
      Sets the required SOAP version of WS-Trust client.
      void setStsURI(java.lang.String uri)
      Sets the URL name of SecurityTokenservice.
      void setStsValidateBinding(java.lang.String binding)
      Sets the name of WS-Trust client bindings for WS-Trust's Validate operation.
      void setStsValidatePolicy(java.lang.String policy)
      Sets the name of WS-Trust client policy set for Validate operation.
      void setTrustedEntries(com.ibm.wsspi.wssecurity.core.config.TrustedEntryConfig te) 
      void setTrustedIssuers(java.util.ArrayList<java.lang.String[]> issuers)
      Deprecated. 
      void setValidateTarget(java.lang.String target)
      Set flag to indicate how Validate message for WS-Trust request should be formated, the valid options are "token" or "base".
      void setWstNamespace(java.lang.String ns)
      Set WS-Trust namespace used in the SOAP communication with the Security Token provider.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Field Detail

      • validateTargets

        public java.lang.String[] validateTargets

    • Constructor Detail

      • GenericIssuedTokenConsumeCallback

        public GenericIssuedTokenConsumeCallback()

    • Method Detail

      • getStsURI

        public java.lang.String getStsURI()
        Returns the URL of SecurityTokenService that issues SecurityToken.
        Returns:
        the URL of SecurityTokenService.

      • setStsURI

        public void setStsURI(java.lang.String uri)
        Sets the URL name of SecurityTokenservice.
        Parameters:
        uri - the URL name of the Security Token Service (STS).

      • getStsPolicy

        public java.lang.String getStsPolicy()
        Returns the policySet name for WS-Trust client's Issue or Validate operation.
        Returns:
        the policySet name for WS-Trust client's Issue or Validate operation.

      • setStsPolicy

        public void setStsPolicy(java.lang.String policy)
        Sets the name of WS-Trust client policy set for Issue or Validate operation.
        Parameters:
        the - name of WS-Trust client policy set for Issue or Validate operation.

      • getStsBinding

        public java.lang.String getStsBinding()
        Returns the name for the policySet binding used by the WS-Trust client's Issue or Validate operation.
        Returns:
        the name of the policySet binding for the WS-Trust client's Issue or Validate operation.

      • setStsBinding

        public void setStsBinding(java.lang.String binding)
        Sets the name of WS-Trust client bindings for WS-Trust's Issue or Validate operation.
        Parameters:
        binding - the name of WS-Trust client bindings for WS-Trust's Issue or Validate operation.

      • getWstNamespace

        public java.lang.String getWstNamespace()
        Return the WS-Trust namespace used in the SOAP communication with the Security Token provider. wstNamespace is a String value that can be set to "http://schemas.xmlsoap.org/ws/2005/02/trust" for ws-trust 1.2, or "http://docs.oasis-open.org/ws-sx/ws-trust/200512" for ws-trust 1.3.
        Returns:
        the WS-Trust namespace.

      • setWstNamespace

        public void setWstNamespace(java.lang.String ns)
        Set WS-Trust namespace used in the SOAP communication with the Security Token provider. wstNamespace is a String value that can be set to "http://schemas.xmlsoap.org/ws/2005/02/trust" for ws-trust 1.2, or "http://docs.oasis-open.org/ws-sx/ws-trust/200512" for ws-trust 1.3
        Parameters:
        wstNamespace - the WS-Trust NameSpace, it is "http://schemas.xmlsoap.org/ws/2005/02/trust" for ws-trust 1.2, or "http://docs.oasis-open.org/ws-sx/ws-trust/200512" for ws-trust 1.3

      • getStsSoapVersion

        public java.lang.String getStsSoapVersion()
        Returns the SOAP version for the WS-Trust client.
        Returns:
        the the SOAP version for the WS-Trust client, the valid values are 1.1 or 1.2

      • setStsSoapVersion

        public void setStsSoapVersion(java.lang.String ns)
        Sets the required SOAP version of WS-Trust client.
        Parameters:
        version - the required SOAP version for WS-Trust client, the valid values are 1.1 or 1.2.

      • getStsBindingScope

        public java.lang.String getStsBindingScope()
        Return the binding scope for WS-Trust client, and it is either "domain" or "application". A value of domain indicates that the specifiied binding is a general binding, and a value of application indicates that the specified binding is an application specific binding.
        Returns:
        the binding scope for WS-Trust client, and it is either "domain" or "application".

      • setStsBindingScope

        public void setStsBindingScope(java.lang.String scope)
        Sets the binding scope for WS-Trust client, and it could be set to "domain" or "application". A value of domain indicates that the specified binding is a general binding, and a value of application indicates that the specified binding is an application specific binding.
        Parameters:
        scope - the binding scope for WS-Trust client, and it is either "domain" or "application".

      • getProperties

        public java.util.Map<java.lang.String,java.lang.String> getProperties()
        Return WS-Trust request parameters as defined in RSTT
        Returns:
        WS-Trust RSTT parameters

      • setProperties

        public void setProperties(java.util.Map<java.lang.String,java.lang.String> map)
        Set RSTT for WS-Trust request
        Parameters:
        WS-Trust - RSTT parameters

      • getExchangedTokenType

        public java.lang.String getExchangedTokenType()

      • setExchangedTokenType

        public void setExchangedTokenType(java.lang.String type)

      • getValidateTarget

        public java.lang.String getValidateTarget()
        Return the optional flag that indicate how to pass validation target to STS. The valid options are "token", "base".
        Returns:
        flag to indicate how to pass validation target to STS.

      • setValidateTarget

        public void setValidateTarget(java.lang.String target)
        Set flag to indicate how Validate message for WS-Trust request should be formated, the valid options are "token" or "base".
        Parameters:
        WS-Trust - Validate target format.

      • getIssuer

        public java.lang.String getIssuer()
        Return the token issuer name.
        Returns:
        the optional token issuer name.

      • setIssuer

        public void setIssuer(java.lang.String issuer)
        Set token issuer name.
        Parameters:
        token - issuer name.

      • getStsValidatePolicy

        public java.lang.String getStsValidatePolicy()
        Returns the policySet name for WS-Trust client's Validate operation.
        Returns:
        the policySet name for WS-Trust client's Validate operation.

      • setStsValidatePolicy

        public void setStsValidatePolicy(java.lang.String policy)
        Sets the name of WS-Trust client policy set for Validate operation.
        Parameters:
        the - name of WS-Trust client policy set for Validate operation.

      • getStsValidateBinding

        public java.lang.String getStsValidateBinding()
        Returns the name for the policySet binding used by the WS-Trust client's Validate operation.
        Returns:
        the name of the policySet binding for the WS-Trust client's Validate operation.

      • setStsValidateBinding

        public void setStsValidateBinding(java.lang.String binding)
        Sets the name of WS-Trust client bindings for WS-Trust's Validate operation.
        Parameters:
        binding - the name of WS-Trust client bindings for WS-Trust's Validate operation.

      • getKeyStoreReference

        public java.lang.String getKeyStoreReference()
        Returns the reference name of the keyStore used by the token consumer (e.g. a service).
        Returns:
        reference name of the keyStore of the token consumer.

      • setKeyStoreReference

        public void setKeyStoreReference(java.lang.String keyStoreRef)
        Sets the reference name of the keyStore used by the token consumer (e.g. a service).
        Parameters:
        keyStoreRef - string representing the reference name of the keyStore.

      • getKeyStorePath

        public java.lang.String getKeyStorePath()
        Returns the file path for the keyStore used by the consumer of the SAML token.
        Returns:
        String that contains the path of the keyStore.

      • setKeyStorePath

        public void setKeyStorePath(java.lang.String keyStorePath)
        Sets the file path for the keyStore used by the consumer of the SAML token..
        Parameters:
        keyStorePath - string representing the path to the keyStore.

      • getKeyStoreType

        public java.lang.String getKeyStoreType()
        Returns the type of the keyStore used by the consumer of the SAML token.
        Returns:
        type of the keyStore

      • setKeyStoreType

        public void setKeyStoreType(java.lang.String keyStoreType)
        Sets the type of the keyStore by the consumer of the SAML token.
        Parameters:
        keyStoreType - string representing the type of the keyStore

      • getKeyStorePassword

        public char[] getKeyStorePassword()
        Returns the password for the keyStore used by the consumer of the SAML token.
        Returns:
        charcter array that contains the password used to check the integrity or unlock the keyStore used by the consumer of a SAML token.

      • setKeyStorePassword

        public void setKeyStorePassword(char[] keyStorePassword)
        Sets the type of the keyStore used by the consumer of the SAML token.
        Parameters:
        keyStorePassword - character array that contains the password used to check the integrity or unlock the keyStore for the consumer of the SAML token.

      • getAlias

        public java.lang.String getAlias()
        Returns the alias name used by the consumer of the SAML token in its keyStore.
        Returns:
        alias string representing the key alias name.

      • setAlias

        public void setAlias(java.lang.String alias)
        Sets the key alias name in the consumer's keyStore.
        Parameters:
        alias - string representing the alias name.

      • getKeyPassword

        public char[] getKeyPassword()
        Returns the password for recovering the key.
        Returns:
        character array that contains the password used for recovering the key.

      • setKeyPassword

        public void setKeyPassword(char[] keyPassword)
        Sets the password for recovering the key.
        Parameters:
        keyPassword - character array that contains the password for recovering the key.

      • getKeyName

        public java.lang.String getKeyName()
        Returns the name of the key used by the token consumer.
        Returns:
        String that contains the key.

      • setKeyName

        public void setKeyName(java.lang.String keyName)
        Sets the name of the key used by the token consumer.
        Parameters:
        keyName - string that contains the name of the key.

      • getConfirmationMethod

        public java.lang.String getConfirmationMethod()
        Returns the ConfirmationMethod to be used when requesting/generating a SAML token.
        Returns:
        the required Subject ConfirmationMethod. The valid values are "holder-of-key", "bearer", or "sender-vouches"

      • setConfirmationMethod

        public void setConfirmationMethod(java.lang.String method)
        Sets the type of Subject ConfirmationMethod to be used by the token requester.
        Parameters:
        method - a string identifying the Subject ConfirmationMethod.

      • enforceConfirmationMethodInTokenExchange

        public boolean enforceConfirmationMethodInTokenExchange()
        Returns the option to check the receiving SAML subject confirmation method if SAMLToken has been exchanged.
        Returns:
        the option to check the receiving SAML subject confirmation method if SAMLToken has been exchanged.

      • setEnforceConfirmationMethodInTokenExchange

        public void setEnforceConfirmationMethodInTokenExchange(boolean option)
        Sets the option to check the receiving SAML subject confirmation method if SAMLToken has been exchanged.
        Parameters:
        boolean -

      • isCollectionRequest

        public boolean isCollectionRequest()

      • setCollectionRequest

        public void setCollectionRequest(boolean collectionRequest)

      • getTrustedIssuers

        public java.util.ArrayList<java.lang.String[]> getTrustedIssuers()
        Returns:
        a list of trusted SAML Issuers, each contains Issuer name and/or Signer certificate's SubjectDN

      • setTrustedIssuers

        @Deprecated
public void setTrustedIssuers(java.util.ArrayList<java.lang.String[]> issuers)
        Deprecated. 

      • setTrustedEntries

        public void setTrustedEntries(com.ibm.wsspi.wssecurity.core.config.TrustedEntryConfig te)

      • getTrustedEntries

        public com.ibm.wsspi.wssecurity.core.config.TrustedEntryConfig getTrustedEntries()
IBM WebSphere Application ServerTM
Release 8.5