com.ibm.websphere.wssecurity.callbackhandler

Class SAMLGenerateCallback

  • java.lang.Object
    • com.ibm.websphere.wssecurity.callbackhandler.SAMLGenerateCallback
  • All Implemented Interfaces:
    javax.security.auth.callback.Callback

    public class SAMLGenerateCallback
extends java.lang.Object
implements javax.security.auth.callback.Callback
    This is a Callback class for the SAML token used to collect requester configuration information prior to creating or requesting a SAML token. Getter and setter methods are used to retrieve and set values for the configuration parameters collected by this Callback. It is important to note that during the propagation of a SAML token on an outbound call that the cacheCushion value is used to make a determination of whether an existing SAML token remaining expiration time is sufficiently long and thus can still be used for propagation. The value of the token expiration date must be above current time plus the cushion value. The default value of cacheCushion is 5 minutes.
    A SAML token remains valid in the process if it was valid at the time the process received that token.
    See Also:
    SAMLToken, SAMLTokenFactory

    • Method Summary

      Methods 
      Modifier and Type Method and Description
      boolean cacheToken()
      Returns the flag that indicates whether SAML should be cached.
      boolean getActAsReIssue() 
      java.lang.String getActAsTokenType() 
      java.lang.String getAlias()
      Returns the alias name of the private key for the SAML token requester.
      java.lang.String getAppliesTo()
      Returns AppliesTo.
      java.util.ArrayList<com.ibm.wsspi.wssecurity.saml.data.SAMLAttribute> getAttributes()
      Returns ArrayList.
      boolean getAudienceRestriction() 
      java.lang.String getAuthenticationMethod()
      Returns the AuthenticationMethod to be used when self-issuing a SAML token.
      long getCacheCushion()
      Returns the value in milliseconds for the cacheCushion.
      java.util.List<java.security.cert.CertStore> getCertStores()
      Returns the list of certificate stores that are available.
      long getClockSkew()
      Returns the time in milliseconds that is allowed for clock skew between the token issuer and the consumer.
      java.lang.String getConfirmationMethod()
      Returns the ConfirmationMethod to be used when requesting/generating a SAML token.
      com.ibm.wsspi.wssecurity.saml.config.RequesterConfig.requestMode getIssueMode() 
      java.lang.String getKeyName()
      Returns the name of the key.
      char[] getKeyPassword()
      Returns the password for recovering the key.
      java.lang.String getKeySize()
      Returns the key size for the SecretKey, "http://docs.oasis-open.org/ws-sx/ws-trust/200512/SymmetricKey"
      char[] getKeyStorePassword()
      Returns the password used for the SAML token requester's keyStore.
      java.lang.String getKeyStorePath()
      Returns the file path from which the keyStore for the SAML token requester is loaded.
      java.lang.String getKeyStoreReference()
      Returns the reference name of the keyStore used by the requesting entity for the creation of SAML tokens.
      java.lang.String getKeyStoreType()
      Returns the type of the keyStore used by the SAML token requester.
      java.lang.String getKeyType()
      Returns the name of Key Type to be used for the Subject confirmation for a SAML a SAML token requester.
      java.lang.String getNameId()
      Return the specified SAML token name identifier to be generated
      boolean getOnBehalfOfReIssue() 
      java.lang.String getOnBehalfOfTokenType() 
      java.util.Map<java.lang.String,java.lang.String> getRSTTProperties()
      Return WS-Trust request parameters as defined in RSTT
      java.lang.String getSSLConfigUrl()
      Returns SSLConfiguration location .
      java.lang.String getStsBinding()
      Returns the name for the policySet binding used by the WS-Trust client
      java.lang.String getStsBindingScope()
      Return the binding scope for WS-Trust client, and it is either "domain" or "application".
      java.lang.String getStsPolicy()
      Returns the policySet name for WS-Trust client
      java.lang.String getStsSoapVersion()
      Returns the SOAP version for the WS-Trust client
      java.lang.String getStsURI()
      Returns the URL of SecurityTokenService (issuer of the SAML token)
      java.lang.String getTargetServiceAlias()
      Returns the target service's Cetificate alias
      java.lang.String getTokenRequest()
      Returns the name of the token request method.
      java.lang.String getTokenType()
      Return the required TokenType to be generated
      java.lang.String getUsekeyType()
      Returns the Usekey keyInfoType
      WSSConsumingContext getWSSConsumingContext()
      Gets WSSConsumingContext object.
      WSSGenerationContext getWSSGenerationContext()
      Returns WSSGenerationContext object.
      java.lang.String getWSTrustNamespace()
      Return the WS-Trust namespace used in the SOAP communication with the Security Token provider.
      boolean includeCredentialToken() 
      boolean includeExpiration() 
      boolean includeGroupIds() 
      boolean includeHostName() 
      boolean includeOID() 
      boolean includePrimaryGroupId() 
      boolean includeRealmName() 
      boolean includeSecurityName() 
      boolean includeUniqueSecurityName() 
      boolean isActAsRequired() 
      boolean isCollectionRequest() 
      boolean isFailOverToTokenRequest()
      Returns an indication of whether to request a new SAML token if the SAML token provided in the RequestContext is not valid.
      boolean isOnBehalfOfRequired() 
      boolean isSignatureRequired()
      Returns the flag that indicates whether SAML should be signed by SAML token provider
      void setActAsReIssue(boolean option) 
      void setActAsRequired(boolean option) 
      void setActAsTokenType(java.lang.String type) 
      void setAlias(java.lang.String alias)
      Sets the alias of private key for the SAML token requester.
      void setAppliesTo(java.lang.String uri) 
      void setAttributes(java.util.ArrayList<com.ibm.wsspi.wssecurity.saml.data.SAMLAttribute> attrs)
      Sets ArrayList object via WSSAPI.
      void setAudienceRestriction(boolean option) 
      void setAuthenticationMethod(java.lang.String method)
      Sets the AuthenticationMethod to be used when self-issuing a SAML token
      void setCacheCushion(long time)
      Sets the value in milliseconds for the cacheCushion.
      void setCacheToken(boolean option)
      Sets the flag that indicates whether SAML should be cached
      void setCertStores(java.util.List<java.security.cert.CertStore> certStores)
      Sets the list of certificate stores.
      void setClockSkew(long time)
      Sets the time in milliseconds that is allowed for clock skew between the token issuer and the consumer.
      void setCollectionRequest(boolean collectionRequest) 
      void setConfirmationMethod(java.lang.String method)
      Sets the type of Subject ConfirmationMethod to be used by the token requester.
      void setFailOverToTokenRequest(boolean option)
      Sets the flag that indicates whether to request a new SAML token if SAMLToken from RequestContext is invalid
      void setIncludeCredentialToken(boolean flag)
      Sets boolean flag to assert CredentialToken from WSCredential as an SAML attribute.
      void setIncludeExpiration(boolean flag)
      Sets boolean flag to assert Expiration from WSCredential as an SAML attribute.
      void setIncludeGroupIds(boolean flag)
      Sets boolean flag to assert GroupIds from WSCredential as an SAML attribute.
      void setIncludeHostName(boolean flag)
      Sets boolean flag to assert HostName from WSCredential as an SAML attribute.
      void setIncludeOID(boolean flag)
      Sets boolean flag to assert OID from WSCredential as an SAML attribute.
      void setIncludePrimaryGroupId(boolean flag)
      Sets boolean flag to assert PrimaryGroupId from WSCredential as an SAML attribute.
      void setIncludeRealmName(boolean flag)
      Sets boolean flag to assert realm from WSCredential as an SAML attribute.
      void setIncludeSecurityName(boolean flag)
      Sets boolean flag to assert SecurityName from WSCredential as an SAML attribute.
      void setIncludeUniqueSecurityName(boolean flag)
      Sets boolean flag to assert UniqueSecurityName from WSCredential as an SAML attribute.
      void setIsSignatureRequired(boolean option)
      Sets the flag that indicates whether SAML should be signed by SAML token provider
      void setIssueMode(com.ibm.wsspi.wssecurity.saml.config.RequesterConfig.requestMode mode) 
      void setKeyName(java.lang.String keyName)
      Sets the name of the key.
      void setKeyPassword(char[] keyPassword)
      Sets the password for recovering the key.
      void setKeySize(java.lang.String size)
      Sets the key size for the Secret Key
      void setKeyStorePassword(char[] storePassword)
      Sets the password value for the keyStore used by the SAML token requester.
      void setKeyStorePath(java.lang.String storePath)
      Sets the file path from which the keyStore for the SAML token requester is loaded.
      void setKeyStoreReference(java.lang.String storeRef)
      Sets the reference name of the keyStore.
      void setKeyStoreType(java.lang.String storeType)
      Sets the type of the keyStore to be used by the SAML token requester.
      void setKeyType(java.lang.String type)
      Sets the name of key type.
      void setNameId(java.lang.String userid)
      Set the SAML Token Name Identifier.
      void setOnBehalfOfReIssue(boolean option) 
      void setOnBehalfOfRequired(boolean option) 
      void setOnBehalfOfTokenType(java.lang.String type) 
      void setRSTTProperties(java.util.Map<java.lang.String,java.lang.String> rstt)
      Set RSTT for WS-Trust request
      void setSSLConfigUrl(java.lang.String location)
      Sets SSLConfigUrl object.
      void setStsBinding(java.lang.String policySet)
      Sets the name of WS-Trust client bindings.
      void setStsBindingScope(java.lang.String scope)
      Sets the binding scope for WS-Trust client, and it could be set to "domain" or "application".
      void setStsPolicy(java.lang.String policySet)
      Sets the name of WS-Trust client policy set.
      void setStsSoapVersion(java.lang.String version)
      Sets the required SOAP version of WS-Trust client
      void setStsURI(java.lang.String uri)
      Sets the URL name of SecurityTokenservice (token issuer).
      void setTargetserviceAlias(java.lang.String alias)
      Set the target service's Cetificate alias
      void setTokenRequest(java.lang.String requestMode)
      Sets the SAMLToken request method, "issue", "propagation", or "issueByWSPrincipal"
      void setTokenType(java.lang.String tokenType)
      Set the required TokenType.
      void setUseKeyType(java.lang.String type)
      Set the Usekey keyInfoType
      void setUseUniqueSecurityName(boolean flag)
      Sets boolean flag to use UniqueSecurityName from WSCredential as NameID or NameIdentifier.
      void setWSSConsumingContext(WSSConsumingContext concont)
      Sets WSSConsumingContext object.
      void setWSSGenerationContext(WSSGenerationContext gencont)
      Sets WSSGenerationContext object.
      void setWSTrustNamespace(java.lang.String wstNamespace)
      Set WS-Trust namespace used in the SOAP communication with the Security Token provider.
      boolean useUniqueSecurityName() 

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • SAMLGenerateCallback

        public SAMLGenerateCallback()

    • Method Detail

      • getKeyStoreReference

        public java.lang.String getKeyStoreReference()
        Returns the reference name of the keyStore used by the requesting entity for the creation of SAML tokens.
        Returns:
        reference name of the keyStore

      • setKeyStoreReference

        public void setKeyStoreReference(java.lang.String storeRef)
        Sets the reference name of the keyStore.
        Parameters:
        storeRef - reference name of the keyStore used by the requesting entity for the creation of SAML tokens.

      • getKeyStorePath

        public java.lang.String getKeyStorePath()
        Returns the file path from which the keyStore for the SAML token requester is loaded.
        Returns:
        the file path from which the keyStore is loaded.

      • setKeyStorePath

        public void setKeyStorePath(java.lang.String storePath)
        Sets the file path from which the keyStore for the SAML token requester is loaded.
        Parameters:
        storePath - path of the keyStore.

      • getKeyStoreType

        public java.lang.String getKeyStoreType()
        Returns the type of the keyStore used by the SAML token requester.
        Returns:
        a string indicating the type of the keyStore used.

      • setKeyStoreType

        public void setKeyStoreType(java.lang.String storeType)
        Sets the type of the keyStore to be used by the SAML token requester.
        Parameters:
        storeType - a string for the keyStore type used.

      • getKeyStorePassword

        public char[] getKeyStorePassword()
        Returns the password used for the SAML token requester's keyStore.
        Returns:
        a character array for the password used to check the integrity of the keyStore or the password used to unlock the keyStore

      • getConfirmationMethod

        public java.lang.String getConfirmationMethod()
        Returns the ConfirmationMethod to be used when requesting/generating a SAML token.
        Returns:
        the required Subject ConfirmationMethod. The valid values are "holder-of-key", "bearer", or "sender-vouches"

      • getAuthenticationMethod

        public java.lang.String getAuthenticationMethod()
        Returns the AuthenticationMethod to be used when self-issuing a SAML token.
        Returns:
        the required AuthenticationMethod

      • getStsPolicy

        public java.lang.String getStsPolicy()
        Returns the policySet name for WS-Trust client
        Returns:
        the policySet name for WS-Trust client

      • getStsBinding

        public java.lang.String getStsBinding()
        Returns the name for the policySet binding used by the WS-Trust client
        Returns:
        the name of the policySet binding for the WS-Trust client

      • getStsURI

        public java.lang.String getStsURI()
        Returns the URL of SecurityTokenService (issuer of the SAML token)
        Returns:
        the URL of SecurityTokenService

      • getKeyType

        public java.lang.String getKeyType()
        Returns the name of Key Type to be used for the Subject confirmation for a SAML a SAML token requester.
        Returns:
        the requested Key Type name, the valid values are
        • "http://docs.oasis-open.org/ws-sx/ws-trust/200512/PublicKey", or
        • "http://docs.oasis-open.org/ws-sx/ws-trust/200512/SymmetricKey", or
        • "http://docs.oasis-open.org/ws-sx/ws-trust/200512/BearerKey"

      • getKeySize

        public java.lang.String getKeySize()
        Returns the key size for the SecretKey, "http://docs.oasis-open.org/ws-sx/ws-trust/200512/SymmetricKey"
        Returns:
        the key size for the SecretKey, "http://docs.oasis-open.org/ws-sx/ws-trust/200512/SymmetricKey"

      • getStsSoapVersion

        public java.lang.String getStsSoapVersion()
        Returns the SOAP version for the WS-Trust client
        Returns:
        the the SOAP version for the WS-Trust client, the valid values are 1.1 or 1.2

      • isFailOverToTokenRequest

        public boolean isFailOverToTokenRequest()
        Returns an indication of whether to request a new SAML token if the SAML token provided in the RequestContext is not valid.
        Returns:
        a boolean flag that indicates whether to request a new SAML token if the SAML token provided in the RequestContext is not valid. The default behavior is to always request a new SAMLToken if incoming SAMLToken in RequestContext is invalid.

      • setKeyStorePassword

        public void setKeyStorePassword(char[] storePassword)
        Sets the password value for the keyStore used by the SAML token requester.
        Parameters:
        storePassword - character array for the password used to check the integrity of the keyStore or the password used to unlock the keyStore

      • getAlias

        public java.lang.String getAlias()
        Returns the alias name of the private key for the SAML token requester.
        Returns:
        alias name of private key

      • setAlias

        public void setAlias(java.lang.String alias)
        Sets the alias of private key for the SAML token requester.
        Parameters:
        alis - string alias name.

      • getKeyPassword

        public char[] getKeyPassword()
        Returns the password for recovering the key.
        Returns:
        password for recovering the key.

      • setKeyPassword

        public void setKeyPassword(char[] keyPassword)
        Sets the password for recovering the key.
        Parameters:
        keyPassword - character array for the password used to recover the key.

      • getKeyName

        public java.lang.String getKeyName()
        Returns the name of the key.
        Returns:
        name of the key

      • setKeyName

        public void setKeyName(java.lang.String keyName)
        Sets the name of the key.
        Parameters:
        keyName - name of the key

      • getCertStores

        public java.util.List<java.security.cert.CertStore> getCertStores()
        Returns the list of certificate stores that are available.
        Returns:
        list of certificate stores.

      • getTokenRequest

        public java.lang.String getTokenRequest()
        Returns the name of the token request method.
        Returns:
        name of the token request method, valid values are "issue", "propagation", or "issueByWSPrincipal". The default behavior is "issue", in which web service client will request a new SAML token either using ws-trust or self-issue. The "propagation" means that web service client will use SAMLToken from RunAsSubject for downstream call. The "issueByWSPrincipal" means that web service client will self-generate a SAMLToken based on principal in RunAsSubject for downstream call.

      • setCertStores

        public void setCertStores(java.util.List<java.security.cert.CertStore> certStores)
        Sets the list of certificate stores.
        Parameters:
        certStores - list of certificate stores

      • setConfirmationMethod

        public void setConfirmationMethod(java.lang.String method)
        Sets the type of Subject ConfirmationMethod to be used by the token requester.
        Parameters:
        method - a string identifying the Subject ConfirmationMethod.

      • setAuthenticationMethod

        public void setAuthenticationMethod(java.lang.String method)
        Sets the AuthenticationMethod to be used when self-issuing a SAML token
        Parameters:
        method - a string identifying the AuthenticationMethod.

      • setStsPolicy

        public void setStsPolicy(java.lang.String policySet)
        Sets the name of WS-Trust client policy set.
        Parameters:
        the - name of WS-Trust client policy set.

      • setStsBinding

        public void setStsBinding(java.lang.String policySet)
        Sets the name of WS-Trust client bindings.
        Parameters:
        policySet - the name of WS-Trust client bindings.

      • setStsURI

        public void setStsURI(java.lang.String uri)
        Sets the URL name of SecurityTokenservice (token issuer).
        Parameters:
        uri - the URI name of the Security Token Service (STS).

      • setKeyType

        public void setKeyType(java.lang.String type)
        Sets the name of key type.
        Parameters:
        the - name of key type.

      • setKeySize

        public void setKeySize(java.lang.String size)
        Sets the key size for the Secret Key
        Parameters:
        size - the key size of Secret Key.

      • setStsSoapVersion

        public void setStsSoapVersion(java.lang.String version)
        Sets the required SOAP version of WS-Trust client
        Parameters:
        version - the required SOAP version for WS-Trust client

      • setTokenRequest

        public void setTokenRequest(java.lang.String requestMode)
        Sets the SAMLToken request method, "issue", "propagation", or "issueByWSPrincipal"
        Parameters:
        requestMode - a string for the SAMLToken request mode.

      • setStsBindingScope

        public void setStsBindingScope(java.lang.String scope)
        Sets the binding scope for WS-Trust client, and it could be set to "domain" or "application". A value of domain indicates that the specified binding is a general binding, and a value of application indicates that the specified binding is an application specific binding.
        Parameters:
        scope - the binding scope for WS-Trust client, and it is either "domain" or "application".

      • getStsBindingScope

        public java.lang.String getStsBindingScope()
        Return the binding scope for WS-Trust client, and it is either "domain" or "application". A value of domain indicates that the specifiied binding is a general binding, and a value of application indicates that the specified binding is an application specific binding.
        Returns:
        the binding scope for WS-Trust client, and it is either "domain" or "application".

      • getWSTrustNamespace

        public java.lang.String getWSTrustNamespace()
        Return the WS-Trust namespace used in the SOAP communication with the Security Token provider. wstNamespace is a String value that can be set to "http://schemas.xmlsoap.org/ws/2005/02/trust" for ws-trust 1.2, or "http://docs.oasis-open.org/ws-sx/ws-trust/200512" for ws-trust 1.3
        Returns:
        the WS-Trust namespace

      • setWSTrustNamespace

        public void setWSTrustNamespace(java.lang.String wstNamespace)
        Set WS-Trust namespace used in the SOAP communication with the Security Token provider. wstNamespace is a String value that can be set to "http://schemas.xmlsoap.org/ws/2005/02/trust" for ws-trust 1.2, or "http://docs.oasis-open.org/ws-sx/ws-trust/200512" for ws-trust 1.3
        Parameters:
        wstNamespace - the WS-Trust NameSpace, it is "http://schemas.xmlsoap.org/ws/2005/02/trust" for ws-trust 1.2, or "http://docs.oasis-open.org/ws-sx/ws-trust/200512" for ws-trust 1.3

      • isCollectionRequest

        public boolean isCollectionRequest()

      • setCollectionRequest

        public void setCollectionRequest(boolean collectionRequest)

      • getRSTTProperties

        public java.util.Map<java.lang.String,java.lang.String> getRSTTProperties()
        Return WS-Trust request parameters as defined in RSTT
        Returns:
        WS-Trust RSTT parameters

      • setRSTTProperties

        public void setRSTTProperties(java.util.Map<java.lang.String,java.lang.String> rstt)
        Set RSTT for WS-Trust request
        Parameters:
        WS-Trust - RSTT parameters

      • setFailOverToTokenRequest

        public void setFailOverToTokenRequest(boolean option)
        Sets the flag that indicates whether to request a new SAML token if SAMLToken from RequestContext is invalid
        Parameters:
        option - a flag that indicates whether to request a new SAML token if incoming SAMLToken becomes invalid.

      • isSignatureRequired

        public boolean isSignatureRequired()
        Returns the flag that indicates whether SAML should be signed by SAML token provider
        Returns:
        the flag that indicates whether SAML should be signed by SAML provider

      • setIsSignatureRequired

        public void setIsSignatureRequired(boolean option)
        Sets the flag that indicates whether SAML should be signed by SAML token provider
        Parameters:
        option - a flag that indicates whether the SAML token should be signed by SAML token provider.

      • cacheToken

        public boolean cacheToken()
        Returns the flag that indicates whether SAML should be cached.
        Returns:
        the flag that indicates whether SAML should be cached.

      • getCacheCushion

        public long getCacheCushion()
        Returns the value in milliseconds for the cacheCushion. Note that this value is important in determining the expiration status of a token, see above.
        Returns:
        the token expiration time in milliseconds.

      • setCacheToken

        public void setCacheToken(boolean option)
        Sets the flag that indicates whether SAML should be cached
        Parameters:
        option - a flag that indicates whether the SAML token should be cached.

      • setCacheCushion

        public void setCacheCushion(long time)
        Sets the value in milliseconds for the cacheCushion. Note that this value is important in determining the expiration status of a token, see above.
        Parameters:
        time - the time limit in milliseconds.

      • getTargetServiceAlias

        public java.lang.String getTargetServiceAlias()
        Returns the target service's Cetificate alias
        Returns:
        the target service's Cetificate alias.

      • setTargetserviceAlias

        public void setTargetserviceAlias(java.lang.String alias)
        Set the target service's Cetificate alias
        Parameters:
        the - target service's Cetificate alias

      • getUsekeyType

        public java.lang.String getUsekeyType()
        Returns the Usekey keyInfoType
        Returns:
        the Usekey keyInfoType

      • setUseKeyType

        public void setUseKeyType(java.lang.String type)
        Set the Usekey keyInfoType
        Parameters:
        the - Usekey keyInfoType

      • getClockSkew

        public long getClockSkew()
        Returns the time in milliseconds that is allowed for clock skew between the token issuer and the consumer. The clock skew is used when setting the expiration of the token on an Outbound request. The expiration time of the token needs to be above the current time plus the clock skew.
        Returns:
        the time in milliseconds allowed for clock skew. The default clock skew is 0 minutes.

      • setClockSkew

        public void setClockSkew(long time)
        Sets the time in milliseconds that is allowed for clock skew between the token issuer and the consumer. The clock skew is used when setting the expiration of the token on an Outbound request. The expiration time of the token needs to be above the current time plus the clock skew.
        Parameters:
        time - a long integer representing time for the clockSkew value in milliseconds.

      • getTokenType

        public java.lang.String getTokenType()
        Return the required TokenType to be generated
        Returns:
        a String represents the TokenType

      • setTokenType

        public void setTokenType(java.lang.String tokenType)
        Set the required TokenType.
        Parameters:
        tokenType - which is a String represents the required TokenType

      • getNameId

        public java.lang.String getNameId()
        Return the specified SAML token name identifier to be generated
        Returns:
        a String represents the SAML token user name identifier

      • setNameId

        public void setNameId(java.lang.String userid)
        Set the SAML Token Name Identifier.
        Parameters:
        userid - which is a String represents the SAML Token name identifier

      • getWSSConsumingContext

        public WSSConsumingContext getWSSConsumingContext()
        Gets WSSConsumingContext object.
        Returns:
        WSSConsumingContext object

      • setWSSConsumingContext

        public void setWSSConsumingContext(WSSConsumingContext concont)
        Sets WSSConsumingContext object.
        Parameters:
        concont - WSSConsumingContext object

      • getWSSGenerationContext

        public WSSGenerationContext getWSSGenerationContext()
        Returns WSSGenerationContext object.
        Returns:
        WSSGenerationContext object

      • setWSSGenerationContext

        public void setWSSGenerationContext(WSSGenerationContext gencont)
        Sets WSSGenerationContext object.
        Parameters:
        gencont - WSSGenerationContext object

      • getSSLConfigUrl

        public java.lang.String getSSLConfigUrl()
        Returns SSLConfiguration location .
        Returns:
        WSSLConfiguration location.

      • setSSLConfigUrl

        public void setSSLConfigUrl(java.lang.String location)
        Sets SSLConfigUrl object.
        Parameters:
        SSLConfigUrl - object

      • getAppliesTo

        public java.lang.String getAppliesTo()
        Returns AppliesTo.
        Returns:
        AppliesTo.

      • setAppliesTo

        public void setAppliesTo(java.lang.String uri)

      • getAttributes

        public java.util.ArrayList<com.ibm.wsspi.wssecurity.saml.data.SAMLAttribute> getAttributes()
        Returns ArrayList.
        Returns:
        ArrayList.

      • setAttributes

        public void setAttributes(java.util.ArrayList<com.ibm.wsspi.wssecurity.saml.data.SAMLAttribute> attrs)
        Sets ArrayList object via WSSAPI.
        Parameters:
        ArrayList - object

      • includeRealmName

        public boolean includeRealmName()

      • setIncludeRealmName

        public void setIncludeRealmName(boolean flag)
        Sets boolean flag to assert realm from WSCredential as an SAML attribute.
        Parameters:
        boolean - flag to assert realm from WSCredential as an SAML attribute.

      • includeSecurityName

        public boolean includeSecurityName()

      • setIncludeSecurityName

        public void setIncludeSecurityName(boolean flag)
        Sets boolean flag to assert SecurityName from WSCredential as an SAML attribute.
        Parameters:
        boolean - flag to assert SecurityName from WSCredential as an SAML attribute.

      • includeUniqueSecurityName

        public boolean includeUniqueSecurityName()

      • setIncludeUniqueSecurityName

        public void setIncludeUniqueSecurityName(boolean flag)
        Sets boolean flag to assert UniqueSecurityName from WSCredential as an SAML attribute.
        Parameters:
        boolean - flag to assert UniqueSecurityName from WSCredential as an SAML attribute.

      • includeCredentialToken

        public boolean includeCredentialToken()

      • setIncludeCredentialToken

        public void setIncludeCredentialToken(boolean flag)
        Sets boolean flag to assert CredentialToken from WSCredential as an SAML attribute.
        Parameters:
        boolean - flag to assert CredentialToken from WSCredential as an SAML attribute.

      • includeOID

        public boolean includeOID()

      • setIncludeOID

        public void setIncludeOID(boolean flag)
        Sets boolean flag to assert OID from WSCredential as an SAML attribute.
        Parameters:
        boolean - flag to assert OID from WSCredential as an SAML attribute.

      • includeExpiration

        public boolean includeExpiration()

      • setIncludeExpiration

        public void setIncludeExpiration(boolean flag)
        Sets boolean flag to assert Expiration from WSCredential as an SAML attribute.
        Parameters:
        boolean - flag to assert Expiration from WSCredential as an SAML attribute.

      • includePrimaryGroupId

        public boolean includePrimaryGroupId()

      • setIncludePrimaryGroupId

        public void setIncludePrimaryGroupId(boolean flag)
        Sets boolean flag to assert PrimaryGroupId from WSCredential as an SAML attribute.
        Parameters:
        boolean - flag to assert PrimaryGroupId from WSCredential as an SAML attribute.

      • includeGroupIds

        public boolean includeGroupIds()

      • setIncludeGroupIds

        public void setIncludeGroupIds(boolean flag)
        Sets boolean flag to assert GroupIds from WSCredential as an SAML attribute.
        Parameters:
        boolean - flag to assert GroupIds from WSCredential as an SAML attribute.

      • includeHostName

        public boolean includeHostName()

      • setIncludeHostName

        public void setIncludeHostName(boolean flag)
        Sets boolean flag to assert HostName from WSCredential as an SAML attribute.
        Parameters:
        boolean - flag to assert HostName from WSCredential as an SAML attribute.

      • useUniqueSecurityName

        public boolean useUniqueSecurityName()

      • setUseUniqueSecurityName

        public void setUseUniqueSecurityName(boolean flag)
        Sets boolean flag to use UniqueSecurityName from WSCredential as NameID or NameIdentifier.
        Parameters:
        boolean - flag to use UniqueSecurityName from WSCredential as NameID or NameIdentifier.

      • getIssueMode

        public com.ibm.wsspi.wssecurity.saml.config.RequesterConfig.requestMode getIssueMode()

      • setIssueMode

        public void setIssueMode(com.ibm.wsspi.wssecurity.saml.config.RequesterConfig.requestMode mode)

      • getAudienceRestriction

        public boolean getAudienceRestriction()
        Returns:
        audience restriction

      • setAudienceRestriction

        public void setAudienceRestriction(boolean option)
        Parameters:
        option - a flag that indicates whether udience restriction should be created in a self issued SAML token.

      • isOnBehalfOfRequired

        public boolean isOnBehalfOfRequired()

      • setOnBehalfOfRequired

        public void setOnBehalfOfRequired(boolean option)

      • getOnBehalfOfTokenType

        public java.lang.String getOnBehalfOfTokenType()

      • setOnBehalfOfTokenType

        public void setOnBehalfOfTokenType(java.lang.String type)

      • getOnBehalfOfReIssue

        public boolean getOnBehalfOfReIssue()

      • setOnBehalfOfReIssue

        public void setOnBehalfOfReIssue(boolean option)

      • isActAsRequired

        public boolean isActAsRequired()

      • setActAsRequired

        public void setActAsRequired(boolean option)

      • getActAsTokenType

        public java.lang.String getActAsTokenType()

      • setActAsTokenType

        public void setActAsTokenType(java.lang.String type)

      • getActAsReIssue

        public boolean getActAsReIssue()

      • setActAsReIssue

        public void setActAsReIssue(boolean option)
IBM WebSphere Application ServerTM
Release 8.5