Overview  Package   Class  Tree  Serialized  Deprecated  Index  Help 
IBM WebSphereTM eXtreme Scale, Release 8.6
API Specification
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.ibm.websphere.objectgrid.security.plugins.builtins
Class WSTokenCredentialGenerator

java.lang.Object
  extended by com.ibm.websphere.objectgrid.security.plugins.builtins.WSTokenCredentialGenerator
All Implemented Interfaces:
CredentialGenerator
public class WSTokenCredentialGenerator
extends Object
implements CredentialGenerator

This class represents a credential generator when running in WebSphere Application Server.

When the getCredential() method is called, the Subject associated with the current thread is retrieved. The security information in this Subject object is converted into a WSTokenCredential. This credential object has enough information for the receiving side to rebuild the security context.

This scenario takes advantage of the fact that the ObjectGrid client has already been authenticated. Since application servers housing ObjectGrid servers are in the same security domain as the application servers housing the ObjectGrid clients, the security tokens can be propagated from the ObjectGrid client to the ObjectGrid server so there is no need to re-authenticate to the same user registry.

Users can specify whether to retrieve a runAs subject or a caller subject from the thread by using the RUN_AS_SUBJECT or CALLER_SUBJECT constant.

WSTokenCredentialGenerator has a one to many relationship with WSTokenCredential because it can generate different WSTokenCredential objects based on what Subject is associated with the current thread.

Since:
WAS XD 6.0.1, XC10
See Also:
WSTokenCredential

Field Summary
static int CALLER_SUBJECT
          A constant representing the caller Subject type
static String CALLER_SUBJECT_STRING
          A constant representing the caller Subject type
static int RUN_AS_SUBJECT
          A constant representing the runAs Subject type
static String RUN_AS_SUBJECT_STRING
          A constant representing the runAs Subject type
 
Constructor Summary
WSTokenCredentialGenerator()
          Creates a new WSTokenCredentialGenerator with a default runAs subject type.
WSTokenCredentialGenerator(int aType)
          Creates a new WSTokenCredentialGenerator with the specified subject type.
 
Method Summary
 Credential getCredential()
          Creates a new WSTokenCredential object using this object's using the security information from the Subject associated with the current thread.
 int getType()
          Gets the subject type.
 void setProperties(String properties)
          Sets additional properties namely the subject type.
 void setType(int aType)
          Sets the subject type, either RUN_AS_SUBJECT or CALLER_SUBJECT.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

RUN_AS_SUBJECT

public static final int RUN_AS_SUBJECT
A constant representing the runAs Subject type

See Also:
Constant Field Values

CALLER_SUBJECT

public static final int CALLER_SUBJECT
A constant representing the caller Subject type

See Also:
Constant Field Values

RUN_AS_SUBJECT_STRING

public static final String RUN_AS_SUBJECT_STRING
A constant representing the runAs Subject type

See Also:
Constant Field Values

CALLER_SUBJECT_STRING

public static final String CALLER_SUBJECT_STRING
A constant representing the caller Subject type

See Also:
Constant Field Values
Constructor Detail

WSTokenCredentialGenerator

public WSTokenCredentialGenerator()
Creates a new WSTokenCredentialGenerator with a default runAs subject type.

See Also:
RUN_AS_SUBJECT, setProperties(String), setType(int)

WSTokenCredentialGenerator

public WSTokenCredentialGenerator(int aType)
Creates a new WSTokenCredentialGenerator with the specified subject type.

A valid subject type is either RUN_AS_SUBJECT or CALLER_SUBJECT.

Parameters:
aType - either RUN_AS_SUBJECT or CALLER_SUBJECT
Throws:
IllegalArgumentException - if the specified type is invalid
See Also:
CALLER_SUBJECT, RUN_AS_SUBJECT
Method Detail

getCredential

public Credential getCredential()
                         throws CannotGenerateCredentialException
Creates a new WSTokenCredential object using this object's using the security information from the Subject associated with the current thread.

Specified by:
getCredential in interface CredentialGenerator
Returns:
a new WSTokenCredential instance
Throws:
CannotGenerateCredentialException - if an error occurs during retrieval of the Subject's security information, see the cause by exception for more information
See Also:
CredentialGenerator.getCredential(), WSTokenCredential

getType

public int getType()
Gets the subject type.

Returns:
the argument that was passed to the constructor or the setType(int) method, the value from the argument passed to the setProperties method, or the default value of RUN_AS_SUBJECT if the default constructor is used
See Also:
RUN_AS_SUBJECT, setProperties(String), setType(int)

setType

public void setType(int aType)
Sets the subject type, either RUN_AS_SUBJECT or CALLER_SUBJECT.

Parameters:
aType - the subject type
Throws:
IllegalArgumentException - if the specified type is invalid

setProperties

public void setProperties(String properties)
Sets additional properties namely the subject type.

Specified by:
setProperties in interface CredentialGenerator
Parameters:
properties - the property should be either RUN_AS_SUBJECT_STRING or CALLER_SUBJECT_STRING
Throws:
IllegalArgumentException - if properties is not one of the expected values
See Also:
CALLER_SUBJECT_STRING, RUN_AS_SUBJECT_STRING
Overview  Package   Class  Tree  Serialized  Deprecated  Index  Help 
IBM WebSphereTM eXtreme Scale, Release 8.6
API Specification
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
© Copyright International Business Machines Corp 2005,2012. All rights reserved.