com.ibm.wsspi.wssecurity.token

Class UsernameTokenConsumer

  1. java.lang.Object
  2. extended bycom.ibm.wsspi.wssecurity.token.UsernameTokenConsumer
All implemented interfaces:
com.ibm.ws.webservices.wssecurity.WSSComponent, com.ibm.ws.webservices.wssecurity.WSSConsumerComponent, Initializable, TokenConsumerComponent

  1. public class UsernameTokenConsumer
  2. extends java.lang.Object
  3. implements TokenConsumerComponent
Consumes the username token from the SOAP message and store it into the Subject of the current thread for the later use. It also creates a WSSAuthToken for later use in the WebSphere login process by WSSConsumerComponent.

Field Summary

Modifier and Type Field and Description
  1. static
  2. java.lang.String
_DISABLE_REGISTRY_CHECK

Constructor Summary

Constructor and Description
UsernameTokenConsumer()

Method Summary

Modifier and Type Method and Description
  1. protected static
  2. java.util.Date
checkNonce(org.w3c.dom.Element target,TokenConsumerConfig config,java.lang.String nsWsse,java.lang.String nsWsu,com.ibm.xml.soapsec.token.NonceManager nmanager)
Checks the timestamp and nonce in the Username element.
  1. void
init(java.util.Map map)
Initializes this consumer with a TokenConsumerConfig object which is passed in by the map parameter.
  1. void
invoke(org.w3c.dom.Node target,java.util.Map context)
Consumes a username token in a SOAP message.
  1. protected static
  2. UsernameToken
invokeLoginModule(TokenConsumerConfig config,java.lang.String username,char[] password,com.ibm.wsspi.webservices.rpc.handler.soap.SOAPMessageContext messageContext,java.util.Map context,boolean delayLogin)
Invokes LoginModule through LoignContext.login() to create and validate a certificate object
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

_DISABLE_REGISTRY_CHECK

  1. public static final java.lang.String _DISABLE_REGISTRY_CHECK
See Also:

Constructor Detail

UsernameTokenConsumer

  1. public UsernameTokenConsumer()

Method Detail

init

  1. public void init(java.util.Map map)
  2. throws SoapSecurityException
Initializes this consumer with a TokenConsumerConfig object which is passed in by the map parameter.
Specified by:
init in interface com.ibm.ws.webservices.wssecurity.WSSComponent
Specified by:
init in interface Initializable
Parameters:
map - A Map object which contains name-value pairs. These pairs includes a configuration object and <Property> elements in the configuration XMI files. In the map, the TokenConsumerConfig object is stored with a key of TokenConsumerConfig.CONFIG_KEY.
Throws:
SoapSecurityException - When there is a problem initializing the consumer
See Also:

invoke

  1. public void invoke(org.w3c.dom.Node target,
  2. java.util.Map context)
  3. throws SoapSecurityException
Consumes a username token in a SOAP message. The username string and password char array are retrieved from the target element and passed into the UsernameLoginModule. The login module will create the UsernameToken object and put it into the Subject of the current thread. It also creates a WSSAuthToken if authentication is required with this token.

Note: We do not support "#PassowrdDigest" because WebSphere runtime is not capable of accepting a digest value of password to return the login result.

Specified by:
invoke in interface com.ibm.ws.webservices.wssecurity.WSSConsumerComponent
Parameters:
target - The element to be consumed or the Document object
context - A Map object which contains necessary name-value pairs, such as a Subject object.
Throws:
SoapSecurityException - When there is a problem during consuming the username token
See Also:
WSSConsumerComponent.invoke(org.w3c.dom.Node, java.util.Map)

invokeLoginModule

  1. protected static UsernameToken invokeLoginModule( TokenConsumerConfig config,
  2. java.lang.String username,
  3. char[] password,
  4. com.ibm.wsspi.webservices.rpc.handler.soap.SOAPMessageContext messageContext,
  5. java.util.Map context,
  6. boolean delayLogin)
  7. throws SoapSecurityException
Invokes LoginModule through LoignContext.login() to create and validate a certificate object
Throws:

checkNonce

  1. protected static java.util.Date checkNonce( org.w3c.dom.Element target,
  2. TokenConsumerConfig config,
  3. java.lang.String nsWsse,
  4. java.lang.String nsWsu,
  5. com.ibm.xml.soapsec.token.NonceManager nmanager)
  6. throws SoapSecurityException
Checks the timestamp and nonce in the Username element.
Throws: