public class SAMLGenerateCallback
extends java.lang.Object
implements javax.security.auth.callback.Callback
SAMLToken
,
SAMLTokenFactory
Constructor and Description |
---|
SAMLGenerateCallback() |
Modifier and Type | Method and Description |
---|---|
boolean |
cacheToken()
Returns the flag that indicates whether SAML should be cached.
|
java.lang.String |
getAlias()
Returns the alias name of the private key for the SAML token requester.
|
java.lang.String |
getAppliesTo()
Returns AppliesTo.
|
java.util.ArrayList<com.ibm.wsspi.wssecurity.saml.data.SAMLAttribute> |
getAttributes()
Returns ArrayList
|
boolean |
getAudienceRestriction() |
java.lang.String |
getAuthenticationMethod()
Returns the AuthenticationMethod to be used when self-issuing a SAML token.
|
long |
getCacheCushion()
Returns the value in milliseconds for the cacheCushion.
|
java.util.List<java.security.cert.CertStore> |
getCertStores()
Returns the list of certificate stores that are available.
|
long |
getClockSkew()
Returns the time in milliseconds that is allowed for clock skew between the token
issuer and the consumer.
|
java.lang.String |
getConfirmationMethod()
Returns the ConfirmationMethod to be used when requesting/generating a SAML token.
|
com.ibm.wsspi.wssecurity.saml.config.RequesterConfig.requestMode |
getIssueMode() |
java.lang.String |
getKeyName()
Returns the name of the key.
|
char[] |
getKeyPassword()
Returns the password for recovering the key.
|
java.lang.String |
getKeySize()
Returns the key size for the SecretKey, "http://docs.oasis-open.org/ws-sx/ws-trust/200512/SymmetricKey"
|
char[] |
getKeyStorePassword()
Returns the password used for the SAML token requester's keyStore.
|
java.lang.String |
getKeyStorePath()
Returns the file path from which the keyStore for the SAML token requester is loaded.
|
java.lang.String |
getKeyStoreReference()
Returns the reference name of the keyStore used by the requesting entity
for the creation of SAML tokens.
|
java.lang.String |
getKeyStoreType()
Returns the type of the keyStore used by the SAML token requester.
|
java.lang.String |
getKeyType()
Returns the name of Key Type to be used for the Subject confirmation for a SAML a SAML token
requester.
|
java.lang.String |
getNameId()
Return the specified SAML token name identifier to be generated
|
java.util.Map<java.lang.String,java.lang.String> |
getRSTTProperties()
Return WS-Trust request parameters as defined in RSTT
|
java.lang.String |
getSSLConfigUrl()
Returns SSLConfiguration location .
|
java.lang.String |
getStsBinding()
Returns the name for the policySet binding used by the WS-Trust client
|
java.lang.String |
getStsBindingScope()
Return the binding scope for WS-Trust client, and it is either "domain" or "application".
|
java.lang.String |
getStsPolicy()
Returns the policySet name for WS-Trust client
|
java.lang.String |
getStsSoapVersion()
Returns the SOAP version for the WS-Trust client
|
java.lang.String |
getStsURI()
Returns the URL of SecurityTokenService (issuer of the SAML token)
|
java.lang.String |
getTargetServiceAlias()
Returns the target service's Cetificate alias
|
java.lang.String |
getTokenRequest()
Returns the name of the token request method.
|
java.lang.String |
getTokenType()
Return the required TokenType to be generated
|
java.lang.String |
getUsekeyType()
Returns the Usekey keyInfoType
|
WSSConsumingContext |
getWSSConsumingContext()
Gets WSSConsumingContext object.
|
WSSGenerationContext |
getWSSGenerationContext()
Returns WSSGenerationContext object.
|
java.lang.String |
getWSTrustNamespace()
Return the WS-Trust namespace used in the SOAP communication with the Security Token provider.
|
boolean |
includeCredentialToken() |
boolean |
includeExpiration() |
boolean |
includeGroupIds() |
boolean |
includeHostName() |
boolean |
includeOID() |
boolean |
includePrimaryGroupId() |
boolean |
includeRealmName() |
boolean |
includeSecurityName() |
boolean |
includeUniqueSecurityName() |
boolean |
isCollectionRequest() |
boolean |
isFailOverToTokenRequest()
Returns an indication of whether to request a new SAML token if
the SAML token provided in the RequestContext is not valid.
|
boolean |
isSignatureRequired()
Returns the flag that indicates whether SAML should be signed by SAML token provider
|
void |
setAlias(java.lang.String alias)
Sets the alias of private key for the SAML token requester.
|
void |
setAppliesTo(java.lang.String uri) |
void |
setAttributes(java.util.ArrayList<com.ibm.wsspi.wssecurity.saml.data.SAMLAttribute> attrs)
Sets ArrayList
|
void |
setAudienceRestriction(boolean option) |
void |
setAuthenticationMethod(java.lang.String method)
Sets the AuthenticationMethod to be used when self-issuing a SAML token
|
void |
setCacheCushion(long time)
Sets the value in milliseconds for the cacheCushion.
|
void |
setCacheToken(boolean option)
Sets the flag that indicates whether SAML should be cached
|
void |
setCertStores(java.util.List<java.security.cert.CertStore> certStores)
Sets the list of certificate stores.
|
void |
setClockSkew(long time)
Sets the time in milliseconds that is allowed for clock skew between the token
issuer and the consumer.
|
void |
setCollectionRequest(boolean collectionRequest) |
void |
setConfirmationMethod(java.lang.String method)
Sets the type of Subject ConfirmationMethod to be used by the token requester.
|
void |
setFailOverToTokenRequest(boolean option)
Sets the flag that indicates whether to request a new SAML token if SAMLToken
from RequestContext is invalid
|
void |
setIncludeCredentialToken(boolean flag)
Sets boolean flag to assert CredentialToken from WSCredential as an SAML attribute.
|
void |
setIncludeExpiration(boolean flag)
Sets boolean flag to assert Expiration from WSCredential as an SAML attribute.
|
void |
setIncludeGroupIds(boolean flag)
Sets boolean flag to assert GroupIds from WSCredential as an SAML attribute.
|
void |
setIncludeHostName(boolean flag)
Sets boolean flag to assert HostName from WSCredential as an SAML attribute.
|
void |
setIncludeOID(boolean flag)
Sets boolean flag to assert OID from WSCredential as an SAML attribute.
|
void |
setIncludePrimaryGroupId(boolean flag)
Sets boolean flag to assert PrimaryGroupId from WSCredential as an SAML attribute.
|
void |
setIncludeRealmName(boolean flag)
Sets boolean flag to assert realm from WSCredential as an SAML attribute.
|
void |
setIncludeSecurityName(boolean flag)
Sets boolean flag to assert SecurityName from WSCredential as an SAML attribute.
|
void |
setIncludeUniqueSecurityName(boolean flag)
Sets boolean flag to assert UniqueSecurityName from WSCredential as an SAML attribute.
|
void |
setIsSignatureRequired(boolean option)
Sets the flag that indicates whether SAML should be signed by SAML token provider
|
void |
setIssueMode(com.ibm.wsspi.wssecurity.saml.config.RequesterConfig.requestMode mode) |
void |
setKeyName(java.lang.String keyName)
Sets the name of the key.
|
void |
setKeyPassword(char[] keyPassword)
Sets the password for recovering the key.
|
void |
setKeySize(java.lang.String size)
Sets the key size for the Secret Key
|
void |
setKeyStorePassword(char[] storePassword)
Sets the password value for the keyStore used by the SAML token requester.
|
void |
setKeyStorePath(java.lang.String storePath)
Sets the file path from which the keyStore for the SAML token requester is loaded.
|
void |
setKeyStoreReference(java.lang.String storeRef)
Sets the reference name of the keyStore.
|
void |
setKeyStoreType(java.lang.String storeType)
Sets the type of the keyStore to be used by the SAML token requester.
|
void |
setKeyType(java.lang.String type)
Sets the name of key type.
|
void |
setNameId(java.lang.String userid)
Set the SAML Token Name Identifier.
|
void |
setRSTTProperties(java.util.Map<java.lang.String,java.lang.String> rstt)
Set RSTT for WS-Trust request
|
void |
setSSLConfigUrl(java.lang.String location)
Sets SSLConfigUrl object.
|
void |
setStsBinding(java.lang.String policySet)
Sets the name of WS-Trust client bindings.
|
void |
setStsBindingScope(java.lang.String scope)
Sets the binding scope for WS-Trust client, and it could be set to "domain" or "application".
|
void |
setStsPolicy(java.lang.String policySet)
Sets the name of WS-Trust client policy set.
|
void |
setStsSoapVersion(java.lang.String version)
Sets the required SOAP version of WS-Trust client
|
void |
setStsURI(java.lang.String uri)
Sets the URL name of SecurityTokenservice (token issuer).
|
void |
setTargetserviceAlias(java.lang.String alias)
Set the target service's Cetificate alias
|
void |
setTokenRequest(java.lang.String requestMode)
Sets the SAMLToken request method, "issue", "propagation", or "issueByWSPrincipal"
|
void |
setTokenType(java.lang.String tokenType)
Set the required TokenType.
|
void |
setUseKeyType(java.lang.String type)
Set the Usekey keyInfoType
|
void |
setUseUniqueSecurityName(boolean flag)
Sets boolean flag to use UniqueSecurityName from WSCredential as NameID or NameIdentifier.
|
void |
setWSSConsumingContext(WSSConsumingContext concont)
Sets WSSConsumingContext object.
|
void |
setWSSGenerationContext(WSSGenerationContext gencont)
Sets WSSGenerationContext object.
|
void |
setWSTrustNamespace(java.lang.String wstNamespace)
Set WS-Trust namespace used in the SOAP communication with the Security Token provider.
|
boolean |
useUniqueSecurityName() |
public java.lang.String getKeyStoreReference()
public void setKeyStoreReference(java.lang.String storeRef)
storeRef
- reference name of the keyStore used by the requesting entity
for the creation of SAML tokens.public java.lang.String getKeyStorePath()
public void setKeyStorePath(java.lang.String storePath)
storePath
- path of the keyStore.public java.lang.String getKeyStoreType()
public void setKeyStoreType(java.lang.String storeType)
storeType
- a string for the keyStore type used.public char[] getKeyStorePassword()
public java.lang.String getConfirmationMethod()
public java.lang.String getAuthenticationMethod()
public java.lang.String getStsPolicy()
public java.lang.String getStsBinding()
public java.lang.String getStsURI()
public java.lang.String getKeyType()
public java.lang.String getKeySize()
public java.lang.String getStsSoapVersion()
public boolean isFailOverToTokenRequest()
public void setKeyStorePassword(char[] storePassword)
storePassword
- character array for the password used to check the integrity of the
keyStore or the password used to unlock the keyStorepublic java.lang.String getAlias()
public void setAlias(java.lang.String alias)
alis
- string alias name.public char[] getKeyPassword()
public void setKeyPassword(char[] keyPassword)
keyPassword
- character array for the password used to recover the key.public java.lang.String getKeyName()
public void setKeyName(java.lang.String keyName)
keyName
- name of the keypublic java.util.List<java.security.cert.CertStore> getCertStores()
public java.lang.String getTokenRequest()
public void setCertStores(java.util.List<java.security.cert.CertStore> certStores)
certStores
- list of certificate storespublic void setConfirmationMethod(java.lang.String method)
method
- a string identifying the Subject ConfirmationMethod.public void setAuthenticationMethod(java.lang.String method)
method
- a string identifying the AuthenticationMethod.public void setStsPolicy(java.lang.String policySet)
the
- name of WS-Trust client policy set.public void setStsBinding(java.lang.String policySet)
policySet
- the name of WS-Trust client bindings.public void setStsURI(java.lang.String uri)
uri
- the URI name of the Security Token Service (STS).public void setKeyType(java.lang.String type)
the
- name of key type.public void setKeySize(java.lang.String size)
size
- the key size of Secret Key.public void setStsSoapVersion(java.lang.String version)
version
- the required SOAP version for WS-Trust clientpublic void setTokenRequest(java.lang.String requestMode)
requestMode
- a string for the SAMLToken request mode.public void setStsBindingScope(java.lang.String scope)
scope
- the binding scope for WS-Trust client, and it is either "domain" or "application".public java.lang.String getStsBindingScope()
public java.lang.String getWSTrustNamespace()
public void setWSTrustNamespace(java.lang.String wstNamespace)
wstNamespace
- the WS-Trust NameSpace, it is "http://schemas.xmlsoap.org/ws/2005/02/trust" for ws-trust 1.2,
or "http://docs.oasis-open.org/ws-sx/ws-trust/200512" for ws-trust 1.3public boolean isCollectionRequest()
public void setCollectionRequest(boolean collectionRequest)
public java.util.Map<java.lang.String,java.lang.String> getRSTTProperties()
public void setRSTTProperties(java.util.Map<java.lang.String,java.lang.String> rstt)
WS-Trust
- RSTT parameterspublic void setFailOverToTokenRequest(boolean option)
option
- a flag that indicates whether to request a new SAML token if incoming SAMLToken becomes invalid.public boolean isSignatureRequired()
public void setIsSignatureRequired(boolean option)
option
- a flag that indicates whether the SAML token should be signed by SAML token provider.public boolean cacheToken()
public long getCacheCushion()
public void setCacheToken(boolean option)
option
- a flag that indicates whether the SAML token should be cached.public void setCacheCushion(long time)
time
- the time limit in milliseconds.public java.lang.String getTargetServiceAlias()
public void setTargetserviceAlias(java.lang.String alias)
the
- target service's Cetificate aliaspublic java.lang.String getUsekeyType()
public void setUseKeyType(java.lang.String type)
the
- Usekey keyInfoTypepublic long getClockSkew()
public void setClockSkew(long time)
time
- a long integer representing time for the clockSkew value in milliseconds.public java.lang.String getTokenType()
public void setTokenType(java.lang.String tokenType)
tokenType
- which is a String represents the required TokenTypepublic java.lang.String getNameId()
public void setNameId(java.lang.String userid)
userid
- which is a String represents the SAML Token name identifierpublic WSSConsumingContext getWSSConsumingContext()
public void setWSSConsumingContext(WSSConsumingContext concont)
concont
- WSSConsumingContext objectpublic WSSGenerationContext getWSSGenerationContext()
public void setWSSGenerationContext(WSSGenerationContext gencont)
gencont
- WSSGenerationContext objectpublic java.lang.String getSSLConfigUrl()
public void setSSLConfigUrl(java.lang.String location)
SSLConfigUrl
- objectpublic java.lang.String getAppliesTo()
public void setAppliesTo(java.lang.String uri)
public java.util.ArrayList<com.ibm.wsspi.wssecurity.saml.data.SAMLAttribute> getAttributes()
public void setAttributes(java.util.ArrayList<com.ibm.wsspi.wssecurity.saml.data.SAMLAttribute> attrs)
ArrayList
- objectpublic boolean includeRealmName()
public void setIncludeRealmName(boolean flag)
boolean
- flag to assert realm from WSCredential as an SAML attribute.public boolean includeSecurityName()
public void setIncludeSecurityName(boolean flag)
boolean
- flag to assert SecurityName from WSCredential as an SAML attribute.public boolean includeUniqueSecurityName()
public void setIncludeUniqueSecurityName(boolean flag)
boolean
- flag to assert UniqueSecurityName from WSCredential as an SAML attribute.public boolean includeCredentialToken()
public void setIncludeCredentialToken(boolean flag)
boolean
- flag to assert CredentialToken from WSCredential as an SAML attribute.public boolean includeOID()
public void setIncludeOID(boolean flag)
boolean
- flag to assert OID from WSCredential as an SAML attribute.public boolean includeExpiration()
public void setIncludeExpiration(boolean flag)
boolean
- flag to assert Expiration from WSCredential as an SAML attribute.public boolean includePrimaryGroupId()
public void setIncludePrimaryGroupId(boolean flag)
boolean
- flag to assert PrimaryGroupId from WSCredential as an SAML attribute.public boolean includeGroupIds()
public void setIncludeGroupIds(boolean flag)
boolean
- flag to assert GroupIds from WSCredential as an SAML attribute.public boolean includeHostName()
public void setIncludeHostName(boolean flag)
boolean
- flag to assert HostName from WSCredential as an SAML attribute.public boolean useUniqueSecurityName()
public void setUseUniqueSecurityName(boolean flag)
boolean
- flag to use UniqueSecurityName from WSCredential as NameID or NameIdentifier.public com.ibm.wsspi.wssecurity.saml.config.RequesterConfig.requestMode getIssueMode()
public void setIssueMode(com.ibm.wsspi.wssecurity.saml.config.RequesterConfig.requestMode mode)
public boolean getAudienceRestriction()
public void setAudienceRestriction(boolean option)
option
- a flag that indicates whether udience restriction should be created in a
self issued SAML token.