com.ibm.wsspi.wssecurity.token

Class UsernameTokenConsumer

  • java.lang.Object
    • com.ibm.wsspi.wssecurity.token.UsernameTokenConsumer
  • All Implemented Interfaces:
    com.ibm.ws.webservices.wssecurity.WSSComponent, com.ibm.ws.webservices.wssecurity.WSSConsumerComponent, Initializable, TokenConsumerComponent


    public class UsernameTokenConsumer
    extends java.lang.Object
    implements TokenConsumerComponent
    Consumes the username token from the SOAP message and store it into the Subject of the current thread for the later use. It also creates a WSSAuthToken for later use in the WebSphere login process by WSSConsumerComponent.
    • Method Summary

      Methods 
      Modifier and Type Method and Description
      protected static java.util.Date checkNonce(org.w3c.dom.Element target, TokenConsumerConfig config, java.lang.String nsWsse, java.lang.String nsWsu, com.ibm.xml.soapsec.token.NonceManager nmanager)
      Checks the timestamp and nonce in the Username element.
      void init(java.util.Map map)
      Initializes this consumer with a TokenConsumerConfig object which is passed in by the map parameter.
      void invoke(org.w3c.dom.Node target, java.util.Map context)
      Consumes a username token in a SOAP message.
      protected static UsernameToken invokeLoginModule(TokenConsumerConfig config, java.lang.String username, char[] password, com.ibm.wsspi.webservices.rpc.handler.soap.SOAPMessageContext messageContext, java.util.Map context, boolean delayLogin)
      Invokes LoginModule through LoignContext.login() to create and validate a certificate object
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Field Detail

      • _DISABLE_REGISTRY_CHECK

        public static final java.lang.String _DISABLE_REGISTRY_CHECK
        See Also:
        Constant Field Values
    • Constructor Detail

      • UsernameTokenConsumer

        public UsernameTokenConsumer()
    • Method Detail

      • init

        public void init(java.util.Map map)
                  throws SoapSecurityException
        Initializes this consumer with a TokenConsumerConfig object which is passed in by the map parameter.
        Specified by:
        init in interface com.ibm.ws.webservices.wssecurity.WSSComponent
        Specified by:
        init in interface Initializable
        Parameters:
        map - A Map object which contains name-value pairs. These pairs includes a configuration object and <Property> elements in the configuration XMI files. In the map, the TokenConsumerConfig object is stored with a key of TokenConsumerConfig.CONFIG_KEY.
        Throws:
        SoapSecurityException - When there is a problem initializing the consumer
        See Also:
        Initializable.init(java.util.Map), TokenConsumerConfig
      • invoke

        public void invoke(org.w3c.dom.Node target,
                  java.util.Map context)
                    throws SoapSecurityException
        Consumes a username token in a SOAP message. The username string and password char array are retrieved from the target element and passed into the UsernameLoginModule. The login module will create the UsernameToken object and put it into the Subject of the current thread. It also creates a WSSAuthToken if authentication is required with this token.

        Note: We do not support "#PassowrdDigest" because WebSphere runtime is not capable of accepting a digest value of password to return the login result.

        Specified by:
        invoke in interface com.ibm.ws.webservices.wssecurity.WSSConsumerComponent
        Parameters:
        target - The element to be consumed or the Document object
        context - A Map object which contains necessary name-value pairs, such as a Subject object.
        Throws:
        SoapSecurityException - When there is a problem during consuming the username token
        See Also:
        WSSConsumerComponent.invoke(org.w3c.dom.Node, java.util.Map)
      • invokeLoginModule

        protected static UsernameToken invokeLoginModule(TokenConsumerConfig config,
                                      java.lang.String username,
                                      char[] password,
                                      com.ibm.wsspi.webservices.rpc.handler.soap.SOAPMessageContext messageContext,
                                      java.util.Map context,
                                      boolean delayLogin)
                                                  throws SoapSecurityException
        Invokes LoginModule through LoignContext.login() to create and validate a certificate object
        Throws:
        SoapSecurityException
      • checkNonce

        protected static java.util.Date checkNonce(org.w3c.dom.Element target,
                                TokenConsumerConfig config,
                                java.lang.String nsWsse,
                                java.lang.String nsWsu,
                                com.ibm.xml.soapsec.token.NonceManager nmanager)
                                            throws SoapSecurityException
        Checks the timestamp and nonce in the Username element.
        Throws:
        SoapSecurityException
IBM WebSphere Application ServerTM
Release 8.5