PicketLink Federation Core 2.1.6.Final-redhat-2

org.picketlink.identity.federation.core.wstrust
Class PicketLinkSTSConfiguration

java.lang.Object
  extended by org.picketlink.identity.federation.core.wstrust.PicketLinkSTSConfiguration
All Implemented Interfaces:
STSCoreConfig, STSConfiguration

public class PicketLinkSTSConfiguration
extends Object
implements STSConfiguration

Standard JBoss STS configuration implementation.

Author:
Stefan Guilhen, Anil Saldhana

Constructor Summary
PicketLinkSTSConfiguration()
           Creates an instance of PicketLinkSTSConfiguration with default configuration values.
PicketLinkSTSConfiguration(STSType config)
           Creates an instance of PicketLinkSTSConfiguration with the specified configuration.
 
Method Summary
 void addTokenProvider(String key, SecurityTokenProvider provider)
          Allows you to add a token provider to handle a particular namespace
 void copy(STSCoreConfig thatConfig)
           
 boolean encryptIssuedToken()
           Indicates whether the issued token should be encrypted or not.
 Certificate getCertificate(String alias)
           Obtains the certificate identified by the specified alias.
 ClaimsProcessor getClaimsProcessor(String claimsDialect)
           Obtains the ClaimsProcessor that must be used to handle claims of the specified dialect.
 long getIssuedTokenTimeout()
           Obtains the timeout value (in milliseconds) for issued tokens.
 SecurityTokenProvider getProviderForService(String serviceName)
           Given the name of a service provider, obtains the provider that must be used when issuing tokens to clients of that service.
 SecurityTokenProvider getProviderForTokenElementNS(String family, QName tokenQName)
           Obtains the token provider that can handle tokens that have the specified local name and namespace.
 SecurityTokenProvider getProviderForTokenType(String tokenType)
           Given a token type, obtains the token provider that should be used to handle token requests of that type.
 List<SecurityTokenProvider> getProvidersByFamily(String familyName)
          Get a list of SecurityTokenProvider that belong to a family
 WSTrustRequestHandler getRequestHandler()
           Obtains the WS-Trust request handler class.
 PublicKey getServiceProviderPublicKey(String serviceName)
           Obtains the public key of the specified service provider.
 KeyPair getSTSKeyPair()
           Obtains a reference to the KeyPair object that contains the STS PrivateKey and PublicKey.
 String getSTSName()
           Obtains the unique name of the secure token service.
 List<SecurityTokenProvider> getTokenProviders()
          Get an unmodifiable list of token providers
 String getTokenTypeForService(String serviceName)
           Given the name of a service provider, obtains the type of the token that should be used when issuing tokens to clients of that service.
 String getXMLDSigCanonicalizationMethod()
           Returns the configured canonicalization method.
 void removeTokenProvider(String key)
          Remove a token provider with the passed key
 boolean signIssuedToken()
           Indicates whether the issued token should be digitally signed or not.
 String toString()
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Constructor Detail

PicketLinkSTSConfiguration

public PicketLinkSTSConfiguration()

Creates an instance of PicketLinkSTSConfiguration with default configuration values.


PicketLinkSTSConfiguration

public PicketLinkSTSConfiguration(STSType config)

Creates an instance of PicketLinkSTSConfiguration with the specified configuration.

Parameters:
config - a reference to the object that holds the configuration of the STS.
Method Detail

getSTSName

public String getSTSName()
Description copied from interface: STSCoreConfig

Obtains the unique name of the secure token service.

Specified by:
getSTSName in interface STSCoreConfig
Returns:
a String representing the STS name.

encryptIssuedToken

public boolean encryptIssuedToken()
Description copied from interface: STSCoreConfig

Indicates whether the issued token should be encrypted or not.

Specified by:
encryptIssuedToken in interface STSCoreConfig
Returns:
true if the issued token is to be encrypted; false otherwise.

signIssuedToken

public boolean signIssuedToken()
Description copied from interface: STSCoreConfig

Indicates whether the issued token should be digitally signed or not.

Specified by:
signIssuedToken in interface STSCoreConfig
Returns:
true if the issued token is to be signed; false otherwise.

getIssuedTokenTimeout

public long getIssuedTokenTimeout()
Description copied from interface: STSCoreConfig

Obtains the timeout value (in milliseconds) for issued tokens.

Specified by:
getIssuedTokenTimeout in interface STSCoreConfig
Returns:
the token timeout value.

getRequestHandler

public WSTrustRequestHandler getRequestHandler()
Description copied from interface: STSConfiguration

Obtains the WS-Trust request handler class.

Specified by:
getRequestHandler in interface STSConfiguration
Returns:
a reference to the configured WSTrustRequestHandler.

getProviderForService

public SecurityTokenProvider getProviderForService(String serviceName)
Description copied from interface: STSCoreConfig

Given the name of a service provider, obtains the provider that must be used when issuing tokens to clients of that service. When requesting a token to the STS, a client can specify the service it needs the token for using the AppliesTo element. Based on the service provider name, the STS identifies the type of the token that is to be issued and then selects the appropriate token provider to handle the request.

Specified by:
getProviderForService in interface STSCoreConfig
Parameters:
serviceName - the name of the service provider that requires a token from its clients.
Returns:
a reference to the SecurityTokenProvider that must be used in order to issue tokens to clients of the specified service.

getProviderForTokenType

public SecurityTokenProvider getProviderForTokenType(String tokenType)
Description copied from interface: STSCoreConfig

Given a token type, obtains the token provider that should be used to handle token requests of that type. When a client doesn't specify the service provider name through the AppliesTo element, it must specify the token type through the TokenType element. The STS uses the supplied type to select the appropriate token provider.

Specified by:
getProviderForTokenType in interface STSCoreConfig
Parameters:
tokenType - a String representing the type of the token.
Returns:
a reference to the SecurityTokenProvider that must be used to handle token requests of the specified type.

getProviderForTokenElementNS

public SecurityTokenProvider getProviderForTokenElementNS(String family,
                                                          QName tokenQName)
Description copied from interface: STSCoreConfig

Obtains the token provider that can handle tokens that have the specified local name and namespace. When a validate, renew, or cancel request is made, the token type is not set in the WS-Trust request. In these cases the SecurityTokenProvider must be determined using the security token itself.

Specified by:
getProviderForTokenElementNS in interface STSCoreConfig
Parameters:
family - a String representing the family
tokenQName - a QName representing the token element namespace. (e.g. urn:oasis:names:tc:SAML:2.0:assertion).
Returns:
a reference to the SecurityTokenProvider that must be used to handle the request that contains only the security token.
See Also:
STSCoreConfig.getProviderForTokenElementNS(java.lang.String, javax.xml.namespace.QName)

getClaimsProcessor

public ClaimsProcessor getClaimsProcessor(String claimsDialect)
Description copied from interface: STSConfiguration

Obtains the ClaimsProcessor that must be used to handle claims of the specified dialect.

Specified by:
getClaimsProcessor in interface STSConfiguration
Parameters:
claimsDialect - a String representing the claims dialect (usually a URL).
Returns:
the ClaimsProcessor to be used, or null if no processor could be found for the dialect.

getTokenTypeForService

public String getTokenTypeForService(String serviceName)
Description copied from interface: STSCoreConfig

Given the name of a service provider, obtains the type of the token that should be used when issuing tokens to clients of that service.

Specified by:
getTokenTypeForService in interface STSCoreConfig
Parameters:
serviceName - the name of the service provider that requires a token from its clients.
Returns:
a String representing the type of the token that suits the specified service.

getServiceProviderPublicKey

public PublicKey getServiceProviderPublicKey(String serviceName)
Description copied from interface: STSCoreConfig

Obtains the public key of the specified service provider. The returned key is used to encrypt issued tokens.

Specified by:
getServiceProviderPublicKey in interface STSCoreConfig
Parameters:
serviceName - the name of the service provider (normally the provider URL).
Returns:
a reference to the provider's PublicKey

getSTSKeyPair

public KeyPair getSTSKeyPair()
Description copied from interface: STSCoreConfig

Obtains a reference to the KeyPair object that contains the STS PrivateKey and PublicKey.

Specified by:
getSTSKeyPair in interface STSCoreConfig
Returns:
a reference to the STS KeyPair.

getCertificate

public Certificate getCertificate(String alias)
Description copied from interface: STSCoreConfig

Obtains the certificate identified by the specified alias.

Specified by:
getCertificate in interface STSCoreConfig
Parameters:
alias - the alias associated with the certificate in the keystore.
Returns:
the Certificate obtained from the keystore, or null if no certificate was found.

getXMLDSigCanonicalizationMethod

public String getXMLDSigCanonicalizationMethod()
Description copied from interface: STSConfiguration

Returns the configured canonicalization method.

NOTE: Defaults to javax.xml.crypto.dsig.CanonicalizationMethod.EXCLUSIVE_WITH_COMMENTS

Specified by:
getXMLDSigCanonicalizationMethod in interface STSConfiguration
Returns:
See Also:
STSConfiguration.getXMLDSigCanonicalizationMethod()

addTokenProvider

public void addTokenProvider(String key,
                             SecurityTokenProvider provider)
Description copied from interface: STSCoreConfig
Allows you to add a token provider to handle a particular namespace

Specified by:
addTokenProvider in interface STSCoreConfig
See Also:
STSCoreConfig#addTokenProvider(String, SecurityTokenProvider)}

removeTokenProvider

public void removeTokenProvider(String key)
Description copied from interface: STSCoreConfig
Remove a token provider with the passed key

Specified by:
removeTokenProvider in interface STSCoreConfig
See Also:
STSCoreConfig#removeTokenProvider(String)}

getTokenProviders

public List<SecurityTokenProvider> getTokenProviders()
Description copied from interface: STSCoreConfig
Get an unmodifiable list of token providers

Specified by:
getTokenProviders in interface STSCoreConfig
Returns:
See Also:
STSCoreConfig.getTokenProviders()

getProvidersByFamily

public List<SecurityTokenProvider> getProvidersByFamily(String familyName)
Description copied from interface: STSCoreConfig
Get a list of SecurityTokenProvider that belong to a family

Specified by:
getProvidersByFamily in interface STSCoreConfig
Returns:
See Also:
STSCoreConfig.getProvidersByFamily(java.lang.String)

copy

public void copy(STSCoreConfig thatConfig)
Specified by:
copy in interface STSCoreConfig
See Also:
STSCoreConfig.copy(org.picketlink.identity.federation.core.sts.STSCoreConfig)

toString

public String toString()
Overrides:
toString in class Object

PicketLink Federation Core 2.1.6.Final-redhat-2

Copyright © 2013 JBoss by Red Hat. All Rights Reserved.