IBM WebSphere Application ServerTM
Release 8

com.ibm.websphere.wssecurity.callbackhandler
Class GenericIssuedTokenConsumeCallback

java.lang.Object
  extended by com.ibm.websphere.wssecurity.callbackhandler.GenericIssuedTokenConsumeCallback
All Implemented Interfaces:
javax.security.auth.callback.Callback

public class GenericIssuedTokenConsumeCallback
extends java.lang.Object
implements javax.security.auth.callback.Callback

This is a Callback class used to collect configuration data associated with the consumer of an incoming generic issued token. It is important to note that an incoming generic token (inbound request) is validated against a SecurityTokenService using WS-Trust Validate.


Field Summary
 java.lang.String[] validateTargets
           
 
Constructor Summary
GenericIssuedTokenConsumeCallback()
           
 
Method Summary
 boolean enforceConfirmationMethodInTokenExchange()
          Returns the option to check the receiving SAML subject confirmation method if SAMLToken has been exchanged.
 java.lang.String getAlias()
          Returns the alias name used by the consumer of the SAML token in its keyStore.
 java.lang.String getConfirmationMethod()
          Returns the ConfirmationMethod to be used when requesting/generating a SAML token.
 java.lang.String getExchangedTokenType()
           
 java.lang.String getIssuer()
          Return the token issuer name.
 java.lang.String getKeyName()
          Returns the name of the key used by the token consumer.
 char[] getKeyPassword()
          Returns the password for recovering the key.
 char[] getKeyStorePassword()
          Returns the password for the keyStore used by the consumer of the SAML token.
 java.lang.String getKeyStorePath()
          Returns the file path for the keyStore used by the consumer of the SAML token.
 java.lang.String getKeyStoreReference()
          Returns the reference name of the keyStore used by the token consumer (e.g. a service).
 java.lang.String getKeyStoreType()
          Returns the type of the keyStore used by the consumer of the SAML token.
 java.util.Map<java.lang.String,java.lang.String> getProperties()
          Return WS-Trust request parameters as defined in RSTT
 java.lang.String getStsBinding()
          Returns the name for the policySet binding used by the WS-Trust client's Issue or Validate operation.
 java.lang.String getStsBindingScope()
          Return the binding scope for WS-Trust client, and it is either "domain" or "application".
 java.lang.String getStsPolicy()
          Returns the policySet name for WS-Trust client's Issue or Validate operation.
 java.lang.String getStsSoapVersion()
          Returns the SOAP version for the WS-Trust client.
 java.lang.String getStsURI()
          Returns the URL of SecurityTokenService that issues SecurityToken.
 java.lang.String getStsValidateBinding()
          Returns the name for the policySet binding used by the WS-Trust client's Validate operation.
 java.lang.String getStsValidatePolicy()
          Returns the policySet name for WS-Trust client's Validate operation.
 java.util.ArrayList<java.lang.String[]> getTrustedIssuers()
           
 java.lang.String getValidateTarget()
          Return the optional flag that indicate how to pass validation target to STS.
 java.lang.String getWstNamespace()
          Return the WS-Trust namespace used in the SOAP communication with the Security Token provider.
 boolean isCollectionRequest()
           
 void setAlias(java.lang.String alias)
          Sets the key alias name in the consumer's keyStore.
 void setCollectionRequest(boolean collectionRequest)
           
 void setConfirmationMethod(java.lang.String method)
          Sets the type of Subject ConfirmationMethod to be used by the token requester.
 void setEnforceConfirmationMethodInTokenExchange(boolean option)
          Sets the option to check the receiving SAML subject confirmation method if SAMLToken has been exchanged.
 void setExchangedTokenType(java.lang.String type)
           
 void setIssuer(java.lang.String issuer)
          Set token issuer name.
 void setKeyName(java.lang.String keyName)
          Sets the name of the key used by the token consumer.
 void setKeyPassword(char[] keyPassword)
          Sets the password for recovering the key.
 void setKeyStorePassword(char[] keyStorePassword)
          Sets the type of the keyStore used by the consumer of the SAML token.
 void setKeyStorePath(java.lang.String keyStorePath)
          Sets the file path for the keyStore used by the consumer of the SAML token..
 void setKeyStoreReference(java.lang.String keyStoreRef)
          Sets the reference name of the keyStore used by the token consumer (e.g. a service).
 void setKeyStoreType(java.lang.String keyStoreType)
          Sets the type of the keyStore by the consumer of the SAML token.
 void setProperties(java.util.Map<java.lang.String,java.lang.String> map)
          Set RSTT for WS-Trust request
 void setStsBinding(java.lang.String binding)
          Sets the name of WS-Trust client bindings for WS-Trust's Issue or Validate operation.
 void setStsBindingScope(java.lang.String scope)
          Sets the binding scope for WS-Trust client, and it could be set to "domain" or "application".
 void setStsPolicy(java.lang.String policy)
          Sets the name of WS-Trust client policy set for Issue or Validate operation.
 void setStsSoapVersion(java.lang.String ns)
          Sets the required SOAP version of WS-Trust client.
 void setStsURI(java.lang.String uri)
          Sets the URL name of SecurityTokenservice.
 void setStsValidateBinding(java.lang.String binding)
          Sets the name of WS-Trust client bindings for WS-Trust's Validate operation.
 void setStsValidatePolicy(java.lang.String policy)
          Sets the name of WS-Trust client policy set for Validate operation.
 void setTrustedIssuers(java.util.ArrayList<java.lang.String[]> issuers)
           
 void setValidateTarget(java.lang.String target)
          Set flag to indicate how Validate message for WS-Trust request should be formated, the valid options are "token" or "base".
 void setWstNamespace(java.lang.String ns)
          Set WS-Trust namespace used in the SOAP communication with the Security Token provider.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

validateTargets

public java.lang.String[] validateTargets
Constructor Detail

GenericIssuedTokenConsumeCallback

public GenericIssuedTokenConsumeCallback()
Method Detail

getStsURI

public java.lang.String getStsURI()
Returns the URL of SecurityTokenService that issues SecurityToken.

Returns:
the URL of SecurityTokenService.

setStsURI

public void setStsURI(java.lang.String uri)
Sets the URL name of SecurityTokenservice.

Parameters:
uri - the URL name of the Security Token Service (STS).

getStsPolicy

public java.lang.String getStsPolicy()
Returns the policySet name for WS-Trust client's Issue or Validate operation.

Returns:
the policySet name for WS-Trust client's Issue or Validate operation.

setStsPolicy

public void setStsPolicy(java.lang.String policy)
Sets the name of WS-Trust client policy set for Issue or Validate operation.

Parameters:
the - name of WS-Trust client policy set for Issue or Validate operation.

getStsBinding

public java.lang.String getStsBinding()
Returns the name for the policySet binding used by the WS-Trust client's Issue or Validate operation.

Returns:
the name of the policySet binding for the WS-Trust client's Issue or Validate operation.

setStsBinding

public void setStsBinding(java.lang.String binding)
Sets the name of WS-Trust client bindings for WS-Trust's Issue or Validate operation.

Parameters:
binding - the name of WS-Trust client bindings for WS-Trust's Issue or Validate operation.

getWstNamespace

public java.lang.String getWstNamespace()
Return the WS-Trust namespace used in the SOAP communication with the Security Token provider. wstNamespace is a String value that can be set to "http://schemas.xmlsoap.org/ws/2005/02/trust" for ws-trust 1.2, or "http://docs.oasis-open.org/ws-sx/ws-trust/200512" for ws-trust 1.3.

Returns:
the WS-Trust namespace.

setWstNamespace

public void setWstNamespace(java.lang.String ns)
Set WS-Trust namespace used in the SOAP communication with the Security Token provider. wstNamespace is a String value that can be set to "http://schemas.xmlsoap.org/ws/2005/02/trust" for ws-trust 1.2, or "http://docs.oasis-open.org/ws-sx/ws-trust/200512" for ws-trust 1.3

Parameters:
wstNamespace - the WS-Trust NameSpace, it is "http://schemas.xmlsoap.org/ws/2005/02/trust" for ws-trust 1.2, or "http://docs.oasis-open.org/ws-sx/ws-trust/200512" for ws-trust 1.3

getStsSoapVersion

public java.lang.String getStsSoapVersion()
Returns the SOAP version for the WS-Trust client.

Returns:
the the SOAP version for the WS-Trust client, the valid values are 1.1 or 1.2

setStsSoapVersion

public void setStsSoapVersion(java.lang.String ns)
Sets the required SOAP version of WS-Trust client.

Parameters:
version - the required SOAP version for WS-Trust client, the valid values are 1.1 or 1.2.

getStsBindingScope

public java.lang.String getStsBindingScope()
Return the binding scope for WS-Trust client, and it is either "domain" or "application". A value of domain indicates that the specifiied binding is a general binding, and a value of application indicates that the specified binding is an application specific binding.

Returns:
the binding scope for WS-Trust client, and it is either "domain" or "application".

setStsBindingScope

public void setStsBindingScope(java.lang.String scope)
Sets the binding scope for WS-Trust client, and it could be set to "domain" or "application". A value of domain indicates that the specified binding is a general binding, and a value of application indicates that the specified binding is an application specific binding.

Parameters:
scope - the binding scope for WS-Trust client, and it is either "domain" or "application".

getProperties

public java.util.Map<java.lang.String,java.lang.String> getProperties()
Return WS-Trust request parameters as defined in RSTT

Returns:
WS-Trust RSTT parameters

setProperties

public void setProperties(java.util.Map<java.lang.String,java.lang.String> map)
Set RSTT for WS-Trust request

Parameters:
WS-Trust - RSTT parameters

getExchangedTokenType

public java.lang.String getExchangedTokenType()

setExchangedTokenType

public void setExchangedTokenType(java.lang.String type)

getValidateTarget

public java.lang.String getValidateTarget()
Return the optional flag that indicate how to pass validation target to STS. The valid options are "token", "base".

Returns:
flag to indicate how to pass validation target to STS.

setValidateTarget

public void setValidateTarget(java.lang.String target)
Set flag to indicate how Validate message for WS-Trust request should be formated, the valid options are "token" or "base".

Parameters:
WS-Trust - Validate target format.

getIssuer

public java.lang.String getIssuer()
Return the token issuer name.

Returns:
the optional token issuer name.

setIssuer

public void setIssuer(java.lang.String issuer)
Set token issuer name.

Parameters:
token - issuer name.

getStsValidatePolicy

public java.lang.String getStsValidatePolicy()
Returns the policySet name for WS-Trust client's Validate operation.

Returns:
the policySet name for WS-Trust client's Validate operation.

setStsValidatePolicy

public void setStsValidatePolicy(java.lang.String policy)
Sets the name of WS-Trust client policy set for Validate operation.

Parameters:
the - name of WS-Trust client policy set for Validate operation.

getStsValidateBinding

public java.lang.String getStsValidateBinding()
Returns the name for the policySet binding used by the WS-Trust client's Validate operation.

Returns:
the name of the policySet binding for the WS-Trust client's Validate operation.

setStsValidateBinding

public void setStsValidateBinding(java.lang.String binding)
Sets the name of WS-Trust client bindings for WS-Trust's Validate operation.

Parameters:
binding - the name of WS-Trust client bindings for WS-Trust's Validate operation.

getKeyStoreReference

public java.lang.String getKeyStoreReference()
Returns the reference name of the keyStore used by the token consumer (e.g. a service).

Returns:
reference name of the keyStore of the token consumer.

setKeyStoreReference

public void setKeyStoreReference(java.lang.String keyStoreRef)
Sets the reference name of the keyStore used by the token consumer (e.g. a service).

Parameters:
keyStoreRef - string representing the reference name of the keyStore.

getKeyStorePath

public java.lang.String getKeyStorePath()
Returns the file path for the keyStore used by the consumer of the SAML token.

Returns:
String that contains the path of the keyStore.

setKeyStorePath

public void setKeyStorePath(java.lang.String keyStorePath)
Sets the file path for the keyStore used by the consumer of the SAML token..

Parameters:
keyStorePath - string representing the path to the keyStore.

getKeyStoreType

public java.lang.String getKeyStoreType()
Returns the type of the keyStore used by the consumer of the SAML token.

Returns:
type of the keyStore

setKeyStoreType

public void setKeyStoreType(java.lang.String keyStoreType)
Sets the type of the keyStore by the consumer of the SAML token.

Parameters:
keyStoreType - string representing the type of the keyStore

getKeyStorePassword

public char[] getKeyStorePassword()
Returns the password for the keyStore used by the consumer of the SAML token.

Returns:
charcter array that contains the password used to check the integrity or unlock the keyStore used by the consumer of a SAML token.

setKeyStorePassword

public void setKeyStorePassword(char[] keyStorePassword)
Sets the type of the keyStore used by the consumer of the SAML token.

Parameters:
keyStorePassword - character array that contains the password used to check the integrity or unlock the keyStore for the consumer of the SAML token.

getAlias

public java.lang.String getAlias()
Returns the alias name used by the consumer of the SAML token in its keyStore.

Returns:
alias string representing the key alias name.

setAlias

public void setAlias(java.lang.String alias)
Sets the key alias name in the consumer's keyStore.

Parameters:
alias - string representing the alias name.

getKeyPassword

public char[] getKeyPassword()
Returns the password for recovering the key.

Returns:
character array that contains the password used for recovering the key.

setKeyPassword

public void setKeyPassword(char[] keyPassword)
Sets the password for recovering the key.

Parameters:
keyPassword - character array that contains the password for recovering the key.

getKeyName

public java.lang.String getKeyName()
Returns the name of the key used by the token consumer.

Returns:
String that contains the key.

setKeyName

public void setKeyName(java.lang.String keyName)
Sets the name of the key used by the token consumer.

Parameters:
keyName - string that contains the name of the key.

getConfirmationMethod

public java.lang.String getConfirmationMethod()
Returns the ConfirmationMethod to be used when requesting/generating a SAML token.

Returns:
the required Subject ConfirmationMethod. The valid values are "holder-of-key", "bearer", or "sender-vouches"

setConfirmationMethod

public void setConfirmationMethod(java.lang.String method)
Sets the type of Subject ConfirmationMethod to be used by the token requester.

Parameters:
method - a string identifying the Subject ConfirmationMethod.

enforceConfirmationMethodInTokenExchange

public boolean enforceConfirmationMethodInTokenExchange()
Returns the option to check the receiving SAML subject confirmation method if SAMLToken has been exchanged.

Returns:
the option to check the receiving SAML subject confirmation method if SAMLToken has been exchanged.

setEnforceConfirmationMethodInTokenExchange

public void setEnforceConfirmationMethodInTokenExchange(boolean option)
Sets the option to check the receiving SAML subject confirmation method if SAMLToken has been exchanged.

Parameters:
boolean -

isCollectionRequest

public boolean isCollectionRequest()

setCollectionRequest

public void setCollectionRequest(boolean collectionRequest)

getTrustedIssuers

public java.util.ArrayList<java.lang.String[]> getTrustedIssuers()
Returns:
a list of trusted SAML Issuers, each contains Issuer name and/or Signer certificate's SubjectDN

setTrustedIssuers

public void setTrustedIssuers(java.util.ArrayList<java.lang.String[]> issuers)

IBM WebSphere Application ServerTM
Release 8