com.ibm.websphere.wssecurity.wssapi.token

Interface SecurityContextToken

  • All Superinterfaces:
    SecurityToken

    public interface SecurityContextToken
extends SecurityToken
    This interface is responsible for the security context token, <wsu:SecurityContextToken> element.
    It defined by the specifications of WS-SecureConvesation
    Following is the sample code to get the security context token. 
       String path = "service/uri"; // path of security token service
   WSSFactory factory = WSSFactory.getInstance();

   // generate the WSSGenerationContext and WSSConsumingContext objects 
   //           for request the security context token to the security token services.

   // configuration for a construction the message to request the security context token
   WSSGenerationContext gencontBootstrap = configureWSSGenerationContextForBootstrap();  
   // configuration for a validation the message containing the security context token
   WSSConsumingContext concontBootstrap = configureWSSConsumingContextForBootstrap(); 

   // configuration for a construction the message to send to the application
   WSSGenerationContext gencontApp = configureWSSGenerationContextForApplication();
   // configuration for a validation the message to be received from the application
   WSSConsumingContext concontApp = configureWSSConsumingContextForApplication();

   // create the security context tokens
   SCTGenerateCallbackHandler sctgch = new SCTGenerateCallbackHandler(gencontBootstrap, concontBootstrap, path, WSSEncryption.AES128);
   SecurityToken[] scts = factory.newSecurityTokens(new Class[] {SecurityContextToken.class}, sctgch);
   SecurityContextToken sct = null;
   if(scts != null ){
      if(scts.length != 0) {
         sct = (SecurityContextToken)scts[0];

         // renew the security context token
         sct.renew(gencontBootstrap, concontBootstrap);

        // validate the security context token
        boolean isvalidate = sct.validate(gencontapp, concontapp);


        //cancel the security context token
        sct.cancel(gencontapp, concontapp);

      }
    }
    Notes: The specification describes the security token service provides some security context tokens. The current version provides the one security context token in a array of security token.
    See Also:
    DerivedKeyToken, SCTGenerateCallbackHandler, SCTConsumeCallbackHandler

    • Field Detail

      • STATUS_ISSUED

        static final int STATUS_ISSUED
        Represents that the security context token is issued.
        See Also:
        Constant Field Values

      • STATUS_RENEWED

        static final int STATUS_RENEWED
        Represents that the security context token is renewed.
        See Also:
        Constant Field Values

      • STATUS_CANCELLED

        static final int STATUS_CANCELLED
        Represents that the security context token is canceled.
        See Also:
        Constant Field Values

      • TokenQname

        static final javax.xml.namespace.QName TokenQname
        Represents the QName of this class, <wsu:SecurityContextToken>.
        NamespaceURI:
        "http://schemas.xmlsoap.org/ws/2005/02/sc"
        LocalPart:
        "SecurityContextToken"

      • ValueType

        static final javax.xml.namespace.QName ValueType
        Represents the value type.
        ValueType:
        "http://schemas.xmlsoap.org/ws/2005/02/sc/sct"

    • Method Detail

      • cancel

        void cancel()
            throws WSSException
        Cancels this security context token, terminating its use. It will invokes com.ibm.security.trust10.client.STSRequestorFactory.cancel(java.lang.Object service).
        Throws:
        WSSException - if the security context token is not canceled

      • cancel

        void cancel(WSSGenerationContext gencont,
          WSSConsumingContext concont)
            throws WSSException
        Cancels this security context token, terminating its use.
        Parameters:
        gencont - WS-Security configuration of canceling the security context token to the security token service
        concont - WS-Security configuration of canceling the security context token to the security token service
        Throws:
        WSSException - if the security context token is not canceled.

      • validate

        boolean validate()
                 throws WSSException
        Evaluates the validity of current this security context token.
        Returns:
        true if it is valid.
        false if it is invalid.
        Throws:
        WSSException - if the security context token is not validated.

      • validate

        boolean validate(WSSGenerationContext gencont,
               WSSConsumingContext concont)
                 throws WSSException
        Evaluates the validity of current security context token.
        Parameters:
        gencont - WS-Security configuration of canceling the security context token to the security token service
        concont - WS-Security configuration of canceling the security context token to the security token service
        Returns:
        true if it is valid.
        false if it is invalid.
        Throws:
        WSSException - if the security context token is not validated.

      • renew

        void renew()
           throws WSSException
        Renews this security context token with new expiration semantics.
        Throws:
        WSSException - if the the security context token is not recreated

      • renew

        void renew(WSSGenerationContext gencont,
         WSSConsumingContext concont)
           throws WSSException
        Renews this security context token with new expiration semantics.
        Parameters:
        gencont - WS-Security configuration of canceling the security context token to the security token service
        concont - WS-Security configuration of canceling the security context token to the security token service
        Throws:
        WSSException - if the security context token is not recreated.

      • getDerivedKeyToken

        DerivedKeyToken getDerivedKeyToken(java.lang.String algorithm,
                                 java.lang.String clientLabel,
                                 java.lang.String serviceLabel)
                                   throws WSSException
        Retreives the derived key token related with this security context token.
        Parameters:
        algorithm - to use for generating the derived key
        label - to use for generating the derived key
        Returns:
        derived key token
        Throws:
        WSSException - if the derived key is not created

      • getIdentifier

        java.lang.String getIdentifier()
        Returns the value of <wsu:Identifier>.
        Returns:
        value of the identifier

      • getInstances

        java.lang.String[] getInstances()
        Returns values of the <wsu:Instance>.
        Returns:
        all of instance names

      • getCreation

        java.util.Date getCreation(java.lang.String instance)
        Returns the creation date of the instance.
        Parameters:
        instance - instance
        Returns:
        the creation date

      • getExpiration

        java.util.Date getExpiration(java.lang.String instance)
        Returns the expiration date of the instance.
        Parameters:
        instance - instance
        Returns:
        the expiration date
IBM WebSphere Application ServerTM
Release 9.0