com.ibm.websphere.wssecurity.callbackhandler
Class GenericIssuedTokenGenerateCallback
- java.lang.Object
-
- com.ibm.websphere.wssecurity.callbackhandler.GenericIssuedTokenGenerateCallback
-
- All Implemented Interfaces:
- javax.security.auth.callback.Callback
public class GenericIssuedTokenGenerateCallback extends java.lang.Object implements javax.security.auth.callback.Callback
This is a Callback class used to collect configuration data associated with the generator of a outgoing generic issued token. It is important to note that an outgoing generic token (outbound request) is issued by a SecurityTokenService using WS-Trust Issue, or exchanged or validated from RunAs Subject by a SecurityTokenService using WS-Trust Validate.
-
-
Field Summary
Fields Modifier and Type Field and Description java.lang.String[]
validateTargets
-
Constructor Summary
Constructors Constructor and Description GenericIssuedTokenGenerateCallback()
-
Method Summary
Methods Modifier and Type Method and Description java.lang.String
getAppliesTo()
Returns AppliesTo.java.lang.String
getIssuer()
Return the token issuer name.java.util.Map<java.lang.String,java.lang.String>
getProperties()
Return WS-Trust request parameters as defined in RSTTjava.lang.String
getSSLConfigUrl()
Returns SSLConfiguration location .java.lang.String
getStsBinding()
Returns the name for the policySet binding used by the WS-Trust client's Issue or Validate operation.java.lang.String
getStsBindingScope()
Return the binding scope for WS-Trust client, and it is either "domain" or "application".java.lang.String
getStsPolicy()
Returns the policySet name for WS-Trust client's Issue or Validate operation.java.lang.String
getStsSoapVersion()
Returns the SOAP version for the WS-Trust client.java.lang.String
getStsURI()
Returns the URL of SecurityTokenService that issues SecurityToken.java.lang.String
getStsValidateBinding()
Returns the name for the policySet binding used by the WS-Trust client's Validate operation.java.lang.String
getStsValidatePolicy()
Returns the policySet name for WS-Trust client's Validate operation.java.lang.String
getUseToken()
Return the token's ValueType from tokens in RunAsSubject that client should use to directly Validate or exchange an issued token with SecurityTokenService.java.lang.String
getValidateTarget()
Return the optional flag that indicate how to pass validation target to STS.WSSConsumingContext
getWSSConsumingContext()
Gets WSSConsumingContext object.WSSConsumingContext
getWSSConsumingContextForValidation()
Gets WSSConsumingContext object for WS-Trust Validate request.WSSGenerationContext
getWSSGenerationContext()
Returns WSSGenerationContext object.WSSGenerationContext
getWSSGenerationContextForValidation()
Returns WSSGenerationContext object for WS-Trust Validate request.java.lang.String
getWstNamespace()
Return the WS-Trust namespace used in the SOAP communication with the Security Token provider.boolean
includeTokenType()
The optional flag if WS-Trust client RST message should include requested token's ValueType.boolean
isCollectionRequest()
boolean
isUNTPasswordRequired()
Returns the flag to indicate if password is required when requested token is UsernameToken.void
setAppliesTo(java.lang.String uri)
void
setCollectionRequest(boolean collectionRequest)
void
setincludeTokenType(boolean status)
Set the optional flag if WS-Trust client RST message should include requested token's ValueType.void
setIssuer(java.lang.String issuer)
Set token issuer name.void
setProperties(java.util.Map<java.lang.String,java.lang.String> map)
Set RSTT for WS-Trust requestvoid
setSSLConfigUrl(java.lang.String location)
Sets SSLConfigUrl object.void
setStsBinding(java.lang.String binding)
Sets the name of WS-Trust client bindings for WS-Trust's Issue or Validate operation.void
setStsBindingScope(java.lang.String scope)
Sets the binding scope for WS-Trust client, and it could be set to "domain" or "application".void
setStsPolicy(java.lang.String policy)
Sets the name of WS-Trust client policy set for Issue or Validate operation.void
setStsSoapVersion(java.lang.String ns)
Sets the required SOAP version of WS-Trust client.void
setStsURI(java.lang.String uri)
Sets the URL name of SecurityTokenservice.void
setStsValidateBinding(java.lang.String binding)
Sets the name of WS-Trust client bindings for WS-Trust's Validate operation.void
setStsValidatePolicy(java.lang.String policy)
Sets the name of WS-Trust client policy set for Validate operation.void
setUNTPasswordRequired(boolean required)
Sets the flag to indicate if password is required when requested token is UsernameToken.void
setUseRunAsSubject(boolean state)
Set the flag if client should use a token from RunAsSubject to directly Validate or exchange the requested issued token with SecurityTokenService.void
setUseRunAsSubjectOnly(boolean state)
Set the flag if WS-Security runtime should continue to use WS-Trust Issue to request an issued token after it fails to use token in RunAsSubject to validate or exchange for an issued token by using WS-Trust Validate.void
setUseToken(java.lang.String token)
Set the token's ValueType from tokens in RunAsSubject that client should use to directly Validate or exchange an issued token with SecurityTokenService.void
setValidateTarget(java.lang.String target)
Set flag to indicate how Validate message for WS-Trust request should be formated, the valid options are "token" or "base".void
setValidateUseToken(boolean state)
Set the flag if a token in RunAsSubject should be validated or exchanged directly with SecurityTokenService.void
setWSSConsumingContext(WSSConsumingContext concont)
Sets WSSConsumingContext object.void
setWSSConsumingContextForValidation(WSSConsumingContext concont)
Sets WSSConsumingContext object for WS-Trust Validate request.void
setWSSGenerationContext(WSSGenerationContext gencont)
Sets WSSGenerationContext object.void
setWSSGenerationContextForValidation(WSSGenerationContext gencont)
Sets WSSGenerationContext object for WS-Trust Validate request.void
setWstNamespace(java.lang.String ns)
Set WS-Trust namespace used in the SOAP communication with the Security Token provider.boolean
useRunAsSubject()
Return the flag if client should use a token from RunAsSubject to directly Validate or exchange the requested issued token with SecurityTokenService.boolean
useRunAsSubjectOnly()
Returns the flag if WS-Security runtime should continue to use WS-Trust Issue to request an issued token after it fails to use token in RunAsSubject to validate or exchange for an issued token by using WS-Trust Validate.boolean
validateUseToken()
Return the flag that a token in RunAsSubject should be validated or exchanged directly with SecurityTokenService.
-
-
-
Method Detail
-
getStsURI
public java.lang.String getStsURI()
Returns the URL of SecurityTokenService that issues SecurityToken.- Returns:
- the URL of SecurityTokenService.
-
setStsURI
public void setStsURI(java.lang.String uri)
Sets the URL name of SecurityTokenservice.- Parameters:
uri
- the URL name of the Security Token Service (STS).
-
getStsPolicy
public java.lang.String getStsPolicy()
Returns the policySet name for WS-Trust client's Issue or Validate operation.- Returns:
- the policySet name for WS-Trust client's Issue or Validate operation.
-
setStsPolicy
public void setStsPolicy(java.lang.String policy)
Sets the name of WS-Trust client policy set for Issue or Validate operation.- Parameters:
the
- name of WS-Trust client policy set for Issue or Validate operation.
-
getStsBinding
public java.lang.String getStsBinding()
Returns the name for the policySet binding used by the WS-Trust client's Issue or Validate operation.- Returns:
- the name of the policySet binding for the WS-Trust client's Issue or Validate operation.
-
setStsBinding
public void setStsBinding(java.lang.String binding)
Sets the name of WS-Trust client bindings for WS-Trust's Issue or Validate operation.- Parameters:
binding
- the name of WS-Trust client bindings for WS-Trust's Issue or Validate operation.
-
getWstNamespace
public java.lang.String getWstNamespace()
Return the WS-Trust namespace used in the SOAP communication with the Security Token provider. wstNamespace is a String value that can be set to "http://schemas.xmlsoap.org/ws/2005/02/trust" for ws-trust 1.2, or "http://docs.oasis-open.org/ws-sx/ws-trust/200512" for ws-trust 1.3.- Returns:
- the WS-Trust namespace.
-
setWstNamespace
public void setWstNamespace(java.lang.String ns)
Set WS-Trust namespace used in the SOAP communication with the Security Token provider. wstNamespace is a String value that can be set to "http://schemas.xmlsoap.org/ws/2005/02/trust" for ws-trust 1.2, or "http://docs.oasis-open.org/ws-sx/ws-trust/200512" for ws-trust 1.3- Parameters:
wstNamespace
- the WS-Trust NameSpace, it is "http://schemas.xmlsoap.org/ws/2005/02/trust" for ws-trust 1.2, or "http://docs.oasis-open.org/ws-sx/ws-trust/200512" for ws-trust 1.3
-
getStsSoapVersion
public java.lang.String getStsSoapVersion()
Returns the SOAP version for the WS-Trust client.- Returns:
- the the SOAP version for the WS-Trust client, the valid values are 1.1 or 1.2
-
setStsSoapVersion
public void setStsSoapVersion(java.lang.String ns)
Sets the required SOAP version of WS-Trust client.- Parameters:
version
- the required SOAP version for WS-Trust client, the valid values are 1.1 or 1.2.
-
getStsBindingScope
public java.lang.String getStsBindingScope()
Return the binding scope for WS-Trust client, and it is either "domain" or "application". A value of domain indicates that the specifiied binding is a general binding, and a value of application indicates that the specified binding is an application specific binding.- Returns:
- the binding scope for WS-Trust client, and it is either "domain" or "application".
-
setStsBindingScope
public void setStsBindingScope(java.lang.String scope)
Sets the binding scope for WS-Trust client, and it could be set to "domain" or "application". A value of domain indicates that the specified binding is a general binding, and a value of application indicates that the specified binding is an application specific binding.- Parameters:
scope
- the binding scope for WS-Trust client, and it is either "domain" or "application".
-
getProperties
public java.util.Map<java.lang.String,java.lang.String> getProperties()
Return WS-Trust request parameters as defined in RSTT- Returns:
- WS-Trust RSTT parameters
-
setProperties
public void setProperties(java.util.Map<java.lang.String,java.lang.String> map)
Set RSTT for WS-Trust request- Parameters:
WS-Trust
- RSTT parameters
-
includeTokenType
public boolean includeTokenType()
The optional flag if WS-Trust client RST message should include requested token's ValueType.- Returns:
- optional flag to include or exclude token's ValueType in RST message.
-
setincludeTokenType
public void setincludeTokenType(boolean status)
Set the optional flag if WS-Trust client RST message should include requested token's ValueType.- Parameters:
optional
- flag if include token's ValueType in RST message.
-
getIssuer
public java.lang.String getIssuer()
Return the token issuer name.- Returns:
- the optional token issuer name.
-
setIssuer
public void setIssuer(java.lang.String issuer)
Set token issuer name.- Parameters:
token
- issuer name.
-
useRunAsSubject
public boolean useRunAsSubject()
Return the flag if client should use a token from RunAsSubject to directly Validate or exchange the requested issued token with SecurityTokenService.- Returns:
- the optional flag to use RunAsSubject for token exchange with SecurityTokenService.
-
setUseRunAsSubject
public void setUseRunAsSubject(boolean state)
Set the flag if client should use a token from RunAsSubject to directly Validate or exchange the requested issued token with SecurityTokenService.- Parameters:
the
- optional flag to use RunAsSubject for token exchange with SecurityTokenService.
-
getUseToken
public java.lang.String getUseToken()
Return the token's ValueType from tokens in RunAsSubject that client should use to directly Validate or exchange an issued token with SecurityTokenService. If not specified, the token ValueType configured in policyset is used.- Returns:
- token ValueType from tokens in RunAsSubject to be used to exchange an issued token with SecurityTokenService.
-
setUseToken
public void setUseToken(java.lang.String token)
Set the token's ValueType from tokens in RunAsSubject that client should use to directly Validate or exchange an issued token with SecurityTokenService.- Parameters:
token
- ValueType from tokens in RunAsSubject to be used to exchange an issued token with SecurityTokenService.
-
validateUseToken
public boolean validateUseToken()
Return the flag that a token in RunAsSubject should be validated or exchanged directly with SecurityTokenService. If not specified, the token will be validated against SecurityTokenService before using as an outgoing authentication token.- Returns:
- flag if a used token from RunAsSubject should be validated against SecurityTokenService when using as outgoing authentication token.
-
setValidateUseToken
public void setValidateUseToken(boolean state)
Set the flag if a token in RunAsSubject should be validated or exchanged directly with SecurityTokenService. If not specified, the token will be validated against SecurityTokenService before using as an outgoing authentication token.- Parameters:
flag
- if a used token from RunAsSubject should be validated against SecurityTokenService when using as outgoing authentication token.
-
getValidateTarget
public java.lang.String getValidateTarget()
Return the optional flag that indicate how to pass validation target to STS. The valid options are "token", "base".- Returns:
- flag to indicate how to pass validation target to STS.
-
setValidateTarget
public void setValidateTarget(java.lang.String target)
Set flag to indicate how Validate message for WS-Trust request should be formated, the valid options are "token" or "base".- Parameters:
WS-Trust
- Validate target format.
-
getStsValidatePolicy
public java.lang.String getStsValidatePolicy()
Returns the policySet name for WS-Trust client's Validate operation.- Returns:
- the policySet name for WS-Trust client's Validate operation.
-
setStsValidatePolicy
public void setStsValidatePolicy(java.lang.String policy)
Sets the name of WS-Trust client policy set for Validate operation.- Parameters:
the
- name of WS-Trust client policy set for Validate operation.
-
getStsValidateBinding
public java.lang.String getStsValidateBinding()
Returns the name for the policySet binding used by the WS-Trust client's Validate operation.- Returns:
- the name of the policySet binding for the WS-Trust client's Validate operation.
-
setStsValidateBinding
public void setStsValidateBinding(java.lang.String binding)
Sets the name of WS-Trust client bindings for WS-Trust's Validate operation.- Parameters:
binding
- the name of WS-Trust client bindings for WS-Trust's Validate operation.
-
useRunAsSubjectOnly
public boolean useRunAsSubjectOnly()
Returns the flag if WS-Security runtime should continue to use WS-Trust Issue to request an issued token after it fails to use token in RunAsSubject to validate or exchange for an issued token by using WS-Trust Validate. If property is not set, WS-Trust Issue will be used to request an issued token after WS-Trust Validate fails to exchange an issued token with a token from RunasSubject.- Returns:
- the flag if WS-Trust Issue should be used to request an issued token after WS-Trust Validate fails to exchange an issued token using token from RunAsSubject.
-
setUseRunAsSubjectOnly
public void setUseRunAsSubjectOnly(boolean state)
Set the flag if WS-Security runtime should continue to use WS-Trust Issue to request an issued token after it fails to use token in RunAsSubject to validate or exchange for an issued token by using WS-Trust Validate. If property is not set, WS-Trust Issue will be used to request an issued token after WS-Trust Validate fails to exchange an issued token with a token from RunasSubject.- Parameters:
the
- flag if WS-Trust Issue should be used to request an issued token after WS-Trust Validate fails to exchange an issued token using token from RunAsSubject.
-
isUNTPasswordRequired
public boolean isUNTPasswordRequired()
Returns the flag to indicate if password is required when requested token is UsernameToken.- Returns:
- the flag to indicate if password is required when requested token is UsernameToken.
-
setUNTPasswordRequired
public void setUNTPasswordRequired(boolean required)
Sets the flag to indicate if password is required when requested token is UsernameToken.- Parameters:
the
- flag to indicate if password is required when requested token is UsernameToken.
-
getWSSConsumingContext
public WSSConsumingContext getWSSConsumingContext()
Gets WSSConsumingContext object.- Returns:
- WSSConsumingContext object
-
setWSSConsumingContext
public void setWSSConsumingContext(WSSConsumingContext concont)
Sets WSSConsumingContext object.- Parameters:
concont
- WSSConsumingContext object
-
getWSSGenerationContext
public WSSGenerationContext getWSSGenerationContext()
Returns WSSGenerationContext object.- Returns:
- WSSGenerationContext object
-
setWSSGenerationContext
public void setWSSGenerationContext(WSSGenerationContext gencont)
Sets WSSGenerationContext object.- Parameters:
gencont
- WSSGenerationContext object
-
getSSLConfigUrl
public java.lang.String getSSLConfigUrl()
Returns SSLConfiguration location .- Returns:
- WSSLConfiguration location.
-
setSSLConfigUrl
public void setSSLConfigUrl(java.lang.String location)
Sets SSLConfigUrl object.- Parameters:
SSLConfigUrl
- object
-
getAppliesTo
public java.lang.String getAppliesTo()
Returns AppliesTo.- Returns:
- AppliesTo.
-
setAppliesTo
public void setAppliesTo(java.lang.String uri)
-
isCollectionRequest
public boolean isCollectionRequest()
-
setCollectionRequest
public void setCollectionRequest(boolean collectionRequest)
-
getWSSConsumingContextForValidation
public WSSConsumingContext getWSSConsumingContextForValidation()
Gets WSSConsumingContext object for WS-Trust Validate request.- Returns:
- WSSConsumingContext object
-
setWSSConsumingContextForValidation
public void setWSSConsumingContextForValidation(WSSConsumingContext concont)
Sets WSSConsumingContext object for WS-Trust Validate request.- Parameters:
concont
- WSSConsumingContext object
-
getWSSGenerationContextForValidation
public WSSGenerationContext getWSSGenerationContextForValidation()
Returns WSSGenerationContext object for WS-Trust Validate request.- Returns:
- WSSGenerationContext object
-
setWSSGenerationContextForValidation
public void setWSSGenerationContextForValidation(WSSGenerationContext gencont)
Sets WSSGenerationContext object for WS-Trust Validate request.- Parameters:
gencont
- WSSGenerationContext object
-
-