org.picketlink.identity.federation.core.wstrust

Class PicketLinkSTSConfiguration

java.lang.Object

org.picketlink.identity.federation.core.wstrust.PicketLinkSTSConfiguration

All Implemented Interfaces:

STSCoreConfig, STSConfiguration

public class PicketLinkSTSConfiguration
extends Object
implements STSConfiguration

Standard JBoss STS configuration implementation.

Author:

Stefan Guilhen, Anil Saldhana

Constructor Summary

Constructors

Constructor and Description
PicketLinkSTSConfiguration() Creates an instance of PicketLinkSTSConfiguration with default configuration values.
PicketLinkSTSConfiguration(STSType config) Creates an instance of PicketLinkSTSConfiguration with the specified configuration.

Method Summary

Methods

Modifier and Type	Method and Description
void	addTokenProvider(String key, SecurityTokenProvider provider) Allows you to add a token provider to handle a particular namespace
void	copy(STSCoreConfig thatConfig)
boolean	encryptIssuedToken() Indicates whether the issued token should be encrypted or not.
Certificate	getCertificate(String alias) Obtains the certificate identified by the specified alias.
ClaimsProcessor	getClaimsProcessor(String claimsDialect) Obtains the ClaimsProcessor that must be used to handle claims of the specified dialect.
long	getIssuedTokenTimeout() Obtains the timeout value (in milliseconds) for issued tokens.
SecurityTokenProvider	getProviderForService(String serviceName) Given the name of a service provider, obtains the provider that must be used when issuing tokens to clients of that service.
SecurityTokenProvider	getProviderForTokenElementNS(String family, QName tokenQName) Obtains the token provider that can handle tokens that have the specified local name and namespace.
SecurityTokenProvider	getProviderForTokenType(String tokenType) Given a token type, obtains the token provider that should be used to handle token requests of that type.
List<SecurityTokenProvider>	getProvidersByFamily(String familyName) Get a list of SecurityTokenProvider that belong to a family
WSTrustRequestHandler	getRequestHandler() Obtains the WS-Trust request handler class.
PublicKey	getServiceProviderPublicKey(String serviceName) Obtains the public key of the specified service provider.
KeyPair	getSTSKeyPair() Obtains a reference to the KeyPair object that contains the STS PrivateKey and PublicKey.
String	getSTSName() Obtains the unique name of the secure token service.
List<SecurityTokenProvider>	getTokenProviders() Get an unmodifiable list of token providers
String	getTokenTypeForService(String serviceName) Given the name of a service provider, obtains the type of the token that should be used when issuing tokens to clients of that service.
String	getXMLDSigCanonicalizationMethod() Returns the configured canonicalization method.
void	removeTokenProvider(String key) Remove a token provider with the passed key
boolean	signIssuedToken() Indicates whether the issued token should be digitally signed or not.
String	toString()

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

PicketLinkSTSConfiguration

public PicketLinkSTSConfiguration()

Creates an instance of PicketLinkSTSConfiguration with default configuration values.

PicketLinkSTSConfiguration

public PicketLinkSTSConfiguration(STSType config)

Creates an instance of PicketLinkSTSConfiguration with the specified configuration.

Parameters:

config - a reference to the object that holds the configuration of the STS.

Method Detail

getSTSName

public String getSTSName()

Description copied from interface: STSCoreConfig

Obtains the unique name of the secure token service.

Specified by:

getSTSName in interface STSCoreConfig

Returns:

a String representing the STS name.

encryptIssuedToken

public boolean encryptIssuedToken()

Description copied from interface: STSCoreConfig

Indicates whether the issued token should be encrypted or not.

Specified by:

encryptIssuedToken in interface STSCoreConfig

Returns:

true if the issued token is to be encrypted; false otherwise.

signIssuedToken

public boolean signIssuedToken()

Description copied from interface: STSCoreConfig

Indicates whether the issued token should be digitally signed or not.

Specified by:

signIssuedToken in interface STSCoreConfig

Returns:

true if the issued token is to be signed; false otherwise.

getIssuedTokenTimeout

public long getIssuedTokenTimeout()

Description copied from interface: STSCoreConfig

Obtains the timeout value (in milliseconds) for issued tokens.

Specified by:

getIssuedTokenTimeout in interface STSCoreConfig

Returns:

the token timeout value.

getRequestHandler

public WSTrustRequestHandler getRequestHandler()

Description copied from interface: STSConfiguration

Obtains the WS-Trust request handler class.

Specified by:

getRequestHandler in interface STSConfiguration

Returns:

a reference to the configured WSTrustRequestHandler.

getProviderForService

public SecurityTokenProvider getProviderForService(String serviceName)

Description copied from interface: STSCoreConfig

Given the name of a service provider, obtains the provider that must be used when issuing tokens to clients of that service. When requesting a token to the STS, a client can specify the service it needs the token for using the AppliesTo element. Based on the service provider name, the STS identifies the type of the token that is to be issued and then selects the appropriate token provider to handle the request.

Specified by:

getProviderForService in interface STSCoreConfig

Parameters:

serviceName - the name of the service provider that requires a token from its clients.

Returns:

a reference to the SecurityTokenProvider that must be used in order to issue tokens to clients of the specified service.

getProviderForTokenType

public SecurityTokenProvider getProviderForTokenType(String tokenType)

Description copied from interface: STSCoreConfig

Given a token type, obtains the token provider that should be used to handle token requests of that type. When a client doesn't specify the service provider name through the AppliesTo element, it must specify the token type through the TokenType element. The STS uses the supplied type to select the appropriate token provider.

Specified by:

getProviderForTokenType in interface STSCoreConfig

Parameters:

tokenType - a String representing the type of the token.

Returns:

a reference to the SecurityTokenProvider that must be used to handle token requests of the specified type.

getProviderForTokenElementNS

public SecurityTokenProvider getProviderForTokenElementNS(String family,
                                                 QName tokenQName)

Description copied from interface: STSCoreConfig

Obtains the token provider that can handle tokens that have the specified local name and namespace. When a validate, renew, or cancel request is made, the token type is not set in the WS-Trust request. In these cases the SecurityTokenProvider must be determined using the security token itself.

Specified by:

getProviderForTokenElementNS in interface STSCoreConfig

Parameters:

family - a String representing the family

tokenQName - a QName representing the token element namespace. (e.g. urn:oasis:names:tc:SAML:2.0:assertion).

Returns:

a reference to the SecurityTokenProvider that must be used to handle the request that contains only the security token.

See Also:

STSCoreConfig.getProviderForTokenElementNS(java.lang.String, javax.xml.namespace.QName)

getClaimsProcessor

public ClaimsProcessor getClaimsProcessor(String claimsDialect)

Description copied from interface: STSConfiguration

Obtains the ClaimsProcessor that must be used to handle claims of the specified dialect.

Specified by:

getClaimsProcessor in interface STSConfiguration

Parameters:

claimsDialect - a String representing the claims dialect (usually a URL).

Returns:

the ClaimsProcessor to be used, or null if no processor could be found for the dialect.

getTokenTypeForService

public String getTokenTypeForService(String serviceName)

Description copied from interface: STSCoreConfig

Given the name of a service provider, obtains the type of the token that should be used when issuing tokens to clients of that service.

Specified by:

getTokenTypeForService in interface STSCoreConfig

Parameters:

serviceName - the name of the service provider that requires a token from its clients.

Returns:

a String representing the type of the token that suits the specified service.

getServiceProviderPublicKey

public PublicKey getServiceProviderPublicKey(String serviceName)

Description copied from interface: STSCoreConfig

Obtains the public key of the specified service provider. The returned key is used to encrypt issued tokens.

Specified by:

getServiceProviderPublicKey in interface STSCoreConfig

Parameters:

serviceName - the name of the service provider (normally the provider URL).

Returns:

a reference to the provider's PublicKey

getSTSKeyPair

public KeyPair getSTSKeyPair()

Description copied from interface: STSCoreConfig

Obtains a reference to the KeyPair object that contains the STS PrivateKey and PublicKey.

Specified by:

getSTSKeyPair in interface STSCoreConfig

Returns:

a reference to the STS KeyPair.

getCertificate

public Certificate getCertificate(String alias)

Description copied from interface: STSCoreConfig

Obtains the certificate identified by the specified alias.

Specified by:

getCertificate in interface STSCoreConfig

Parameters:

alias - the alias associated with the certificate in the keystore.

Returns:

the Certificate obtained from the keystore, or null if no certificate was found.

getXMLDSigCanonicalizationMethod

public String getXMLDSigCanonicalizationMethod()

Description copied from interface: STSConfiguration

Returns the configured canonicalization method.

NOTE: Defaults to javax.xml.crypto.dsig.CanonicalizationMethod.EXCLUSIVE_WITH_COMMENTS

Specified by:

getXMLDSigCanonicalizationMethod in interface STSConfiguration

Returns:

See Also:

STSConfiguration.getXMLDSigCanonicalizationMethod()

addTokenProvider

public void addTokenProvider(String key,
                    SecurityTokenProvider provider)

Description copied from interface: STSCoreConfig

Allows you to add a token provider to handle a particular namespace

Specified by:

addTokenProvider in interface STSCoreConfig

See Also:

STSCoreConfig#addTokenProvider(String, SecurityTokenProvider)}

removeTokenProvider

public void removeTokenProvider(String key)

Description copied from interface: STSCoreConfig

Remove a token provider with the passed key

Specified by:

removeTokenProvider in interface STSCoreConfig

See Also:

STSCoreConfig#removeTokenProvider(String)}

getTokenProviders

public List<SecurityTokenProvider> getTokenProviders()

Description copied from interface: STSCoreConfig

Get an unmodifiable list of token providers

Specified by:

getTokenProviders in interface STSCoreConfig

Returns:

See Also:

STSCoreConfig.getTokenProviders()

getProvidersByFamily

public List<SecurityTokenProvider> getProvidersByFamily(String familyName)

Description copied from interface: STSCoreConfig

Get a list of SecurityTokenProvider that belong to a family

Specified by:

getProvidersByFamily in interface STSCoreConfig

Returns:

See Also:

STSCoreConfig.getProvidersByFamily(java.lang.String)

copy

public void copy(STSCoreConfig thatConfig)

Specified by:

copy in interface STSCoreConfig

See Also:

STSCoreConfig.copy(org.picketlink.identity.federation.core.sts.STSCoreConfig)

toString

public String toString()

Overrides:

toString in class Object