Package com.sun.xml.ws.security.impl
Class IssuedTokenContextImpl
- java.lang.Object
-
- com.sun.xml.ws.security.impl.IssuedTokenContextImpl
-
- All Implemented Interfaces:
IssuedTokenContext
public class IssuedTokenContextImpl extends Object implements IssuedTokenContext
- Author:
- Abhijit Das
-
-
Field Summary
-
Fields inherited from interface com.sun.xml.ws.security.IssuedTokenContext
AUTHN_CONTEXT, CLAIMED_ATTRUBUTES, CONFIRMATION_KEY_INFO, CONFIRMATION_METHOD, KEY_WRAP_ALGORITHM, STATUS, STS_CERTIFICATE, STS_PRIVATE_KEY, TARGET_SERVICE_CERTIFICATE, WS_TRUST_VERSION
-
-
Constructor Summary
Constructors Constructor Description IssuedTokenContextImpl()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description voiddestroy()Destroy the IssuedTokenContext.StringgetAppliesTo()TokengetAssociatedProofToken()get the Proof Token (if any) associated with the SecurityToken, null otherwiseTokengetAttachedSecurityTokenReference()If the token returned doesnt allow use of wsu:id attribute then a STR is returned as <wst:RequestedAttachedReference> which needs to be inserted into a <ds:KeyInfo> for example.StringgetAuthnContextClass()StringgetCanonicalizationAlgorithm()URIgetComputedKeyAlgorithmFromProofToken()Return the <wst:ComputedKey> URI if any inside the RSTR, null otherwise.DategetCreationTime()KeygetDecipheredOtherPartyEntropy(Key privKey)Get the Entropy if any provided by the other party, null otherwise If the Entropy was specified as an <xenc:EncryptedKey> then this method would return the decrypted secretStringgetEncryptionAlgorithm()StringgetEncryptWith()StringgetEndpointAddress()get the endpoint addressDategetExpirationTime()get the Expiration Time for this Token if anyStringgetKeyType()ObjectgetOtherPartyEntropy()Get the Entropy if any provided by the Other Party, null otherwiseMap<String,Object>getOtherProperties()byte[]getProofKey()get the SecureConversation ProofToken as a byte[] arrayKeyPairgetProofKeyPair()X509CertificategetRequestorCertificate()Requestor Certificate(s)SubjectgetRequestorSubject()StringgetRequestorUsername()Requestor username if anySecurityContextTokenInfogetSecurityContextTokenInfo()Get the SecurityContextTokenInfo for this Token if any.ArrayList<Object>getSecurityPolicy()get the SecurityPolicy to be applied for the request or response to which this SecurityContext corresponds to This allows the Client and/or the Service (WSP/STS) to dynamically inject policy to be applied.TokengetSecurityToken()Depending on the <sp:IncludeToken> policy get the Token to be used in Securing requests and/or responses.ObjectgetSelfEntropy()Get self Entropy if set, null otherwiseStringgetSignatureAlgorithm()StringgetSignWith()TokengetTarget()StringgetTokenIssuer()StringgetTokenType()TokengetUnAttachedSecurityTokenReference()If the token returned doesnt allow use of wsu:id attribute then a STR is returned as <wst:RequestedUnAttachedReference> which needs to be inserted into a <ds:KeyInfo> for example.voidsetAppliesTo(String appliesTo)voidsetAssociatedProofToken(Token associatedProofToken)Set the Proof Token Associated with the SecurityTokenvoidsetAttachedSecurityTokenReference(Token secTokenReference)If the token returned doesnt allow use of wsu:id attribute then a STR is returned as <wst:RequestedAttachedReference> which needs to be inserted into a <ds:KeyInfo> for examplevoidsetAuthnContextClass(String authType)voidsetCanonicalizationAlgorithm(String canonAlg)voidsetComputedKeyAlgorithmFromProofToken(URI computedKeyAlgorithm)voidsetCreationTime(Date date)set the creation Time of the IssuedTokenvoidsetEncryptionAlgorithm(String encAlg)voidsetEncryptWith(String encryptWithAlgo)voidsetEndpointAddress(String endPointAddress)set the endpointaddressvoidsetExpirationTime(Date date)set the Expiration Time for this Token if any.voidsetKeyType(String keyType)voidsetOtherPartyEntropy(Object otherPartyEntropy)Set the Entropy information provided by the other Part (if any)voidsetProofKey(byte[] key)set the SecureConversation ProofToken as a byte[] arrayvoidsetProofKeyPair(KeyPair keys)voidsetRequestorCertificate(X509Certificate cert)Append the Requestor Certificate that was used in an incoming message.voidsetRequestorSubject(Subject subject)voidsetRequestorUsername(String username)set requestor usernamevoidsetSecurityContextTokenInfo(SecurityContextTokenInfo sctInfo)set the SecurityContextTokenInfo for this Token if any.voidsetSecurityToken(Token securityToken)Depending on the <sp:IncludeToken> server policy, set the Token to be used in Securing requests and/or responsesvoidsetSelfEntropy(Object selfEntropy)Set self EntropyvoidsetSignatureAlgorithm(String sigAlg)voidsetSignWith(String signWithAlgo)voidsetTarget(Token target)voidsetTokenIssuer(String issuer)voidsetTokenType(String tokenType)voidsetUnAttachedSecurityTokenReference(Token secTokenReference)If the token returned doesnt allow use of wsu:id attribute then a STR is returned as <wst:RequestedUnAttachedReference> which needs to be inserted into a <ds:KeyInfo> for example
-
-
-
Method Detail
-
getRequestorCertificate
public X509Certificate getRequestorCertificate()
Description copied from interface:IssuedTokenContextRequestor Certificate(s)- Specified by:
getRequestorCertificatein interfaceIssuedTokenContext- Returns:
- the sender certificate, null otherwise
-
setRequestorCertificate
public void setRequestorCertificate(X509Certificate cert)
Description copied from interface:IssuedTokenContextAppend the Requestor Certificate that was used in an incoming message.- Specified by:
setRequestorCertificatein interfaceIssuedTokenContext
-
getRequestorSubject
public Subject getRequestorSubject()
- Specified by:
getRequestorSubjectin interfaceIssuedTokenContext
-
setRequestorSubject
public void setRequestorSubject(Subject subject)
- Specified by:
setRequestorSubjectin interfaceIssuedTokenContext
-
getRequestorUsername
public String getRequestorUsername()
Description copied from interface:IssuedTokenContextRequestor username if any- Specified by:
getRequestorUsernamein interfaceIssuedTokenContext- Returns:
- the requestor username if provided
-
setRequestorUsername
public void setRequestorUsername(String username)
Description copied from interface:IssuedTokenContextset requestor username- Specified by:
setRequestorUsernamein interfaceIssuedTokenContext
-
setSecurityToken
public void setSecurityToken(Token securityToken)
Description copied from interface:IssuedTokenContextDepending on the <sp:IncludeToken> server policy, set the Token to be used in Securing requests and/or responses- Specified by:
setSecurityTokenin interfaceIssuedTokenContext
-
getSecurityToken
public Token getSecurityToken()
Description copied from interface:IssuedTokenContextDepending on the <sp:IncludeToken> policy get the Token to be used in Securing requests and/or responses. The token returned is to be used only for inserting into the SecurityHeader, if the getAssociatedProofToken is not null, and it should also be used for securing the message if there is no Proof Token associated.- Specified by:
getSecurityTokenin interfaceIssuedTokenContext
-
setAssociatedProofToken
public void setAssociatedProofToken(Token associatedProofToken)
Description copied from interface:IssuedTokenContextSet the Proof Token Associated with the SecurityTokenwhen the SecurityToken is a SecurityContext token (as defined in WS-SecureConversation) and Derived Keys are being used then the Proof Token is the
<wsc:DerivedKeyToken>- Specified by:
setAssociatedProofTokenin interfaceIssuedTokenContext
-
getAssociatedProofToken
public Token getAssociatedProofToken()
Description copied from interface:IssuedTokenContextget the Proof Token (if any) associated with the SecurityToken, null otherwise- Specified by:
getAssociatedProofTokenin interfaceIssuedTokenContext
-
getAttachedSecurityTokenReference
public Token getAttachedSecurityTokenReference()
Description copied from interface:IssuedTokenContextIf the token returned doesnt allow use of wsu:id attribute then a STR is returned as <wst:RequestedAttachedReference> which needs to be inserted into a <ds:KeyInfo> for example.- Specified by:
getAttachedSecurityTokenReferencein interfaceIssuedTokenContext- Returns:
- STR if set, null otherwise
-
setAttachedSecurityTokenReference
public void setAttachedSecurityTokenReference(Token secTokenReference)
Description copied from interface:IssuedTokenContextIf the token returned doesnt allow use of wsu:id attribute then a STR is returned as <wst:RequestedAttachedReference> which needs to be inserted into a <ds:KeyInfo> for example- Specified by:
setAttachedSecurityTokenReferencein interfaceIssuedTokenContext
-
getUnAttachedSecurityTokenReference
public Token getUnAttachedSecurityTokenReference()
Description copied from interface:IssuedTokenContextIf the token returned doesnt allow use of wsu:id attribute then a STR is returned as <wst:RequestedUnAttachedReference> which needs to be inserted into a <ds:KeyInfo> for example.- Specified by:
getUnAttachedSecurityTokenReferencein interfaceIssuedTokenContext- Returns:
- STR if set, null otherwise
-
setUnAttachedSecurityTokenReference
public void setUnAttachedSecurityTokenReference(Token secTokenReference)
Description copied from interface:IssuedTokenContextIf the token returned doesnt allow use of wsu:id attribute then a STR is returned as <wst:RequestedUnAttachedReference> which needs to be inserted into a <ds:KeyInfo> for example- Specified by:
setUnAttachedSecurityTokenReferencein interfaceIssuedTokenContext
-
getSecurityPolicy
public ArrayList<Object> getSecurityPolicy()
Description copied from interface:IssuedTokenContextget the SecurityPolicy to be applied for the request or response to which this SecurityContext corresponds to This allows the Client and/or the Service (WSP/STS) to dynamically inject policy to be applied. For example in the case of SignChallenge when the Initiator (client) has to sign a specific challenge.Note: Inserting an un-solicited RSTR into a SOAP Header can also be expressed as a policy and the subsequent requirement to sign the RSTR will also be expressed as a policy
TODO: There is no policy today to insert a specific element to a SOAP Header, we need to extend the policy definitions in XWS-Security.- Specified by:
getSecurityPolicyin interfaceIssuedTokenContext
-
setOtherPartyEntropy
public void setOtherPartyEntropy(Object otherPartyEntropy)
Description copied from interface:IssuedTokenContextSet the Entropy information provided by the other Part (if any)WS-Trust allows requestor to provide input to key material in the request. The requestor might do this to satisfy itself as to the degree of entropy(cyrptographic randomness) of atleast some of the material used to generate the actual Key.
For composite Keys Entropy can be set by both parties, the concrete entropy element can be a<wst:Entropy>instance but the argument here is generic to avoid a dependence of the SPI on WS-Trust packages- Specified by:
setOtherPartyEntropyin interfaceIssuedTokenContext
-
getOtherPartyEntropy
public Object getOtherPartyEntropy()
Description copied from interface:IssuedTokenContextGet the Entropy if any provided by the Other Party, null otherwise- Specified by:
getOtherPartyEntropyin interfaceIssuedTokenContext
-
getDecipheredOtherPartyEntropy
public Key getDecipheredOtherPartyEntropy(Key privKey) throws XWSSecurityException
Description copied from interface:IssuedTokenContextGet the Entropy if any provided by the other party, null otherwise If the Entropy was specified as an <xenc:EncryptedKey> then this method would return the decrypted secret- Specified by:
getDecipheredOtherPartyEntropyin interfaceIssuedTokenContext- Throws:
XWSSecurityException
-
setSelfEntropy
public void setSelfEntropy(Object selfEntropy)
Description copied from interface:IssuedTokenContextSet self Entropy- Specified by:
setSelfEntropyin interfaceIssuedTokenContext
-
getSelfEntropy
public Object getSelfEntropy()
Description copied from interface:IssuedTokenContextGet self Entropy if set, null otherwise- Specified by:
getSelfEntropyin interfaceIssuedTokenContext
-
getComputedKeyAlgorithmFromProofToken
public URI getComputedKeyAlgorithmFromProofToken()
Description copied from interface:IssuedTokenContextReturn the <wst:ComputedKey> URI if any inside the RSTR, null otherwise. The Security Enforcement Layer would compute the Key as P_SHA1(Ent(req), Ent(res))- Specified by:
getComputedKeyAlgorithmFromProofTokenin interfaceIssuedTokenContext
-
setComputedKeyAlgorithmFromProofToken
public void setComputedKeyAlgorithmFromProofToken(URI computedKeyAlgorithm)
-
setProofKey
public void setProofKey(byte[] key)
Description copied from interface:IssuedTokenContextset the SecureConversation ProofToken as a byte[] array- Specified by:
setProofKeyin interfaceIssuedTokenContext
-
getProofKey
public byte[] getProofKey()
Description copied from interface:IssuedTokenContextget the SecureConversation ProofToken as a byte[] array- Specified by:
getProofKeyin interfaceIssuedTokenContext
-
setProofKeyPair
public void setProofKeyPair(KeyPair keys)
- Specified by:
setProofKeyPairin interfaceIssuedTokenContext
-
getProofKeyPair
public KeyPair getProofKeyPair()
- Specified by:
getProofKeyPairin interfaceIssuedTokenContext
-
setAuthnContextClass
public void setAuthnContextClass(String authType)
- Specified by:
setAuthnContextClassin interfaceIssuedTokenContext
-
getAuthnContextClass
public String getAuthnContextClass()
- Specified by:
getAuthnContextClassin interfaceIssuedTokenContext
-
getCreationTime
public Date getCreationTime()
- Specified by:
getCreationTimein interfaceIssuedTokenContext- Returns:
- the creation Time of the IssuedToken
-
getExpirationTime
public Date getExpirationTime()
Description copied from interface:IssuedTokenContextget the Expiration Time for this Token if any- Specified by:
getExpirationTimein interfaceIssuedTokenContext
-
setCreationTime
public void setCreationTime(Date date)
Description copied from interface:IssuedTokenContextset the creation Time of the IssuedToken- Specified by:
setCreationTimein interfaceIssuedTokenContext
-
setExpirationTime
public void setExpirationTime(Date date)
Description copied from interface:IssuedTokenContextset the Expiration Time for this Token if any.- Specified by:
setExpirationTimein interfaceIssuedTokenContext
-
setEndpointAddress
public void setEndpointAddress(String endPointAddress)
set the endpointaddress- Specified by:
setEndpointAddressin interfaceIssuedTokenContext
-
getEndpointAddress
public String getEndpointAddress()
get the endpoint address- Specified by:
getEndpointAddressin interfaceIssuedTokenContext
-
destroy
public void destroy()
Description copied from interface:IssuedTokenContextDestroy the IssuedTokenContext.- Specified by:
destroyin interfaceIssuedTokenContext
-
getSecurityContextTokenInfo
public SecurityContextTokenInfo getSecurityContextTokenInfo()
Description copied from interface:IssuedTokenContextGet the SecurityContextTokenInfo for this Token if any.- Specified by:
getSecurityContextTokenInfoin interfaceIssuedTokenContext
-
setSecurityContextTokenInfo
public void setSecurityContextTokenInfo(SecurityContextTokenInfo sctInfo)
Description copied from interface:IssuedTokenContextset the SecurityContextTokenInfo for this Token if any.- Specified by:
setSecurityContextTokenInfoin interfaceIssuedTokenContext
-
getOtherProperties
public Map<String,Object> getOtherProperties()
- Specified by:
getOtherPropertiesin interfaceIssuedTokenContext
-
setTokenType
public void setTokenType(String tokenType)
- Specified by:
setTokenTypein interfaceIssuedTokenContext
-
getTokenType
public String getTokenType()
- Specified by:
getTokenTypein interfaceIssuedTokenContext
-
setKeyType
public void setKeyType(String keyType)
- Specified by:
setKeyTypein interfaceIssuedTokenContext
-
getKeyType
public String getKeyType()
- Specified by:
getKeyTypein interfaceIssuedTokenContext
-
setAppliesTo
public void setAppliesTo(String appliesTo)
- Specified by:
setAppliesToin interfaceIssuedTokenContext
-
getAppliesTo
public String getAppliesTo()
- Specified by:
getAppliesToin interfaceIssuedTokenContext
-
setTokenIssuer
public void setTokenIssuer(String issuer)
- Specified by:
setTokenIssuerin interfaceIssuedTokenContext
-
getTokenIssuer
public String getTokenIssuer()
- Specified by:
getTokenIssuerin interfaceIssuedTokenContext
-
setSignatureAlgorithm
public void setSignatureAlgorithm(String sigAlg)
- Specified by:
setSignatureAlgorithmin interfaceIssuedTokenContext- Parameters:
sigAlg- : signature algorithm to use to sign IssuedToken
-
getSignatureAlgorithm
public String getSignatureAlgorithm()
- Specified by:
getSignatureAlgorithmin interfaceIssuedTokenContext- Returns:
- The signature algorithm to use to sign IssuedToken
-
setEncryptionAlgorithm
public void setEncryptionAlgorithm(String encAlg)
- Specified by:
setEncryptionAlgorithmin interfaceIssuedTokenContext- Parameters:
encAlg- : The encryption algorithm to use to encrypt IssuedToken
-
getEncryptionAlgorithm
public String getEncryptionAlgorithm()
- Specified by:
getEncryptionAlgorithmin interfaceIssuedTokenContext- Returns:
- The encryption algorithm to use to encrypt IssuedToken
-
setCanonicalizationAlgorithm
public void setCanonicalizationAlgorithm(String canonAlg)
- Specified by:
setCanonicalizationAlgorithmin interfaceIssuedTokenContext- Parameters:
canonAlg- : The canonicalization algorithm to use when signing IssuedToken
-
getCanonicalizationAlgorithm
public String getCanonicalizationAlgorithm()
- Specified by:
getCanonicalizationAlgorithmin interfaceIssuedTokenContext- Returns:
- The canonicalization algorithm to use when signing IssuedToken
-
setSignWith
public void setSignWith(String signWithAlgo)
- Specified by:
setSignWithin interfaceIssuedTokenContext- Parameters:
signWithAlgo- : The signature algorithm the client intends to use when using ProofKey to sign the application message
-
getSignWith
public String getSignWith()
- Specified by:
getSignWithin interfaceIssuedTokenContext- Returns:
- The signature algorithm the client intends to use when using ProofKey to sign the application message
-
setEncryptWith
public void setEncryptWith(String encryptWithAlgo)
- Specified by:
setEncryptWithin interfaceIssuedTokenContext- Parameters:
encryptWithAlgo- The encryption algorithm the client intends to use when using ProofKey to encrypt the application message
-
getEncryptWith
public String getEncryptWith()
- Specified by:
getEncryptWithin interfaceIssuedTokenContext- Returns:
- The encryption algorithm the client intends to use when using ProofKey to encrypt the application message
-
setTarget
public void setTarget(Token target)
- Specified by:
setTargetin interfaceIssuedTokenContext
-
getTarget
public Token getTarget()
- Specified by:
getTargetin interfaceIssuedTokenContext
-
-