Package com.sun.xml.ws.security.impl

Class IssuedTokenContextImpl

java.lang.Object

com.sun.xml.ws.security.impl.IssuedTokenContextImpl

All Implemented Interfaces:

IssuedTokenContext

public class IssuedTokenContextImpl
extends Object
implements IssuedTokenContext

Author:

Abhijit Das

Field Summary

Fields inherited from interface com.sun.xml.ws.security.IssuedTokenContext

AUTHN_CONTEXT, CLAIMED_ATTRUBUTES, CONFIRMATION_KEY_INFO, CONFIRMATION_METHOD, KEY_WRAP_ALGORITHM, STATUS, STS_CERTIFICATE, STS_PRIVATE_KEY, TARGET_SERVICE_CERTIFICATE, WS_TRUST_VERSION

Constructor Summary

Constructors

Constructor	Description
IssuedTokenContextImpl()

Method Summary

Modifier and Type	Method	Description
void	destroy()	Destroy the IssuedTokenContext.
String	getAppliesTo()
Token	getAssociatedProofToken()	get the Proof Token (if any) associated with the SecurityToken, null otherwise
Token	getAttachedSecurityTokenReference()	If the token returned doesnt allow use of wsu:id attribute then a STR is returned as <wst:RequestedAttachedReference> which needs to be inserted into a <ds:KeyInfo> for example.
String	getAuthnContextClass()
String	getCanonicalizationAlgorithm()
URI	getComputedKeyAlgorithmFromProofToken()	Return the <wst:ComputedKey> URI if any inside the RSTR, null otherwise.
Date	getCreationTime()
Key	getDecipheredOtherPartyEntropy(Key privKey)	Get the Entropy if any provided by the other party, null otherwise If the Entropy was specified as an <xenc:EncryptedKey> then this method would return the decrypted secret
String	getEncryptionAlgorithm()
String	getEncryptWith()
String	getEndpointAddress()	get the endpoint address
Date	getExpirationTime()	get the Expiration Time for this Token if any
String	getKeyType()
Object	getOtherPartyEntropy()	Get the Entropy if any provided by the Other Party, null otherwise
Map<String,Object>	getOtherProperties()
byte[]	getProofKey()	get the SecureConversation ProofToken as a byte[] array
KeyPair	getProofKeyPair()
X509Certificate	getRequestorCertificate()	Requestor Certificate(s)
Subject	getRequestorSubject()
String	getRequestorUsername()	Requestor username if any
SecurityContextTokenInfo	getSecurityContextTokenInfo()	Get the SecurityContextTokenInfo for this Token if any.
ArrayList<Object>	getSecurityPolicy()	get the SecurityPolicy to be applied for the request or response to which this SecurityContext corresponds to This allows the Client and/or the Service (WSP/STS) to dynamically inject policy to be applied.
Token	getSecurityToken()	Depending on the <sp:IncludeToken> policy get the Token to be used in Securing requests and/or responses.
Object	getSelfEntropy()	Get self Entropy if set, null otherwise
String	getSignatureAlgorithm()
String	getSignWith()
Token	getTarget()
String	getTokenIssuer()
String	getTokenType()
Token	getUnAttachedSecurityTokenReference()	If the token returned doesnt allow use of wsu:id attribute then a STR is returned as <wst:RequestedUnAttachedReference> which needs to be inserted into a <ds:KeyInfo> for example.
void	setAppliesTo(String appliesTo)
void	setAssociatedProofToken(Token associatedProofToken)	Set the Proof Token Associated with the SecurityToken
void	setAttachedSecurityTokenReference(Token secTokenReference)	If the token returned doesnt allow use of wsu:id attribute then a STR is returned as <wst:RequestedAttachedReference> which needs to be inserted into a <ds:KeyInfo> for example
void	setAuthnContextClass(String authType)
void	setCanonicalizationAlgorithm(String canonAlg)
void	setComputedKeyAlgorithmFromProofToken(URI computedKeyAlgorithm)
void	setCreationTime(Date date)	set the creation Time of the IssuedToken
void	setEncryptionAlgorithm(String encAlg)
void	setEncryptWith(String encryptWithAlgo)
void	setEndpointAddress(String endPointAddress)	set the endpointaddress
void	setExpirationTime(Date date)	set the Expiration Time for this Token if any.
void	setKeyType(String keyType)
void	setOtherPartyEntropy(Object otherPartyEntropy)	Set the Entropy information provided by the other Part (if any)
void	setProofKey(byte[] key)	set the SecureConversation ProofToken as a byte[] array
void	setProofKeyPair(KeyPair keys)
void	setRequestorCertificate(X509Certificate cert)	Append the Requestor Certificate that was used in an incoming message.
void	setRequestorSubject(Subject subject)
void	setRequestorUsername(String username)	set requestor username
void	setSecurityContextTokenInfo(SecurityContextTokenInfo sctInfo)	set the SecurityContextTokenInfo for this Token if any.
void	setSecurityToken(Token securityToken)	Depending on the <sp:IncludeToken> server policy, set the Token to be used in Securing requests and/or responses
void	setSelfEntropy(Object selfEntropy)	Set self Entropy
void	setSignatureAlgorithm(String sigAlg)
void	setSignWith(String signWithAlgo)
void	setTarget(Token target)
void	setTokenIssuer(String issuer)
void	setTokenType(String tokenType)
void	setUnAttachedSecurityTokenReference(Token secTokenReference)	If the token returned doesnt allow use of wsu:id attribute then a STR is returned as <wst:RequestedUnAttachedReference> which needs to be inserted into a <ds:KeyInfo> for example

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

IssuedTokenContextImpl

public IssuedTokenContextImpl()

Method Details

getRequestorCertificate

public X509Certificate getRequestorCertificate()

Description copied from interface: IssuedTokenContext

Requestor Certificate(s)

Specified by:

getRequestorCertificate in interface IssuedTokenContext

Returns:

the sender certificate, null otherwise

setRequestorCertificate

public void setRequestorCertificate(X509Certificate cert)

Description copied from interface: IssuedTokenContext

Append the Requestor Certificate that was used in an incoming message.

Specified by:

setRequestorCertificate in interface IssuedTokenContext

getRequestorSubject

public Subject getRequestorSubject()

Specified by:

getRequestorSubject in interface IssuedTokenContext

setRequestorSubject

public void setRequestorSubject(Subject subject)

Specified by:

setRequestorSubject in interface IssuedTokenContext

getRequestorUsername

public String getRequestorUsername()

Description copied from interface: IssuedTokenContext

Requestor username if any

Specified by:

getRequestorUsername in interface IssuedTokenContext

Returns:

the requestor username if provided

setRequestorUsername

public void setRequestorUsername(String username)

Description copied from interface: IssuedTokenContext

set requestor username

Specified by:

setRequestorUsername in interface IssuedTokenContext

setSecurityToken

public void setSecurityToken(Token securityToken)

Description copied from interface: IssuedTokenContext

Depending on the <sp:IncludeToken> server policy, set the Token to be used in Securing requests and/or responses

Specified by:

setSecurityToken in interface IssuedTokenContext

getSecurityToken

public Token getSecurityToken()

Description copied from interface: IssuedTokenContext

Depending on the <sp:IncludeToken> policy get the Token to be used in Securing requests and/or responses. The token returned is to be used only for inserting into the SecurityHeader, if the getAssociatedProofToken is not null, and it should also be used for securing the message if there is no Proof Token associated.

Specified by:

getSecurityToken in interface IssuedTokenContext

setAssociatedProofToken

public void setAssociatedProofToken(Token associatedProofToken)

Description copied from interface: IssuedTokenContext

Set the Proof Token Associated with the SecurityToken

when the SecurityToken is a SecurityContext token (as defined in WS-SecureConversation) and Derived Keys are being used then the Proof Token is the <wsc:DerivedKeyToken>

Specified by:

setAssociatedProofToken in interface IssuedTokenContext

getAssociatedProofToken

public Token getAssociatedProofToken()

Description copied from interface: IssuedTokenContext

get the Proof Token (if any) associated with the SecurityToken, null otherwise

Specified by:

getAssociatedProofToken in interface IssuedTokenContext

getAttachedSecurityTokenReference

public Token getAttachedSecurityTokenReference()

Description copied from interface: IssuedTokenContext

If the token returned doesnt allow use of wsu:id attribute then a STR is returned as <wst:RequestedAttachedReference> which needs to be inserted into a <ds:KeyInfo> for example.

Specified by:

getAttachedSecurityTokenReference in interface IssuedTokenContext

Returns:

STR if set, null otherwise

setAttachedSecurityTokenReference

public void setAttachedSecurityTokenReference(Token secTokenReference)

Description copied from interface: IssuedTokenContext

If the token returned doesnt allow use of wsu:id attribute then a STR is returned as <wst:RequestedAttachedReference> which needs to be inserted into a <ds:KeyInfo> for example

Specified by:

setAttachedSecurityTokenReference in interface IssuedTokenContext

getUnAttachedSecurityTokenReference

public Token getUnAttachedSecurityTokenReference()

Description copied from interface: IssuedTokenContext

If the token returned doesnt allow use of wsu:id attribute then a STR is returned as <wst:RequestedUnAttachedReference> which needs to be inserted into a <ds:KeyInfo> for example.

Specified by:

getUnAttachedSecurityTokenReference in interface IssuedTokenContext

Returns:

STR if set, null otherwise

setUnAttachedSecurityTokenReference

public void setUnAttachedSecurityTokenReference(Token secTokenReference)

Description copied from interface: IssuedTokenContext

If the token returned doesnt allow use of wsu:id attribute then a STR is returned as <wst:RequestedUnAttachedReference> which needs to be inserted into a <ds:KeyInfo> for example

Specified by:

setUnAttachedSecurityTokenReference in interface IssuedTokenContext

getSecurityPolicy

public ArrayList<Object> getSecurityPolicy()

Description copied from interface: IssuedTokenContext

get the SecurityPolicy to be applied for the request or response to which this SecurityContext corresponds to This allows the Client and/or the Service (WSP/STS) to dynamically inject policy to be applied. For example in the case of SignChallenge when the Initiator (client) has to sign a specific challenge.

Note: Inserting an un-solicited RSTR into a SOAP Header can also be expressed as a policy and the subsequent requirement to sign the RSTR will also be expressed as a policy

TODO: There is no policy today to insert a specific element to a SOAP Header, we need to extend the policy definitions in XWS-Security.

Specified by:

getSecurityPolicy in interface IssuedTokenContext

setOtherPartyEntropy

public void setOtherPartyEntropy(Object otherPartyEntropy)

Description copied from interface: IssuedTokenContext

Set the Entropy information provided by the other Part (if any)

WS-Trust allows requestor to provide input to key material in the request. The requestor might do this to satisfy itself as to the degree of entropy(cyrptographic randomness) of atleast some of the material used to generate the actual Key.

For composite Keys Entropy can be set by both parties, the concrete entropy element can be a <wst:Entropy> instance but the argument here is generic to avoid a dependence of the SPI on WS-Trust packages

Specified by:

setOtherPartyEntropy in interface IssuedTokenContext

getOtherPartyEntropy

public Object getOtherPartyEntropy()

Description copied from interface: IssuedTokenContext

Get the Entropy if any provided by the Other Party, null otherwise

Specified by:

getOtherPartyEntropy in interface IssuedTokenContext

getDecipheredOtherPartyEntropy

public Key getDecipheredOtherPartyEntropy(Key privKey)
                                   throws XWSSecurityException

Description copied from interface: IssuedTokenContext

Get the Entropy if any provided by the other party, null otherwise If the Entropy was specified as an <xenc:EncryptedKey> then this method would return the decrypted secret

Specified by:

getDecipheredOtherPartyEntropy in interface IssuedTokenContext

Throws:

XWSSecurityException

setSelfEntropy

public void setSelfEntropy(Object selfEntropy)

Description copied from interface: IssuedTokenContext

Set self Entropy

Specified by:

setSelfEntropy in interface IssuedTokenContext

getSelfEntropy

public Object getSelfEntropy()

Description copied from interface: IssuedTokenContext

Get self Entropy if set, null otherwise

Specified by:

getSelfEntropy in interface IssuedTokenContext

getComputedKeyAlgorithmFromProofToken

public URI getComputedKeyAlgorithmFromProofToken()

Description copied from interface: IssuedTokenContext

Return the <wst:ComputedKey> URI if any inside the RSTR, null otherwise. The Security Enforcement Layer would compute the Key as P_SHA1(Ent(req), Ent(res))

Specified by:

getComputedKeyAlgorithmFromProofToken in interface IssuedTokenContext

setComputedKeyAlgorithmFromProofToken

public void setComputedKeyAlgorithmFromProofToken(URI computedKeyAlgorithm)

setProofKey

public void setProofKey(byte[] key)

Description copied from interface: IssuedTokenContext

set the SecureConversation ProofToken as a byte[] array

Specified by:

setProofKey in interface IssuedTokenContext

getProofKey

public byte[] getProofKey()

Description copied from interface: IssuedTokenContext

get the SecureConversation ProofToken as a byte[] array

Specified by:

getProofKey in interface IssuedTokenContext

setProofKeyPair

public void setProofKeyPair(KeyPair keys)

Specified by:

setProofKeyPair in interface IssuedTokenContext

getProofKeyPair

public KeyPair getProofKeyPair()

Specified by:

getProofKeyPair in interface IssuedTokenContext

setAuthnContextClass

public void setAuthnContextClass(String authType)

Specified by:

setAuthnContextClass in interface IssuedTokenContext

getAuthnContextClass

public String getAuthnContextClass()

Specified by:

getAuthnContextClass in interface IssuedTokenContext

getCreationTime

public Date getCreationTime()

Specified by:

getCreationTime in interface IssuedTokenContext

Returns:

the creation Time of the IssuedToken

getExpirationTime

public Date getExpirationTime()

Description copied from interface: IssuedTokenContext

get the Expiration Time for this Token if any

Specified by:

getExpirationTime in interface IssuedTokenContext

setCreationTime

public void setCreationTime(Date date)

Description copied from interface: IssuedTokenContext

set the creation Time of the IssuedToken

Specified by:

setCreationTime in interface IssuedTokenContext

setExpirationTime

public void setExpirationTime(Date date)

Description copied from interface: IssuedTokenContext

set the Expiration Time for this Token if any.

Specified by:

setExpirationTime in interface IssuedTokenContext

setEndpointAddress

public void setEndpointAddress(String endPointAddress)

set the endpointaddress

Specified by:

setEndpointAddress in interface IssuedTokenContext

getEndpointAddress

public String getEndpointAddress()

get the endpoint address

Specified by:

getEndpointAddress in interface IssuedTokenContext

destroy

public void destroy()

Description copied from interface: IssuedTokenContext

Destroy the IssuedTokenContext.

Specified by:

destroy in interface IssuedTokenContext

getSecurityContextTokenInfo

public SecurityContextTokenInfo getSecurityContextTokenInfo()

Description copied from interface: IssuedTokenContext

Get the SecurityContextTokenInfo for this Token if any.

Specified by:

getSecurityContextTokenInfo in interface IssuedTokenContext

setSecurityContextTokenInfo

public void setSecurityContextTokenInfo(SecurityContextTokenInfo sctInfo)

Description copied from interface: IssuedTokenContext

set the SecurityContextTokenInfo for this Token if any.

Specified by:

setSecurityContextTokenInfo in interface IssuedTokenContext

getOtherProperties

public Map<String,Object> getOtherProperties()

Specified by:

getOtherProperties in interface IssuedTokenContext

setTokenType

public void setTokenType(String tokenType)

Specified by:

setTokenType in interface IssuedTokenContext

getTokenType

public String getTokenType()

Specified by:

getTokenType in interface IssuedTokenContext

setKeyType

public void setKeyType(String keyType)

Specified by:

setKeyType in interface IssuedTokenContext

getKeyType

public String getKeyType()

Specified by:

getKeyType in interface IssuedTokenContext

setAppliesTo

public void setAppliesTo(String appliesTo)

Specified by:

setAppliesTo in interface IssuedTokenContext

getAppliesTo

public String getAppliesTo()

Specified by:

getAppliesTo in interface IssuedTokenContext

setTokenIssuer

public void setTokenIssuer(String issuer)

Specified by:

setTokenIssuer in interface IssuedTokenContext

getTokenIssuer

public String getTokenIssuer()

Specified by:

getTokenIssuer in interface IssuedTokenContext

setSignatureAlgorithm

public void setSignatureAlgorithm(String sigAlg)

Specified by:

setSignatureAlgorithm in interface IssuedTokenContext

Parameters:

sigAlg - : signature algorithm to use to sign IssuedToken

getSignatureAlgorithm

public String getSignatureAlgorithm()

Specified by:

getSignatureAlgorithm in interface IssuedTokenContext

Returns:

The signature algorithm to use to sign IssuedToken

setEncryptionAlgorithm

public void setEncryptionAlgorithm(String encAlg)

Specified by:

setEncryptionAlgorithm in interface IssuedTokenContext

Parameters:

encAlg - : The encryption algorithm to use to encrypt IssuedToken

getEncryptionAlgorithm

public String getEncryptionAlgorithm()

Specified by:

getEncryptionAlgorithm in interface IssuedTokenContext

Returns:

The encryption algorithm to use to encrypt IssuedToken

setCanonicalizationAlgorithm

public void setCanonicalizationAlgorithm(String canonAlg)

Specified by:

setCanonicalizationAlgorithm in interface IssuedTokenContext

Parameters:

canonAlg - : The canonicalization algorithm to use when signing IssuedToken

getCanonicalizationAlgorithm

public String getCanonicalizationAlgorithm()

Specified by:

getCanonicalizationAlgorithm in interface IssuedTokenContext

Returns:

The canonicalization algorithm to use when signing IssuedToken

setSignWith

public void setSignWith(String signWithAlgo)

Specified by:

setSignWith in interface IssuedTokenContext

Parameters:

signWithAlgo - : The signature algorithm the client intends to use when using ProofKey to sign the application message

getSignWith

public String getSignWith()

Specified by:

getSignWith in interface IssuedTokenContext

Returns:

The signature algorithm the client intends to use when using ProofKey to sign the application message

setEncryptWith

public void setEncryptWith(String encryptWithAlgo)

Specified by:

setEncryptWith in interface IssuedTokenContext

Parameters:

encryptWithAlgo - The encryption algorithm the client intends to use when using ProofKey to encrypt the application message

getEncryptWith

public String getEncryptWith()

Specified by:

getEncryptWith in interface IssuedTokenContext

Returns:

The encryption algorithm the client intends to use when using ProofKey to encrypt the application message

setTarget

public void setTarget(Token target)

Specified by:

setTarget in interface IssuedTokenContext

getTarget

public Token getTarget()

Specified by:

getTarget in interface IssuedTokenContext