Module org.glassfish.metro.wsit.impl
Package com.sun.xml.wss

Class NonceManager

java.lang.Object
com.sun.xml.ws.commons.AbstractMOMRegistrationAware
com.sun.xml.wss.NonceManager
All Implemented Interfaces:
com.sun.xml.ws.commons.MOMRegistrationAware
Direct Known Subclasses:
DefaultNonceManager, HANonceManager
@ManagedObject @Description("per-endpoint NonceManager") @AMXMetadata(type="WSNonceManager") public abstract class NonceManager extends com.sun.xml.ws.commons.AbstractMOMRegistrationAware
This abstract class defines an SPI that Metro Application developers can implement, to handle custom validation of Nonces used in conjunction with Password-Digest Authentication. A repeated nonce would generally indicate a possible replay-attack. The SPI implementation class needs to be specified as a META-INF/services entry with name "com.sun.xml.xwss.NonceManager". A default implementation of this SPI is returned if no entry is configured.

  • Nested Class Summary

    Nested Classes
    Modifier and Type
    Class
    Description
    static class 
    NonceManager.NonceException
    Exception to be thrown when an Error in processing received nonces occurs.

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    protected static final Logger
    LOGGER
     
    static final String
    nonceManager
     

  • Constructor Summary

    Constructors
    Constructor
    Description
    NonceManager()
     

  • Method Summary

    Modifier and Type
    Method
    Description
    static void
    deleteInstance(com.sun.xml.ws.api.server.WSEndpoint endpoint)
     
    static NonceManager
    getInstance(long maxNonceAge, com.sun.xml.ws.api.server.WSEndpoint endpoint)
     
    long
    getMaxNonceAge()
     
    void
    setMaxNonceAge(long maxNonceAge)
    Set the approximate maximum age for which a received nonce needs to be stored by the NonceManager
    abstract boolean
    validateNonce(String nonce, String created)
     

    Methods inherited from class com.sun.xml.ws.commons.AbstractMOMRegistrationAware

    isRegisteredAtMOM, setRegisteredAtMOM

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Field Details

  • Constructor Details

    • NonceManager

      public NonceManager()

  • Method Details

    • getMaxNonceAge

      @ManagedAttribute public long getMaxNonceAge()
      Returns:
      the approximate maximum age for which a received nonce would be stored by the NonceManager

    • setMaxNonceAge

      public void setMaxNonceAge(long maxNonceAge)
      Set the approximate maximum age for which a received nonce needs to be stored by the NonceManager

    • validateNonce

      public abstract boolean validateNonce(String nonce, String created) throws NonceManager.NonceException
      Parameters:
      nonce - the nonce to be validated
      created - the creation time of the nonce as indicated in the UsernameToken
      Returns:
      true if the nonce is not a replay
      Throws:
      NonceManager.NonceException - if a replay is detected

    • getInstance

      public static NonceManager getInstance(long maxNonceAge, com.sun.xml.ws.api.server.WSEndpoint endpoint)
      Parameters:
      maxNonceAge - the approximate maximum age for which a received nonce would be stored by the NonceManager
      Returns:
      the singleton instance of the configured NonceManager, calling getInstance with different maxNonceAge will have no effect and will instead return the same NonceManager which was initialized first.

    • deleteInstance

      public static void deleteInstance(com.sun.xml.ws.api.server.WSEndpoint endpoint)