Package com.sun.identity.wsfederation.meta

Class WSFederationMetaManager

  • public class WSFederationMetaManager
extends Object
    The WSFederationMetaManager provides methods to manage both the standard entity descriptor and the extended entity configuration.

    • Method Detail

      • getEntityDescriptor

        public FederationElement getEntityDescriptor​(String realm,
                                             String entityId)
                                      throws WSFederationMetaException
        Returns the standard metadata federation element under the realm.
        Parameters:
        realm - The realm under which the federation resides.
        entityId - ID of the federation to be retrieved.
        Returns:
        FederationElement for the entity or null if not found.
        Throws:
        WSFederationMetaException - if unable to retrieve the entity descriptor.

      • createFederation

        public void createFederation​(String realm,
                             FederationElement federation)
                      throws WSFederationMetaException
        Creates the standard metadata entity descriptor under the realm.
        Parameters:
        realm - The realm under which the entity descriptor will be created.
        federation - The standard entity descriptor object to be created.
        Throws:
        WSFederationMetaException - if unable to create the entity descriptor.

      • deleteFederation

        public void deleteFederation​(String realm,
                             String federationId)
                      throws WSFederationMetaException
        Deletes the standard metadata entity descriptor under the realm.
        Parameters:
        realm - The realm under which the entity resides.
        federationId - The ID of the entity for whom the standard entity descriptor will be deleted.
        Throws:
        WSFederationMetaException - if unable to delete the entity descriptor.

      • getEntityConfig

        public FederationConfigElement getEntityConfig​(String realm,
                                               String federationId)
                                        throws WSFederationMetaException
        Returns extended entity configuration under the realm.
        Parameters:
        realm - The realm under which the entity resides.
        federationId - ID of the entity to be retrieved.
        Returns:
        FederationConfigElement object for the entity or null if not found.
        Throws:
        WSFederationMetaException - if unable to retrieve the entity configuration.

      • getSPSSOConfig

        public SPSSOConfigElement getSPSSOConfig​(String realm,
                                         String federationId)
                                  throws WSFederationMetaException
        Returns first service provider's SSO configuration in an entity under the realm.
        Parameters:
        realm - The realm under which the entity resides.
        federationId - ID of the entity to be retrieved.
        Returns:
        SPSSOConfigElement for the entity or null if not found.
        Throws:
        WSFederationMetaException - if unable to retrieve the first service provider's SSO configuration.

      • getIDPSSOConfig

        public IDPSSOConfigElement getIDPSSOConfig​(String realm,
                                           String federationId)
                                    throws WSFederationMetaException
        Returns first identity provider's SSO configuration in an entity under the realm.
        Parameters:
        realm - The realm under which the entity resides.
        federationId - ID of the entity to be retrieved.
        Returns:
        IDPSSOConfigElement for the entity or null if not found.
        Throws:
        WSFederationMetaException - if unable to retrieve the first identity provider's SSO configuration.

      • getBaseConfig

        public BaseConfigType getBaseConfig​(String realm,
                                    String federationId)
                             throws WSFederationMetaException
        Returns first identity provider's SSO configuration in an entity under the realm.
        Parameters:
        realm - The realm under which the entity resides.
        federationId - ID of the entity to be retrieved.
        Returns:
        BaseConfigElement for the entity or null if not found.
        Throws:
        WSFederationMetaException - if unable to retrieve the first identity provider's SSO configuration.

      • createEntityConfig

        public void createEntityConfig​(String realm,
                               FederationConfigElement config)
                        throws WSFederationMetaException
        Creates the extended entity configuration under the realm.
        Parameters:
        realm - The realm under which the entity configuration will be created.
        config - The extended entity configuration object to be created.
        Throws:
        WSFederationMetaException - if unable to create the entity configuration.

      • deleteEntityConfig

        public void deleteEntityConfig​(String realm,
                               String federationId)
                        throws WSFederationMetaException
        Deletes the extended entity configuration under the realm.
        Parameters:
        realm - The realm under which the entity resides.
        federationId - The ID of the entity for whom the extended entity configuration will be deleted.
        Throws:
        WSFederationMetaException - if unable to delete the entity descriptor.

      • validateMetaAliasForNewEntity

        public void validateMetaAliasForNewEntity​(String realm,
                                          List<String> newMetaAliases)
                                   throws WSFederationMetaException
        Checks that the provided metaAliases are valid for a new hosted entity in the specified realm. Will verify that the metaAliases do not already exist in the realm and that no duplicates are provided.
        Parameters:
        realm - The realm in which we are validating the metaAliases.
        newMetaAliases - values we are using to create the new metaAliases.
        Throws:
        WSFederationMetaException - if duplicate values found.

      • getAllHostedMetaAliasesByRealm

        public List<String> getAllHostedMetaAliasesByRealm​(String realm)
                                            throws WSFederationMetaException
        Returns all the hosted entity metaAliases for a realm.
        Parameters:
        realm - The given realm.
        Returns:
        all the hosted entity metaAliases for a realm or an empty arrayList if not found.
        Throws:
        WSFederationMetaException - if unable to retrieve the entity ids.

      • getAllHostedEntities

        public List<String> getAllHostedEntities​(String realm)
                                  throws WSFederationMetaException
        Returns all hosted entities under the realm.
        Parameters:
        realm - The realm under which the hosted entities reside.
        Returns:
        a List of entity ID String.
        Throws:
        WSFederationMetaException - if unable to retrieve the entity ids.

      • getAllHostedServiceProviderEntities

        public List getAllHostedServiceProviderEntities​(String realm)
                                         throws WSFederationMetaException
        Returns all hosted service provider entities under the realm.
        Parameters:
        realm - The realm under which the hosted service provider entities reside.
        Returns:
        a List of entity ID String.
        Throws:
        WSFederationMetaException - if unable to retrieve the entity ids.

      • getAllHostedIdentityProviderEntities

        public List<String> getAllHostedIdentityProviderEntities​(String realm)
                                                  throws WSFederationMetaException
        Returns all hosted identity provider entities under the realm.
        Parameters:
        realm - The realm under which the hosted identity provider entities reside.
        Returns:
        a List of entity ID String.
        Throws:
        WSFederationMetaException - if unable to retrieve the entity ids.

      • getAllRemoteEntities

        public List<String> getAllRemoteEntities​(String realm)
                                  throws WSFederationMetaException
        Returns all remote entities under the realm.
        Parameters:
        realm - The realm under which the hosted entities reside.
        Returns:
        a List of entity ID String.
        Throws:
        WSFederationMetaException - if unable to retrieve the entity ids.

      • getAllRemoteServiceProviderEntities

        public List<String> getAllRemoteServiceProviderEntities​(String realm)
                                                 throws WSFederationMetaException
        Returns all remote service provider entities under the realm.
        Parameters:
        realm - The realm under which the remote service provider entities reside.
        Returns:
        a List of entity ID String.
        Throws:
        WSFederationMetaException - if unable to retrieve the entity ids.

      • getAllRemoteIdentityProviderEntities

        public List<String> getAllRemoteIdentityProviderEntities​(String realm)
                                                  throws WSFederationMetaException
        Returns all remote identity provider entities under the realm.
        Parameters:
        realm - The realm under which the remote identity provider entities reside.
        Returns:
        a List of entity ID String.
        Throws:
        WSFederationMetaException - if unable to retrieve the entity ids.

      • getEntityByMetaAlias

        public String getEntityByMetaAlias​(String metaAlias)
                            throws WSFederationMetaException
        Returns entity ID associated with the metaAlias.
        Parameters:
        metaAlias - The metaAlias.
        Returns:
        entity ID associated with the metaAlias or null if not found.
        Throws:
        WSFederationMetaException - if unable to retrieve the entity ids.

      • getEntityByTokenIssuerName

        public String getEntityByTokenIssuerName​(String realm,
                                         String issuer)
                                  throws WSFederationMetaException
        Returns entity ID associated with the token issuer name.
        Parameters:
        issuer - Token issuer name.
        Returns:
        entity ID associated with the metaAlias or null if not found.
        Throws:
        WSFederationMetaException - if unable to retrieve the entity ids.

      • getRoleByMetaAlias

        public String getRoleByMetaAlias​(String metaAlias)
                          throws WSFederationMetaException
        Returns role of an entity based on its metaAlias.
        Parameters:
        metaAlias - Meta alias of the entity.
        Returns:
        role of an entity either SAML2Constants.IDP_ROLE; or SAML2Constants.SP_ROLE or SAML2Constants.UNKNOWN_ROLE
        Throws:
        WSFederationMetaException - if there are issues in getting the entity profile from the meta alias.

      • getAllHostedIdentityProviderMetaAliases

        public List<String> getAllHostedIdentityProviderMetaAliases​(String realm)
                                                     throws WSFederationMetaException
        Returns metaAliases of all hosted identity providers under the realm.
        Parameters:
        realm - The realm under which the identity provider metaAliases reside.
        Returns:
        a List of metaAliases String.
        Throws:
        WSFederationMetaException - if unable to retrieve meta aliases.

      • getAllHostedServiceProviderMetaAliases

        public List<String> getAllHostedServiceProviderMetaAliases​(String realm)
                                                    throws WSFederationMetaException
        Returns metaAliases of all hosted service providers under the realm.
        Parameters:
        realm - The realm under which the service provider metaAliases reside.
        Returns:
        a List of metaAliases String.
        Throws:
        WSFederationMetaException - if unable to retrieve meta aliases.

      • isTrustedProvider

        public boolean isTrustedProvider​(String realm,
                                 String federationId,
                                 String trustedEntityId)
                          throws WSFederationMetaException
        Determines whether two entities are in the same circle of trust under the realm.
        Parameters:
        realm - The realm under which the entity resides.
        federationId - The ID of the entity
        trustedEntityId - The ID of the entity
        Throws:
        WSFederationMetaException - if unable to determine the trusted relationship.

      • getTokenIssuerEndpoint

        public String getTokenIssuerEndpoint​(FederationElement fed)
        Returns the value of the <TokenIssuerEndpoint> element for the given entity.
        Parameters:
        fed - The standard metadata for the entity.
        Returns:
        the value of the <TokenIssuerEndpoint> element

      • getTokenIssuerName

        public String getTokenIssuerName​(FederationElement fed)
        Returns the value of the <TokenIssuerName> element for the given entity.
        Parameters:
        fed - The standard metadata for the entity.
        Returns:
        the value of the <TokenIssuerName> element

      • getTokenSigningCertificate

        public byte[] getTokenSigningCertificate​(FederationElement fed)
        Returns the value of the <TokenSigningCertificate> element for the given entity.
        Parameters:
        fed - The standard metadata for the entity.
        Returns:
        byte array containing the decoded value of the <TokenSigningCertificate> element

      • getUriNamedClaimTypesOffered

        public UriNamedClaimTypesOfferedElement getUriNamedClaimTypesOffered​(FederationElement fed)
        Returns the value of the <UriNamedClaimTypesOffered> element for the given entity.
        Parameters:
        fed - The standard metadata for the entity.
        Returns:
        UriNamedClaimTypesOfferedElement containing the offered claim types. <UriNamedClaimTypesOffered> element