com.sun.identity.wss.provider

Class ProviderConfig

java.lang.Object

com.sun.identity.wss.provider.ProviderConfig

Direct Known Subclasses:

AgentProvider, AM71AgentProvider

public abstract class ProviderConfig
extends Object

This abstract class ProviderConfig represents the Web Services Server provider or the Web Services Client provider configuration.

Pluggable implementation of this abstract class can choose to store this configuration in desired configuration store. This pluggable implementation class can be configured in client's AMConfig.properties as value of "com.sun.identity.wss.provider.config.plugin" property. Having obtained an instance of ProviderConfig, its methods can be called to create, delete, modify, retrieve WSS agent profile and configuration for WSC and/or WSP attributes (key /value pairs).

All the static methods in this class are for the persistent operations.

Field Summary

Fields

Modifier and Type	Field and Description
protected String	attributeNS
protected String	authenticationChain
protected static SSOToken	customAdminToken
protected boolean	detectMessageReplay
protected boolean	detectUserTokenReplay
protected String	dnsClaim
protected String	encryptionAlgorithm
protected int	encryptionStrength
protected boolean	forceAuthn
protected boolean	includeMemberships
protected boolean	isDefaultKeyStore
protected boolean	isRequestEncrypted
protected boolean	isRequestHeaderEncrypted
protected boolean	isRequestSigned
protected boolean	isResponseEncrypted
protected boolean	isResponseSigned
protected String	kdcDomain
protected String	kdcServer
protected String	keyPasswd
protected KeyStore	keyStore
protected String	keytabFile
protected String	ksFile
protected String	ksPasswd
protected String	nameIDMapper
protected boolean	preserveSecHeaders
protected String	privateKeyAlias
protected String	privateKeyType
protected Properties	properties
protected String	providerName
protected String	providerType
protected String	publicKeyAlias
protected Set	samlAttributes
protected List	secMech
protected String	servicePrincipal
protected String	serviceType
protected String	serviceURI
protected List	signedElements
protected String	signingRefType
protected TrustAuthorityConfig	taconfig
protected String	ticketCacheDir
protected String	tokenConversionType
protected List	trustAuthorities
protected boolean	usePassThroughToken
protected List	usercredentials
protected boolean	verifyKrbSignature
static String	WSC Constant to define the web services client type.
static String	WSP Constant to define the web services provider type.
protected String	wspEndpoint
static String	WSS_PROVIDER_CONFIG_PLUGIN Property for the web services provider configuration plugin.
protected String	wssProxyEndpoint

Constructor Summary

Constructors

Constructor and Description
ProviderConfig()

Method Summary

Modifier and Type	Method and Description
protected abstract void	delete() Deletes the provider configuration.
static void	deleteProvider(String providerName, String providerType) Removes the provider configuration.
boolean	forceUserAuthentication() Returns true if the user force authentication is enabled.
static List	getAllMessageLevelSecurityMech() Returns the list of message level security mechanism objects.
static List	getAllSupportedSecurityMech() Returns the list of all available security mechanism objects.
String	getAuthenticationChain() Returns the authentication chain mechanism to be used.
String	getDNSClaim() Returns the DNS claim name.
String	getEncryptionAlgorithm() Returns the encryption algorithm
int	getEncryptionStrength() Returns the encryption data strength.
String	getKDCDomain() Returns Kerberos Domain Controller Domain
String	getKDCServer() Returns Kerberos Domain Controller Server.
String	getKerberosServicePrincipal() Returns kerberos service principal
String	getKerberosTicketCacheDir() This method is used by the web services client to get the kerberos ticket cache directory.
String	getKeyAlias() Returns the key alias for this provider.
String	getKeyEncryptedPassword() Returns the keystore encrypted password.
String	getKeyPassword() Returns the key password in the keystore.
KeyStore	getKeyStore() Returns the provider JKS KeyStore
String	getKeyStoreEncryptedPasswd() Returns the keystore encrypted password.
String	getKeyStoreFile() Returns the keystore file.
String	getKeyStorePassword() Returns the keystore password.
String	getKeyTabFile() This method is used by the web services provider to get the key tab file.
String	getKeyType() Returns the key type for this provider.
String	getNameIDMapper() Returns the NameID mapper class
String	getProperty(String property) Returns the value of the property.
static ProviderConfig	getProvider(String providerName, String providerType) Returns the provider configuration for a given provider name.
static ProviderConfig	getProvider(String providerName, String providerType, boolean initialize) Returns the provider configuration for a given provider name.
static ProviderConfig	getProviderByEndpoint(String endpoint, String providerType) Returns the provider configuration for a given end point
String	getProviderName() Returns the name of the Provider.
String	getProviderType() Returns the provider type.
String	getPublicKeyAlias() Returns the Public key alias for this provider's partner.
Set	getSAMLAttributeMapping() Returns the SAML Attribute Mapping list.
String	getSAMLAttributeNamespace() Returns SAML attribute namespace.
List	getSecurityMechanisms() Returns the list of security mechanims that the provider is configured.
String	getServiceType() Returns the service type.
List	getSignedElements() Returns the list of signed elements.
String	getSigningRefType() Returns signing reference type.
String	getTokenConversionType() Returns the type of the token that needs to be converted to.
TrustAuthorityConfig	getTrustAuthorityConfig() Returns the provider's trusted authorities list.
List	getUsers() Returns the list of PasswordCredentials of the user.
String	getWSPEndpoint() Returns the endpoint of the web services provider.
String	getWSSProxyEndpoint() Returns the endpoint of the web services security proxy.
protected abstract void	init(String providerName, String providerType, SSOToken token, boolean isEndPoint) Initializes the provider.
protected abstract boolean	isExists() Checks if the provider configuration exists.
boolean	isMessageReplayDetectionEnabled() Returns true if the message replay detection is enabled.
static boolean	isProviderExists(String providerName, String providerType) Checks if the provider of given type does exists.
static boolean	isProviderExists(String providerName, String providerType, boolean isEndPoint) Checks if the provider of given type does exists.
boolean	isRequestEncryptEnabled() Checks if the request needs to be encrypted or not.
boolean	isRequestHeaderEncryptEnabled() Checks if the request header needs to be encrypted or not.
boolean	isRequestSignEnabled() Checks if the request needs to be signed or not.
boolean	isResponseEncryptEnabled() Checks if the response needs to be encrypted or not.
boolean	isResponseSignEnabled() Checks if the response needs to be signed or not.
boolean	isUserTokenDetectReplayEnabled() Returns true if the user name token replay is enabled.
boolean	isValidateKerberosSignature() Returns true if kerberos signature needs to be validated.
boolean	preserveSecurityHeader() Returns true if security header needs to be preserved.
static void	saveProvider(ProviderConfig config) Saves the Provider in the configuration repository.
void	setAdminToken(SSOToken adminToken) Sets the admin token.
void	setAuthenticationChain(String authenticationChain) Sets the authentication chain mechanism.
void	setDefaultKeyStore(boolean set) Sets the provider to use the default keystore.
void	setDetectUserTokenReplay(boolean enable) Enable or disable the detection of user token replay
void	setDNSClaim(String dnsClaim) Sets the DNS claim name
void	setEncryptionAlgorithm(String encAlg) Sets the encryption algorithm.
void	setEncryptionStrength(int keyStrength) Sets the encryption data strength
void	setForceUserAuthentication(boolean forceAuthn) Sets the user force authentication attribute.
void	setIncludeMemberships(boolean include) Sets a flag to include memberships for SAML attribute mapping.
void	setKDCDomain(String domain) Sets Kerberos Domain Controller Domain
void	setKDCServer(String kdcServer) Sets Kerberos Domain Controller Server
void	setKerberosServicePrincipal(String principal) Sets kerberos service principal.
void	setKerberosTicketCacheDir(String cacheDir) Sets kerberos ticket cache dir.
void	setKeyAlias(String alias) Sets the key alias for this provider.
void	setKeyStore(KeyStore keyStore, String password) Sets the keystore for this provider.
void	setKeyStore(String fileName, String keyStorePassword, String keyPassword) Sets the keystore for this provider.
void	setKeyTabFile(String file) Sets the keytab file
void	setKeyType(String keyType) Sets the key type for this provider.
void	setMessageReplayDetection(boolean enable) Enable or disable the message replay detection.
void	setNameIDMapper(String nameIDMapper) Sets the NameID Mapper class.
void	setPassThroughSecurityToken(boolean usepassthrough) Sets if passthrough security token needs to be used This is valid for a proxy web services client.
void	setPreserveSecurityHeader(boolean preserve) Sets if security header needs to be preserved.
void	setProperty(String property, String value) Sets the value for the given property in Provider Configuration.
void	setPublicKeyAlias(String alias) Sets the Public key alias for this provider's partner.
void	setRequestEncryptEnabled(boolean enable) Sets the request encrypt enable flag.
void	setRequestHeaderEncryptEnabled(boolean enable) Sets the request header encrypt enable flag.
void	setRequestSignEnabled(boolean enable) Sets the request sign enable flag.
void	setResponseEncryptEnabled(boolean enable) Sets the response encrypt enable flag.
void	setResponseSignEnabled(boolean enable) Sets the response sign enable flag.
void	setSAMLAttributeMapping(Set attributeMap) Sets the list of SAML attribute mappings.
void	setSAMLAttributeNamespace(String attributeNS) Sets SAML attribute namespace.
void	setSecurityMechanisms(List authMech) Sets the list of security mechanisms.
void	setServiceType(String serviceType) Sets the service type.
void	setSignedElements(List signedElements) Sets the signed elements
void	setSigningRefType(String refType) Sets the signing reference type.
void	setTokenConversionType(String tokenType) Sets the type of the token that needs to be converted to.
void	setTrustAuthorityConfig(TrustAuthorityConfig taconfig) Sets the trusted authority configurations.
void	setUsers(List usercredentials) Sets the user credentials list.
void	setValidateKerberosSignature(boolean validate) Sets a boolean flag to enable or disable validate kerberos signature.
void	setWSPEndpoint(String endpoint) Sets the web services provider endpoint.
void	setWSSProxyEndpoint(String endpoint) Sets the web services security proxy endpoint.
boolean	shouldIncludeMemberships() Checks if the memberships should be included in the SAML attribute mapping.
protected abstract void	store() Stores the provider configuration.
boolean	useDefaultKeyStore() Returns true if the provider uses default keystore.
boolean	usePassThroughSecurityToken() Returns true if passthrough security token needs to be used.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

WSC

public static final String WSC

Constant to define the web services client type.

See Also:

Constant Field Values

WSP

public static final String WSP

Constant to define the web services provider type.

See Also:

Constant Field Values

WSS_PROVIDER_CONFIG_PLUGIN

public static final String WSS_PROVIDER_CONFIG_PLUGIN

Property for the web services provider configuration plugin.

See Also:

Constant Field Values

secMech

protected List secMech

serviceURI

protected String serviceURI

providerName

protected String providerName

wspEndpoint

protected String wspEndpoint

wssProxyEndpoint

protected String wssProxyEndpoint

providerType

protected String providerType

keyStore

protected KeyStore keyStore

privateKeyAlias

protected String privateKeyAlias

privateKeyType

protected String privateKeyType

publicKeyAlias

protected String publicKeyAlias

isResponseSigned

protected boolean isResponseSigned

isResponseEncrypted

protected boolean isResponseEncrypted

isRequestSigned

protected boolean isRequestSigned

isRequestEncrypted

protected boolean isRequestEncrypted

isRequestHeaderEncrypted

protected boolean isRequestHeaderEncrypted

trustAuthorities

protected List trustAuthorities

ksPasswd

protected String ksPasswd

keyPasswd

protected String keyPasswd

ksFile

protected String ksFile

properties

protected Properties properties

usercredentials

protected List usercredentials

serviceType

protected String serviceType

isDefaultKeyStore

protected boolean isDefaultKeyStore

forceAuthn

protected boolean forceAuthn

preserveSecHeaders

protected boolean preserveSecHeaders

authenticationChain

protected String authenticationChain

taconfig

protected TrustAuthorityConfig taconfig

samlAttributes

protected Set samlAttributes

includeMemberships

protected boolean includeMemberships

nameIDMapper

protected String nameIDMapper

attributeNS

protected String attributeNS

kdcDomain

protected String kdcDomain

kdcServer

protected String kdcServer

ticketCacheDir

protected String ticketCacheDir

servicePrincipal

protected String servicePrincipal

keytabFile

protected String keytabFile

verifyKrbSignature

protected boolean verifyKrbSignature

usePassThroughToken

protected boolean usePassThroughToken

tokenConversionType

protected String tokenConversionType

encryptionAlgorithm

protected String encryptionAlgorithm

encryptionStrength

protected int encryptionStrength

signingRefType

protected String signingRefType

customAdminToken

protected static SSOToken customAdminToken

detectUserTokenReplay

protected boolean detectUserTokenReplay

detectMessageReplay

protected boolean detectMessageReplay

dnsClaim

protected String dnsClaim

signedElements

protected List signedElements

Constructor Detail

ProviderConfig

public ProviderConfig()

Method Detail

getSecurityMechanisms

public List getSecurityMechanisms()

Returns the list of security mechanims that the provider is configured.

Returns:

list of security mechanisms.

setSecurityMechanisms

public void setSecurityMechanisms(List authMech)

Sets the list of security mechanisms.

Parameters:

authMech - the list of security mechanisms.

getProviderName

public String getProviderName()

Returns the name of the Provider.

Returns:

the provider name.

getProperty

public String getProperty(String property)

Returns the value of the property.

Parameters:

property - the name of property for which value is being retrieved.

Returns:

the value of the property.

setProperty

public void setProperty(String property,
                        String value)

Sets the value for the given property in Provider Configuration.

Parameters:

property - the name of the property being set.

value - the property value being set.

getWSPEndpoint

public String getWSPEndpoint()

Returns the endpoint of the web services provider.

Returns:

the endpoint of the web services provider.

setWSPEndpoint

public void setWSPEndpoint(String endpoint)

Sets the web services provider endpoint.

Parameters:

endpoint - the web services provider endpoint.

getWSSProxyEndpoint

public String getWSSProxyEndpoint()

Returns the endpoint of the web services security proxy.

Returns:

the endpoint of the web services security proxy.

setWSSProxyEndpoint

public void setWSSProxyEndpoint(String endpoint)

Sets the web services security proxy endpoint.

Parameters:

endpoint - the web services security proxy endpoint.

setServiceType

public void setServiceType(String serviceType)

Sets the service type.

Parameters:

serviceType - the service type.

getServiceType

public String getServiceType()

Returns the service type.

Returns:

the service type.

setUsers

public void setUsers(List usercredentials)

Sets the user credentials list.

Parameters:

usercredentials - list of PasswordCredential objects.

getUsers

public List getUsers()

Returns the list of PasswordCredentials of the user.

Returns:

the list of PasswordCredential objects.

isUserTokenDetectReplayEnabled

public boolean isUserTokenDetectReplayEnabled()

Returns true if the user name token replay is enabled.

Returns:

true if the user name token replay is enabled.

setDetectUserTokenReplay

public void setDetectUserTokenReplay(boolean enable)

Enable or disable the detection of user token replay

Parameters:

enable - true if the detection of user token replay is enabled.

isMessageReplayDetectionEnabled

public boolean isMessageReplayDetectionEnabled()

Returns true if the message replay detection is enabled.

Returns:

true if the message replay detection is enabled.

setMessageReplayDetection

public void setMessageReplayDetection(boolean enable)

Enable or disable the message replay detection.

Parameters:

enable - true if the detection of the message replay is enabled.

getProviderType

public String getProviderType()

Returns the provider type. It will be WSP or WSC

Returns:

the provider type.

getKeyStore

public KeyStore getKeyStore()

Returns the provider JKS KeyStore

Returns:

the JKS KeyStore

getKeyStoreFile

public String getKeyStoreFile()

Returns the keystore file.

Returns:

the keystore file name.

getKeyStorePassword

public String getKeyStorePassword()

Returns the keystore password.

Returns:

the keystore password.

getKeyStoreEncryptedPasswd

public String getKeyStoreEncryptedPasswd()

Returns the keystore encrypted password.

Returns:

the keystore encrypted password.

getKeyPassword

public String getKeyPassword()

Returns the key password in the keystore.

Returns:

the key password in the keystore.

getKeyEncryptedPassword

public String getKeyEncryptedPassword()

Returns the keystore encrypted password.

Returns:

the keystore encrypted password.

setKeyStore

public void setKeyStore(String fileName,
                        String keyStorePassword,
                        String keyPassword)
                 throws ProviderException

Sets the keystore for this provider.

Parameters:

fileName - the provider key store fully qualified file name.

keyStorePassword - the password required to access the key store file.

keyPassword - the password required to access the key from the keystore.

Throws:

ProviderException - if the key store file does not exist or an invalid password.

setKeyStore

public void setKeyStore(KeyStore keyStore,
                        String password)

Sets the keystore for this provider.

Parameters:

keyStore - the provider key store.

password - the password required to access the key store file.

getKeyType

public String getKeyType()

Returns the key type for this provider.

Returns:

the key type of the provider.

setKeyType

public void setKeyType(String keyType)

Sets the key type for this provider.

Parameters:

keyType - the key type for this provider.

getKeyAlias

public String getKeyAlias()

Returns the key alias for this provider.

Returns:

the key alias of the provider.

setKeyAlias

public void setKeyAlias(String alias)

Sets the key alias for this provider.

Parameters:

alias - the key alias for this provider.

getPublicKeyAlias

public String getPublicKeyAlias()

Returns the Public key alias for this provider's partner.

Returns:

the Public key alias of the provider's partner.

setPublicKeyAlias

public void setPublicKeyAlias(String alias)

Sets the Public key alias for this provider's partner.

Parameters:

alias - the Public key alias for this provider's partner.

useDefaultKeyStore

public boolean useDefaultKeyStore()

Returns true if the provider uses default keystore.

Returns:

true if the provider uses default keystore.

setDefaultKeyStore

public void setDefaultKeyStore(boolean set)

Sets the provider to use the default keystore.

Parameters:

set - boolean variable to enable or disable to use the default keystore.

getSAMLAttributeMapping

public Set getSAMLAttributeMapping()

Returns the SAML Attribute Mapping list. This method is used by the WSP configuration when enabled for SAML.

setSAMLAttributeMapping

public void setSAMLAttributeMapping(Set attributeMap)

Sets the list of SAML attribute mappings. This method is used by the WSP configuration when enabled for SAML.

Parameters:

attributeMap - the list of SAML attribute mapping

shouldIncludeMemberships

public boolean shouldIncludeMemberships()

Checks if the memberships should be included in the SAML attribute mapping.

Returns:

true if the memberships are included.

setIncludeMemberships

public void setIncludeMemberships(boolean include)

Sets a flag to include memberships for SAML attribute mapping.

Parameters:

include - boolean flag to indicate if the memberships needs to be included.

getNameIDMapper

public String getNameIDMapper()

Returns the NameID mapper class

Returns:

returns the nameid mapper class.

setNameIDMapper

public void setNameIDMapper(String nameIDMapper)

Sets the NameID Mapper class.

Parameters:

nameIDMapper - NameID Mapper class.

getSAMLAttributeNamespace

public String getSAMLAttributeNamespace()

Returns SAML attribute namespace.

Returns:

returns SAML attribute namespace.

setSAMLAttributeNamespace

public void setSAMLAttributeNamespace(String attributeNS)

Sets SAML attribute namespace.

Parameters:

attributeNS - SAML attribute namespace.

getKDCDomain

public String getKDCDomain()

Returns Kerberos Domain Controller Domain

Returns:

Kerberos Domain Controller Domain

setKDCDomain

public void setKDCDomain(String domain)

Sets Kerberos Domain Controller Domain

Parameters:

domain - Kerberos Domain Controller Domain

getKDCServer

public String getKDCServer()

Returns Kerberos Domain Controller Server.

Returns:

Kerberos Domain Controller Server.

setKDCServer

public void setKDCServer(String kdcServer)

Sets Kerberos Domain Controller Server

Parameters:

kdcServer - Kerberos Domain Controller Server

getKerberosTicketCacheDir

public String getKerberosTicketCacheDir()

This method is used by the web services client to get the kerberos ticket cache directory.

Returns:

the kerberos ticket cache dir

setKerberosTicketCacheDir

public void setKerberosTicketCacheDir(String cacheDir)

Sets kerberos ticket cache dir.

Parameters:

cacheDir - kerberos ticket cache dir

getKeyTabFile

public String getKeyTabFile()

This method is used by the web services provider to get the key tab file.

Returns:

the keytab file.

setKeyTabFile

public void setKeyTabFile(String file)

Sets the keytab file

Parameters:

file - the fully qualified file path

getKerberosServicePrincipal

public String getKerberosServicePrincipal()

Returns kerberos service principal

Returns:

the kerberos service principal

setKerberosServicePrincipal

public void setKerberosServicePrincipal(String principal)

Sets kerberos service principal.

Parameters:

principal - the kerberos service principal.

isValidateKerberosSignature

public boolean isValidateKerberosSignature()

Returns true if kerberos signature needs to be validated. The signature validation is supported only with JDK6 onwards.

Returns:

true if the signature validation needs to be validated.

setValidateKerberosSignature

public void setValidateKerberosSignature(boolean validate)

Sets a boolean flag to enable or disable validate kerberos signature.

Parameters:

validate - boolean flag to enable or disable validate krb signature.

getDNSClaim

public String getDNSClaim()

Returns the DNS claim name.

Returns:

the DNS claim name.

setDNSClaim

public void setDNSClaim(String dnsClaim)

Sets the DNS claim name

Parameters:

dnsClaim - the DNS claim name

getSignedElements

public List getSignedElements()

Returns the list of signed elements.

Returns:

the list of signed elements.

setSignedElements

public void setSignedElements(List signedElements)

Sets the signed elements

Parameters:

signedElements - the signed elements.

getTrustAuthorityConfig

public TrustAuthorityConfig getTrustAuthorityConfig()

Returns the provider's trusted authorities list.

Returns:

the list of the TrustAuthorityConfigs.

setTrustAuthorityConfig

public void setTrustAuthorityConfig(TrustAuthorityConfig taconfig)

Sets the trusted authority configurations.

Parameters:

taconfig - instance of the TrustAuthorityConfig.

isResponseSignEnabled

public boolean isResponseSignEnabled()

Checks if the response needs to be signed or not.

Returns:

true if the response needs to be signed.

setResponseSignEnabled

public void setResponseSignEnabled(boolean enable)

Sets the response sign enable flag.

Parameters:

enable - enables the response signing.

isResponseEncryptEnabled

public boolean isResponseEncryptEnabled()

Checks if the response needs to be encrypted or not.

Returns:

true if the response needs to be encrypted.

setResponseEncryptEnabled

public void setResponseEncryptEnabled(boolean enable)

Sets the response encrypt enable flag.

Parameters:

enable - enables the response encryption.

isRequestSignEnabled

public boolean isRequestSignEnabled()

Checks if the request needs to be signed or not.

Returns:

true if the request needs to be signed.

setRequestSignEnabled

public void setRequestSignEnabled(boolean enable)

Sets the request sign enable flag.

Parameters:

enable - enables the request signing.

isRequestEncryptEnabled

public boolean isRequestEncryptEnabled()

Checks if the request needs to be encrypted or not.

Returns:

true if the request needs to be encrypted.

setRequestEncryptEnabled

public void setRequestEncryptEnabled(boolean enable)

Sets the request encrypt enable flag.

Parameters:

enable - enables the request encryption.

isRequestHeaderEncryptEnabled

public boolean isRequestHeaderEncryptEnabled()

Checks if the request header needs to be encrypted or not.

Returns:

true if the request header needs to be encrypted.

setRequestHeaderEncryptEnabled

public void setRequestHeaderEncryptEnabled(boolean enable)

Sets the request header encrypt enable flag.

Parameters:

enable - enables the request header encryption.

forceUserAuthentication

public boolean forceUserAuthentication()

Returns true if the user force authentication is enabled.

Returns:

true if the user force authentication is enabled.

setForceUserAuthentication

public void setForceUserAuthentication(boolean forceAuthn)

Sets the user force authentication attribute.

Parameters:

forceAuthn - the user force authentication attribute.

preserveSecurityHeader

public boolean preserveSecurityHeader()

Returns true if security header needs to be preserved.

Returns:

true if the security header needs to be preserved.

setPreserveSecurityHeader

public void setPreserveSecurityHeader(boolean preserve)

Sets if security header needs to be preserved.

Parameters:

preserve - value to be set, true if the security header needs to be preserved, false otherwise.

getAuthenticationChain

public String getAuthenticationChain()

Returns the authentication chain mechanism to be used. This method is used only by the WSP configuration.

Returns:

the name of the authentication chain mechanism.

setAuthenticationChain

public void setAuthenticationChain(String authenticationChain)

Sets the authentication chain mechanism. This method is used only by the WSP configuration.

Parameters:

authenticationChain - the name of the authentication chain mechanism.

usePassThroughSecurityToken

public boolean usePassThroughSecurityToken()

Returns true if passthrough security token needs to be used. This is valid for a proxy web services client.

Returns:

true if passthrough security token needs to be used.

setPassThroughSecurityToken

public void setPassThroughSecurityToken(boolean usepassthrough)

Sets if passthrough security token needs to be used This is valid for a proxy web services client.

Parameters:

usepassthrough - flag to if the wsc needs to use passthrough security token.

getTokenConversionType

public String getTokenConversionType()

Returns the type of the token that needs to be converted to. This method is used by the web service providers to convert a SAMLToken to the desired token type.

Returns:

the type of the token that needs to be converted to.

setTokenConversionType

public void setTokenConversionType(String tokenType)

Sets the type of the token that needs to be converted to. This method is used by the web service providers to convert a SAMLToken to the desired token type.

Parameters:

tokenType - the type of the token that needs to be converted to.

getSigningRefType

public String getSigningRefType()

Returns signing reference type.

Returns:

the signing reference type.

setSigningRefType

public void setSigningRefType(String refType)

Sets the signing reference type.

Parameters:

refType - the signing reference type.

getEncryptionAlgorithm

public String getEncryptionAlgorithm()

Returns the encryption algorithm

Returns:

the encryption algorithm

setEncryptionAlgorithm

public void setEncryptionAlgorithm(String encAlg)

Sets the encryption algorithm.

Parameters:

encAlg - the encryption algorithm.

getEncryptionStrength

public int getEncryptionStrength()

Returns the encryption data strength.

Returns:

the encryption data strength.

setEncryptionStrength

public void setEncryptionStrength(int keyStrength)

Sets the encryption data strength. *

Parameters:

keyStrength - the encryption data strength.

store

protected abstract void store()
                       throws ProviderException

Stores the provider configuration.

Throws:

ProviderException - if there is any failure.

delete

protected abstract void delete()
                        throws ProviderException

Deletes the provider configuration.

Throws:

ProviderException - if there is any failure.

isExists

protected abstract boolean isExists()

Checks if the provider configuration exists.

Returns:

true if the provider exists.

init

protected abstract void init(String providerName,
                             String providerType,
                             SSOToken token,
                             boolean isEndPoint)
                      throws ProviderException

Initializes the provider.

Parameters:

providerName - the provider name.

providerType - the provider type.

token - Single Sign-on token.

isEndPoint - Boolean flag indicating whether provider needs to be searched based on its end point value.

Throws:

ProviderException - if there is any failure.

saveProvider

public static void saveProvider(ProviderConfig config)
                         throws ProviderException

Saves the Provider in the configuration repository.

Parameters:

config - the provider configuration.

Throws:

ProviderException - if the creation is failed.

getProvider

public static ProviderConfig getProvider(String providerName,
                                         String providerType)
                                  throws ProviderException

Returns the provider configuration for a given provider name.

Parameters:

providerName - the provider name.

providerType - the provider type.

Throws:

ProviderException - if unable to retrieve.

getProvider

public static ProviderConfig getProvider(String providerName,
                                         String providerType,
                                         boolean initialize)
                                  throws ProviderException

Returns the provider configuration for a given provider name.

Parameters:

providerName - the provider name.

providerType - the provider type.

initialize - if set to false the provider configuration will not be retrieved from the persistent store and returns just the memory image of the provider configuration. Also if set to false the provider configuration can not be saved persistently using store().

Throws:

ProviderException - if unable to retrieve.

getProviderByEndpoint

public static ProviderConfig getProviderByEndpoint(String endpoint,
                                                   String providerType)
                                            throws ProviderException

Returns the provider configuration for a given end point

Parameters:

endpoint - the end point is the search string to retrieve the provider configuration.

providerType - the provider type.

Throws:

ProviderException - if unable to retrieve.

isProviderExists

public static boolean isProviderExists(String providerName,
                                       String providerType)

Checks if the provider of given type does exists.

Parameters:

providerName - the name of the provider.

providerType - type of the provider.

Returns:

true if the provider exists with a given name and type.

isProviderExists

public static boolean isProviderExists(String providerName,
                                       String providerType,
                                       boolean isEndPoint)

Checks if the provider of given type does exists.

Parameters:

providerName - the name of the provider.

providerType - type of the provider.

isEndPoint - flag to indicate check/search based on WSP end point.

Returns:

true if the provider exists with a given name and type.

deleteProvider

public static void deleteProvider(String providerName,
                                  String providerType)
                           throws ProviderException

Removes the provider configuration.

Parameters:

providerName - the name of the provider.

providerType - the type of the provider.

Throws:

ProviderException - if any failure.

getAllSupportedSecurityMech

public static List getAllSupportedSecurityMech()

Returns the list of all available security mechanism objects.

Returns:

the list of SecurityMechanism objects.

getAllMessageLevelSecurityMech

public static List getAllMessageLevelSecurityMech()

Returns the list of message level security mechanism objects.

Returns:

the list of message level SecurityMechanism objects.

setAdminToken

public void setAdminToken(SSOToken adminToken)

Sets the admin token. This admin token is required to be set if "create", "delete" or "save" operations are invoked on this ProviderConfig object. This admin token needs to be the valid SSOToken of the user who has "Agent Administrator" privileges.

Parameters:

adminToken - the agent admin token.