Package com.sun.identity.wss.provider

Class TrustAuthorityConfig

  • Direct Known Subclasses:
    DiscoveryConfig, STSConfig
    public abstract class TrustAuthorityConfig
extends Object
    This abstract class TrustAuthorityConfig represents the configuration of a Trusted Authority entity.

    The Trusted Authority configuration is used to register the provider configuration information at a Trusted Authority.

    This class can be extended to define the trust authority config such as Discovery client configuration, WS-Trust protocol based client (STS client) configuration.

    Pluggable implementation of this abstract class can choose to store this configuration in desired configuration store. This pluggable implementation class can be configured in client's AMConfig.properties as value of "com.sun.identity.wss.discovery.config.plugin" property for Discovery client configuration and "com.sun.identity.wss.sts.config.plugin" property for STS client configuration. Having obtained an instance of TrustAuthorityConfig, its methods can be called to create, delete, modify, retrieve WSS agent profile and configuration for Discovery client or STS client attributes (key /value pairs).

    All the static methods in this class are for the persistent operations.

    • Field Detail

      • endpoint

        protected String endpoint

      • privateKeyAlias

        protected String privateKeyAlias

      • publicKeyAlias

        protected String publicKeyAlias

      • secMech

        protected List secMech

      • isResponseSigned

        protected boolean isResponseSigned

      • isResponseEncrypted

        protected boolean isResponseEncrypted

      • isRequestSigned

        protected boolean isRequestSigned

      • isRequestEncrypted

        protected boolean isRequestEncrypted

      • isRequestHeaderEncrypted

        protected boolean isRequestHeaderEncrypted

      • usercredentials

        protected List usercredentials

      • encryptionAlgorithm

        protected String encryptionAlgorithm

      • encryptionStrength

        protected int encryptionStrength

      • signingRefType

        protected String signingRefType

      • customAdminToken

        protected static SSOToken customAdminToken

      • WSS_DISCOVERY_CONFIG_PLUGIN

        public static final String WSS_DISCOVERY_CONFIG_PLUGIN
        Property string for the web services discovery client configuration plugin.
        See Also:
        Constant Field Values

      • WSS_STS_CONFIG_PLUGIN

        public static final String WSS_STS_CONFIG_PLUGIN
        Property string for the web services STS client configuration plugin.
        See Also:
        Constant Field Values

      • DISCOVERY_TRUST_AUTHORITY

        public static final String DISCOVERY_TRUST_AUTHORITY
        Trusted Authority client configuration type.
        See Also:
        Constant Field Values

    • Constructor Detail

      • TrustAuthorityConfig

        public TrustAuthorityConfig()

    • Method Detail

      • getName

        public String getName()
        Returns the trust authority name.
        Returns:
        the name of the trust authority.

      • setName

        public void setName​(String name)
        Sets the trust authority name.
        Parameters:
        name - the name of the trust authority.

      • getType

        public String getType()
        Returns the trust authority type.
        Returns:
        the type of the trust authority.

      • setType

        public void setType​(String type)
        Sets the trust authority type.
        Parameters:
        type - the type of the trust authority.

      • getEndpoint

        public String getEndpoint()
        Returns the trust authority end point.
        Returns:
        the endpoint of the trust authority.

      • setEndpoint

        public void setEndpoint​(String endpoint)
        Sets the trust authority end point.
        Parameters:
        endpoint - the end point for the trust authority.

      • getKeyAlias

        public String getKeyAlias()
        Returns the key alias for this trust authority client.
        Returns:
        the key alias of the trust authority client.

      • setKeyAlias

        public void setKeyAlias​(String alias)
        Sets the key alias for this trust authority client.
        Parameters:
        alias - the key alias for the trust authority client.

      • getPublicKeyAlias

        public String getPublicKeyAlias()
        Returns the Public key alias for this trust authority client's partner.
        Returns:
        the Public key alias of the trust authority client's partner.

      • setPublicKeyAlias

        public void setPublicKeyAlias​(String alias)
        Sets the Public key alias for this trust authority client's partner.
        Parameters:
        alias - the Public key alias for this trust authority client's partner.

      • setSecurityMechs

        public void setSecurityMechs​(List secMech)
        Sets the list of security mechanisms that the trust authority supports.
        Parameters:
        secMech - list of security mechanisms that the trust authority supports.

      • getSecurityMech

        public List getSecurityMech()
        Returns the list of security mechanisms that the trust authority supports.

      • isResponseSignEnabled

        public boolean isResponseSignEnabled()
        Checks if the response needs to be signed or not.
        Returns:
        true if the response needs to be signed.

      • setResponseSignEnabled

        public void setResponseSignEnabled​(boolean enable)
        Sets the response sign enable flag.
        Parameters:
        enable - enables the response signing.

      • isResponseEncryptEnabled

        public boolean isResponseEncryptEnabled()
        Checks if the response needs to be encrypted or not.
        Returns:
        true if the response needs to be encrypted.

      • setResponseEncryptEnabled

        public void setResponseEncryptEnabled​(boolean enable)
        Sets the response encrypt enable flag.
        Parameters:
        enable - enables the response encryption.

      • isRequestSignEnabled

        public boolean isRequestSignEnabled()
        Checks if the request needs to be signed or not.
        Returns:
        true if the request needs to be signed.

      • setRequestSignEnabled

        public void setRequestSignEnabled​(boolean enable)
        Sets the request sign enable flag.
        Parameters:
        enable - enables the request signing.

      • isRequestEncryptEnabled

        public boolean isRequestEncryptEnabled()
        Checks if the request needs to be encrypted or not.
        Returns:
        true if the request needs to be encrypted.

      • setRequestEncryptEnabled

        public void setRequestEncryptEnabled​(boolean enable)
        Sets the request encrypt enable flag.
        Parameters:
        enable - enables the request encryption.

      • isRequestHeaderEncryptEnabled

        public boolean isRequestHeaderEncryptEnabled()
        Checks if the request header needs to be encrypted or not.
        Returns:
        true if the request header needs to be encrypted.

      • setRequestHeaderEncryptEnabled

        public void setRequestHeaderEncryptEnabled​(boolean enable)
        Sets the request header encrypt enable flag.
        Parameters:
        enable - enables the request header encryption.

      • setUsers

        public void setUsers​(List usercredentials)
        Sets the user credentials list.
        Parameters:
        usercredentials - list of PasswordCredentialobjects.

      • getUsers

        public List getUsers()
        Returns the list of PasswordCredentials of the user.
        Returns:
        the list of PasswordCredential objects.

      • getSigningRefType

        public String getSigningRefType()
        Returns signing reference type.
        Returns:
        the signing reference type.

      • setSigningRefType

        public void setSigningRefType​(String refType)
        Sets the signing reference type.
        Parameters:
        refType - the signing reference type.

      • getEncryptionAlgorithm

        public String getEncryptionAlgorithm()
        Returns the encryption algorithm.
        Returns:
        the encryption algorithm

      • setEncryptionAlgorithm

        public void setEncryptionAlgorithm​(String encAlg)
        Sets the encryption algorithm.
        Parameters:
        encAlg - the encryption algorithm.

      • getEncryptionStrength

        public int getEncryptionStrength()
        Returns the encryption data strength.
        Returns:
        the encryption data strength.

      • setEncryptionStrength

        public void setEncryptionStrength​(int keyStrength)
        Sets the encryption data strength.
        Parameters:
        keyStrength - the encryption data strength.

      • init

        protected abstract void init​(String name,
                             String type,
                             SSOToken ssoToken)
                      throws ProviderException
        Initialize the trust authority.
        Parameters:
        name - the name of the trust authority.
        type - the type of the trust authority.
        ssoToken - Single sign-on token.
        Throws:
        ProviderException - if the initialization fails.

      • store

        protected abstract void store()
                       throws ProviderException
        Saves the trust authority configuration.
        Throws:
        ProviderException - if the trust authority configuration is unable to save.

      • saveConfig

        public static void saveConfig​(TrustAuthorityConfig config)
                       throws ProviderException
        Saves the trust authority configuration.
        Parameters:
        config - the trust authority configuration.
        Throws:
        ProviderException - if any failure in saving the configuration.

      • setAdminToken

        public void setAdminToken​(SSOToken adminToken)
        Sets the admin token. This admin token is required to be set if "create", "delete" or "save" operations are invoked on this TrustAuthorityConfig object. This admin token needs to be the valid SSOToken of the user who has "Agent Administrator" privileges.
        Parameters:
        adminToken - the agent admin token.