com.sun.identity.wss.security

Class WSSUtils

java.lang.Object

com.sun.identity.wss.security.WSSUtils

public class WSSUtils
extends Object

This class provides util methods for the web services security.

Field Summary

Fields

Modifier and Type	Field and Description
static ResourceBundle	bundle
static Debug	debug

Constructor Summary

Constructors

Constructor and Description
WSSUtils()

Method Summary

Modifier and Type	Method and Description
static org.apache.xml.security.encryption.EncryptedKey	encryptKey(Document doc, byte[] encryptedKey, X509Certificate cert, String keyWrapAlgorithm)
static SSOToken	getAdminToken()
static Map	getAgentAttributes(String endpoint, Set attrNames, String type)
static String	getAuthMethodURI(String authModuleName) Returns corresponding Authentication method URI to be set in Assertion.
static Element	getCanonicalElement(Node node) Gets input Node Canonicalized
static String	getCertAlias(String issuer) Returns the trusted certificate alias from the issuer.
static X509Certificate	getCertificate(Element keyinfo)
static X509Certificate	getCertificate(SecurityToken securityToken) Returns the certificate present in the security token.
static ProviderConfig	getConfigByDnsClaim(String dnsClaim, String agentType)
static Node	getDirectChild(Node fNode, String localName, String namespace)
static Map<QName,List<String>>	getMembershipAttributes(String subjectName, String namespace) Returns the membership attributes for the given subject.
static List	getMemberShips(String pattern)
static X509Certificate	getMessageCertificate(Element sigElement) Returns the message certificate from the security token reference especially for KeyIdentifier and X509IssuerSerial case.
static Map<QName,List<String>>	getRequestedClaims(String subjectName, Set claimNames, SSOToken ssoToken) Returns the list of requested claims for the given subject
static Map<QName,List<String>>	getSAMLAttributes(String subjectName, Set attributeNames, String namespace, SSOToken ssoToken) Returns the SAML Attribute Map>.
static Key	getSecretKey(SecurityToken securityToken, String certAlias) Returns the secret key from the security token from SAML1 Assertion.
static long	getTimeSkew()
static String	getUserPseduoName(String userName, String nameIDImpl) Returns the user pseduo name from the given nameid mapper.
static WSSCacheRepository	getWSSCacheRepository()
static XMLEncryptionManager	getXMLEncryptionManager()
static XMLSignatureManager	getXMLSignatureManager()
static Element	prependChildElement(Element parent, Element child, boolean addWhitespace, Document doc)
static String	print(Node node)
static void	setRoles(Subject subject, String user) Sets the memberships for a given user into the JAAS Subject.
static SOAPMessage	toSOAPMessage(Document document)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

bundle

public static ResourceBundle bundle

debug

public static Debug debug

Constructor Detail

WSSUtils

public WSSUtils()

Method Detail

getCertificate

public static X509Certificate getCertificate(SecurityToken securityToken)
                                      throws SecurityException

Returns the certificate present in the security token.

Parameters:

securityToken - the security token.

Returns:

the certificate.

Throws:

SecurityException

getCertificate

public static X509Certificate getCertificate(Element keyinfo)

toSOAPMessage

public static SOAPMessage toSOAPMessage(Document document)

print

public static String print(Node node)

prependChildElement

public static Element prependChildElement(Element parent,
                                          Element child,
                                          boolean addWhitespace,
                                          Document doc)

getDirectChild

public static Node getDirectChild(Node fNode,
                                  String localName,
                                  String namespace)

getXMLEncryptionManager

public static XMLEncryptionManager getXMLEncryptionManager()

getXMLSignatureManager

public static XMLSignatureManager getXMLSignatureManager()

getAuthMethodURI

public static String getAuthMethodURI(String authModuleName)

Returns corresponding Authentication method URI to be set in Assertion.

Parameters:

authModuleName - name of the authentication module used to authenticate the user.

Returns:

String corresponding Authentication Method URI to be set in Assertion.

setRoles

public static void setRoles(Subject subject,
                            String user)

Sets the memberships for a given user into the JAAS Subject.

Parameters:

subject - the JAAS subject where the role memberships need to be set.

user - the user's universal dn

getMemberShips

public static List getMemberShips(String pattern)

getAgentAttributes

public static Map getAgentAttributes(String endpoint,
                                     Set attrNames,
                                     String type)

getAdminToken

public static SSOToken getAdminToken()

getMessageCertificate

public static X509Certificate getMessageCertificate(Element sigElement)

Returns the message certificate from the security token reference especially for KeyIdentifier and X509IssuerSerial case.

Parameters:

sigElement - the signature element where the security token ref is present

Returns:

the X509Certificate

getWSSCacheRepository

public static WSSCacheRepository getWSSCacheRepository()

getSAMLAttributes

public static Map<QName,List<String>> getSAMLAttributes(String subjectName,
                                                        Set attributeNames,
                                                        String namespace,
                                                        SSOToken ssoToken)

Returns the SAML Attribute Map>. The attribute map is generated from the given SSOToken first and if not found, then it will try to find from the repository.

Parameters:

subjectName - the principal to be used for retrieving the user attributes.

attributeNames - set of attribute names for the attribute map

namespace - the name space for the saml attribute name

ssoToken - the user's SSOToken.

Returns:

the saml attributes for the SAML Token specification.

getUserPseduoName

public static String getUserPseduoName(String userName,
                                       String nameIDImpl)

Returns the user pseduo name from the given nameid mapper.

Parameters:

userName - the authenticated user name.

nameIDImpl - the nameid mapper implementation class

Returns:

the user psueduo name.

getMembershipAttributes

public static Map<QName,List<String>> getMembershipAttributes(String subjectName,
                                                              String namespace)

Returns the membership attributes for the given subject.

Parameters:

subjectName - the authenticated subject

namespace - the saml attribute namespace.

Returns:

the SAML attributes for the user memberships.

getTimeSkew

public static long getTimeSkew()

encryptKey

public static org.apache.xml.security.encryption.EncryptedKey encryptKey(Document doc,
                                                                         byte[] encryptedKey,
                                                                         X509Certificate cert,
                                                                         String keyWrapAlgorithm)

getSecretKey

public static Key getSecretKey(SecurityToken securityToken,
                               String certAlias)
                        throws SecurityException

Returns the secret key from the security token from SAML1 Assertion.

Throws:

SecurityException

getCertAlias

public static String getCertAlias(String issuer)

Returns the trusted certificate alias from the issuer.

getRequestedClaims

public static Map<QName,List<String>> getRequestedClaims(String subjectName,
                                                         Set claimNames,
                                                         SSOToken ssoToken)

Returns the list of requested claims for the given subject

Parameters:

subjectName - the subject name

claimNames - the set of requested claims

ssoToken - the user's single sign-on token.

Returns:

the hashmap of requested claims.

getConfigByDnsClaim

public static ProviderConfig getConfigByDnsClaim(String dnsClaim,
                                                 String agentType)

getCanonicalElement

public static Element getCanonicalElement(Node node)

Gets input Node Canonicalized

Parameters:

node - Node

Returns:

Canonical element if the operation succeeded. Otherwise, return null.