Package com.sun.identity.wss.security

Class WSSUtils

  • public class WSSUtils
extends Object
    This class provides util methods for the web services security.

    • Constructor Detail

      • WSSUtils

        public WSSUtils()

    • Method Detail

      • toSOAPMessage

        public static jakarta.xml.soap.SOAPMessage toSOAPMessage​(Document document)

      • print

        public static String print​(Node node)

      • getDirectChild

        public static Node getDirectChild​(Node fNode,
                                  String localName,
                                  String namespace)

      • getAuthMethodURI

        public static String getAuthMethodURI​(String authModuleName)
        Returns corresponding Authentication method URI to be set in Assertion.
        Parameters:
        authModuleName - name of the authentication module used to authenticate the user.
        Returns:
        String corresponding Authentication Method URI to be set in Assertion.

      • setRoles

        public static void setRoles​(Subject subject,
                            String user)
        Sets the memberships for a given user into the JAAS Subject.
        Parameters:
        subject - the JAAS subject where the role memberships need to be set.
        user - the user's universal dn

      • getMemberShips

        public static List getMemberShips​(String pattern)

      • getAgentAttributes

        public static Map getAgentAttributes​(String endpoint,
                                     Set attrNames,
                                     String type)

      • getAdminToken

        public static SSOToken getAdminToken()

      • getMessageCertificate

        public static X509Certificate getMessageCertificate​(Element sigElement)
        Returns the message certificate from the security token reference especially for KeyIdentifier and X509IssuerSerial case.
        Parameters:
        sigElement - the signature element where the security token ref is present
        Returns:
        the X509Certificate

      • getSAMLAttributes

        public static Map<QName,​List<String>> getSAMLAttributes​(String subjectName,
                                                              Set attributeNames,
                                                              String namespace,
                                                              SSOToken ssoToken)
        Returns the SAML Attribute Map>. The attribute map is generated from the given SSOToken first and if not found, then it will try to find from the repository.
        Parameters:
        subjectName - the principal to be used for retrieving the user attributes.
        attributeNames - set of attribute names for the attribute map
        namespace - the name space for the saml attribute name
        ssoToken - the user's SSOToken.
        Returns:
        the saml attributes for the SAML Token specification.

      • getUserPseduoName

        public static String getUserPseduoName​(String userName,
                                       String nameIDImpl)
        Returns the user pseduo name from the given nameid mapper.
        Parameters:
        userName - the authenticated user name.
        nameIDImpl - the nameid mapper implementation class
        Returns:
        the user psueduo name.

      • getMembershipAttributes

        public static Map<QName,​List<String>> getMembershipAttributes​(String subjectName,
                                                                    String namespace)
        Returns the membership attributes for the given subject.
        Parameters:
        subjectName - the authenticated subject
        namespace - the saml attribute namespace.
        Returns:
        the SAML attributes for the user memberships.

      • getTimeSkew

        public static long getTimeSkew()

      • encryptKey

        public static org.apache.xml.security.encryption.EncryptedKey encryptKey​(Document doc,
                                                                         byte[] encryptedKey,
                                                                         X509Certificate cert,
                                                                         String keyWrapAlgorithm)

      • getCertAlias

        public static String getCertAlias​(String issuer)
        Returns the trusted certificate alias from the issuer.

      • getRequestedClaims

        public static Map<QName,​List<String>> getRequestedClaims​(String subjectName,
                                                               Set claimNames,
                                                               SSOToken ssoToken)
        Returns the list of requested claims for the given subject
        Parameters:
        subjectName - the subject name
        claimNames - the set of requested claims
        ssoToken - the user's single sign-on token.
        Returns:
        the hashmap of requested claims.

      • getCanonicalElement

        public static Element getCanonicalElement​(Node node)
        Gets input Node Canonicalized
        Parameters:
        node - Node
        Returns:
        Canonical element if the operation succeeded. Otherwise, return null.