| Package | Description |
|---|---|
| com.sun.identity.wss.security |
Defines Web Services Security Token specification and Token interfaces
with their respective implementation classes for different WS-* Security
Tokens.
|
| com.sun.identity.wss.security.handler |
Defines classes to handle WS-Security requests.
|
| Modifier and Type | Method and Description |
|---|---|
void |
SecurityTokenReference.addToParent(Element parent)
Adds the securitytoken reference to the parent element.
|
void |
Reference.addToParent(Element parent)
Adds the reference to parent element.
|
void |
KeyIdentifier.addToParent(Element parent)
Adds the key identifier to the parent element.
|
static X509Certificate |
WSSUtils.getCertificate(SecurityToken securityToken)
Returns the certificate present in the security token.
|
static X509Certificate |
SAML2TokenUtils.getCertificate(SecurityToken securityToken)
Returns an
X509Certificate from the security token if it
is of type SAML2 token holder of key. |
static SecurityTokenFactory |
SecurityTokenFactory.getInstance(SSOToken credential)
Returns the Security Token factory instance.
|
static SecurityTokenFactory |
SecurityTokenFactory.getInstance(TokenProvider provider)
Returns the Security Token factory instance.
|
static String |
UserNameToken.getPasswordDigest(String password,
String nonce,
String created)
Returns the password digest for the given password using nonce
and created timestamp.
|
static Key |
WSSUtils.getSecretKey(SecurityToken securityToken,
String certAlias)
Returns the secret key from the security token from SAML1 Assertion.
|
static Key |
SAML2TokenUtils.getSecretKey(SecurityToken securityToken,
String certAlias) |
SecurityToken |
TokenProvider.getSecurityToken()
Returns the
SecurityToken for the WS-Security. |
SecurityToken |
AMTokenProvider.getSecurityToken()
Returns the
SecurityToken for the WS-Security. |
SecurityToken |
SecurityTokenFactory.getSecurityToken(SecurityTokenSpec tokenSpec)
Returns / Creates a security token from the security token specificaion.
|
Element |
SecurityTokenReference.getTokenElement(Document doc)
Returns the referenced security token via the Reference URI.
|
Element |
KeyIdentifier.getTokenElement(Document doc)
Returns the security token that is referenced via the key identifier.
|
X509Certificate |
AssertionToken.getX509Certificate()
Returns X509 certificate of the authenticated subject.
|
X509Certificate |
KeyIdentifier.getX509Certificate()
Returns the
X509Certficate for the value set in the
key identifier. |
X509Certificate |
SAML2Token.getX509Certificate()
Returns X509 certificate of the authenticated subject.
|
void |
UserNameToken.setPassword(String passwd)
Sets the password to the username token.
|
void |
AssertionToken.sign(String alias)
Signs the Assertion Token.
|
void |
SAML2Token.sign(String alias)
Signs the SAML2 Token.
|
Element |
BinarySecurityToken.toDocumentElement()
Returns the
DOM Element of the binary security
token. |
Element |
SecurityToken.toDocumentElement()
Converts the Security Token into DOM Object.
|
Element |
FAMSecurityToken.toDocumentElement()
Convert the security token into DOM Object.
|
Element |
UserNameToken.toDocumentElement()
Returns the XML document element for the username security token.
|
Element |
AssertionToken.toDocumentElement()
Convert the security token into DOM Object.
|
Element |
SAML2Token.toDocumentElement()
Returns DOM element for the SAML2 token
|
static boolean |
SAML2TokenUtils.validateAssertion(Assertion assertion,
Subject subject,
Map secureAttrs)
Validates Assertion and sets the principal into the container Subject.
|
| Constructor and Description |
|---|
AssertionToken(AssertionTokenSpec spec,
SSOToken ssoToken)
Constructor that initializes the AssertionToken.
|
BinarySecurityToken(Element token)
Constructor
|
BinarySecurityToken(KerberosTokenSpec kbSpec)
Constructor to create Kerberos Token
|
BinarySecurityToken(X509Certificate cert,
String valueType,
String encodingType) |
BinarySecurityToken(X509TokenSpec tokenSpec)
Constructor
|
FAMSecurityToken(Element element)
Constructor that uses DOM Element
|
FAMSecurityToken(SSOToken ssoToken)
Constructor for FAMSecurityToken
|
KeyIdentifier(Element element)
Constructor
|
Reference(Element element)
Constructor
|
SAML11AssertionValidator(Element assertionE,
FAMSTSConfiguration stsConfig) |
SAML2AssertionValidator(Element assertionE,
FAMSTSConfiguration stsConfig) |
SAML2Token(SAML2TokenSpec spec,
SSOToken ssoToken)
Constructor that initializes the SAML2Token.
|
SecurityTokenReference(Element element)
Constructor
|
UserNameToken(Element element)
Constructor to create a username token using username token xml element.
|
UserNameToken(UserNameTokenSpec tokenSpec)
Constructs a user name token with the user name token specification.
|
| Modifier and Type | Method and Description |
|---|---|
Object |
MessageAuthenticator.authenticate(Subject subject,
SecurityMechanism securityMechanism,
SecurityToken securityToken,
ProviderConfig config,
Object secureMessage,
boolean isLiberty)
Authenticates the web services client.
|
Object |
DefaultAuthenticator.authenticate(Subject subject,
SecurityMechanism securityMechanism,
SecurityToken securityToken,
ProviderConfig config,
Object secureMessage,
boolean isLiberty)
Authenticates the web services client.
|
boolean |
MessageAuthorizer.authorize(Subject subject,
Object secureMessage,
SecurityMechanism securityMechanism,
SecurityToken securityToken,
ProviderConfig config,
boolean isLiberty)
Authorizes the web services client.
|
boolean |
DefaultAuthorizer.authorize(Subject subject,
Object secureMessage,
SecurityMechanism securityMechanism,
SecurityToken securityToken,
ProviderConfig config,
boolean isLiberty)
Authorizes the web services client.
|
void |
SecureSOAPMessage.decrypt(String keyAlias,
boolean decryptBody,
boolean decryptHeader)
Decrypts the
SOAPMessage for the given security profile. |
void |
SecureSOAPMessage.encrypt(String certAlias,
String encryptionAlgorithm,
int encryptionKeyStrength,
boolean encryptBody,
boolean encryptHeader)
Encrypts the
SOAPMessage for the given security profile. |
static MessageAuthenticator |
SOAPRequestHandler.getAuthenticator()
Returns the configured message authenticator.
|
static MessageAuthorizer |
SOAPRequestHandler.getAuthorizer()
Returns the configured message authenticator.
|
void |
SOAPRequestHandler.init(Map config)
Initializes the handler with the given configuration.
|
void |
SOAPRequestHandlerInterface.init(Map config)
Initializes the handler with the given configuration.
|
void |
SecureSOAPMessage.parseSecurityHeader(Node node)
Parses for the security header.
|
SOAPMessage |
SOAPRequestHandler.secureRequest(SOAPMessage soapMessage,
Subject subject,
Map sharedState)
Secures the
SOAPMessage request by adding necessary
credential information. |
SOAPMessage |
SOAPRequestHandlerInterface.secureRequest(SOAPMessage soapMessage,
Subject subject,
Map sharedState)
Secures the
SOAPMessage request by adding necessary
credential information. |
SOAPMessage |
SOAPRequestHandler.secureResponse(SOAPMessage soapMessage,
Map sharedState)
Secures the SOAP Message response to the client.
|
SOAPMessage |
SOAPRequestHandlerInterface.secureResponse(SOAPMessage soapMessage,
Map sharedState)
Secures the SOAP Message response to the client.
|
void |
SecureSOAPMessage.setSecurityToken(SecurityToken token)
Sets the security token for securing the soap message.
|
void |
SecureSOAPMessage.sign()
Signs the
SOAPMessage for the given security profile. |
Object |
SOAPRequestHandler.validateRequest(SOAPMessage soapRequest,
Subject subject,
Map sharedState,
javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Authenticates the
SOAPMessage from a remote client. |
Object |
SOAPRequestHandlerInterface.validateRequest(SOAPMessage soapRequest,
Subject subject,
Map sharedState,
javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Authenticates the
SOAPMessage from a remote client. |
void |
SOAPRequestHandler.validateResponse(SOAPMessage soapMessage,
Map sharedState)
Validates the SOAP Response from the service provider.
|
void |
SOAPRequestHandlerInterface.validateResponse(SOAPMessage soapMessage,
Map sharedState)
Validates the SOAP Response from the service provider.
|
boolean |
SecureSOAPMessage.verifyKerberosTokenSignature(Key secretKey)
Verifies the signature of the SOAP message that has kerberos key.
|
boolean |
SecureSOAPMessage.verifySignature()
Verifies the signature of the SOAP message.
|
| Constructor and Description |
|---|
SecureSOAPMessage(SOAPMessage soapMessage,
boolean create)
Constructor to create secure SOAP message.
|
SecureSOAPMessage(SOAPMessage soapMessage,
boolean create,
List signedElements)
Constructor to create secure SOAP message.
|
Copyright © 2010–2025 Open Identity Platform Community. All rights reserved.