FAMSTSConfiguration (OpenAM Project 15.1.7-SNAPSHOT API)

java.lang.Object
- com.sun.identity.wss.sts.config.FAMSTSConfiguration

All Implemented Interfaces:: ConfigurationListener, com.sun.xml.ws.api.security.trust.config.STSConfiguration

public class FAMSTSConfiguration
extends Object
implements com.sun.xml.ws.api.security.trust.config.STSConfiguration, ConfigurationListener

Constructor Summary

Constructors
Constructor and Description

FAMSTSConfiguration()
Default Constructor.

Constructors
Constructor and Description
`FAMSTSConfiguration()` Default Constructor.

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`void`	`addTrustSPMetadata(com.sun.xml.ws.api.security.trust.config.TrustSPMetadata data, String spEndpoint)`
`void`	`configChanged(ConfigurationActionEvent e)` This method will be invoked when a component's configuration data has been changed.
`String`	`getAuthenticationChain()` Returns authentication chain used for authenticating sts clients.
`CallbackHandler`	`getCallbackHandler()`
`String`	`getClientUserTokenClass()`
`String`	`getEncryptionAlgorithm()` Returns encryption algorithm
`int`	`getEncryptionStrength()` Returns the encryption strength;
`boolean`	`getEncryptIssuedKey()`
`boolean`	`getEncryptIssuedToken()`
`long`	`getIssuedTokenTimeout()`
`String`	`getIssuer()`
`String`	`getKDCDomain()` Returns Kerberos Domain Controller Domain
`String`	`getKDCServer()` Returns Kerberos Domain Controller Server.
`String`	`getKerberosServicePrincipal()` Returns kerberos service principal
`String`	`getKeyTabFile()` This method is used by the web services provider to get the key tab file.
`String`	`getNameIDMapper()` Returns the NameID mapper class
`Map<String,Object>`	`getOtherOptions()`
`String`	`getPrivateKeyAlias()` Returns the key alias for the security provider at STS service.
`String`	`getPrivateKeyType()` Returns the key type for the security provider at STS service.
`String`	`getPublicKeyAlias()` Returns the Public key alias for this provider's partner.
`Set`	`getSAMLAttributeMapping()` Returns the SAML Attribute Mapping list.
`String`	`getSAMLAttributeNamespace()` Returns SAML attribute namespace.
`List`	`getSecurityMechanisms()` Returns the list of security mechanims that the STS service is configured.
`List`	`getSignedElements()` Returns the list of signed elements.
`String`	`getSigningRefType()` Returns signing reference type.
`String`	`getSTSEndpoint()` Returns STS Endpoint
`Set`	`getTrustedIPAddresses()`
`Set`	`getTrustedIssuers()`
`com.sun.xml.ws.api.security.trust.config.TrustSPMetadata`	`getTrustSPMetadata(String spEndpoint)`
`String`	`getType()`
`List`	`getUsers()` Returns the list of `PasswordCredential`s of the user.
`boolean`	`isMessageReplayDetectionEnabled()` Returns true if the message replay detection is enabled.
`boolean`	`isRequestEncryptEnabled()` Checks if the request needs to be encrypted or not.
`boolean`	`isRequestHeaderEncryptEnabled()` Checks if the request header needs to be encrypted or not.
`boolean`	`isRequestSignEnabled()` Checks if the request needs to be signed or not.
`boolean`	`isResponseEncryptEnabled()` Checks if the response needs to be encrypted or not.
`boolean`	`isResponseSignEnabled()` Checks if the response needs to be signed or not.
`boolean`	`isUserTokenDetectReplayEnabled()` Returns true if the user name token replay is enabled.
`boolean`	`isValidateKerberosSignature()` Returns true if kerberos signature needs to be validated.
`void`	`setAuthenticationChain(String authChain)` Sets the authentication chain name.
`void`	`setCallbackHandler(CallbackHandler callbackHandler)`
`void`	`setClientUserTokenClass(String clientUserTokenClass)`
`void`	`setDetectUserTokenReplay(boolean enable)` Enable or disable the detection of user token replay
`void`	`setEncryptionAlgorithm(String algorithm)` Sets the encryption algorithm
`void`	`setEncryptionStrength(int encryptionStrength)` Sets the encryption data strength.
`void`	`setEncryptIssuedKey(boolean encryptIssuedKey)`
`void`	`setEncryptIssuedToken(boolean encryptIssuedToken)`
`void`	`setIncludeMemberships(boolean include)` Sets a flag to include memberships for SAML attribute mapping.
`void`	`setIssuedTokenTimeout(long issuedTokenTimeout)`
`void`	`setIssuer(String issuer)`
`void`	`setKDCDomain(String domain)` Sets Kerberos Domain Controller Domain
`void`	`setKDCServer(String kdcServer)` Sets Kerberos Domain Controller Server
`void`	`setKerberosServicePrincipal(String principal)` Sets kerberos service principal.
`void`	`setKeyTabFile(String file)` Sets the keytab file
`void`	`setMessageReplayDetection(boolean enable)` Enable or disable the message replay detection.
`void`	`setNameIDMapper(String nameIDMapper)` Sets the NameID Mapper class.
`void`	`setPrivateKeyAlias(String alias)` Sets the key alias for the security provider at STS service.
`void`	`setPrivateKeyType(String keyType)` Sets the key type for the security provider at STS service.
`void`	`setPublicKeyAlias(String alias)` Sets the Public key alias for this provider's partner.
`void`	`setRequestEncryptEnabled(boolean enable)` Sets the request encrypt enable flag.
`void`	`setRequestHeaderEncryptEnabled(boolean enable)` Sets the request header encrypt enable flag.
`void`	`setRequestSignEnabled(boolean enable)` Sets the request sign enable flag.
`void`	`setResponseEncryptEnabled(boolean enable)` Sets the response encrypt enable flag.
`void`	`setResponseSignEnabled(boolean enable)` Sets the response sign enable flag.
`void`	`setSAMLAttributeMapping(Set attributeMap)` Sets the list of SAML attribute mappings.
`void`	`setSAMLAttributeNamespace(String attributeNS)` Sets SAML attribute namespace.
`void`	`setSecurityMechanisms(List authMech)` Sets the list of security mechanisms.
`void`	`setSignedElements(List signedElements)` Sets the signed elements
`void`	`setSigningRefType(String refType)` Set signing reference type.
`void`	`setType(String type)`
`void`	`setUsers(List usercredentials)` Sets the user credentials list.
`void`	`setValidateKerberosSignature(boolean validate)` Sets a boolean flag to enable or disable validate kerberos signature.
`boolean`	`shouldIncludeMemberships()` Checks if the memberships should be included in the SAML attribute mapping.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - FAMSTSConfiguration
```
public FAMSTSConfiguration()
```
    Default Constructor.
- Method Detail
  - configChanged
```
public void configChanged(ConfigurationActionEvent e)
```
    This method will be invoked when a component's configuration data has been changed. The parameters componentName, realm and configName denotes the component name, organization and configuration instance name that are changed respectively.
    
    Specified by:
    
    configChanged in interface ConfigurationListener
    
    Parameters:
    
    e - Configuration action event, like ADDED, DELETED, MODIFIED etc.
  - addTrustSPMetadata
```
public void addTrustSPMetadata(com.sun.xml.ws.api.security.trust.config.TrustSPMetadata data,
                               String spEndpoint)
```
    Specified by:
    
    addTrustSPMetadata in interface com.sun.xml.ws.api.security.trust.config.STSConfiguration
  - getTrustSPMetadata
```
public com.sun.xml.ws.api.security.trust.config.TrustSPMetadata getTrustSPMetadata(String spEndpoint)
```
    Specified by:
    
    getTrustSPMetadata in interface com.sun.xml.ws.api.security.trust.config.STSConfiguration
  - getTrustedIssuers
```
public Set getTrustedIssuers()
```
  - getTrustedIPAddresses
```
public Set getTrustedIPAddresses()
```
  - setType
```
public void setType(String type)
```
  - getType
```
public String getType()
```
    Specified by:
    
    getType in interface com.sun.xml.ws.api.security.trust.config.STSConfiguration
  - setIssuer
```
public void setIssuer(String issuer)
```
  - getIssuer
```
public String getIssuer()
```
    Specified by:
    
    getIssuer in interface com.sun.xml.ws.api.security.trust.config.STSConfiguration
  - setEncryptIssuedToken
```
public void setEncryptIssuedToken(boolean encryptIssuedToken)
```
  - getEncryptIssuedToken
```
public boolean getEncryptIssuedToken()
```
    Specified by:
    
    getEncryptIssuedToken in interface com.sun.xml.ws.api.security.trust.config.STSConfiguration
  - setEncryptIssuedKey
```
public void setEncryptIssuedKey(boolean encryptIssuedKey)
```
  - getEncryptIssuedKey
```
public boolean getEncryptIssuedKey()
```
    Specified by:
    
    getEncryptIssuedKey in interface com.sun.xml.ws.api.security.trust.config.STSConfiguration
  - setIssuedTokenTimeout
```
public void setIssuedTokenTimeout(long issuedTokenTimeout)
```
  - getIssuedTokenTimeout
```
public long getIssuedTokenTimeout()
```
    Specified by:
    
    getIssuedTokenTimeout in interface com.sun.xml.ws.api.security.trust.config.STSConfiguration
  - setCallbackHandler
```
public void setCallbackHandler(CallbackHandler callbackHandler)
```
    Specified by:
    
    setCallbackHandler in interface com.sun.xml.ws.api.security.trust.config.STSConfiguration
  - getCallbackHandler
```
public CallbackHandler getCallbackHandler()
```
    Specified by:
    
    getCallbackHandler in interface com.sun.xml.ws.api.security.trust.config.STSConfiguration
  - setClientUserTokenClass
```
public void setClientUserTokenClass(String clientUserTokenClass)
```
  - getClientUserTokenClass
```
public String getClientUserTokenClass()
```
  - getSecurityMechanisms
```
public List getSecurityMechanisms()
```
    Returns the list of security mechanims that the STS service is configured.
    
    Returns:
    
    list of security mechanisms.
  - setSecurityMechanisms
```
public void setSecurityMechanisms(List authMech)
```
    Sets the list of security mechanisms.
    
    Parameters:
    
    authMech - the list of security mechanisms.
  - isResponseSignEnabled
```
public boolean isResponseSignEnabled()
```
    Checks if the response needs to be signed or not.
    
    Returns:
    
    true if the response needs to be signed.
  - setResponseSignEnabled
```
public void setResponseSignEnabled(boolean enable)
```
    Sets the response sign enable flag.
    
    Parameters:
    
    enable - enables the response signing.
  - isResponseEncryptEnabled
```
public boolean isResponseEncryptEnabled()
```
    Checks if the response needs to be encrypted or not.
    
    Returns:
    
    true if the response needs to be encrypted.
  - setResponseEncryptEnabled
```
public void setResponseEncryptEnabled(boolean enable)
```
    Sets the response encrypt enable flag.
    
    Parameters:
    
    enable - enables the response encryption.
  - isRequestSignEnabled
```
public boolean isRequestSignEnabled()
```
    Checks if the request needs to be signed or not.
    
    Returns:
    
    true if the request needs to be signed.
  - setRequestSignEnabled
```
public void setRequestSignEnabled(boolean enable)
```
    Sets the request sign enable flag.
    
    Parameters:
    
    enable - enables the request signing.
  - isRequestEncryptEnabled
```
public boolean isRequestEncryptEnabled()
```
    Checks if the request needs to be encrypted or not.
    
    Returns:
    
    true if the request needs to be encrypted.
  - setRequestEncryptEnabled
```
public void setRequestEncryptEnabled(boolean enable)
```
    Sets the request encrypt enable flag.
    
    Parameters:
    
    enable - enables the request encryption.
  - isRequestHeaderEncryptEnabled
```
public boolean isRequestHeaderEncryptEnabled()
```
    Checks if the request header needs to be encrypted or not.
    
    Returns:
    
    true if the request header needs to be encrypted.
  - setRequestHeaderEncryptEnabled
```
public void setRequestHeaderEncryptEnabled(boolean enable)
```
    Sets the request header encrypt enable flag.
    
    Parameters:
    
    enable - enables the request header encryption.
  - getPrivateKeyType
```
public String getPrivateKeyType()
```
    Returns the key type for the security provider at STS service.
    
    Returns:
    
    the key type of the security provider at STS service.
  - setPrivateKeyType
```
public void setPrivateKeyType(String keyType)
```
    Sets the key type for the security provider at STS service.
    
    Parameters:
    
    keyType - the key type for the security provider at STS service.
  - getPrivateKeyAlias
```
public String getPrivateKeyAlias()
```
    Returns the key alias for the security provider at STS service.
    
    Returns:
    
    the key alias of the security provider at STS service.
  - setPrivateKeyAlias
```
public void setPrivateKeyAlias(String alias)
```
    Sets the key alias for the security provider at STS service.
    
    Parameters:
    
    alias - the key alias for the security provider at STS service.
  - getPublicKeyAlias
```
public String getPublicKeyAlias()
```
    Returns the Public key alias for this provider's partner.
    
    Returns:
    
    the Public key alias of the provider's partner.
  - setPublicKeyAlias
```
public void setPublicKeyAlias(String alias)
```
    Sets the Public key alias for this provider's partner.
    
    Parameters:
    
    alias - the Public key alias for this provider's partner.
  - getOtherOptions
```
public Map<String,Object> getOtherOptions()
```
    Specified by:
    
    getOtherOptions in interface com.sun.xml.ws.api.security.trust.config.STSConfiguration
  - getSTSEndpoint
```
public String getSTSEndpoint()
```
    Returns STS Endpoint
    
    Returns:
    
    the STS endpoint
  - getKDCDomain
```
public String getKDCDomain()
```
    Returns Kerberos Domain Controller Domain
    
    Returns:
    
    Kerberos Domain Controller Domain
  - setKDCDomain
```
public void setKDCDomain(String domain)
```
    Sets Kerberos Domain Controller Domain
    
    Parameters:
    
    domain - Kerberos Domain Controller Domain
  - getKDCServer
```
public String getKDCServer()
```
    Returns Kerberos Domain Controller Server.
    
    Returns:
    
    Kerberos Domain Controller Server.
  - setKDCServer
```
public void setKDCServer(String kdcServer)
```
    Sets Kerberos Domain Controller Server
    
    Parameters:
    
    kdcServer - Kerberos Domain Controller Server
  - getKeyTabFile
```
public String getKeyTabFile()
```
    This method is used by the web services provider to get the key tab file.
    
    Returns:
    
    the keytab file.
  - setKeyTabFile
```
public void setKeyTabFile(String file)
```
    Sets the keytab file
    
    Parameters:
    
    file - the fully qualified file path
  - getKerberosServicePrincipal
```
public String getKerberosServicePrincipal()
```
    Returns kerberos service principal
    
    Returns:
    
    the kerberos service principal
  - setKerberosServicePrincipal
```
public void setKerberosServicePrincipal(String principal)
```
    Sets kerberos service principal.
    
    Parameters:
    
    principal - the kerberos service principal.
  - isValidateKerberosSignature
```
public boolean isValidateKerberosSignature()
```
    Returns true if kerberos signature needs to be validated. The signature validation is supported only with JDK6 onwards.
    
    Returns:
    
    true if the signature validation needs to be validated.
  - setValidateKerberosSignature
```
public void setValidateKerberosSignature(boolean validate)
```
    Sets a boolean flag to enable or disable validate kerberos signature.
    
    Parameters:
    
    validate - boolean flag to enable or disable validate krb signature.
  - getSAMLAttributeMapping
```
public Set getSAMLAttributeMapping()
```
    Returns the SAML Attribute Mapping list. This method is used by the WSP configuration when enabled for SAML.
  - setSAMLAttributeMapping
```
public void setSAMLAttributeMapping(Set attributeMap)
```
    Sets the list of SAML attribute mappings. This method is used by the WSP configuration when enabled for SAML.
    
    Parameters:
    
    attributeMap - the list of SAML attribute mapping
  - shouldIncludeMemberships
```
public boolean shouldIncludeMemberships()
```
    Checks if the memberships should be included in the SAML attribute mapping.
    
    Returns:
    
    true if the memberships are included.
  - setIncludeMemberships
```
public void setIncludeMemberships(boolean include)
```
    Sets a flag to include memberships for SAML attribute mapping.
    
    Parameters:
    
    include - boolean flag to indicate if the memberships needs to be included.
  - getNameIDMapper
```
public String getNameIDMapper()
```
    Returns the NameID mapper class
    
    Returns:
    
    returns the nameid mapper class.
  - setNameIDMapper
```
public void setNameIDMapper(String nameIDMapper)
```
    Sets the NameID Mapper class.
    
    Parameters:
    
    nameIDMapper - NameID Mapper class.
  - getSAMLAttributeNamespace
```
public String getSAMLAttributeNamespace()
```
    Returns SAML attribute namespace.
    
    Returns:
    
    returns SAML attribute namespace.
  - setSAMLAttributeNamespace
```
public void setSAMLAttributeNamespace(String attributeNS)
```
    Sets SAML attribute namespace.
    
    Parameters:
    
    attributeNS - SAML attribute namespace.
  - setUsers
```
public void setUsers(List usercredentials)
```
    Sets the user credentials list.
    
    Parameters:
    
    usercredentials - list of PasswordCredentialobjects.
  - getUsers
```
public List getUsers()
```
    Returns the list of PasswordCredentials of the user.
    
    Returns:
    
    the list of PasswordCredential objects.
  - getEncryptionAlgorithm
```
public String getEncryptionAlgorithm()
```
    Returns encryption algorithm
    
    Returns:
    
    the encryption algorithm
  - setEncryptionAlgorithm
```
public void setEncryptionAlgorithm(String algorithm)
```
    Sets the encryption algorithm
    
    Parameters:
    
    algorithm - the encryption algorithm
  - getEncryptionStrength
```
public int getEncryptionStrength()
```
    Returns the encryption strength;
    
    Returns:
    
    the encryption strength;
  - setEncryptionStrength
```
public void setEncryptionStrength(int encryptionStrength)
```
    Sets the encryption data strength.
    
    Parameters:
    
    encryptionStrength - the encryption data strength.
  - getSigningRefType
```
public String getSigningRefType()
```
    Returns signing reference type.
    
    Returns:
    
    the signing reference type.
  - setSigningRefType
```
public void setSigningRefType(String refType)
```
    Set signing reference type.
    
    Parameters:
    
    refType - the signing reference type.
  - getAuthenticationChain
```
public String getAuthenticationChain()
```
    Returns authentication chain used for authenticating sts clients.
    
    Returns:
    
    the authentication chain name.
  - setAuthenticationChain
```
public void setAuthenticationChain(String authChain)
```
    Sets the authentication chain name.
    
    Parameters:
    
    authChain - the authentication chain name.
  - isUserTokenDetectReplayEnabled
```
public boolean isUserTokenDetectReplayEnabled()
```
    Returns true if the user name token replay is enabled.
    
    Returns:
    
    true if the user name token replay is enabled.
  - setDetectUserTokenReplay
```
public void setDetectUserTokenReplay(boolean enable)
```
    Enable or disable the detection of user token replay
    
    Parameters:
    
    enable - true if the detection of user token replay is enabled.
  - isMessageReplayDetectionEnabled
```
public boolean isMessageReplayDetectionEnabled()
```
    Returns true if the message replay detection is enabled.
    
    Returns:
    
    true if the message replay detection is enabled.
  - setMessageReplayDetection
```
public void setMessageReplayDetection(boolean enable)
```
    Enable or disable the message replay detection.
    
    Parameters:
    
    enable - true if the detection of the message replay is enabled.
  - getSignedElements
```
public List getSignedElements()
```
    Returns the list of signed elements.
    
    Returns:
    
    the list of signed elements.
  - setSignedElements
```
public void setSignedElements(List signedElements)
```
    Sets the signed elements
    
    Parameters:
    
    signedElements - the signed elements.

Class FAMSTSConfiguration

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

FAMSTSConfiguration

Method Detail

configChanged

addTrustSPMetadata

getTrustSPMetadata

getTrustedIssuers

getTrustedIPAddresses

setType

getType

setIssuer

getIssuer

setEncryptIssuedToken

getEncryptIssuedToken

setEncryptIssuedKey

getEncryptIssuedKey

setIssuedTokenTimeout

getIssuedTokenTimeout

setCallbackHandler

getCallbackHandler

setClientUserTokenClass

getClientUserTokenClass

getSecurityMechanisms

setSecurityMechanisms

isResponseSignEnabled

setResponseSignEnabled

isResponseEncryptEnabled

setResponseEncryptEnabled

isRequestSignEnabled

setRequestSignEnabled

isRequestEncryptEnabled

setRequestEncryptEnabled

isRequestHeaderEncryptEnabled

setRequestHeaderEncryptEnabled

getPrivateKeyType

setPrivateKeyType

getPrivateKeyAlias

setPrivateKeyAlias

getPublicKeyAlias

setPublicKeyAlias

getOtherOptions

getSTSEndpoint

getKDCDomain

setKDCDomain

getKDCServer

setKDCServer

getKeyTabFile

setKeyTabFile

getKerberosServicePrincipal

setKerberosServicePrincipal

isValidateKerberosSignature

setValidateKerberosSignature

getSAMLAttributeMapping

setSAMLAttributeMapping

shouldIncludeMemberships

setIncludeMemberships

getNameIDMapper

setNameIDMapper

getSAMLAttributeNamespace

setSAMLAttributeNamespace

setUsers

getUsers

getEncryptionAlgorithm

setEncryptionAlgorithm

getEncryptionStrength

setEncryptionStrength

getSigningRefType

setSigningRefType

getAuthenticationChain

setAuthenticationChain

isUserTokenDetectReplayEnabled

setDetectUserTokenReplay

isMessageReplayDetectionEnabled

setMessageReplayDetection

getSignedElements

setSignedElements