Package com.sun.identity.wss.sts.config

Class FAMSTSConfiguration

  • All Implemented Interfaces:
    ConfigurationListener, com.sun.xml.ws.api.security.trust.config.STSConfiguration
    public class FAMSTSConfiguration
extends Object
implements com.sun.xml.ws.api.security.trust.config.STSConfiguration, ConfigurationListener

    • Constructor Detail

      • FAMSTSConfiguration

        public FAMSTSConfiguration()
        Default Constructor.

    • Method Detail

      • configChanged

        public void configChanged​(ConfigurationActionEvent e)
        This method will be invoked when a component's configuration data has been changed. The parameters componentName, realm and configName denotes the component name, organization and configuration instance name that are changed respectively.
        Specified by:
        configChanged in interface ConfigurationListener
        Parameters:
        e - Configuration action event, like ADDED, DELETED, MODIFIED etc.

      • addTrustSPMetadata

        public void addTrustSPMetadata​(com.sun.xml.ws.api.security.trust.config.TrustSPMetadata data,
                               String spEndpoint)
        Specified by:
        addTrustSPMetadata in interface com.sun.xml.ws.api.security.trust.config.STSConfiguration

      • getTrustSPMetadata

        public com.sun.xml.ws.api.security.trust.config.TrustSPMetadata getTrustSPMetadata​(String spEndpoint)
        Specified by:
        getTrustSPMetadata in interface com.sun.xml.ws.api.security.trust.config.STSConfiguration

      • getTrustedIssuers

        public Set getTrustedIssuers()

      • getTrustedIPAddresses

        public Set getTrustedIPAddresses()

      • setType

        public void setType​(String type)

      • getType

        public String getType()
        Specified by:
        getType in interface com.sun.xml.ws.api.security.trust.config.STSConfiguration

      • setIssuer

        public void setIssuer​(String issuer)

      • getIssuer

        public String getIssuer()
        Specified by:
        getIssuer in interface com.sun.xml.ws.api.security.trust.config.STSConfiguration

      • setEncryptIssuedToken

        public void setEncryptIssuedToken​(boolean encryptIssuedToken)

      • getEncryptIssuedToken

        public boolean getEncryptIssuedToken()
        Specified by:
        getEncryptIssuedToken in interface com.sun.xml.ws.api.security.trust.config.STSConfiguration

      • setEncryptIssuedKey

        public void setEncryptIssuedKey​(boolean encryptIssuedKey)

      • getEncryptIssuedKey

        public boolean getEncryptIssuedKey()
        Specified by:
        getEncryptIssuedKey in interface com.sun.xml.ws.api.security.trust.config.STSConfiguration

      • setIssuedTokenTimeout

        public void setIssuedTokenTimeout​(long issuedTokenTimeout)

      • getIssuedTokenTimeout

        public long getIssuedTokenTimeout()
        Specified by:
        getIssuedTokenTimeout in interface com.sun.xml.ws.api.security.trust.config.STSConfiguration

      • setCallbackHandler

        public void setCallbackHandler​(CallbackHandler callbackHandler)
        Specified by:
        setCallbackHandler in interface com.sun.xml.ws.api.security.trust.config.STSConfiguration

      • getCallbackHandler

        public CallbackHandler getCallbackHandler()
        Specified by:
        getCallbackHandler in interface com.sun.xml.ws.api.security.trust.config.STSConfiguration

      • setClientUserTokenClass

        public void setClientUserTokenClass​(String clientUserTokenClass)

      • getClientUserTokenClass

        public String getClientUserTokenClass()

      • getSecurityMechanisms

        public List getSecurityMechanisms()
        Returns the list of security mechanims that the STS service is configured.
        Returns:
        list of security mechanisms.

      • setSecurityMechanisms

        public void setSecurityMechanisms​(List authMech)
        Sets the list of security mechanisms.
        Parameters:
        authMech - the list of security mechanisms.

      • isResponseSignEnabled

        public boolean isResponseSignEnabled()
        Checks if the response needs to be signed or not.
        Returns:
        true if the response needs to be signed.

      • setResponseSignEnabled

        public void setResponseSignEnabled​(boolean enable)
        Sets the response sign enable flag.
        Parameters:
        enable - enables the response signing.

      • isResponseEncryptEnabled

        public boolean isResponseEncryptEnabled()
        Checks if the response needs to be encrypted or not.
        Returns:
        true if the response needs to be encrypted.

      • setResponseEncryptEnabled

        public void setResponseEncryptEnabled​(boolean enable)
        Sets the response encrypt enable flag.
        Parameters:
        enable - enables the response encryption.

      • isRequestSignEnabled

        public boolean isRequestSignEnabled()
        Checks if the request needs to be signed or not.
        Returns:
        true if the request needs to be signed.

      • setRequestSignEnabled

        public void setRequestSignEnabled​(boolean enable)
        Sets the request sign enable flag.
        Parameters:
        enable - enables the request signing.

      • isRequestEncryptEnabled

        public boolean isRequestEncryptEnabled()
        Checks if the request needs to be encrypted or not.
        Returns:
        true if the request needs to be encrypted.

      • setRequestEncryptEnabled

        public void setRequestEncryptEnabled​(boolean enable)
        Sets the request encrypt enable flag.
        Parameters:
        enable - enables the request encryption.

      • isRequestHeaderEncryptEnabled

        public boolean isRequestHeaderEncryptEnabled()
        Checks if the request header needs to be encrypted or not.
        Returns:
        true if the request header needs to be encrypted.

      • setRequestHeaderEncryptEnabled

        public void setRequestHeaderEncryptEnabled​(boolean enable)
        Sets the request header encrypt enable flag.
        Parameters:
        enable - enables the request header encryption.

      • getPrivateKeyType

        public String getPrivateKeyType()
        Returns the key type for the security provider at STS service.
        Returns:
        the key type of the security provider at STS service.

      • setPrivateKeyType

        public void setPrivateKeyType​(String keyType)
        Sets the key type for the security provider at STS service.
        Parameters:
        keyType - the key type for the security provider at STS service.

      • getPrivateKeyAlias

        public String getPrivateKeyAlias()
        Returns the key alias for the security provider at STS service.
        Returns:
        the key alias of the security provider at STS service.

      • setPrivateKeyAlias

        public void setPrivateKeyAlias​(String alias)
        Sets the key alias for the security provider at STS service.
        Parameters:
        alias - the key alias for the security provider at STS service.

      • getPublicKeyAlias

        public String getPublicKeyAlias()
        Returns the Public key alias for this provider's partner.
        Returns:
        the Public key alias of the provider's partner.

      • setPublicKeyAlias

        public void setPublicKeyAlias​(String alias)
        Sets the Public key alias for this provider's partner.
        Parameters:
        alias - the Public key alias for this provider's partner.

      • getOtherOptions

        public Map<String,​Object> getOtherOptions()
        Specified by:
        getOtherOptions in interface com.sun.xml.ws.api.security.trust.config.STSConfiguration

      • getSTSEndpoint

        public String getSTSEndpoint()
        Returns STS Endpoint
        Returns:
        the STS endpoint

      • getKDCDomain

        public String getKDCDomain()
        Returns Kerberos Domain Controller Domain
        Returns:
        Kerberos Domain Controller Domain

      • setKDCDomain

        public void setKDCDomain​(String domain)
        Sets Kerberos Domain Controller Domain
        Parameters:
        domain - Kerberos Domain Controller Domain

      • getKDCServer

        public String getKDCServer()
        Returns Kerberos Domain Controller Server.
        Returns:
        Kerberos Domain Controller Server.

      • setKDCServer

        public void setKDCServer​(String kdcServer)
        Sets Kerberos Domain Controller Server
        Parameters:
        kdcServer - Kerberos Domain Controller Server

      • getKeyTabFile

        public String getKeyTabFile()
        This method is used by the web services provider to get the key tab file.
        Returns:
        the keytab file.

      • setKeyTabFile

        public void setKeyTabFile​(String file)
        Sets the keytab file
        Parameters:
        file - the fully qualified file path

      • getKerberosServicePrincipal

        public String getKerberosServicePrincipal()
        Returns kerberos service principal
        Returns:
        the kerberos service principal

      • setKerberosServicePrincipal

        public void setKerberosServicePrincipal​(String principal)
        Sets kerberos service principal.
        Parameters:
        principal - the kerberos service principal.

      • isValidateKerberosSignature

        public boolean isValidateKerberosSignature()
        Returns true if kerberos signature needs to be validated. The signature validation is supported only with JDK6 onwards.
        Returns:
        true if the signature validation needs to be validated.

      • setValidateKerberosSignature

        public void setValidateKerberosSignature​(boolean validate)
        Sets a boolean flag to enable or disable validate kerberos signature.
        Parameters:
        validate - boolean flag to enable or disable validate krb signature.

      • getSAMLAttributeMapping

        public Set getSAMLAttributeMapping()
        Returns the SAML Attribute Mapping list. This method is used by the WSP configuration when enabled for SAML.

      • setSAMLAttributeMapping

        public void setSAMLAttributeMapping​(Set attributeMap)
        Sets the list of SAML attribute mappings. This method is used by the WSP configuration when enabled for SAML.
        Parameters:
        attributeMap - the list of SAML attribute mapping

      • shouldIncludeMemberships

        public boolean shouldIncludeMemberships()
        Checks if the memberships should be included in the SAML attribute mapping.
        Returns:
        true if the memberships are included.

      • setIncludeMemberships

        public void setIncludeMemberships​(boolean include)
        Sets a flag to include memberships for SAML attribute mapping.
        Parameters:
        include - boolean flag to indicate if the memberships needs to be included.

      • getNameIDMapper

        public String getNameIDMapper()
        Returns the NameID mapper class
        Returns:
        returns the nameid mapper class.

      • setNameIDMapper

        public void setNameIDMapper​(String nameIDMapper)
        Sets the NameID Mapper class.
        Parameters:
        nameIDMapper - NameID Mapper class.

      • getSAMLAttributeNamespace

        public String getSAMLAttributeNamespace()
        Returns SAML attribute namespace.
        Returns:
        returns SAML attribute namespace.

      • setSAMLAttributeNamespace

        public void setSAMLAttributeNamespace​(String attributeNS)
        Sets SAML attribute namespace.
        Parameters:
        attributeNS - SAML attribute namespace.

      • setUsers

        public void setUsers​(List usercredentials)
        Sets the user credentials list.
        Parameters:
        usercredentials - list of PasswordCredentialobjects.

      • getUsers

        public List getUsers()
        Returns the list of PasswordCredentials of the user.
        Returns:
        the list of PasswordCredential objects.

      • getEncryptionAlgorithm

        public String getEncryptionAlgorithm()
        Returns encryption algorithm
        Returns:
        the encryption algorithm

      • setEncryptionAlgorithm

        public void setEncryptionAlgorithm​(String algorithm)
        Sets the encryption algorithm
        Parameters:
        algorithm - the encryption algorithm

      • getEncryptionStrength

        public int getEncryptionStrength()
        Returns the encryption strength;
        Returns:
        the encryption strength;

      • setEncryptionStrength

        public void setEncryptionStrength​(int encryptionStrength)
        Sets the encryption data strength.
        Parameters:
        encryptionStrength - the encryption data strength.

      • getSigningRefType

        public String getSigningRefType()
        Returns signing reference type.
        Returns:
        the signing reference type.

      • setSigningRefType

        public void setSigningRefType​(String refType)
        Set signing reference type.
        Parameters:
        refType - the signing reference type.

      • getAuthenticationChain

        public String getAuthenticationChain()
        Returns authentication chain used for authenticating sts clients.
        Returns:
        the authentication chain name.

      • setAuthenticationChain

        public void setAuthenticationChain​(String authChain)
        Sets the authentication chain name.
        Parameters:
        authChain - the authentication chain name.

      • isUserTokenDetectReplayEnabled

        public boolean isUserTokenDetectReplayEnabled()
        Returns true if the user name token replay is enabled.
        Returns:
        true if the user name token replay is enabled.

      • setDetectUserTokenReplay

        public void setDetectUserTokenReplay​(boolean enable)
        Enable or disable the detection of user token replay
        Parameters:
        enable - true if the detection of user token replay is enabled.

      • isMessageReplayDetectionEnabled

        public boolean isMessageReplayDetectionEnabled()
        Returns true if the message replay detection is enabled.
        Returns:
        true if the message replay detection is enabled.

      • setMessageReplayDetection

        public void setMessageReplayDetection​(boolean enable)
        Enable or disable the message replay detection.
        Parameters:
        enable - true if the detection of the message replay is enabled.

      • getSignedElements

        public List getSignedElements()
        Returns the list of signed elements.
        Returns:
        the list of signed elements.

      • setSignedElements

        public void setSignedElements​(List signedElements)
        Sets the signed elements
        Parameters:
        signedElements - the signed elements.