Package com.sun.identity.wss.sts.config

Class STSRemoteConfig

  • public class STSRemoteConfig
extends Object
    This class provides STS service configuration remotely so that the authentication provider could use this configuration while validating the requests to the STS Service.

    • Constructor Detail

      • STSRemoteConfig

        public STSRemoteConfig()

    • Method Detail

      • setType

        public void setType​(String type)

      • getType

        public String getType()

      • setIssuer

        public void setIssuer​(String issuer)

      • getIssuer

        public String getIssuer()

      • getSecurityMechanisms

        public List getSecurityMechanisms()
        Returns the list of security mechanims that the STS service is configured.
        Returns:
        list of security mechanisms.

      • setSecurityMechanisms

        public void setSecurityMechanisms​(List authMech)
        Sets the list of security mechanisms.
        Parameters:
        authMech - the list of security mechanisms.

      • isResponseSignEnabled

        public boolean isResponseSignEnabled()
        Checks if the response needs to be signed or not.
        Returns:
        true if the response needs to be signed.

      • setResponseSignEnabled

        public void setResponseSignEnabled​(boolean enable)
        Sets the response sign enable flag.
        Parameters:
        enable - enables the response signing.

      • isResponseEncryptEnabled

        public boolean isResponseEncryptEnabled()
        Checks if the response needs to be encrypted or not.
        Returns:
        true if the response needs to be encrypted.

      • setResponseEncryptEnabled

        public void setResponseEncryptEnabled​(boolean enable)
        Sets the response encrypt enable flag.
        Parameters:
        enable - enables the response encryption.

      • isRequestSignEnabled

        public boolean isRequestSignEnabled()
        Checks if the request needs to be signed or not.
        Returns:
        true if the request needs to be signed.

      • setRequestSignEnabled

        public void setRequestSignEnabled​(boolean enable)
        Sets the request sign enable flag.
        Parameters:
        enable - enables the request signing.

      • isRequestEncryptEnabled

        public boolean isRequestEncryptEnabled()
        Checks if the request needs to be encrypted or not.
        Returns:
        true if the request needs to be encrypted.

      • setRequestEncryptEnabled

        public void setRequestEncryptEnabled​(boolean enable)
        Sets the request encrypt enable flag.
        Parameters:
        enable - enables the request encryption.

      • isRequestHeaderEncryptEnabled

        public boolean isRequestHeaderEncryptEnabled()
        Checks if the request header needs to be encrypted or not.
        Returns:
        true if the request header needs to be encrypted.

      • setRequestHeaderEncryptEnabled

        public void setRequestHeaderEncryptEnabled​(boolean enable)
        Sets the request header encrypt enable flag.
        Parameters:
        enable - enables the request header encryption.

      • getPrivateKeyType

        public String getPrivateKeyType()
        Returns the key type for the security provider at STS service.
        Returns:
        the key type of the security provider at STS service.

      • setPrivateKeyType

        public void setPrivateKeyType​(String keyType)
        Sets the key type for the security provider at STS service.
        Parameters:
        keyType - the key type for the security provider at STS service.

      • getPrivateKeyAlias

        public String getPrivateKeyAlias()
        Returns the key alias for the security provider at STS service.
        Returns:
        the key alias of the security provider at STS service.

      • setPrivateKeyAlias

        public void setPrivateKeyAlias​(String alias)
        Sets the key alias for the security provider at STS service.
        Parameters:
        alias - the key alias for the security provider at STS service.

      • getPublicKeyAlias

        public String getPublicKeyAlias()
        Returns the Public key alias for this provider's partner.
        Returns:
        the Public key alias of the provider's partner.

      • setPublicKeyAlias

        public void setPublicKeyAlias​(String alias)
        Sets the Public key alias for this provider's partner.
        Parameters:
        alias - the Public key alias for this provider's partner.

      • getSTSEndpoint

        public String getSTSEndpoint()
        Returns STS Endpoint
        Returns:
        the STS endpoint

      • getKDCDomain

        public String getKDCDomain()
        Returns Kerberos Domain Controller Domain
        Returns:
        Kerberos Domain Controller Domain

      • setKDCDomain

        public void setKDCDomain​(String domain)
        Sets Kerberos Domain Controller Domain
        Parameters:
        domain - Kerberos Domain Controller Domain

      • getKDCServer

        public String getKDCServer()
        Returns Kerberos Domain Controller Server.
        Returns:
        Kerberos Domain Controller Server.

      • setKDCServer

        public void setKDCServer​(String kdcServer)
        Sets Kerberos Domain Controller Server
        Parameters:
        kdcServer - Kerberos Domain Controller Server

      • getKeyTabFile

        public String getKeyTabFile()
        This method is used by the web services provider to get the key tab file.
        Returns:
        the keytab file.

      • setKeyTabFile

        public void setKeyTabFile​(String file)
        Sets the keytab file
        Parameters:
        file - the fully qualified file path

      • getKerberosServicePrincipal

        public String getKerberosServicePrincipal()
        Returns kerberos service principal
        Returns:
        the kerberos service principal

      • setKerberosServicePrincipal

        public void setKerberosServicePrincipal​(String principal)
        Sets kerberos service principal.
        Parameters:
        principal - the kerberos service principal.

      • isValidateKerberosSignature

        public boolean isValidateKerberosSignature()
        Returns true if kerberos signature needs to be validated. The signature validation is supported only with JDK6 onwards.
        Returns:
        true if the signature validation needs to be validated.

      • setValidateKerberosSignature

        public void setValidateKerberosSignature​(boolean validate)
        Sets a boolean flag to enable or disable validate kerberos signature.
        Parameters:
        validate - boolean flag to enable or disable validate krb signature.

      • setUsers

        public void setUsers​(List usercredentials)
        Sets the user credentials list.
        Parameters:
        usercredentials - list of PasswordCredentialobjects.

      • getUsers

        public List getUsers()
        Returns the list of PasswordCredentials of the user.
        Returns:
        the list of PasswordCredential objects.

      • getEncryptionAlgorithm

        public String getEncryptionAlgorithm()
        Returns encryption algorithm
        Returns:
        the encryption algorithm

      • setEncryptionAlgorithm

        public void setEncryptionAlgorithm​(String algorithm)
        Sets the encryption algorithm
        Parameters:
        algorithm - the encryption algorithm

      • getEncryptionStrength

        public int getEncryptionStrength()
        Returns the encryption strength;
        Returns:
        the encryption strength;

      • setEncryptionStrength

        public void setEncryptionStrength​(int encryptionStrength)
        Sets the encryption data strength.
        Parameters:
        encryptionStrength - the encryption data strength.

      • getSigningRefType

        public String getSigningRefType()
        Returns signing reference type.
        Returns:
        the signing reference type.

      • setSigningRefType

        public void setSigningRefType​(String refType)
        Set signing reference type.
        Parameters:
        refType - the signing reference type.

      • getAuthenticationChain

        public String getAuthenticationChain()
        Returns authentication chain used for authenticating sts clients.
        Returns:
        the authentication chain name.

      • setAuthenticationChain

        public void setAuthenticationChain​(String authChain)
        Sets the authentication chain name.
        Parameters:
        authChain - the authentication chain name.

      • isUserTokenDetectReplayEnabled

        public boolean isUserTokenDetectReplayEnabled()
        Returns true if the user name token replay is enabled.
        Returns:
        true if the user name token replay is enabled.

      • setDetectUserTokenReplay

        public void setDetectUserTokenReplay​(boolean enable)
        Enable or disable the detection of user token replay
        Parameters:
        enable - true if the detection of user token replay is enabled.

      • isMessageReplayDetectionEnabled

        public boolean isMessageReplayDetectionEnabled()
        Returns true if the message replay detection is enabled.
        Returns:
        true if the message replay detection is enabled.

      • setMessageReplayDetection

        public void setMessageReplayDetection​(boolean enable)
        Enable or disable the message replay detection.
        Parameters:
        enable - true if the detection of the message replay is enabled.

      • getSignedElements

        public List getSignedElements()
        Returns the list of signed elements.
        Returns:
        the list of signed elements.

      • setSignedElements

        public void setSignedElements​(List signedElements)
        Sets the signed elements
        Parameters:
        signedElements - the signed elements.