com.sun.identity.wss.sts.config

Class STSRemoteConfig

java.lang.Object

com.sun.identity.wss.sts.config.STSRemoteConfig

public class STSRemoteConfig
extends Object

This class provides STS service configuration remotely so that the authentication provider could use this configuration while validating the requests to the STS Service.

Constructor Summary

Constructors

Constructor and Description
STSRemoteConfig()

Method Summary

Modifier and Type	Method and Description
String	getAuthenticationChain() Returns authentication chain used for authenticating sts clients.
String	getEncryptionAlgorithm() Returns encryption algorithm
int	getEncryptionStrength() Returns the encryption strength;
String	getIssuer()
String	getKDCDomain() Returns Kerberos Domain Controller Domain
String	getKDCServer() Returns Kerberos Domain Controller Server.
String	getKerberosServicePrincipal() Returns kerberos service principal
String	getKeyTabFile() This method is used by the web services provider to get the key tab file.
String	getPrivateKeyAlias() Returns the key alias for the security provider at STS service.
String	getPrivateKeyType() Returns the key type for the security provider at STS service.
String	getPublicKeyAlias() Returns the Public key alias for this provider's partner.
List	getSecurityMechanisms() Returns the list of security mechanims that the STS service is configured.
List	getSignedElements() Returns the list of signed elements.
String	getSigningRefType() Returns signing reference type.
String	getSTSEndpoint() Returns STS Endpoint
String	getType()
List	getUsers() Returns the list of PasswordCredentials of the user.
boolean	isMessageReplayDetectionEnabled() Returns true if the message replay detection is enabled.
boolean	isRequestEncryptEnabled() Checks if the request needs to be encrypted or not.
boolean	isRequestHeaderEncryptEnabled() Checks if the request header needs to be encrypted or not.
boolean	isRequestSignEnabled() Checks if the request needs to be signed or not.
boolean	isResponseEncryptEnabled() Checks if the response needs to be encrypted or not.
boolean	isResponseSignEnabled() Checks if the response needs to be signed or not.
boolean	isUserTokenDetectReplayEnabled() Returns true if the user name token replay is enabled.
boolean	isValidateKerberosSignature() Returns true if kerberos signature needs to be validated.
void	setAuthenticationChain(String authChain) Sets the authentication chain name.
void	setDetectUserTokenReplay(boolean enable) Enable or disable the detection of user token replay
void	setEncryptionAlgorithm(String algorithm) Sets the encryption algorithm
void	setEncryptionStrength(int encryptionStrength) Sets the encryption data strength.
void	setIssuer(String issuer)
void	setKDCDomain(String domain) Sets Kerberos Domain Controller Domain
void	setKDCServer(String kdcServer) Sets Kerberos Domain Controller Server
void	setKerberosServicePrincipal(String principal) Sets kerberos service principal.
void	setKeyTabFile(String file) Sets the keytab file
void	setMessageReplayDetection(boolean enable) Enable or disable the message replay detection.
void	setPrivateKeyAlias(String alias) Sets the key alias for the security provider at STS service.
void	setPrivateKeyType(String keyType) Sets the key type for the security provider at STS service.
void	setPublicKeyAlias(String alias) Sets the Public key alias for this provider's partner.
void	setRequestEncryptEnabled(boolean enable) Sets the request encrypt enable flag.
void	setRequestHeaderEncryptEnabled(boolean enable) Sets the request header encrypt enable flag.
void	setRequestSignEnabled(boolean enable) Sets the request sign enable flag.
void	setResponseEncryptEnabled(boolean enable) Sets the response encrypt enable flag.
void	setResponseSignEnabled(boolean enable) Sets the response sign enable flag.
void	setSecurityMechanisms(List authMech) Sets the list of security mechanisms.
void	setSignedElements(List signedElements) Sets the signed elements
void	setSigningRefType(String refType) Set signing reference type.
void	setType(String type)
void	setUsers(List usercredentials) Sets the user credentials list.
void	setValidateKerberosSignature(boolean validate) Sets a boolean flag to enable or disable validate kerberos signature.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

STSRemoteConfig

public STSRemoteConfig()

Method Detail

setType

public void setType(String type)

getType

public String getType()

setIssuer

public void setIssuer(String issuer)

getIssuer

public String getIssuer()

getSecurityMechanisms

public List getSecurityMechanisms()

Returns the list of security mechanims that the STS service is configured.

Returns:

list of security mechanisms.

setSecurityMechanisms

public void setSecurityMechanisms(List authMech)

Sets the list of security mechanisms.

Parameters:

authMech - the list of security mechanisms.

isResponseSignEnabled

public boolean isResponseSignEnabled()

Checks if the response needs to be signed or not.

Returns:

true if the response needs to be signed.

setResponseSignEnabled

public void setResponseSignEnabled(boolean enable)

Sets the response sign enable flag.

Parameters:

enable - enables the response signing.

isResponseEncryptEnabled

public boolean isResponseEncryptEnabled()

Checks if the response needs to be encrypted or not.

Returns:

true if the response needs to be encrypted.

setResponseEncryptEnabled

public void setResponseEncryptEnabled(boolean enable)

Sets the response encrypt enable flag.

Parameters:

enable - enables the response encryption.

isRequestSignEnabled

public boolean isRequestSignEnabled()

Checks if the request needs to be signed or not.

Returns:

true if the request needs to be signed.

setRequestSignEnabled

public void setRequestSignEnabled(boolean enable)

Sets the request sign enable flag.

Parameters:

enable - enables the request signing.

isRequestEncryptEnabled

public boolean isRequestEncryptEnabled()

Checks if the request needs to be encrypted or not.

Returns:

true if the request needs to be encrypted.

setRequestEncryptEnabled

public void setRequestEncryptEnabled(boolean enable)

Sets the request encrypt enable flag.

Parameters:

enable - enables the request encryption.

isRequestHeaderEncryptEnabled

public boolean isRequestHeaderEncryptEnabled()

Checks if the request header needs to be encrypted or not.

Returns:

true if the request header needs to be encrypted.

setRequestHeaderEncryptEnabled

public void setRequestHeaderEncryptEnabled(boolean enable)

Sets the request header encrypt enable flag.

Parameters:

enable - enables the request header encryption.

getPrivateKeyType

public String getPrivateKeyType()

Returns the key type for the security provider at STS service.

Returns:

the key type of the security provider at STS service.

setPrivateKeyType

public void setPrivateKeyType(String keyType)

Sets the key type for the security provider at STS service.

Parameters:

keyType - the key type for the security provider at STS service.

getPrivateKeyAlias

public String getPrivateKeyAlias()

Returns the key alias for the security provider at STS service.

Returns:

the key alias of the security provider at STS service.

setPrivateKeyAlias

public void setPrivateKeyAlias(String alias)

Sets the key alias for the security provider at STS service.

Parameters:

alias - the key alias for the security provider at STS service.

getPublicKeyAlias

public String getPublicKeyAlias()

Returns the Public key alias for this provider's partner.

Returns:

the Public key alias of the provider's partner.

setPublicKeyAlias

public void setPublicKeyAlias(String alias)

Sets the Public key alias for this provider's partner.

Parameters:

alias - the Public key alias for this provider's partner.

getSTSEndpoint

public String getSTSEndpoint()

Returns STS Endpoint

Returns:

the STS endpoint

getKDCDomain

public String getKDCDomain()

Returns Kerberos Domain Controller Domain

Returns:

Kerberos Domain Controller Domain

setKDCDomain

public void setKDCDomain(String domain)

Sets Kerberos Domain Controller Domain

Parameters:

domain - Kerberos Domain Controller Domain

getKDCServer

public String getKDCServer()

Returns Kerberos Domain Controller Server.

Returns:

Kerberos Domain Controller Server.

setKDCServer

public void setKDCServer(String kdcServer)

Sets Kerberos Domain Controller Server

Parameters:

kdcServer - Kerberos Domain Controller Server

getKeyTabFile

public String getKeyTabFile()

This method is used by the web services provider to get the key tab file.

Returns:

the keytab file.

setKeyTabFile

public void setKeyTabFile(String file)

Sets the keytab file

Parameters:

file - the fully qualified file path

getKerberosServicePrincipal

public String getKerberosServicePrincipal()

Returns kerberos service principal

Returns:

the kerberos service principal

setKerberosServicePrincipal

public void setKerberosServicePrincipal(String principal)

Sets kerberos service principal.

Parameters:

principal - the kerberos service principal.

isValidateKerberosSignature

public boolean isValidateKerberosSignature()

Returns true if kerberos signature needs to be validated. The signature validation is supported only with JDK6 onwards.

Returns:

true if the signature validation needs to be validated.

setValidateKerberosSignature

public void setValidateKerberosSignature(boolean validate)

Sets a boolean flag to enable or disable validate kerberos signature.

Parameters:

validate - boolean flag to enable or disable validate krb signature.

setUsers

public void setUsers(List usercredentials)

Sets the user credentials list.

Parameters:

usercredentials - list of PasswordCredentialobjects.

getUsers

public List getUsers()

Returns the list of PasswordCredentials of the user.

Returns:

the list of PasswordCredential objects.

getEncryptionAlgorithm

public String getEncryptionAlgorithm()

Returns encryption algorithm

Returns:

the encryption algorithm

setEncryptionAlgorithm

public void setEncryptionAlgorithm(String algorithm)

Sets the encryption algorithm

Parameters:

algorithm - the encryption algorithm

getEncryptionStrength

public int getEncryptionStrength()

Returns the encryption strength;

Returns:

the encryption strength;

setEncryptionStrength

public void setEncryptionStrength(int encryptionStrength)

Sets the encryption data strength.

Parameters:

encryptionStrength - the encryption data strength.

getSigningRefType

public String getSigningRefType()

Returns signing reference type.

Returns:

the signing reference type.

setSigningRefType

public void setSigningRefType(String refType)

Set signing reference type.

Parameters:

refType - the signing reference type.

getAuthenticationChain

public String getAuthenticationChain()

Returns authentication chain used for authenticating sts clients.

Returns:

the authentication chain name.

setAuthenticationChain

public void setAuthenticationChain(String authChain)

Sets the authentication chain name.

Parameters:

authChain - the authentication chain name.

isUserTokenDetectReplayEnabled

public boolean isUserTokenDetectReplayEnabled()

Returns true if the user name token replay is enabled.

Returns:

true if the user name token replay is enabled.

setDetectUserTokenReplay

public void setDetectUserTokenReplay(boolean enable)

Enable or disable the detection of user token replay

Parameters:

enable - true if the detection of user token replay is enabled.

isMessageReplayDetectionEnabled

public boolean isMessageReplayDetectionEnabled()

Returns true if the message replay detection is enabled.

Returns:

true if the message replay detection is enabled.

setMessageReplayDetection

public void setMessageReplayDetection(boolean enable)

Enable or disable the message replay detection.

Parameters:

enable - true if the detection of the message replay is enabled.

getSignedElements

public List getSignedElements()

Returns the list of signed elements.

Returns:

the list of signed elements.

setSignedElements

public void setSignedElements(List signedElements)

Sets the signed elements

Parameters:

signedElements - the signed elements.