com.ibm.websphere.wssecurity.wssapi.token

Class GenericSecurityTokenFactory

  1. java.lang.Object
  2. extended bycom.ibm.websphere.wssecurity.wssapi.token.GenericSecurityTokenFactory

  1. public abstract class GenericSecurityTokenFactory
  2. extends java.lang.Object

This API is used for the creation of security tokens.

The code snippets that are shown below demonstrate how to use this API to create security tokens:

Sample code for creating a fully-populated UsernameToken
   GenericSecurityTokenFactory gstFactory = GenericSecurityTokenFactory.getInstance();
 
   UsernameToken unt = gstFactory.getFullUsernameToken(username,password);
    
Sample code for creating a custom token
   GenericSecurityTokenFactory gstFactory = GenericSecurityTokenFactory.getInstance();
   
   // 1. Create the valueType
   javax.xml.namespace.QName valueType = new QName("", "http://myToken");
 
   // 2. Get a unique ID
   String uniqueID = gstFactory.createUniqueId();
 
   // 3. Build the custom element
   org.w3c.dom.Element customElement = buildmyTokenElement(uniqueId);
 
   // 4. Create the security token
   GenericSecurityToken myToken = gstFactory.getToken(customElement, valueType);
 
    

Constructor Summary

Constructor and Description
GenericSecurityTokenFactory()

Method Summary

Modifier and Type Method and Description
  1. abstract
  2. java.lang.String
createUniqueId()
Create a Unique ID that can be put into a custom token so that it can be referred to properly when being individually signed or encrypted.
  1. abstract
  2. SecurityToken
getConsumerTokenFromSharedState(java.util.Map sharedState,javax.xml.namespace.QName valueType)
Get a consumed token from the shared state.
  1. abstract
  2. UsernameToken
getFullUsernameToken(java.lang.String username)
Create a fully-populated UsernameToken with a username and no password.
  1. abstract
  2. UsernameToken
getFullUsernameToken(java.lang.String username,char[] password)
Create a fully-populated UsernameToken with a username and password.
  1. abstract
  2. UsernameToken
getFullUsernameToken(java.lang.String username,char[] password,boolean useTimestamp)
Create a fully-populated UsernameToken with a username, password, and timestamp.
  1. abstract
  2. SecurityToken
getGeneratorTokenFromSharedState(java.util.Map sharedState,javax.xml.namespace.QName valueType)
Get a generated token from the shared state.
  1. static
  2. GenericSecurityTokenFactory
getInstance()
Retrieves an instance of the GenericSecurityTokenFactory
  1. abstract
  2. GenericSecurityToken
getToken()
Create an unpupulated GenericSecurityToken
  1. abstract
  2. GenericSecurityToken
getToken(org.w3c.dom.Element element,javax.xml.namespace.QName valueType)
Create a custom GenericSecurityToken from a org.w3c.dom element
  1. abstract
  2. GenericSecurityToken
getToken(org.apache.axiom.om.OMElement element,javax.xml.namespace.QName valueType)
Create a custom GenericSecurityToken from an OMElement
  1. abstract
  2. void
putConsumerTokenToSharedState(java.util.Map sharedState,SecurityToken token)
Put a consumed token on the shared state.
  1. abstract
  2. void
putGeneratorTokenToSharedState(java.util.Map sharedState,SecurityToken token)
Put a generated token on the shared state.
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

GenericSecurityTokenFactory

  1. public GenericSecurityTokenFactory( )

Method Detail

getInstance

  1. public static GenericSecurityTokenFactory getInstance( )
  2. throws WSSException
Retrieves an instance of the GenericSecurityTokenFactory
Returns:
GenericSecurityTokenFactory object
Throws:
WSSException - if the illegal access occurs or if the WSSFactory instance is not generated.

getToken

  1. public abstract GenericSecurityToken getToken( )
Create an unpupulated GenericSecurityToken
Returns:
unpopulated GenericSecurityToken

getToken

  1. public abstract GenericSecurityToken getToken( org.apache.axiom.om.OMElement element,
  2. javax.xml.namespace.QName valueType)
Create a custom GenericSecurityToken from an OMElement
Parameters:
element - axiom representation of the custom element
valueType - the token's value type
Returns:
a fully-populated custom GenericSecurityToken

getToken

  1. public abstract GenericSecurityToken getToken( org.w3c.dom.Element element,
  2. javax.xml.namespace.QName valueType)
  3. throws java.lang.Exception
Create a custom GenericSecurityToken from a org.w3c.dom element
Parameters:
element - - w3c.dom representation of the custom element
valueType - - the token's value type
Returns:
a fully-populated custom GenericSecurityToken
Throws:
java.lang.Exception

getFullUsernameToken

  1. public abstract UsernameToken getFullUsernameToken( java.lang.String username)
  2. throws javax.security.auth.login.LoginException
Create a fully-populated UsernameToken with a username and no password.
Parameters:
username - username for the UsernameToken element
Returns:
a fully-populated UsernameToken
Throws:
javax.security.auth.login.LoginException

getFullUsernameToken

  1. public abstract UsernameToken getFullUsernameToken( java.lang.String username,
  2. char[] password)
  3. throws javax.security.auth.login.LoginException
Create a fully-populated UsernameToken with a username and password.
Parameters:
username - username for the UsernameToken element
password - password for the UsernameToken element
Returns:
a fully-populated UsernameToken
Throws:
javax.security.auth.login.LoginException

getFullUsernameToken

  1. public abstract UsernameToken getFullUsernameToken( java.lang.String username,
  2. char[] password,
  3. boolean useTimestamp)
  4. throws javax.security.auth.login.LoginException
Create a fully-populated UsernameToken with a username, password, and timestamp.
Parameters:
username - username for the UsernameToken element
password - password for the UsernameToken element. Null for no password.
useTimestamp - true=add timestamp, false=no timestamp
Returns:
a fully-populated UsernameToken
Throws:
javax.security.auth.login.LoginException

createUniqueId

  1. public abstract java.lang.String createUniqueId( )
Create a Unique ID that can be put into a custom token so that it can be referred to properly when being individually signed or encrypted.
Returns:
a Unique ID String

getGeneratorTokenFromSharedState

  1. public abstract SecurityToken getGeneratorTokenFromSharedState( java.util.Map sharedState,
  2. javax.xml.namespace.QName valueType)
Get a generated token from the shared state.

This method can be used by stacked login modules to retrieve a token of the specified value from the com.ibm.wsspi.wssecurity.core.Constants.WSSECURITY_TOKEN_TO_BE_INSERTED property on the shared state.
Parameters:
sharedState - JAAS login module shared state Map
valueType - Value type of the desired token
Returns:
a SecurityToken of the specified value type

getConsumerTokenFromSharedState

  1. public abstract SecurityToken getConsumerTokenFromSharedState( java.util.Map sharedState,
  2. javax.xml.namespace.QName valueType)
Get a consumed token from the shared state.

This method can be used by stacked login modules to retrieve a token of the specified value from the com.ibm.wsspi.wssecurity.core.Constants.WSSECURITY_TOKEN_PROCESSED property on the shared state.
Parameters:
sharedState - JAAS login module shared state Map
valueType - Value type of the desired token
Returns:
a SecurityToken of the specified value type

putGeneratorTokenToSharedState

  1. public abstract void putGeneratorTokenToSharedState( java.util.Map sharedState,
  2. SecurityToken token)
Put a generated token on the shared state.

This method can be used by stacked login modules to put a token in a token list on the com.ibm.wsspi.wssecurity.core.Constants.WSSECURITY_TOKEN_TO_BE_INSERTED property in the shared state.
Parameters:
sharedState - JAAS login module shared state Map
token - Token to insert

putConsumerTokenToSharedState

  1. public abstract void putConsumerTokenToSharedState( java.util.Map sharedState,
  2. SecurityToken token)
Put a consumed token on the shared state.

This method can be used by stacked login modules to put a token in a token list on the com.ibm.wsspi.wssecurity.core.Constants.WSSECURITY_TOKEN_TO_BE_INSERTED property in the shared state.
Parameters:
sharedState - JAAS login module shared state Map
token - Token to insert