com.ibm.websphere.wssecurity.wssapi.token
Interface SecurityContextToken
All Superinterfaces:
- public interface SecurityContextToken
- extends SecurityToken
It defined by the specifications of WS-SecureConvesation
Following is the sample code to get the security context token.
String path = "service/uri"; // path of security token service WSSFactory factory = WSSFactory.getInstance(); // generate the WSSGenerationContext and WSSConsumingContext objects // for request the security context token to the security token services. // configuration for a construction the message to request the security context token WSSGenerationContext gencontBootstrap = configureWSSGenerationContextForBootstrap(); // configuration for a validation the message containing the security context token WSSConsumingContext concontBootstrap = configureWSSConsumingContextForBootstrap(); // configuration for a construction the message to send to the application WSSGenerationContext gencontApp = configureWSSGenerationContextForApplication(); // configuration for a validation the message to be received from the application WSSConsumingContext concontApp = configureWSSConsumingContextForApplication(); // create the security context tokens SCTGenerateCallbackHandler sctgch = new SCTGenerateCallbackHandler(gencontBootstrap, concontBootstrap, path, WSSEncryption.AES128); SecurityToken[] scts = factory.newSecurityTokens(new Class[] {SecurityContextToken.class}, sctgch); SecurityContextToken sct = null; if(scts != null ){ if(scts.length != 0) { sct = (SecurityContextToken)scts[0]; // renew the security context token sct.renew(gencontBootstrap, concontBootstrap); // validate the security context token boolean isvalidate = sct.validate(gencontapp, concontapp); //cancel the security context token sct.cancel(gencontapp, concontapp); } }Notes: The specification describes the security token service provides some security context tokens. The current version provides the one security context token in a array of security token.
See Also:
Field Summary
Modifier and Type | Field and Description |
---|---|
|
STATUS_CANCELLED
Represents that the security context token is canceled.
|
|
STATUS_ISSUED
Represents that the security context token is issued.
|
|
STATUS_RENEWED
Represents that the security context token is renewed.
|
|
TokenQname
Represents the QName of this class, <wsu:SecurityContextToken>.
|
|
ValueType
Represents the value type.
|
Fields inherited from interface com.ibm.websphere.wssecurity.wssapi.token.SecurityToken |
---|
DECRYPTING_KEY, ENCRYPTING_KEY, REF_EMBEDDED, REF_KEYID, REF_STR, REF_THUMBPRINT, SIGNING_KEY, VERIFING_KEY |
Method Summary
Modifier and Type | Method and Description |
---|---|
|
cancel()
Cancels this security context token, terminating its use.
|
|
cancel(WSSGenerationContext gencont,WSSConsumingContext concont)
Cancels this security context token, terminating its use.
|
|
getCreation(java.lang.String instance)
Returns the creation date of the instance.
|
getDerivedKeyToken(java.lang.String algorithm,java.lang.String clientLabel,java.lang.String serviceLabel)
Retreives the derived key token related with this security context token.
|
|
|
getExpiration(java.lang.String instance)
Returns the expiration date of the instance.
|
|
getIdentifier()
Returns the value of <wsu:Identifier>.
|
|
getInstances()
Returns values of the <wsu:Instance>.
|
|
getStatus(java.lang.String instance)
Returns the status of the instance.
|
|
renew()
Renews this security context token with new expiration semantics.
|
|
renew(WSSGenerationContext gencont,WSSConsumingContext concont)
Renews this security context token with new expiration semantics.
|
|
validate()
Evaluates the validity of current this security context token.
|
|
validate(WSSGenerationContext gencont,WSSConsumingContext concont)
Evaluates the validity of current security context token.
|
Methods inherited from interface com.ibm.websphere.wssecurity.wssapi.token.SecurityToken |
---|
getId, getKey, getKeyIdentifier, getKeyIdentifierEncodingType, getKeyIdentifierValueType, getKeyName, getPrincipal, getReferenceURI, getThumbprint, getThumbprintEncodingType, getThumbprintValueType, getTokenQname, getValueType, getXML |
Field Detail
STATUS_ISSUED
- static final int STATUS_ISSUED
Represents that the security context token is issued.
See Also:
STATUS_RENEWED
- static final int STATUS_RENEWED
Represents that the security context token is renewed.
See Also:
STATUS_CANCELLED
- static final int STATUS_CANCELLED
Represents that the security context token is canceled.
See Also:
TokenQname
- static final javax.xml.namespace.QName TokenQname
Represents the QName of this class, <wsu:SecurityContextToken>.
- NamespaceURI: "http://schemas.xmlsoap.org/ws/2005/02/sc"
- LocalPart: "SecurityContextToken"
ValueType
- static final javax.xml.namespace.QName ValueType
Represents the value type.
- ValueType: "http://schemas.xmlsoap.org/ws/2005/02/sc/sct"
Method Detail
cancel
- void cancel()
- throws WSSException
Cancels this security context token, terminating its use.
It will invokes com.ibm.security.trust10.client.STSRequestorFactory.cancel(java.lang.Object service).
Throws:
WSSException
- if the security context token is not canceled cancel
- void cancel(WSSGenerationContext gencont,
- WSSConsumingContext concont)
- throws WSSException
Cancels this security context token, terminating its use.
Parameters:
gencont
- WS-Security configuration of canceling the security context token to the security token service concont
- WS-Security configuration of canceling the security context token to the security token service Throws:
WSSException
- if the security context token is not canceled. validate
- boolean validate()
- throws WSSException
Evaluates the validity of current this security context token.
Returns:
true if it is valid.
false if it is invalid.
false if it is invalid.
Throws:
WSSException
- if the security context token is not validated. validate
- boolean validate(WSSGenerationContext gencont,
- WSSConsumingContext concont)
- throws WSSException
Evaluates the validity of current security context token.
Parameters:
gencont
- WS-Security configuration of canceling the security context token to the security token service concont
- WS-Security configuration of canceling the security context token to the security token service Returns:
true if it is valid.
false if it is invalid.
false if it is invalid.
Throws:
WSSException
- if the security context token is not validated. renew
- void renew()
- throws WSSException
Renews this security context token with new expiration semantics.
Throws:
WSSException
- if the the security context token is not recreated renew
- void renew(WSSGenerationContext gencont,
- WSSConsumingContext concont)
- throws WSSException
Renews this security context token with new expiration semantics.
Parameters:
gencont
- WS-Security configuration of canceling the security context token to the security token service concont
- WS-Security configuration of canceling the security context token to the security token service Throws:
WSSException
- if the security context token is not recreated. getDerivedKeyToken
- DerivedKeyToken getDerivedKeyToken( java.lang.String algorithm,
- java.lang.String clientLabel,
- java.lang.String serviceLabel)
- throws WSSException
Retreives the derived key token related with this security context token.
Parameters:
algorithm
- to use for generating the derived key Returns:
derived key token
Throws:
WSSException
- if the derived key is not created getIdentifier
- java.lang.String getIdentifier( )
Returns the value of <wsu:Identifier>.
Returns:
value of the identifier
getInstances
- java.lang.String[] getInstances( )
Returns values of the <wsu:Instance>.
Returns:
all of instance names
getCreation
- java.util.Date getCreation(java.lang.String instance)
Returns the creation date of the instance.
Parameters:
instance
- instance Returns:
the creation date
getExpiration
- java.util.Date getExpiration(java.lang.String instance)
Returns the expiration date of the instance.
Parameters:
instance
- instance Returns:
the expiration date
getStatus
- int getStatus(java.lang.String instance)
Returns the status of the instance.
It will return the STATUS_ISSUED,
STATUS_RENEWED,
or STATUS_CANCELLED.
Parameters:
instance
- instance Returns:
status