com.ibm.websphere.wssecurity.wssapi.token

Interface SecurityContextToken

All Superinterfaces:
SecurityToken

  1. public interface SecurityContextToken
  2. extends SecurityToken
This interface is responsible for the security context token, <wsu:SecurityContextToken> element.
It defined by the specifications of WS-SecureConvesation
Following is the sample code to get the security context token.
   String path = "service/uri"; // path of security token service
   WSSFactory factory = WSSFactory.getInstance();

   // generate the WSSGenerationContext and WSSConsumingContext objects 
   //           for request the security context token to the security token services.

   // configuration for a construction the message to request the security context token
   WSSGenerationContext gencontBootstrap = configureWSSGenerationContextForBootstrap();  
   // configuration for a validation the message containing the security context token
   WSSConsumingContext concontBootstrap = configureWSSConsumingContextForBootstrap(); 

   // configuration for a construction the message to send to the application
   WSSGenerationContext gencontApp = configureWSSGenerationContextForApplication();
   // configuration for a validation the message to be received from the application
   WSSConsumingContext concontApp = configureWSSConsumingContextForApplication();

   // create the security context tokens
   SCTGenerateCallbackHandler sctgch = new SCTGenerateCallbackHandler(gencontBootstrap, concontBootstrap, path, WSSEncryption.AES128);
   SecurityToken[] scts = factory.newSecurityTokens(new Class[] {SecurityContextToken.class}, sctgch);
   SecurityContextToken sct = null;
   if(scts != null ){
      if(scts.length != 0) {
         sct = (SecurityContextToken)scts[0];

         // renew the security context token
         sct.renew(gencontBootstrap, concontBootstrap);

        // validate the security context token
        boolean isvalidate = sct.validate(gencontapp, concontapp);


        //cancel the security context token
        sct.cancel(gencontapp, concontapp);

      }
    }
   
Notes: The specification describes the security token service provides some security context tokens. The current version provides the one security context token in a array of security token.
See Also:
DerivedKeyToken, SCTGenerateCallbackHandler, SCTConsumeCallbackHandler

Field Summary

Modifier and Type Field and Description
  1. static
  2. int
STATUS_CANCELLED
Represents that the security context token is canceled.
  1. static
  2. int
STATUS_ISSUED
Represents that the security context token is issued.
  1. static
  2. int
STATUS_RENEWED
Represents that the security context token is renewed.
  1. static
  2. javax.xml.namespace.QName
TokenQname
Represents the QName of this class, <wsu:SecurityContextToken>.
  1. static
  2. javax.xml.namespace.QName
ValueType
Represents the value type.
Fields inherited from interface com.ibm.websphere.wssecurity.wssapi.token.SecurityToken
DECRYPTING_KEY, ENCRYPTING_KEY, REF_EMBEDDED, REF_KEYID, REF_STR, REF_THUMBPRINT, SIGNING_KEY, VERIFING_KEY

Method Summary

Modifier and Type Method and Description
  1. void
cancel()
Cancels this security context token, terminating its use.
  1. void
cancel(WSSGenerationContext gencont,WSSConsumingContext concont)
Cancels this security context token, terminating its use.
  1. java.util.Date
getCreation(java.lang.String instance)
Returns the creation date of the instance.
  1. DerivedKeyToken
getDerivedKeyToken(java.lang.String algorithm,java.lang.String clientLabel,java.lang.String serviceLabel)
Retreives the derived key token related with this security context token.
  1. java.util.Date
getExpiration(java.lang.String instance)
Returns the expiration date of the instance.
  1. java.lang.String
getIdentifier()
Returns the value of <wsu:Identifier>.
  1. java.lang.String[]
getInstances()
Returns values of the <wsu:Instance>.
  1. int
getStatus(java.lang.String instance)
Returns the status of the instance.
  1. void
renew()
Renews this security context token with new expiration semantics.
  1. void
renew(WSSGenerationContext gencont,WSSConsumingContext concont)
Renews this security context token with new expiration semantics.
  1. boolean
validate()
Evaluates the validity of current this security context token.
  1. boolean
validate(WSSGenerationContext gencont,WSSConsumingContext concont)
Evaluates the validity of current security context token.
Methods inherited from interface com.ibm.websphere.wssecurity.wssapi.token.SecurityToken
getId, getKey, getKeyIdentifier, getKeyIdentifierEncodingType, getKeyIdentifierValueType, getKeyName, getPrincipal, getReferenceURI, getThumbprint, getThumbprintEncodingType, getThumbprintValueType, getTokenQname, getValueType, getXML

Field Detail

STATUS_ISSUED

  1. static final int STATUS_ISSUED
Represents that the security context token is issued.
See Also:

STATUS_RENEWED

  1. static final int STATUS_RENEWED
Represents that the security context token is renewed.
See Also:

STATUS_CANCELLED

  1. static final int STATUS_CANCELLED
Represents that the security context token is canceled.
See Also:

TokenQname

  1. static final javax.xml.namespace.QName TokenQname
Represents the QName of this class, <wsu:SecurityContextToken>.
NamespaceURI: "http://schemas.xmlsoap.org/ws/2005/02/sc"
LocalPart: "SecurityContextToken"

ValueType

  1. static final javax.xml.namespace.QName ValueType
Represents the value type.
ValueType: "http://schemas.xmlsoap.org/ws/2005/02/sc/sct"

Method Detail

cancel

  1. void cancel()
  2. throws WSSException
Cancels this security context token, terminating its use. It will invokes com.ibm.security.trust10.client.STSRequestorFactory.cancel(java.lang.Object service).
Throws:
WSSException - if the security context token is not canceled

cancel

  1. void cancel(WSSGenerationContext gencont,
  2. WSSConsumingContext concont)
  3. throws WSSException
Cancels this security context token, terminating its use.
Parameters:
gencont - WS-Security configuration of canceling the security context token to the security token service
concont - WS-Security configuration of canceling the security context token to the security token service
Throws:
WSSException - if the security context token is not canceled.

validate

  1. boolean validate()
  2. throws WSSException
Evaluates the validity of current this security context token.
Returns:
true if it is valid.
false if it is invalid.
Throws:
WSSException - if the security context token is not validated.

validate

  1. boolean validate(WSSGenerationContext gencont,
  2. WSSConsumingContext concont)
  3. throws WSSException
Evaluates the validity of current security context token.
Parameters:
gencont - WS-Security configuration of canceling the security context token to the security token service
concont - WS-Security configuration of canceling the security context token to the security token service
Returns:
true if it is valid.
false if it is invalid.
Throws:
WSSException - if the security context token is not validated.

renew

  1. void renew()
  2. throws WSSException
Renews this security context token with new expiration semantics.
Throws:
WSSException - if the the security context token is not recreated

renew

  1. void renew(WSSGenerationContext gencont,
  2. WSSConsumingContext concont)
  3. throws WSSException
Renews this security context token with new expiration semantics.
Parameters:
gencont - WS-Security configuration of canceling the security context token to the security token service
concont - WS-Security configuration of canceling the security context token to the security token service
Throws:
WSSException - if the security context token is not recreated.

getDerivedKeyToken

  1. DerivedKeyToken getDerivedKeyToken( java.lang.String algorithm,
  2. java.lang.String clientLabel,
  3. java.lang.String serviceLabel)
  4. throws WSSException
Retreives the derived key token related with this security context token.
Parameters:
algorithm - to use for generating the derived key
Returns:
derived key token
Throws:
WSSException - if the derived key is not created

getIdentifier

  1. java.lang.String getIdentifier( )
Returns the value of <wsu:Identifier>.
Returns:
value of the identifier

getInstances

  1. java.lang.String[] getInstances( )
Returns values of the <wsu:Instance>.
Returns:
all of instance names

getCreation

  1. java.util.Date getCreation(java.lang.String instance)
Returns the creation date of the instance.
Parameters:
instance - instance
Returns:
the creation date

getExpiration

  1. java.util.Date getExpiration(java.lang.String instance)
Returns the expiration date of the instance.
Parameters:
instance - instance
Returns:
the expiration date

getStatus

  1. int getStatus(java.lang.String instance)
Returns the status of the instance. It will return the STATUS_ISSUED, STATUS_RENEWED, or STATUS_CANCELLED.
Parameters:
instance - instance
Returns:
status