com.ibm.wsspi.wssecurity.saml.config
Interface RequesterConfig
All Superinterfaces:
- public interface RequesterConfig
- extends RequesterConfiguration
This interface encapsulates the configuration information for the requesting entity of the SAML token.
User should never implement this interface directly, and is required to useSAMLTokenFactory
to get an instance of RequesterConfig.
Nested Class Summary
Modifier and Type | Interface and Description |
---|---|
|
RequesterConfig.requestMode
|
Nested classes/interfaces inherited from interface com.ibm.wsspi.wssecurity.core.token.config.RequesterConfiguration |
---|
RequesterConfiguration.RSTT, RequesterConfiguration.RSTT13 |
Field Summary
Modifier and Type | Field and Description |
---|---|
|
DEFAULT_CLOCKSKEW
|
Method Summary
Modifier and Type | Method and Description |
---|---|
|
enableNotBefore()
|
|
getAddress()
|
|
getAuthenticatingAuthority()
|
|
getAuthenticationMethod()
Retrieves the type of authentication used by the requester; password authentication.
|
|
getAuthnContextDecl()
|
|
getAuthnContextDeclRef()
|
|
getClockSkew()
Return the allowable clock skew.
|
|
getConfirmationMethod()
Retrieves the SAML confirmation method used by the requester.
|
|
getEncryptionKeyInfoType()
Retrieves the type of encryption that the requester chooses to apply
when holder of key subject confirmation is used.
|
|
getHolderOfKeyKeyInfoType()
Retrieves the value type of the holder of key material; e.g a key value indicates
the presence of a key material.
|
|
getInResponseTo()
|
getIssueMode()
|
|
|
getKeyAliasForAppliesTo()
Retrieves the recipient's key alias that is used to encrypt the proof of key info in the subject
confirmation of the SAML token.
|
|
getKeyAliasForRequester()
Retrieves the requester's key alias name to be used for the holder of key confirmation.
|
|
getNotOnOrAfter()
|
|
getRecipient()
|
|
getRequesterDNSAddress()
Retrieves the DNS address for the requester.
|
|
getRequesterIPAddress()
Retrieves the IP address for the requester.
|
|
getSessionNotOnOrAfter()
|
|
getSignatureKeyInfoType()
Retrieves the type of public key used for the signature on the assertion (e.g.; X509Certificate).
|
|
getStatementType()
Retrieves the type of SAML statement being requested.
|
|
includeCredentialToken()
|
|
includeExpiration()
|
|
includeGroupIds()
|
|
includeHostName()
|
|
includeOID()
|
|
includePrimaryGroupId()
|
|
includeRealmName()
|
|
includeSecurityName()
|
|
includeUniqueSecurityName()
|
|
isAssertionSignatureRequired()
Retrieves the indication of whether or not this requester requires a signature on the SAML
assertion.
|
|
isEncryptSAML()
|
|
isOneTimeUse()
Retrieves the indication of whether or not this requester requires an OneTimeUse assertion.
|
|
isSessionIndexEnabled()
Retrieves the indication of whether the session between the requester and the
authentication service to which the user authenticates will be indexed (uniquely identified)
in the SAML assertion.
|
|
setAddress(java.lang.String url)
|
|
setAssertionSignatureRequired(boolean option)
Sets the indication of whether or not this requester requires a signature on the SAML
assertion.
|
|
setAuthenticatingAuthority(java.lang.String url)
|
|
setAuthenticationMethod(java.lang.String method)
Sets the type of authentication used by the requester; password authentication.
|
|
setAuthnContextDecl(java.lang.String url)
|
|
setAuthnContextDeclRef(java.lang.String url)
|
|
setClockSkew(long time)
Set clock skew
|
|
setConfirmationMethod(java.lang.String method)
Sets the confirmation method to be used (e.g. bearer, holder of key or sender vouches)
|
|
setEnableNotBefore(boolean notBefore)
|
|
setEncryptionKeyInfoType(java.lang.String type)
Sets the type of encryption that the requester chooses to apply
when holder of key subject confirmation is used.
|
|
setEncryptSAML(boolean enc)
|
|
setHolderOfKeyKeyInfoType(java.lang.String type)
Sets the value type of the holder of key material; e.g a keyValue indicates
the presence of a key material.
|
|
setIncludeCredentialToken(boolean flag)
Sets boolean flag to assert CredentialToken from WSCredential as an SAML attribute.
|
|
setIncludeExpiration(boolean flag)
Sets boolean flag to assert Expiration from WSCredential as an SAML attribute.
|
|
setIncludeGroupIds(boolean flag)
Sets boolean flag to assert GroupIds from WSCredential as an SAML attribute.
|
|
setIncludeHostName(boolean flag)
Sets boolean flag to assert HostName from WSCredential as an SAML attribute.
|
|
setIncludeOID(boolean flag)
Sets boolean flag to assert OID from WSCredential as an SAML attribute.
|
|
setIncludePrimaryGroupId(boolean flag)
Sets boolean flag to assert PrimaryGroupId from WSCredential as an SAML attribute.
|
|
setIncludeRealmName(boolean flag)
Sets boolean flag to assert realm from WSCredential as an SAML attribute.
|
|
setIncludeSecurityName(boolean flag)
Sets boolean flag to assert SecurityName from WSCredential as an SAML attribute.
|
|
setIncludeUniqueSecurityName(boolean flag)
Sets boolean flag to assert UniqueSecurityName from WSCredential as an SAML attribute.
|
|
setInResponseTo(java.lang.String url)
|
|
setIssueMode(RequesterConfig.requestMode mode)
|
|
setKeyAliasForAppliesTo(java.lang.String type)
Sets the recipient's key alias that is used to encrypt the proof of key info in the subject
confirmation of the SAML token.
|
|
setKeyAliasForRequester(java.lang.String alias)
Sets the requester's key alias name to be used for the holder of key confirmation.
|
|
setNotOnOrAfter(long minutes)
|
|
setOneTimeUse(boolean option)
Sets the indication of whether or not this requester requires an OneTimeUse assertion.
|
|
setRecipient(java.lang.String url)
|
|
setRequesterDNSAddress(java.lang.String dns)
Sets the DNS address for the SubjectLocality.
|
|
setRequesterIPAddress(java.lang.String ip)
Sets the IP address for the SubjectLocality.
|
|
setSessionNotOnOrAfter(long minutes)
|
|
setSignatureKeyInfoType(java.lang.String type)
Sets the type of public key used for the signature on the assertion (e.g.; X509Certificate).
|
|
setStatementType(java.lang.String type)
Sets the type of SAML statement being requested.
|
|
setUseSha2ForSignature(boolean flag)
Set the flag.
|
|
setUseUniqueSecurityName(boolean flag)
Sets boolean flag to use UniqueSecurityName from WSCredential as NameID or NameIdentifier.
|
|
useSha2ForSignature()
Return the flag.
|
|
useUniqueSecurityName()
|
Methods inherited from interface com.ibm.wsspi.wssecurity.core.token.config.RequesterConfiguration |
---|
getRSTTProperties, setRSTTProperties |
Methods inherited from interface com.ibm.wsspi.wssecurity.core.config.Configuration |
---|
validate |
Field Detail
DEFAULT_CLOCKSKEW
- static final long DEFAULT_CLOCKSKEW
See Also:
Method Detail
getConfirmationMethod
- java.lang.String getConfirmationMethod( )
Retrieves the SAML confirmation method used by the requester.
Subject confirmation is of three type:
- bearer
- holder of key
- sender vouches <\ul>
Returns:
a string indicating the confirmation method used.
getEncryptionKeyInfoType
- java.lang.String getEncryptionKeyInfoType( )
Retrieves the type of encryption that the requester chooses to apply
when holder of key subject confirmation is used.
Returns:
a string indicating the type of encryption key to be used.
getHolderOfKeyKeyInfoType
- java.lang.String getHolderOfKeyKeyInfoType( )
Retrieves the value type of the holder of key material; e.g a key value indicates
the presence of a key material.
Returns:
a string indicating the type of of holder of key value.
isSessionIndexEnabled
- boolean isSessionIndexEnabled()
Retrieves the indication of whether the session between the requester and the
authentication service to which the user authenticates will be indexed (uniquely identified)
in the SAML assertion.
Returns:
a boolean value indicating whether the authentication session is to be indexed.
getSignatureKeyInfoType
- java.lang.String getSignatureKeyInfoType( )
Retrieves the type of public key used for the signature on the assertion (e.g.; X509Certificate).
Returns:
a string representing the type of public key used for the signature on the assertion.
getStatementType
- java.lang.String getStatementType( )
Retrieves the type of SAML statement being requested.
Returns:
a string representing the type of statement requested.
getAuthenticationMethod
- java.lang.String getAuthenticationMethod( )
Retrieves the type of authentication used by the requester; password authentication.
Returns:
a string representing the type of authentication used by the requester.
getKeyAliasForAppliesTo
- java.lang.String getKeyAliasForAppliesTo( )
Retrieves the recipient's key alias that is used to encrypt the proof of key info in the subject
confirmation of the SAML token.
Returns:
a string representing the key alias for the recipient (consumer of the SAML token).
getKeyAliasForRequester
- java.lang.String getKeyAliasForRequester( )
Retrieves the requester's key alias name to be used for the holder of key confirmation.
Returns:
a string representing the key alias for the requester of the SAML token.
getRequesterDNSAddress
- java.lang.String getRequesterDNSAddress( )
Retrieves the DNS address for the requester.
Returns:
a string representing the requester's DNS address.
getRequesterIPAddress
- java.lang.String getRequesterIPAddress( )
Retrieves the IP address for the requester.
Returns:
a string representing the requester's IP address.
isAssertionSignatureRequired
- boolean isAssertionSignatureRequired( )
Retrieves the indication of whether or not this requester requires a signature on the SAML
assertion.
Returns:
a boolean for whether the requester requires signed assertions.
isOneTimeUse
- boolean isOneTimeUse()
Retrieves the indication of whether or not this requester requires an OneTimeUse assertion.
Returns:
a boolean for whether the requester requires an OneTimeUse assertion.
setConfirmationMethod
- void setConfirmationMethod(java.lang.String method)
Sets the confirmation method to be used (e.g. bearer, holder of key or sender vouches)
setEncryptionKeyInfoType
- void setEncryptionKeyInfoType(java.lang.String type)
Sets the type of encryption that the requester chooses to apply
when holder of key subject confirmation is used.
setHolderOfKeyKeyInfoType
- void setHolderOfKeyKeyInfoType( java.lang.String type)
Sets the value type of the holder of key material; e.g a keyValue indicates
the presence of a key material.
setSignatureKeyInfoType
- void setSignatureKeyInfoType(java.lang.String type)
Sets the type of public key used for the signature on the assertion (e.g.; X509Certificate).
setStatementType
- void setStatementType(java.lang.String type)
Sets the type of SAML statement being requested.
setAuthenticationMethod
- void setAuthenticationMethod(java.lang.String method)
Sets the type of authentication used by the requester; password authentication.
setKeyAliasForAppliesTo
- void setKeyAliasForAppliesTo(java.lang.String type)
Sets the recipient's key alias that is used to encrypt the proof of key info in the subject
confirmation of the SAML token.
setKeyAliasForRequester
- void setKeyAliasForRequester(java.lang.String alias)
Sets the requester's key alias name to be used for the holder of key confirmation.
setRequesterDNSAddress
- void setRequesterDNSAddress(java.lang.String dns)
Sets the DNS address for the SubjectLocality.
setRequesterIPAddress
- void setRequesterIPAddress(java.lang.String ip)
Sets the IP address for the SubjectLocality.
setAssertionSignatureRequired
- void setAssertionSignatureRequired( boolean option)
Sets the indication of whether or not this requester requires a signature on the SAML
assertion.
setOneTimeUse
- void setOneTimeUse(boolean option)
Sets the indication of whether or not this requester requires an OneTimeUse assertion.
getClockSkew
- long getClockSkew()
Return the allowable clock skew.
Returns:
the maximum allowable clock skew
setClockSkew
- void setClockSkew(long time)
Set clock skew
includeRealmName
- boolean includeRealmName()
setIncludeRealmName
- void setIncludeRealmName(boolean flag)
Sets boolean flag to assert realm from WSCredential as an SAML attribute.
includeSecurityName
- boolean includeSecurityName()
setIncludeSecurityName
- void setIncludeSecurityName(boolean flag)
Sets boolean flag to assert SecurityName from WSCredential as an SAML attribute.
includeUniqueSecurityName
- boolean includeUniqueSecurityName( )
setIncludeUniqueSecurityName
- void setIncludeUniqueSecurityName( boolean flag)
Sets boolean flag to assert UniqueSecurityName from WSCredential as an SAML attribute.
includeCredentialToken
- boolean includeCredentialToken( )
setIncludeCredentialToken
- void setIncludeCredentialToken( boolean flag)
Sets boolean flag to assert CredentialToken from WSCredential as an SAML attribute.
includeOID
- boolean includeOID()
setIncludeOID
- void setIncludeOID(boolean flag)
Sets boolean flag to assert OID from WSCredential as an SAML attribute.
includeExpiration
- boolean includeExpiration()
setIncludeExpiration
- void setIncludeExpiration(boolean flag)
Sets boolean flag to assert Expiration from WSCredential as an SAML attribute.
includePrimaryGroupId
- boolean includePrimaryGroupId()
setIncludePrimaryGroupId
- void setIncludePrimaryGroupId(boolean flag)
Sets boolean flag to assert PrimaryGroupId from WSCredential as an SAML attribute.
includeGroupIds
- boolean includeGroupIds()
setIncludeGroupIds
- void setIncludeGroupIds(boolean flag)
Sets boolean flag to assert GroupIds from WSCredential as an SAML attribute.
includeHostName
- boolean includeHostName()
setIncludeHostName
- void setIncludeHostName(boolean flag)
Sets boolean flag to assert HostName from WSCredential as an SAML attribute.
useUniqueSecurityName
- boolean useUniqueSecurityName()
setUseUniqueSecurityName
- void setUseUniqueSecurityName(boolean flag)
Sets boolean flag to use UniqueSecurityName from WSCredential as NameID or NameIdentifier.
getIssueMode
- RequesterConfig.requestMode getIssueMode( )
setIssueMode
- void setIssueMode(RequesterConfig.requestMode mode)
useSha2ForSignature
- boolean useSha2ForSignature()
Return the flag.
Returns:
the flag if use Sha2 for signature
setUseSha2ForSignature
- void setUseSha2ForSignature(boolean flag)
Set the flag.
setInResponseTo
- void setInResponseTo(java.lang.String url)
getInResponseTo
- java.lang.String getInResponseTo( )
setRecipient
- void setRecipient(java.lang.String url)
getRecipient
- java.lang.String getRecipient()
setAddress
- void setAddress(java.lang.String url)
getAddress
- java.lang.String getAddress()
setEnableNotBefore
- void setEnableNotBefore(boolean notBefore)
enableNotBefore
- boolean enableNotBefore()
setNotOnOrAfter
- void setNotOnOrAfter(long minutes)
getNotOnOrAfter
- long getNotOnOrAfter()
setAuthnContextDeclRef
- void setAuthnContextDeclRef(java.lang.String url)
getAuthnContextDeclRef
- java.lang.String getAuthnContextDeclRef( )
setAuthnContextDecl
- void setAuthnContextDecl(java.lang.String url)
getAuthnContextDecl
- java.lang.String getAuthnContextDecl( )
setAuthenticatingAuthority
- void setAuthenticatingAuthority( java.lang.String url)
getAuthenticatingAuthority
- java.lang.String getAuthenticatingAuthority( )
setSessionNotOnOrAfter
- void setSessionNotOnOrAfter(long minutes)
getSessionNotOnOrAfter
- long getSessionNotOnOrAfter()
setEncryptSAML
- void setEncryptSAML(boolean enc)
isEncryptSAML
- boolean isEncryptSAML()