IBM WebSphere Application ServerTM
Release 8

com.ibm.wsspi.wssecurity.saml.config
Interface RequesterConfig

All Superinterfaces:
Configuration, RequesterConfiguration

public interface RequesterConfig
extends RequesterConfiguration

This interface encapsulates the configuration information for the requesting entity of the SAML token.

User should never implement this interface directly, and is required to use SAMLTokenFactory to get an instance of RequesterConfig.


Nested Class Summary
static class RequesterConfig.requestMode
           
 
Nested classes/interfaces inherited from interface com.ibm.wsspi.wssecurity.core.token.config.RequesterConfiguration
RequesterConfiguration.RSTT, RequesterConfiguration.RSTT13
 
Field Summary
static long DEFAULT_CLOCKSKEW
           
 
Method Summary
 boolean enableNotBefore()
           
 java.lang.String getAddress()
           
 java.lang.String getAuthenticatingAuthority()
           
 java.lang.String getAuthenticationMethod()
          Retrieves the type of authentication used by the requester; password authentication.
 java.lang.String getAuthnContextDecl()
           
 java.lang.String getAuthnContextDeclRef()
           
 long getClockSkew()
          Return the allowable clock skew.
 java.lang.String getConfirmationMethod()
          Retrieves the SAML confirmation method used by the requester.
 java.lang.String getEncryptionKeyInfoType()
          Retrieves the type of encryption that the requester chooses to apply when holder of key subject confirmation is used.
 java.lang.String getHolderOfKeyKeyInfoType()
          Retrieves the value type of the holder of key material; e.g a key value indicates the presence of a key material.
 java.lang.String getInResponseTo()
           
 RequesterConfig.requestMode getIssueMode()
           
 java.lang.String getKeyAliasForAppliesTo()
          Retrieves the recipient's key alias that is used to encrypt the proof of key info in the subject confirmation of the SAML token.
 java.lang.String getKeyAliasForRequester()
          Retrieves the requester's key alias name to be used for the holder of key confirmation.
 long getNotOnOrAfter()
           
 java.lang.String getRecipient()
           
 java.lang.String getRequesterDNSAddress()
          Retrieves the DNS address for the requester.
 java.lang.String getRequesterIPAddress()
          Retrieves the IP address for the requester.
 long getSessionNotOnOrAfter()
           
 java.lang.String getSignatureKeyInfoType()
          Retrieves the type of public key used for the signature on the assertion (e.g.; X509Certificate).
 java.lang.String getStatementType()
          Retrieves the type of SAML statement being requested.
 boolean includeCredentialToken()
           
 boolean includeExpiration()
           
 boolean includeGroupIds()
           
 boolean includeHostName()
           
 boolean includeOID()
           
 boolean includePrimaryGroupId()
           
 boolean includeRealmName()
           
 boolean includeSecurityName()
           
 boolean includeUniqueSecurityName()
           
 boolean isAssertionSignatureRequired()
          Retrieves the indication of whether or not this requester requires a signature on the SAML assertion.
 boolean isEncryptSAML()
           
 boolean isOneTimeUse()
          Retrieves the indication of whether or not this requester requires an OneTimeUse assertion.
 boolean isSessionIndexEnabled()
          Retrieves the indication of whether the session between the requester and the authentication service to which the user authenticates will be indexed (uniquely identified) in the SAML assertion.
 void setAddress(java.lang.String url)
           
 void setAssertionSignatureRequired(boolean option)
          Sets the indication of whether or not this requester requires a signature on the SAML assertion.
 void setAuthenticatingAuthority(java.lang.String url)
           
 void setAuthenticationMethod(java.lang.String method)
          Sets the type of authentication used by the requester; password authentication.
 void setAuthnContextDecl(java.lang.String url)
           
 void setAuthnContextDeclRef(java.lang.String url)
           
 void setClockSkew(long time)
          Set clock skew
 void setConfirmationMethod(java.lang.String method)
          Sets the confirmation method to be used (e.g. bearer, holder of key or sender vouches)
 void setEnableNotBefore(boolean notBefore)
           
 void setEncryptionKeyInfoType(java.lang.String type)
          Sets the type of encryption that the requester chooses to apply when holder of key subject confirmation is used.
 void setEncryptSAML(boolean enc)
           
 void setHolderOfKeyKeyInfoType(java.lang.String type)
          Sets the value type of the holder of key material; e.g a keyValue indicates the presence of a key material.
 void setIncludeCredentialToken(boolean flag)
          Sets boolean flag to assert CredentialToken from WSCredential as an SAML attribute.
 void setIncludeExpiration(boolean flag)
          Sets boolean flag to assert Expiration from WSCredential as an SAML attribute.
 void setIncludeGroupIds(boolean flag)
          Sets boolean flag to assert GroupIds from WSCredential as an SAML attribute.
 void setIncludeHostName(boolean flag)
          Sets boolean flag to assert HostName from WSCredential as an SAML attribute.
 void setIncludeOID(boolean flag)
          Sets boolean flag to assert OID from WSCredential as an SAML attribute.
 void setIncludePrimaryGroupId(boolean flag)
          Sets boolean flag to assert PrimaryGroupId from WSCredential as an SAML attribute.
 void setIncludeRealmName(boolean flag)
          Sets boolean flag to assert realm from WSCredential as an SAML attribute.
 void setIncludeSecurityName(boolean flag)
          Sets boolean flag to assert SecurityName from WSCredential as an SAML attribute.
 void setIncludeUniqueSecurityName(boolean flag)
          Sets boolean flag to assert UniqueSecurityName from WSCredential as an SAML attribute.
 void setInResponseTo(java.lang.String url)
           
 void setIssueMode(RequesterConfig.requestMode mode)
           
 void setKeyAliasForAppliesTo(java.lang.String type)
          Sets the recipient's key alias that is used to encrypt the proof of key info in the subject confirmation of the SAML token.
 void setKeyAliasForRequester(java.lang.String alias)
          Sets the requester's key alias name to be used for the holder of key confirmation.
 void setNotOnOrAfter(long minutes)
           
 void setOneTimeUse(boolean option)
          Sets the indication of whether or not this requester requires an OneTimeUse assertion.
 void setRecipient(java.lang.String url)
           
 void setRequesterDNSAddress(java.lang.String dns)
          Sets the DNS address for the SubjectLocality.
 void setRequesterIPAddress(java.lang.String ip)
          Sets the IP address for the SubjectLocality.
 void setSessionNotOnOrAfter(long minutes)
           
 void setSignatureKeyInfoType(java.lang.String type)
          Sets the type of public key used for the signature on the assertion (e.g.; X509Certificate).
 void setStatementType(java.lang.String type)
          Sets the type of SAML statement being requested.
 void setUseSha2ForSignature(boolean flag)
          Set the flag.
 void setUseUniqueSecurityName(boolean flag)
          Sets boolean flag to use UniqueSecurityName from WSCredential as NameID or NameIdentifier.
 boolean useSha2ForSignature()
          Return the flag.
 boolean useUniqueSecurityName()
           
 
Methods inherited from interface com.ibm.wsspi.wssecurity.core.token.config.RequesterConfiguration
getRSTTProperties, setRSTTProperties
 
Methods inherited from interface com.ibm.wsspi.wssecurity.core.config.Configuration
validate
 

Field Detail

DEFAULT_CLOCKSKEW

static final long DEFAULT_CLOCKSKEW
See Also:
Constant Field Values
Method Detail

getConfirmationMethod

java.lang.String getConfirmationMethod()
Retrieves the SAML confirmation method used by the requester. Subject confirmation is of three type:

getEncryptionKeyInfoType

java.lang.String getEncryptionKeyInfoType()
Retrieves the type of encryption that the requester chooses to apply when holder of key subject confirmation is used.

Returns:
a string indicating the type of encryption key to be used.

getHolderOfKeyKeyInfoType

java.lang.String getHolderOfKeyKeyInfoType()
Retrieves the value type of the holder of key material; e.g a key value indicates the presence of a key material.

Returns:
a string indicating the type of of holder of key value.

isSessionIndexEnabled

boolean isSessionIndexEnabled()
Retrieves the indication of whether the session between the requester and the authentication service to which the user authenticates will be indexed (uniquely identified) in the SAML assertion.

Returns:
a boolean value indicating whether the authentication session is to be indexed.

getSignatureKeyInfoType

java.lang.String getSignatureKeyInfoType()
Retrieves the type of public key used for the signature on the assertion (e.g.; X509Certificate).

Returns:
a string representing the type of public key used for the signature on the assertion.

getStatementType

java.lang.String getStatementType()
Retrieves the type of SAML statement being requested.

Returns:
a string representing the type of statement requested.

getAuthenticationMethod

java.lang.String getAuthenticationMethod()
Retrieves the type of authentication used by the requester; password authentication.

Returns:
a string representing the type of authentication used by the requester.

getKeyAliasForAppliesTo

java.lang.String getKeyAliasForAppliesTo()
Retrieves the recipient's key alias that is used to encrypt the proof of key info in the subject confirmation of the SAML token.

Returns:
a string representing the key alias for the recipient (consumer of the SAML token).

getKeyAliasForRequester

java.lang.String getKeyAliasForRequester()
Retrieves the requester's key alias name to be used for the holder of key confirmation.

Returns:
a string representing the key alias for the requester of the SAML token.

getRequesterDNSAddress

java.lang.String getRequesterDNSAddress()
Retrieves the DNS address for the requester.

Returns:
a string representing the requester's DNS address.

getRequesterIPAddress

java.lang.String getRequesterIPAddress()
Retrieves the IP address for the requester.

Returns:
a string representing the requester's IP address.

isAssertionSignatureRequired

boolean isAssertionSignatureRequired()
Retrieves the indication of whether or not this requester requires a signature on the SAML assertion.

Returns:
a boolean for whether the requester requires signed assertions.

isOneTimeUse

boolean isOneTimeUse()
Retrieves the indication of whether or not this requester requires an OneTimeUse assertion.

Returns:
a boolean for whether the requester requires an OneTimeUse assertion.

setConfirmationMethod

void setConfirmationMethod(java.lang.String method)
Sets the confirmation method to be used (e.g. bearer, holder of key or sender vouches)

Parameters:
a - string representing the subject confirmation method to be used.

setEncryptionKeyInfoType

void setEncryptionKeyInfoType(java.lang.String type)
Sets the type of encryption that the requester chooses to apply when holder of key subject confirmation is used.

Parameters:
a - string indicating the type of encryption key to be used.

setHolderOfKeyKeyInfoType

void setHolderOfKeyKeyInfoType(java.lang.String type)
Sets the value type of the holder of key material; e.g a keyValue indicates the presence of a key material.

Parameters:
a - string indicating the type of of holder of key value.

setSignatureKeyInfoType

void setSignatureKeyInfoType(java.lang.String type)
Sets the type of public key used for the signature on the assertion (e.g.; X509Certificate).

Parameters:
a - string representing the type of public key used for the signature on the assertion.

setStatementType

void setStatementType(java.lang.String type)
Sets the type of SAML statement being requested.

Parameters:
a - string representing the type of statement requested.

setAuthenticationMethod

void setAuthenticationMethod(java.lang.String method)
Sets the type of authentication used by the requester; password authentication.

Parameters:
a - string representing the type of authentication used by the requester.

setKeyAliasForAppliesTo

void setKeyAliasForAppliesTo(java.lang.String type)
Sets the recipient's key alias that is used to encrypt the proof of key info in the subject confirmation of the SAML token.

Parameters:
a - string representing the key alias for the recipient (consumer of the SAML token).

setKeyAliasForRequester

void setKeyAliasForRequester(java.lang.String alias)
Sets the requester's key alias name to be used for the holder of key confirmation.

Parameters:
a - string representing the key alias for the requester of the SAML token.

setRequesterDNSAddress

void setRequesterDNSAddress(java.lang.String dns)
Sets the DNS address for the SubjectLocality.

Parameters:
a - string representing the system's DNS address where requester is authenticated.

setRequesterIPAddress

void setRequesterIPAddress(java.lang.String ip)
Sets the IP address for the SubjectLocality.

Parameters:
a - string representing the system's IP address where requester is authenticated.

setAssertionSignatureRequired

void setAssertionSignatureRequired(boolean option)
Sets the indication of whether or not this requester requires a signature on the SAML assertion.

Parameters:
a - boolean for whether the requester requires signed assertions.

setOneTimeUse

void setOneTimeUse(boolean option)
Sets the indication of whether or not this requester requires an OneTimeUse assertion.

Parameters:
a - boolean for whether the requester requires requires an OneTimeUse assertion.

getClockSkew

long getClockSkew()
Return the allowable clock skew.

Returns:
the maximum allowable clock skew

setClockSkew

void setClockSkew(long time)
Set clock skew

Parameters:
clock - skew in milliseconds

includeRealmName

boolean includeRealmName()

setIncludeRealmName

void setIncludeRealmName(boolean flag)
Sets boolean flag to assert realm from WSCredential as an SAML attribute.

Parameters:
boolean - flag to assert realm from WSCredential as an SAML attribute.

includeSecurityName

boolean includeSecurityName()

setIncludeSecurityName

void setIncludeSecurityName(boolean flag)
Sets boolean flag to assert SecurityName from WSCredential as an SAML attribute.

Parameters:
boolean - flag to assert SecurityName from WSCredential as an SAML attribute.

includeUniqueSecurityName

boolean includeUniqueSecurityName()

setIncludeUniqueSecurityName

void setIncludeUniqueSecurityName(boolean flag)
Sets boolean flag to assert UniqueSecurityName from WSCredential as an SAML attribute.

Parameters:
boolean - flag to assert UniqueSecurityName from WSCredential as an SAML attribute.

includeCredentialToken

boolean includeCredentialToken()

setIncludeCredentialToken

void setIncludeCredentialToken(boolean flag)
Sets boolean flag to assert CredentialToken from WSCredential as an SAML attribute.

Parameters:
boolean - flag to assert CredentialToken from WSCredential as an SAML attribute.

includeOID

boolean includeOID()

setIncludeOID

void setIncludeOID(boolean flag)
Sets boolean flag to assert OID from WSCredential as an SAML attribute.

Parameters:
boolean - flag to assert OID from WSCredential as an SAML attribute.

includeExpiration

boolean includeExpiration()

setIncludeExpiration

void setIncludeExpiration(boolean flag)
Sets boolean flag to assert Expiration from WSCredential as an SAML attribute.

Parameters:
boolean - flag to assert Expiration from WSCredential as an SAML attribute.

includePrimaryGroupId

boolean includePrimaryGroupId()

setIncludePrimaryGroupId

void setIncludePrimaryGroupId(boolean flag)
Sets boolean flag to assert PrimaryGroupId from WSCredential as an SAML attribute.

Parameters:
boolean - flag to assert PrimaryGroupId from WSCredential as an SAML attribute.

includeGroupIds

boolean includeGroupIds()

setIncludeGroupIds

void setIncludeGroupIds(boolean flag)
Sets boolean flag to assert GroupIds from WSCredential as an SAML attribute.

Parameters:
boolean - flag to assert GroupIds from WSCredential as an SAML attribute.

includeHostName

boolean includeHostName()

setIncludeHostName

void setIncludeHostName(boolean flag)
Sets boolean flag to assert HostName from WSCredential as an SAML attribute.

Parameters:
boolean - flag to assert HostName from WSCredential as an SAML attribute.

useUniqueSecurityName

boolean useUniqueSecurityName()

setUseUniqueSecurityName

void setUseUniqueSecurityName(boolean flag)
Sets boolean flag to use UniqueSecurityName from WSCredential as NameID or NameIdentifier.

Parameters:
boolean - flag to use UniqueSecurityName from WSCredential as NameID or NameIdentifier.

getIssueMode

RequesterConfig.requestMode getIssueMode()

setIssueMode

void setIssueMode(RequesterConfig.requestMode mode)

useSha2ForSignature

boolean useSha2ForSignature()
Return the flag.

Returns:
the flag if use Sha2 for signature

setUseSha2ForSignature

void setUseSha2ForSignature(boolean flag)
Set the flag.

Parameters:
the - flag to use Sha2 for signature

setInResponseTo

void setInResponseTo(java.lang.String url)

getInResponseTo

java.lang.String getInResponseTo()

setRecipient

void setRecipient(java.lang.String url)

getRecipient

java.lang.String getRecipient()

setAddress

void setAddress(java.lang.String url)

getAddress

java.lang.String getAddress()

setEnableNotBefore

void setEnableNotBefore(boolean notBefore)

enableNotBefore

boolean enableNotBefore()

setNotOnOrAfter

void setNotOnOrAfter(long minutes)

getNotOnOrAfter

long getNotOnOrAfter()

setAuthnContextDeclRef

void setAuthnContextDeclRef(java.lang.String url)

getAuthnContextDeclRef

java.lang.String getAuthnContextDeclRef()

setAuthnContextDecl

void setAuthnContextDecl(java.lang.String url)

getAuthnContextDecl

java.lang.String getAuthnContextDecl()

setAuthenticatingAuthority

void setAuthenticatingAuthority(java.lang.String url)

getAuthenticatingAuthority

java.lang.String getAuthenticatingAuthority()

setSessionNotOnOrAfter

void setSessionNotOnOrAfter(long minutes)

getSessionNotOnOrAfter

long getSessionNotOnOrAfter()

setEncryptSAML

void setEncryptSAML(boolean enc)

isEncryptSAML

boolean isEncryptSAML()

IBM WebSphere Application ServerTM
Release 8