IBM WebSphere Application ServerTM
Release 8

com.ibm.websphere.wssecurity.callbackhandler
Class SAMLGenerateCallback

java.lang.Object
  extended by com.ibm.websphere.wssecurity.callbackhandler.SAMLGenerateCallback
All Implemented Interfaces:
javax.security.auth.callback.Callback

public class SAMLGenerateCallback
extends java.lang.Object
implements javax.security.auth.callback.Callback

This is a Callback class for the SAML token used to collect requester configuration information prior to creating or requesting a SAML token. Getter and setter methods are used to retrieve and set values for the configuration parameters collected by this Callback. It is important to note that during the propagation of a SAML token on an outbound call that the cacheCushion value is used to make a determination of whether an existing SAML token remaining expiration time is sufficiently long and thus can still be used for propagation. The value of the token expiration date must be above current time plus the cushion value. The default value of cacheCushion is 5 minutes.
A SAML token remains valid in the process if it was valid at the time the process received that token.

See Also:
SAMLToken, SAMLTokenFactory

Constructor Summary
SAMLGenerateCallback()
           
 
Method Summary
 boolean cacheToken()
          Returns the flag that indicates whether SAML should be cached.
 java.lang.String getAlias()
          Returns the alias name of the private key for the SAML token requester.
 java.lang.String getAppliesTo()
          Returns AppliesTo.
 java.util.ArrayList<com.ibm.wsspi.wssecurity.saml.data.SAMLAttribute> getAttributes()
          Returns ArrayList.
 boolean getAudienceRestriction()
           
 java.lang.String getAuthenticationMethod()
          Returns the AuthenticationMethod to be used when self-issuing a SAML token.
 long getCacheCushion()
          Returns the value in milliseconds for the cacheCushion.
 java.util.List<java.security.cert.CertStore> getCertStores()
          Returns the list of certificate stores that are available.
 long getClockSkew()
          Returns the time in milliseconds that is allowed for clock skew between the token issuer and the consumer.
 java.lang.String getConfirmationMethod()
          Returns the ConfirmationMethod to be used when requesting/generating a SAML token.
 com.ibm.wsspi.wssecurity.saml.config.RequesterConfig.requestMode getIssueMode()
           
 java.lang.String getKeyName()
          Returns the name of the key.
 char[] getKeyPassword()
          Returns the password for recovering the key.
 java.lang.String getKeySize()
          Returns the key size for the SecretKey, "http://docs.oasis-open.org/ws-sx/ws-trust/200512/SymmetricKey"
 char[] getKeyStorePassword()
          Returns the password used for the SAML token requester's keyStore.
 java.lang.String getKeyStorePath()
          Returns the file path from which the keyStore for the SAML token requester is loaded.
 java.lang.String getKeyStoreReference()
          Returns the reference name of the keyStore used by the requesting entity for the creation of SAML tokens.
 java.lang.String getKeyStoreType()
          Returns the type of the keyStore used by the SAML token requester.
 java.lang.String getKeyType()
          Returns the name of Key Type to be used for the Subject confirmation for a SAML a SAML token requester.
 java.lang.String getNameId()
          Return the specified SAML token name identifier to be generated
 java.util.Map<java.lang.String,java.lang.String> getRSTTProperties()
          Return WS-Trust request parameters as defined in RSTT
 java.lang.String getSSLConfigUrl()
          Returns SSLConfiguration location .
 java.lang.String getStsBinding()
          Returns the name for the policySet binding used by the WS-Trust client
 java.lang.String getStsBindingScope()
          Return the binding scope for WS-Trust client, and it is either "domain" or "application".
 java.lang.String getStsPolicy()
          Returns the policySet name for WS-Trust client
 java.lang.String getStsSoapVersion()
          Returns the SOAP version for the WS-Trust client
 java.lang.String getStsURI()
          Returns the URL of SecurityTokenService (issuer of the SAML token)
 java.lang.String getTargetServiceAlias()
          Returns the target service's Cetificate alias
 java.lang.String getTokenRequest()
          Returns the name of the token request method.
 java.lang.String getTokenType()
          Return the required TokenType to be generated
 java.lang.String getUsekeyType()
          Returns the Usekey keyInfoType
 WSSConsumingContext getWSSConsumingContext()
          Gets WSSConsumingContext object.
 WSSGenerationContext getWSSGenerationContext()
          Returns WSSGenerationContext object.
 java.lang.String getWSTrustNamespace()
          Return the WS-Trust namespace used in the SOAP communication with the Security Token provider.
 boolean includeCredentialToken()
           
 boolean includeExpiration()
           
 boolean includeGroupIds()
           
 boolean includeHostName()
           
 boolean includeOID()
           
 boolean includePrimaryGroupId()
           
 boolean includeRealmName()
           
 boolean includeSecurityName()
           
 boolean includeUniqueSecurityName()
           
 boolean isCollectionRequest()
           
 boolean isFailOverToTokenRequest()
          Returns an indication of whether to request a new SAML token if the SAML token provided in the RequestContext is not valid.
 boolean isSignatureRequired()
          Returns the flag that indicates whether SAML should be signed by SAML token provider
 void setAlias(java.lang.String alias)
          Sets the alias of private key for the SAML token requester.
 void setAppliesTo(java.lang.String uri)
           
 void setAttributes(java.util.ArrayList<com.ibm.wsspi.wssecurity.saml.data.SAMLAttribute> attrs)
          Sets ArrayList object via WSSAPI.
 void setAudienceRestriction(boolean option)
           
 void setAuthenticationMethod(java.lang.String method)
          Sets the AuthenticationMethod to be used when self-issuing a SAML token
 void setCacheCushion(long time)
          Sets the value in milliseconds for the cacheCushion.
 void setCacheToken(boolean option)
          Sets the flag that indicates whether SAML should be cached
 void setCertStores(java.util.List<java.security.cert.CertStore> certStores)
          Sets the list of certificate stores.
 void setClockSkew(long time)
          Sets the time in milliseconds that is allowed for clock skew between the token issuer and the consumer.
 void setCollectionRequest(boolean collectionRequest)
           
 void setConfirmationMethod(java.lang.String method)
          Sets the type of Subject ConfirmationMethod to be used by the token requester.
 void setFailOverToTokenRequest(boolean option)
          Sets the flag that indicates whether to request a new SAML token if SAMLToken from RequestContext is invalid
 void setIncludeCredentialToken(boolean flag)
          Sets boolean flag to assert CredentialToken from WSCredential as an SAML attribute.
 void setIncludeExpiration(boolean flag)
          Sets boolean flag to assert Expiration from WSCredential as an SAML attribute.
 void setIncludeGroupIds(boolean flag)
          Sets boolean flag to assert GroupIds from WSCredential as an SAML attribute.
 void setIncludeHostName(boolean flag)
          Sets boolean flag to assert HostName from WSCredential as an SAML attribute.
 void setIncludeOID(boolean flag)
          Sets boolean flag to assert OID from WSCredential as an SAML attribute.
 void setIncludePrimaryGroupId(boolean flag)
          Sets boolean flag to assert PrimaryGroupId from WSCredential as an SAML attribute.
 void setIncludeRealmName(boolean flag)
          Sets boolean flag to assert realm from WSCredential as an SAML attribute.
 void setIncludeSecurityName(boolean flag)
          Sets boolean flag to assert SecurityName from WSCredential as an SAML attribute.
 void setIncludeUniqueSecurityName(boolean flag)
          Sets boolean flag to assert UniqueSecurityName from WSCredential as an SAML attribute.
 void setIsSignatureRequired(boolean option)
          Sets the flag that indicates whether SAML should be signed by SAML token provider
 void setIssueMode(com.ibm.wsspi.wssecurity.saml.config.RequesterConfig.requestMode mode)
           
 void setKeyName(java.lang.String keyName)
          Sets the name of the key.
 void setKeyPassword(char[] keyPassword)
          Sets the password for recovering the key.
 void setKeySize(java.lang.String size)
          Sets the key size for the Secret Key
 void setKeyStorePassword(char[] storePassword)
          Sets the password value for the keyStore used by the SAML token requester.
 void setKeyStorePath(java.lang.String storePath)
          Sets the file path from which the keyStore for the SAML token requester is loaded.
 void setKeyStoreReference(java.lang.String storeRef)
          Sets the reference name of the keyStore.
 void setKeyStoreType(java.lang.String storeType)
          Sets the type of the keyStore to be used by the SAML token requester.
 void setKeyType(java.lang.String type)
          Sets the name of key type.
 void setNameId(java.lang.String userid)
          Set the SAML Token Name Identifier.
 void setRSTTProperties(java.util.Map<java.lang.String,java.lang.String> rstt)
          Set RSTT for WS-Trust request
 void setSSLConfigUrl(java.lang.String location)
          Sets SSLConfigUrl object.
 void setStsBinding(java.lang.String policySet)
          Sets the name of WS-Trust client bindings.
 void setStsBindingScope(java.lang.String scope)
          Sets the binding scope for WS-Trust client, and it could be set to "domain" or "application".
 void setStsPolicy(java.lang.String policySet)
          Sets the name of WS-Trust client policy set.
 void setStsSoapVersion(java.lang.String version)
          Sets the required SOAP version of WS-Trust client
 void setStsURI(java.lang.String uri)
          Sets the URL name of SecurityTokenservice (token issuer).
 void setTargetserviceAlias(java.lang.String alias)
          Set the target service's Cetificate alias
 void setTokenRequest(java.lang.String requestMode)
          Sets the SAMLToken request method, "issue", "propagation", or "issueByWSPrincipal"
 void setTokenType(java.lang.String tokenType)
          Set the required TokenType.
 void setUseKeyType(java.lang.String type)
          Set the Usekey keyInfoType
 void setUseUniqueSecurityName(boolean flag)
          Sets boolean flag to use UniqueSecurityName from WSCredential as NameID or NameIdentifier.
 void setWSSConsumingContext(WSSConsumingContext concont)
          Sets WSSConsumingContext object.
 void setWSSGenerationContext(WSSGenerationContext gencont)
          Sets WSSGenerationContext object.
 void setWSTrustNamespace(java.lang.String wstNamespace)
          Set WS-Trust namespace used in the SOAP communication with the Security Token provider.
 boolean useUniqueSecurityName()
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SAMLGenerateCallback

public SAMLGenerateCallback()
Method Detail

getKeyStoreReference

public java.lang.String getKeyStoreReference()
Returns the reference name of the keyStore used by the requesting entity for the creation of SAML tokens.

Returns:
reference name of the keyStore

setKeyStoreReference

public void setKeyStoreReference(java.lang.String storeRef)
Sets the reference name of the keyStore.

Parameters:
storeRef - reference name of the keyStore used by the requesting entity for the creation of SAML tokens.

getKeyStorePath

public java.lang.String getKeyStorePath()
Returns the file path from which the keyStore for the SAML token requester is loaded.

Returns:
the file path from which the keyStore is loaded.

setKeyStorePath

public void setKeyStorePath(java.lang.String storePath)
Sets the file path from which the keyStore for the SAML token requester is loaded.

Parameters:
storePath - path of the keyStore.

getKeyStoreType

public java.lang.String getKeyStoreType()
Returns the type of the keyStore used by the SAML token requester.

Returns:
a string indicating the type of the keyStore used.

setKeyStoreType

public void setKeyStoreType(java.lang.String storeType)
Sets the type of the keyStore to be used by the SAML token requester.

Parameters:
storeType - a string for the keyStore type used.

getKeyStorePassword

public char[] getKeyStorePassword()
Returns the password used for the SAML token requester's keyStore.

Returns:
a character array for the password used to check the integrity of the keyStore or the password used to unlock the keyStore

getConfirmationMethod

public java.lang.String getConfirmationMethod()
Returns the ConfirmationMethod to be used when requesting/generating a SAML token.

Returns:
the required Subject ConfirmationMethod. The valid values are "holder-of-key", "bearer", or "sender-vouches"

getAuthenticationMethod

public java.lang.String getAuthenticationMethod()
Returns the AuthenticationMethod to be used when self-issuing a SAML token.

Returns:
the required AuthenticationMethod

getStsPolicy

public java.lang.String getStsPolicy()
Returns the policySet name for WS-Trust client

Returns:
the policySet name for WS-Trust client

getStsBinding

public java.lang.String getStsBinding()
Returns the name for the policySet binding used by the WS-Trust client

Returns:
the name of the policySet binding for the WS-Trust client

getStsURI

public java.lang.String getStsURI()
Returns the URL of SecurityTokenService (issuer of the SAML token)

Returns:
the URL of SecurityTokenService

getKeyType

public java.lang.String getKeyType()
Returns the name of Key Type to be used for the Subject confirmation for a SAML a SAML token requester.

Returns:
the requested Key Type name, the valid values are
  • "http://docs.oasis-open.org/ws-sx/ws-trust/200512/PublicKey", or
  • "http://docs.oasis-open.org/ws-sx/ws-trust/200512/SymmetricKey", or
  • "http://docs.oasis-open.org/ws-sx/ws-trust/200512/BearerKey"

getKeySize

public java.lang.String getKeySize()
Returns the key size for the SecretKey, "http://docs.oasis-open.org/ws-sx/ws-trust/200512/SymmetricKey"

Returns:
the key size for the SecretKey, "http://docs.oasis-open.org/ws-sx/ws-trust/200512/SymmetricKey"

getStsSoapVersion

public java.lang.String getStsSoapVersion()
Returns the SOAP version for the WS-Trust client

Returns:
the the SOAP version for the WS-Trust client, the valid values are 1.1 or 1.2

isFailOverToTokenRequest

public boolean isFailOverToTokenRequest()
Returns an indication of whether to request a new SAML token if the SAML token provided in the RequestContext is not valid.

Returns:
a boolean flag that indicates whether to request a new SAML token if the SAML token provided in the RequestContext is not valid. The default behavior is to always request a new SAMLToken if incoming SAMLToken in RequestContext is invalid.

setKeyStorePassword

public void setKeyStorePassword(char[] storePassword)
Sets the password value for the keyStore used by the SAML token requester.

Parameters:
storePassword - character array for the password used to check the integrity of the keyStore or the password used to unlock the keyStore

getAlias

public java.lang.String getAlias()
Returns the alias name of the private key for the SAML token requester.

Returns:
alias name of private key

setAlias

public void setAlias(java.lang.String alias)
Sets the alias of private key for the SAML token requester.

Parameters:
alis - string alias name.

getKeyPassword

public char[] getKeyPassword()
Returns the password for recovering the key.

Returns:
password for recovering the key.

setKeyPassword

public void setKeyPassword(char[] keyPassword)
Sets the password for recovering the key.

Parameters:
keyPassword - character array for the password used to recover the key.

getKeyName

public java.lang.String getKeyName()
Returns the name of the key.

Returns:
name of the key

setKeyName

public void setKeyName(java.lang.String keyName)
Sets the name of the key.

Parameters:
keyName - name of the key

getCertStores

public java.util.List<java.security.cert.CertStore> getCertStores()
Returns the list of certificate stores that are available.

Returns:
list of certificate stores.

getTokenRequest

public java.lang.String getTokenRequest()
Returns the name of the token request method.

Returns:
name of the token request method, valid values are "issue", "propagation", or "issueByWSPrincipal". The default behavior is "issue", in which web service client will request a new SAML token either using ws-trust or self-issue. The "propagation" means that web service client will use SAMLToken from RunAsSubject for downstream call. The "issueByWSPrincipal" means that web service client will self-generate a SAMLToken based on principal in RunAsSubject for downstream call.

setCertStores

public void setCertStores(java.util.List<java.security.cert.CertStore> certStores)
Sets the list of certificate stores.

Parameters:
certStores - list of certificate stores

setConfirmationMethod

public void setConfirmationMethod(java.lang.String method)
Sets the type of Subject ConfirmationMethod to be used by the token requester.

Parameters:
method - a string identifying the Subject ConfirmationMethod.

setAuthenticationMethod

public void setAuthenticationMethod(java.lang.String method)
Sets the AuthenticationMethod to be used when self-issuing a SAML token

Parameters:
method - a string identifying the AuthenticationMethod.

setStsPolicy

public void setStsPolicy(java.lang.String policySet)
Sets the name of WS-Trust client policy set.

Parameters:
the - name of WS-Trust client policy set.

setStsBinding

public void setStsBinding(java.lang.String policySet)
Sets the name of WS-Trust client bindings.

Parameters:
policySet - the name of WS-Trust client bindings.

setStsURI

public void setStsURI(java.lang.String uri)
Sets the URL name of SecurityTokenservice (token issuer).

Parameters:
uri - the URI name of the Security Token Service (STS).

setKeyType

public void setKeyType(java.lang.String type)
Sets the name of key type.

Parameters:
the - name of key type.

setKeySize

public void setKeySize(java.lang.String size)
Sets the key size for the Secret Key

Parameters:
size - the key size of Secret Key.

setStsSoapVersion

public void setStsSoapVersion(java.lang.String version)
Sets the required SOAP version of WS-Trust client

Parameters:
version - the required SOAP version for WS-Trust client

setTokenRequest

public void setTokenRequest(java.lang.String requestMode)
Sets the SAMLToken request method, "issue", "propagation", or "issueByWSPrincipal"

Parameters:
requestMode - a string for the SAMLToken request mode.

setStsBindingScope

public void setStsBindingScope(java.lang.String scope)
Sets the binding scope for WS-Trust client, and it could be set to "domain" or "application". A value of domain indicates that the specified binding is a general binding, and a value of application indicates that the specified binding is an application specific binding.

Parameters:
scope - the binding scope for WS-Trust client, and it is either "domain" or "application".

getStsBindingScope

public java.lang.String getStsBindingScope()
Return the binding scope for WS-Trust client, and it is either "domain" or "application". A value of domain indicates that the specifiied binding is a general binding, and a value of application indicates that the specified binding is an application specific binding.

Returns:
the binding scope for WS-Trust client, and it is either "domain" or "application".

getWSTrustNamespace

public java.lang.String getWSTrustNamespace()
Return the WS-Trust namespace used in the SOAP communication with the Security Token provider. wstNamespace is a String value that can be set to "http://schemas.xmlsoap.org/ws/2005/02/trust" for ws-trust 1.2, or "http://docs.oasis-open.org/ws-sx/ws-trust/200512" for ws-trust 1.3

Returns:
the WS-Trust namespace

setWSTrustNamespace

public void setWSTrustNamespace(java.lang.String wstNamespace)
Set WS-Trust namespace used in the SOAP communication with the Security Token provider. wstNamespace is a String value that can be set to "http://schemas.xmlsoap.org/ws/2005/02/trust" for ws-trust 1.2, or "http://docs.oasis-open.org/ws-sx/ws-trust/200512" for ws-trust 1.3

Parameters:
wstNamespace - the WS-Trust NameSpace, it is "http://schemas.xmlsoap.org/ws/2005/02/trust" for ws-trust 1.2, or "http://docs.oasis-open.org/ws-sx/ws-trust/200512" for ws-trust 1.3

isCollectionRequest

public boolean isCollectionRequest()

setCollectionRequest

public void setCollectionRequest(boolean collectionRequest)

getRSTTProperties

public java.util.Map<java.lang.String,java.lang.String> getRSTTProperties()
Return WS-Trust request parameters as defined in RSTT

Returns:
WS-Trust RSTT parameters

setRSTTProperties

public void setRSTTProperties(java.util.Map<java.lang.String,java.lang.String> rstt)
Set RSTT for WS-Trust request

Parameters:
WS-Trust - RSTT parameters

setFailOverToTokenRequest

public void setFailOverToTokenRequest(boolean option)
Sets the flag that indicates whether to request a new SAML token if SAMLToken from RequestContext is invalid

Parameters:
option - a flag that indicates whether to request a new SAML token if incoming SAMLToken becomes invalid.

isSignatureRequired

public boolean isSignatureRequired()
Returns the flag that indicates whether SAML should be signed by SAML token provider

Returns:
the flag that indicates whether SAML should be signed by SAML provider

setIsSignatureRequired

public void setIsSignatureRequired(boolean option)
Sets the flag that indicates whether SAML should be signed by SAML token provider

Parameters:
option - a flag that indicates whether the SAML token should be signed by SAML token provider.

cacheToken

public boolean cacheToken()
Returns the flag that indicates whether SAML should be cached.

Returns:
the flag that indicates whether SAML should be cached.

getCacheCushion

public long getCacheCushion()
Returns the value in milliseconds for the cacheCushion. Note that this value is important in determining the expiration status of a token, see above.

Returns:
the token expiration time in milliseconds.

setCacheToken

public void setCacheToken(boolean option)
Sets the flag that indicates whether SAML should be cached

Parameters:
option - a flag that indicates whether the SAML token should be cached.

setCacheCushion

public void setCacheCushion(long time)
Sets the value in milliseconds for the cacheCushion. Note that this value is important in determining the expiration status of a token, see above.

Parameters:
time - the time limit in milliseconds.

getTargetServiceAlias

public java.lang.String getTargetServiceAlias()
Returns the target service's Cetificate alias

Returns:
the target service's Cetificate alias.

setTargetserviceAlias

public void setTargetserviceAlias(java.lang.String alias)
Set the target service's Cetificate alias

Parameters:
the - target service's Cetificate alias

getUsekeyType

public java.lang.String getUsekeyType()
Returns the Usekey keyInfoType

Returns:
the Usekey keyInfoType

setUseKeyType

public void setUseKeyType(java.lang.String type)
Set the Usekey keyInfoType

Parameters:
the - Usekey keyInfoType

getClockSkew

public long getClockSkew()
Returns the time in milliseconds that is allowed for clock skew between the token issuer and the consumer. The clock skew is used when setting the expiration of the token on an Outbound request. The expiration time of the token needs to be above the current time plus the clock skew.

Returns:
the time in milliseconds allowed for clock skew. The default clock skew is 0 minutes.

setClockSkew

public void setClockSkew(long time)
Sets the time in milliseconds that is allowed for clock skew between the token issuer and the consumer. The clock skew is used when setting the expiration of the token on an Outbound request. The expiration time of the token needs to be above the current time plus the clock skew.

Parameters:
time - a long integer representing time for the clockSkew value in milliseconds.

getTokenType

public java.lang.String getTokenType()
Return the required TokenType to be generated

Returns:
a String represents the TokenType

setTokenType

public void setTokenType(java.lang.String tokenType)
Set the required TokenType.

Parameters:
tokenType - which is a String represents the required TokenType

getNameId

public java.lang.String getNameId()
Return the specified SAML token name identifier to be generated

Returns:
a String represents the SAML token user name identifier

setNameId

public void setNameId(java.lang.String userid)
Set the SAML Token Name Identifier.

Parameters:
userid - which is a String represents the SAML Token name identifier

getWSSConsumingContext

public WSSConsumingContext getWSSConsumingContext()
Gets WSSConsumingContext object.

Returns:
WSSConsumingContext object

setWSSConsumingContext

public void setWSSConsumingContext(WSSConsumingContext concont)
Sets WSSConsumingContext object.

Parameters:
concont - WSSConsumingContext object

getWSSGenerationContext

public WSSGenerationContext getWSSGenerationContext()
Returns WSSGenerationContext object.

Returns:
WSSGenerationContext object

setWSSGenerationContext

public void setWSSGenerationContext(WSSGenerationContext gencont)
Sets WSSGenerationContext object.

Parameters:
gencont - WSSGenerationContext object

getSSLConfigUrl

public java.lang.String getSSLConfigUrl()
Returns SSLConfiguration location .

Returns:
WSSLConfiguration location.

setSSLConfigUrl

public void setSSLConfigUrl(java.lang.String location)
Sets SSLConfigUrl object.

Parameters:
SSLConfigUrl - object

getAppliesTo

public java.lang.String getAppliesTo()
Returns AppliesTo.

Returns:
AppliesTo.

setAppliesTo

public void setAppliesTo(java.lang.String uri)

getAttributes

public java.util.ArrayList<com.ibm.wsspi.wssecurity.saml.data.SAMLAttribute> getAttributes()
Returns ArrayList.

Returns:
ArrayList.

setAttributes

public void setAttributes(java.util.ArrayList<com.ibm.wsspi.wssecurity.saml.data.SAMLAttribute> attrs)
Sets ArrayList object via WSSAPI.

Parameters:
ArrayList - object

includeRealmName

public boolean includeRealmName()

setIncludeRealmName

public void setIncludeRealmName(boolean flag)
Sets boolean flag to assert realm from WSCredential as an SAML attribute.

Parameters:
boolean - flag to assert realm from WSCredential as an SAML attribute.

includeSecurityName

public boolean includeSecurityName()

setIncludeSecurityName

public void setIncludeSecurityName(boolean flag)
Sets boolean flag to assert SecurityName from WSCredential as an SAML attribute.

Parameters:
boolean - flag to assert SecurityName from WSCredential as an SAML attribute.

includeUniqueSecurityName

public boolean includeUniqueSecurityName()

setIncludeUniqueSecurityName

public void setIncludeUniqueSecurityName(boolean flag)
Sets boolean flag to assert UniqueSecurityName from WSCredential as an SAML attribute.

Parameters:
boolean - flag to assert UniqueSecurityName from WSCredential as an SAML attribute.

includeCredentialToken

public boolean includeCredentialToken()

setIncludeCredentialToken

public void setIncludeCredentialToken(boolean flag)
Sets boolean flag to assert CredentialToken from WSCredential as an SAML attribute.

Parameters:
boolean - flag to assert CredentialToken from WSCredential as an SAML attribute.

includeOID

public boolean includeOID()

setIncludeOID

public void setIncludeOID(boolean flag)
Sets boolean flag to assert OID from WSCredential as an SAML attribute.

Parameters:
boolean - flag to assert OID from WSCredential as an SAML attribute.

includeExpiration

public boolean includeExpiration()

setIncludeExpiration

public void setIncludeExpiration(boolean flag)
Sets boolean flag to assert Expiration from WSCredential as an SAML attribute.

Parameters:
boolean - flag to assert Expiration from WSCredential as an SAML attribute.

includePrimaryGroupId

public boolean includePrimaryGroupId()

setIncludePrimaryGroupId

public void setIncludePrimaryGroupId(boolean flag)
Sets boolean flag to assert PrimaryGroupId from WSCredential as an SAML attribute.

Parameters:
boolean - flag to assert PrimaryGroupId from WSCredential as an SAML attribute.

includeGroupIds

public boolean includeGroupIds()

setIncludeGroupIds

public void setIncludeGroupIds(boolean flag)
Sets boolean flag to assert GroupIds from WSCredential as an SAML attribute.

Parameters:
boolean - flag to assert GroupIds from WSCredential as an SAML attribute.

includeHostName

public boolean includeHostName()

setIncludeHostName

public void setIncludeHostName(boolean flag)
Sets boolean flag to assert HostName from WSCredential as an SAML attribute.

Parameters:
boolean - flag to assert HostName from WSCredential as an SAML attribute.

useUniqueSecurityName

public boolean useUniqueSecurityName()

setUseUniqueSecurityName

public void setUseUniqueSecurityName(boolean flag)
Sets boolean flag to use UniqueSecurityName from WSCredential as NameID or NameIdentifier.

Parameters:
boolean - flag to use UniqueSecurityName from WSCredential as NameID or NameIdentifier.

getIssueMode

public com.ibm.wsspi.wssecurity.saml.config.RequesterConfig.requestMode getIssueMode()

setIssueMode

public void setIssueMode(com.ibm.wsspi.wssecurity.saml.config.RequesterConfig.requestMode mode)

getAudienceRestriction

public boolean getAudienceRestriction()
Returns:
audience restriction

setAudienceRestriction

public void setAudienceRestriction(boolean option)
Parameters:
option - a flag that indicates whether udience restriction should be created in a self issued SAML token.

IBM WebSphere Application ServerTM
Release 8