|
IBM WebSphere Application ServerTM Release 7 |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
public static interface RequesterConfiguration.RSTT
WS-Trust 1.2 keys for RequesterConfig
used to specify the content of the RequestSecurityToken
trust request.
Example settings:
requestConfig.put(RequesterConfiguration.RSTT.APPLIESTO_ADDRESS, "http://w3.appliesto.com/"); requestConfig.put(RequesterConfiguration.RSTT.ISSUER_ADDRESS, "http://w3.issuer.com/"); requestConfig.put(RequesterConfiguration.RSTT.KEYSIZE, "128"); requestConfig.put(RequesterConfiguration.RSTT.KEYTYPE, WSSConstants.WST12.KEYTYPE_SYMMETRICKEY);Results in a request containing elements similar to:
<wst:RequestSecurityToken>
<wsp:AppliesTo>
<wsa:EndpointReference>
<wsa:Address>http://w3.appliesto.com/</wsa:Address>
</wsa:EndpointReference>
</wsp:AppliesTo>
<wst:Issuer>
<wsa:Address>http://w3.issuer.com/</wsa:Address>
</wst:Issuer>
<wst:KeySize>128</wst:KeySize>
<wst:KeyType>http://schemas.xmlsoap.org/ws/2005/02/trust/SymmetricKey</wst:KeyType>
</wst:RequestSecurityToken>
Field Summary | |
---|---|
static java.lang.String |
ALLOWPOSTDATING
Indicates that the token request may specify the token is not immediately valid. |
static java.lang.String |
APPLIESTO_ADDRESS
Specifies the webservice address where the requested token is intended to be used. |
static java.lang.String |
APPLIESTO_PORTTYPE
Specifies the port type of the webservice where the requested token is intended to be used. |
static java.lang.String |
APPLIESTO_SERVICENAME
Specifies the service name of the webservice where the requested token is intended to be used. |
static java.lang.String |
AUTHENTICATIONTYPE
Specifies type of authentication desired. |
static java.lang.String |
CANONICALIZATIONALGORITHM
Specifies the desired canonicalization method to be used with the returned token. |
static java.lang.String |
CLAIMS
Claim information associated with an issued token. |
static java.lang.String |
CLAIMS_DIALECT
Indicates the syntax of the claims information. |
static java.lang.String |
COMPUTEDKEYALGORITHM
Specifies the desired key derivation algorithm to be used in the generation of the returned token. |
static java.lang.String |
CONTEXT
Specifies the context attribute to be included in the trust request. |
static java.lang.String |
DELEGATABLE
Specifies if the requested token may be delegated to another party. |
static java.lang.String |
ENCRYPTIONALGORITHM
Specifies the desired encryption algorithm to be used within the generated token. |
static java.lang.String |
ENCRYPTWITH
Specifies the desired encryption algorithm to be used with the issued security token. |
static java.lang.String |
ENTROPY_BINARYSECRET
Specifies the requester's entropy as a binary secret. |
static java.lang.String |
ENTROPY_BINARYSECRET_TYPE
Specifies the type of secret being encoded. |
static java.lang.String |
ENTROPY_ENCRYPTEDKEY_ALGORITHM
Specifies the encryption algorithm to be associated with the specified entropy cipher data. |
static java.lang.String |
ENTROPY_ENCRYPTEDKEY_CIPHERVALUE
Specifies the requester's entropy cipher data. |
static java.lang.String |
EXTENSION_BASE
An extenstion to WS-Trust 1.2 used to specify the security token to be validated. |
static java.lang.String |
FORWARDABLE
Specifies if the requested token may be used from alternate machines. |
static java.lang.String |
ISSUER_ADDRESS
Specifies the webservice address where the request's signing token was issued. |
static java.lang.String |
ISSUER_PORTTYPE
Specifies the webservice port type where the request's signing token was issued. |
static java.lang.String |
ISSUER_SERVICENAME
Specifies the webservice service name where the request's signing token was issued. |
static java.lang.String |
KEYSIZE
Specifies the number of bits of the key required. |
static java.lang.String |
KEYTYPE
Specifies the type of key desired in the security token. |
static java.lang.String |
LIFETIME_CREATED
Specifies the requested creation time of the security token. |
static java.lang.String |
LIFETIME_EXPIRES
Specifies the requested expiration time of the security token. |
static java.lang.String |
POLICYREFERENCE_URI
Specifies a reference to the policy that contains settings for the requested token. |
static java.lang.String |
RENEWING_ALLOW
Specifies if the lifetime of the requested token can be extended. |
static java.lang.String |
RENEWING_OK
Specifies if the lifetime of the requested token can be renewed after expiration. |
static java.lang.String |
SIGNATUREALGORITHM
Specifies the desired signature algorithm used with the issued token. |
static java.lang.String |
SIGNWITH
Specifies the desired signature algorithm used within the issued token. |
static java.lang.String |
TOKENTYPE
Specifies the type of security token requested. |
static java.lang.String |
VALIDATETARGET_REFERENCE_URI
Specifies URI of the security token to be validated. |
static java.lang.String |
VALIDATETARGET_REFERENCE_VALUETYPE
Specifies the type of the security token to be validated. |
Field Detail |
---|
static final java.lang.String ALLOWPOSTDATING
true
or false
.
When set to true, the trust request will include the wst:AllowPostdating
element as shown below.
<wst:AllowPostdating/>
static final java.lang.String APPLIESTO_ADDRESS
Valid values are URI strings.
The APPLIESTO_ADDRESS setting may be used alone or in combination with
APPLIESTO_PORTTYPE
and APPLIESTO_SERVICENAME
.
When used alone the formatted wsp:AppliesTo element will appear in the trust request such as:
<wsp:AppliesTo>
<wsa:EndpointReference>
<wsa:Address>http://manufacturer.example.com/</wsa:Address>
</wsa:EndpointReference>
</wsp:AppliesTo>
If APPLIESTO_PORTTYPE
and/or APPLIESTO_SERVICENAME
are also set, the
settings appear grouped inside wsp:AppliesTo
element such as:
<wsp:AppliesTo>
<wsa:EndpointReference>
<wsa:Address>http://manufacturer.example.com/</wsa:Address>
<wsa:PortType>http://manufacturer.example.com/</wsa:PortType>
<wsa:ServiceName>MyServiceName</wsa:ServiceName>
</wsa:EndpointReference>
</wsp:AppliesTo>
static final java.lang.String EXTENSION_BASE
When set, the trust request will include the wst:Base
element.
For example, when EXTENSION_BASE is set to the String:
"<wss:UsernameToken xmlns:wss=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\"
xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\"
wsu:Id=\"usernameac5168b8-0123-1b65-b8b4-9d6bd9a2f0bb\"><wss:Username>testuser</wss:Username>
<wsu:Created>2009-09-12T03:34:59Z</wsu:Created></wss:UsernameToken>"
An element similar to the following is included in the request:
<wst:Base>
<wss:UsernameToken xmlns:wss="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="usernameac5168b8-0123-1b65-b8b4-9d6bd9a2f0bb">
<wss:Username>testuser</wss:Username>
<wsu:Created>2009-09-12T03:34:59Z</wsu:Created>
</wss:UsernameToken>
</wst:Base>
static final java.lang.String APPLIESTO_PORTTYPE
Valid values are URI strings.
See APPLIESTO_ADDRESS
and APPLIESTO_SERVICENAME
<wsp:AppliesTo>
<wsa:EndpointReference>
<wsa:PortType>http://manufacturer.example.com/</wsa:PortType>
</wsa:EndpointReference>
</wsp:AppliesTo>
static final java.lang.String APPLIESTO_SERVICENAME
Valid values are strings.
See APPLIESTO_ADDRESS
and APPLIESTO_PORTTYPE
<wsp:AppliesTo>
<wsa:EndpointReference>
<wsa:ServiceName>MyServiceName</wsa:ServiceName>
</wsa:EndpointReference>
</wsp:AppliesTo>
static final java.lang.String AUTHENTICATIONTYPE
When set, the trust request will include the following wst:AuthenticationType
element, where "..." is
specified URI:
<wst:AuthenticationType>...</wst:AuthenticationType>
static final java.lang.String CANONICALIZATIONALGORITHM
When set, the trust request will include the following wst:CanonicalizationAlgorithm
element, where "..." is
specified algorithm:
<wst:CanonicalizationAlgorithm>...</wst:CanonicalizationAlgorithm>
static final java.lang.String CLAIMS
May be set to valid URI. For example, if set, the trust request will include the following element, where "..." is specified URI.
<wst:Claims>...</wst:Claims>
Alternatively, may be set to XML text of a valid WS-Trust Claims element.
Example setting for for WS-Trust 1.2:
"<wst:Claims xmlns:wst="http://schemas.xmlsoap.org/ws/2005/02/trust"><ClaimedUser>jane</ClaimedUser></wst:Claims>"
static final java.lang.String CLAIMS_DIALECT
The CLAIMS_DIALECT setting must be used in conjunction with the CLAIMS
setting.
Specifies the Dialect
attribute of the wst:Claims
element. For example:
<wst:Claims Dialect="...">...</wst:Claims>
static final java.lang.String COMPUTEDKEYALGORITHM
When set, the trust request will include the following wst:ComputedKeyAlgorithm
element, where "..." is
specified algorithm:
When set, the trust request will include the following element, where "..." is specified algorithm:
<wst:ComputedKeyAlgorithm>...</wst:ComputedKeyAlgorithm>
static final java.lang.String CONTEXT
When set, the trust request will include the Context attribute in the wst:RequestSecurityToken element, where "..." is the specified context:
<wst:RequestSecurityToken Context="...">
</wst:RequestSecurityToken>
static final java.lang.String DELEGATABLE
true
or false
.When set, the trust request will include the wst:Delegatable element in the trust request, where "..." is the DELEGATABLE setting.
<wst:Delegatable>...</wst:Delegatable>
static final java.lang.String ENCRYPTIONALGORITHM
When set, the trust request will include the following element, where "..." is specified algorithm.
<wst:EncryptionAlgorithm>...</wst:EncryptionAlgorithm>
static final java.lang.String ENCRYPTWITH
When set, the trust request will include the following element, where "..." is the specified algorithm:
<wst:EncryptWith>...</wst:EncryptWith>
static final java.lang.String ENTROPY_BINARYSECRET
When set, the trust request will include the following element, where "..." represents the base64 encoded binary secret:
<wst:Entropy>
<wst:BinarySecret>...</wst:BinarySecret>
</wst:Entropy>
static final java.lang.String ENTROPY_BINARYSECRET_TYPE
When set, the BinarySecret element of the trust request will include the Type attribute, where "..." is the specified type and AAAA is the base64 encrypted binary secret:
<wst:Entropy>
<wst:BinarySecret Type="...">AAAA</wst:BinarySecret>
</wst:Entropy>
static final java.lang.String ENTROPY_ENCRYPTEDKEY_ALGORITHM
When both ENTROPY_ENCRYPTEDKEY_ALGORITHM and ENTROPY_ENCRYPTEDKEY_CIPHERVALUE are set then the following element will be included in the trust request. Below "..." is the ENTROPY_ENCRYPTEDKEY_ALGORITHM setting and AAAA is the ENTROPY_ENCRYPTEDKEY_CIPHERVALUE setting.
<wst:Entropy>
<xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
<xenc:EncryptionMethod Algorithm="...">
<xenc:CipherData>
<xenc:CipherValue>AAAA</xenc:CipherValue>
</xenc:CipherData>
</xenc:EncryptionMethod>
</xenc:EncryptedKey>
</wst:Entropy>
ENTROPY_ENCRYPTEDKEY_CIPHERVALUE
static final java.lang.String ENTROPY_ENCRYPTEDKEY_CIPHERVALUE
When both ENTROPY_ENCRYPTEDKEY_ALGORITHM and ENTROPY_ENCRYPTEDKEY_CIPHERVALUE are set then the following element will be included in the trust request. Below "..." is the ENTROPY_ENCRYPTEDKEY_ALGORITHM setting and "AAAA" is the ENTROPY_ENCRYPTEDKEY_CIPHERVALUE setting.
<wst:Entropy>
<xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
<xenc:EncryptionMethod Algorithm="...">
<xenc:CipherData>
<xenc:CipherValue>AAAA</xenc:CipherValue>
</xenc:CipherData>
</xenc:EncryptionMethod>
</xenc:EncryptedKey>
</wst:Entropy>
ENTROPY_ENCRYPTEDKEY_ALGORITHM
static final java.lang.String FORWARDABLE
true
or false
.When set, the trust request will include the wst:Forwardable element in the trust request, where "..." is the FORWARDABLE setting:
<wst:Forwardable>...</wst:Forwardable>
static final java.lang.String ISSUER_ADDRESS
Valid values are URI strings.
The ISSUER_ADDRESS setting may be used alone or in combination with
ISSUER_PORTTYPE
and ISSUER_SERVICENAME
.
When used alone the formatted wst:Issuer
element will appear in the trust request such as:
<wst:Issuer>
<wsa:Address>http://manufacturer.example.com/</wsa:Address>
</wst:Issuer>
If ISSUER_PORTTYPE
and/or ISSUER_SERVICENAME
are also set, the
settings appear grouped inside wst:Issuer
element such as:
<wst:Issuer>
<wsa:Address>http://manufacturer.example.com/</wsa:Address>
<wsa:PortType>http://manufacturer.example.com/</wsa:PortType>
<wsa:ServiceName>MyServiceName</wsa:ServiceName>
</wst:Issuer>
static final java.lang.String ISSUER_PORTTYPE
Valid values are URI strings.
The ISSUER_PORTTYPE setting may be used alone or in combination with
ISSUER_ADDRESS
and ISSUER_SERVICENAME
.
When used alone the formatted wst:Issuer
element will appear in the trust request such as:
<wst:Issuer>
<wsa:PortType>http://manufacturer.example.com/</wsa:PortType>
</wst:Issuer>
If ISSUER_ADDRESS
and/or ISSUER_SERVICENAME
are also set, the
settings appear grouped inside wst:Issuer
element such as:
<wst:Issuer>
<wsa:Address>http://manufacturer.example.com/</wsa:Address>
<wsa:PortType>http://manufacturer.example.com/</wsa:PortType>
<wsa:ServiceName>MyServiceName</wsa:ServiceName>
</wst:Issuer>
static final java.lang.String ISSUER_SERVICENAME
Valid values are URI strings.
The ISSUER_SERVICENAME setting may be used alone or in combination with
ISSUER_ADDRESS
and ISSUER_PORTTYPE
.
When used alone the formatted wst:Issuer
element will appear in the trust request such as:
<wst:Issuer>
<wsa:ServiceName>http://manufacturer.example.com/</wsa:ServiceName>
</wst:Issuer>
If ISSUER_ADDRESS
and/or ISSUER_PORTTYPE
are also set, the
settings appear grouped inside wst:Issuer
element such as:
<wst:Issuer>
<wsa:Address>http://manufacturer.example.com/</wsa:Address>
<wsa:PortType>http://manufacturer.example.com/</wsa:PortType>
<wsa:ServiceName>MyServiceName</wsa:ServiceName>
</wst:Issuer>
static final java.lang.String KEYSIZE
When set, the trust
request will include the wst:KeySize
element in the trust request, where
"..." is the key size.
<wst:KeySize>...</wst:KeySize>
static final java.lang.String KEYTYPE
When set, the trust request
will include the wst:KeyType
element in the trust request, where "..." is
the key type setting.
For example:
<wst:KeyType>...</wst:KeyType>
static final java.lang.String LIFETIME_CREATED
Valid values are date string.
The LIFETIME_CREATED setting may be used alone or in combination with
LIFETIME_EXPIRES
.
When used alone the formatted wst:Lifetime
element will appear in the trust request such as:
<wst:Lifetime>
<wsu:Created>...</wsu:Created>
</wst:Lifetime>
If LIFETIME_EXPIRES
is also set, the
settings appear grouped inside wst:Lifetime
element such as:
<wst:Lifetime>
<wsu:Created>...</wsu:Created>
<wsu:Expires>...</wsu:Expires>
</wst:Lifetime>
static final java.lang.String LIFETIME_EXPIRES
Valid values are date string.
The LIFETIME_EXPIRES setting may be used alone or in combination with
LIFETIME_CREATED
.
When used alone the formatted wst:Lifetime
element will appear in the trust request such as:
<wst:Lifetime>
<wsu:Created>...</wsu:Created>
</wst:Lifetime>
If LIFETIME_CREATED
is also set, the
settings appear grouped inside wst:Lifetime
element such as:
<wst:Lifetime>
<wsu:Created>...</wsu:Created>
<wsu:Expires>...</wsu:Expires>
</wst:Lifetime>
static final java.lang.String POLICYREFERENCE_URI
POLICYREFERENCE_URI may be set to the URI reference to a policy. When set the formatted wsp:PolicyReference element will be included in the trust request as shown, where "..." is the policy reference URI.
<wsp:PolicyReference URI="..."/>
static final java.lang.String RENEWING_ALLOW
true
or false
.
RENEWING_ALLOW may be used to add a wst:Renewing
element
in the trust request with the "Allow" attribute set.
For example:
<wst:Renewing Allow="..."/>
This setting may be used alone or in combination with {@link #RENEWING_OK).
static final java.lang.String RENEWING_OK
true
or false
.
RENEWING_OK may be used to add a wst:Renewing
element
in the trust request with the "OK" attribute set.
For example:
<wst:Renewing OK="..."/>
This setting may be used alone or in combination with RENEWING_ALLOW
.
static final java.lang.String SIGNATUREALGORITHM
When set, the trust request will include the following element, where "..." is specified signature algorithm.
<wst:SignatureAlgorithm>...</wst:SignatureAlgorithm>
static final java.lang.String SIGNWITH
When set, the trust request will include the following element, where "..." is specified signature algorithm.
<wst:SignWith>...</wst:SignWith>
static final java.lang.String VALIDATETARGET_REFERENCE_URI
When set, the trust
request will include the wst:ValidateTaget
element in the trust request,
where "..." is the URI of the security token referenced.
<wst:ValidateTaget>
<wsse:SecurityTokenReference>
<wsse:Reference URI="..."/>
</wsse:SecurityTokenReference>
</wst:ValidateTaget>
VALIDATETARGET_REFERENCE_VALUETYPE
static final java.lang.String VALIDATETARGET_REFERENCE_VALUETYPE
When set, the trust
request will include the wst:ValidateTaget
element in the trust request as shown
where "..." is the type of security token referenced.
<wst:ValidateTaget>
<wsse:SecurityTokenReference>
<wsse:Reference ValueType="..."/>
</wsse:SecurityTokenReference>
</wst:ValidateTaget>
VALIDATETARGET_REFERENCE_URI
static final java.lang.String TOKENTYPE
When set, the trust
request will include the wst:TokenType
element in the trust request.
Below "..." is the TOKENTYPE setting.
<wst:TokenType>...</wst:TokenType>
|
IBM WebSphere Application ServerTM Release 7 |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |