|
IBM WebSphere Application ServerTM Release 7 |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectcom.ibm.websphere.wssecurity.callbackhandler.SAMLConsumeCallback
public class SAMLConsumeCallback
This is a Callback class used to collect configuration data associated with
the consumer of an incoming SAML token.
It is important to note that an incoming token (inbound request) is checked
for expiration using the token's own expiration date and the clock skew between
the sending and the receiving system. The expiration date of the token
must be above the current time minus the clock skew value. The default clock skew
is set to: 3 minutes.
A SAML token remains valid in the process if it was valid at the time the process received that token.
SAMLToken
,
SAMLTokenFactory
Constructor Summary | |
---|---|
SAMLConsumeCallback()
|
Method Summary | |
---|---|
boolean |
enforceAudienceRestriction()
Returns the flag whether AudienceRestriction assertion validation is required. |
boolean |
enforceOneTimeUse()
Returns the flag whether OneTimeUse or DoNotCacheCondition assertion validation is required. |
java.lang.String |
getAlias()
Returns the alias name used by the consumer of the SAML token in its keyStore. |
long |
getClockSkew()
Returns the time in milliseconds that is allowed for clock skew between the token issuer and the consumer. |
java.lang.String |
getConfirmationMethod()
Returns the ConfirmationMethod to be used when requesting/generating a SAML token. |
java.util.List<java.lang.String> |
getCRLPaths()
Gets the set of revoked certificate lists files |
java.lang.String |
getEncryptionAlgorithm()
Returns the algorithm for the encryption |
java.lang.String |
getKeyName()
Returns the name of the key used by the token consumer. |
char[] |
getKeyPassword()
Returns the password for recovering the key. |
char[] |
getKeyStorePassword()
Returns the password for the keyStore used by the consumer of the SAML token. |
java.lang.String |
getKeyStorePath()
Returns the file path for the keyStore used by the consumer of the SAML token. |
java.lang.String |
getKeyStoreReference()
Returns the reference name of the keyStore used by the token consumer (e.g. a service). |
java.lang.String |
getKeyStoreType()
Returns the type of the keyStore used by the consumer of the SAML token. |
java.util.ArrayList<java.lang.String[]> |
getTrustedIssuers()
|
java.lang.String |
getTrustedSTSAlias()
Returns the alias used to locate the key used by the SAML token issuer. |
char[] |
getTrustStorePassword()
Returns the password for the trustStore used by the token consumer. |
java.lang.String |
getTrustStorePath()
Returns the file path to the trustStore used by the token consumer. |
java.lang.String |
getTrustStoreRef()
Returns the reference name of the trustStore used by the token consumer. |
java.lang.String |
getTrustStoreType()
Returns the type of the trustStore used by the token consumer. |
java.util.List<java.lang.String> |
getX509Paths()
Gets the set of intermediate certificate files |
boolean |
isSignatureRequired()
Returns the flag whether signature on the SAML token from the issuer is required. |
boolean |
isTrustAnySigner()
Returns the flag whether to trust any SAML token issuer. |
void |
setAlias(java.lang.String alias)
Sets the key alias name in the consumer's keyStore. |
void |
setClockSkew(long time)
Sets the time in milliseconds that is allowed for clock skew between the token issuer and the consumer. |
void |
setConfirmationMethod(java.lang.String method)
Sets the type of Subject ConfirmationMethod to be used by the token requester. |
void |
setCRLPath(java.util.List value)
Sets revoked certificate list file. |
void |
setEncryptionAlgorithm(java.lang.String encryptionAlgorithm)
Sets the algorithm for the encryption |
void |
setEnforceAudienceRestriction(boolean flag)
Set the flag whether AudienceRestriction validation is required. |
void |
setEnforceOneTimeUse(boolean flag)
Set the flag whether OneTimeUse or DoNotCacheCondition validation is required. |
void |
setIsSignatureRequired(boolean option)
Set the flag whether signature by the SAML token issuer is required. |
void |
setKeyName(java.lang.String keyName)
Sets the name of the key used by the token consumer. |
void |
setKeyPassword(char[] keyPassword)
Sets the password for recovering the key. |
void |
setKeyStorePassword(char[] keyStorePassword)
Sets the type of the keyStore used by the consumer of the SAML token. |
void |
setKeyStorePath(java.lang.String keyStorePath)
Sets the file path for the keyStore used by the consumer of the SAML token.. |
void |
setKeyStoreReference(java.lang.String keyStoreRef)
Sets the reference name of the keyStore used by the token consumer (e.g. a service). |
void |
setKeyStoreType(java.lang.String keyStoreType)
Sets the type of the keyStore by the consumer of the SAML token. |
void |
setTrustAnySigner(boolean option)
Sets the flag whether to trust any SAML token issuer. |
void |
setTrustedIssuers(java.util.ArrayList<java.lang.String[]> issuers)
|
void |
setTrustedSTSAlias(java.lang.String alias)
Sets alias name for the key used by the SAML token issuer |
void |
setTrustStorePassword(char[] passwd)
Sets the password for the trustStore used by the token consumer. |
void |
setTrustStorePath(java.lang.String path)
Sets the file path to the trustStore used by the token consumer. |
void |
setTrustStoreRef(java.lang.String ref)
Sets the reference name of the truStstore used by the token consumer. |
void |
setTrustStoreType(java.lang.String type)
Sets the type of the trustStore used by the token consumer. |
void |
setX509Path(java.util.List value)
Sets intermediate certificate file list. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public SAMLConsumeCallback()
Method Detail |
---|
public java.lang.String getKeyStoreReference()
public void setKeyStoreReference(java.lang.String keyStoreRef)
keyStoreRef
- string representing the reference name of the keyStore.public java.lang.String getKeyStorePath()
public void setKeyStorePath(java.lang.String keyStorePath)
keyStorePath
- string representing the path to the keyStore.public java.lang.String getKeyStoreType()
public void setKeyStoreType(java.lang.String keyStoreType)
keyStoreType
- string representing the type of the keyStorepublic char[] getKeyStorePassword()
public void setKeyStorePassword(char[] keyStorePassword)
keyStorePassword
- character array that contains the password used to check the integrity or unlock
the keyStore for the consumer of the SAML token.public java.lang.String getAlias()
public void setAlias(java.lang.String alias)
alias
- string representing the alias name.public char[] getKeyPassword()
public void setKeyPassword(char[] keyPassword)
keyPassword
- character array that contains the password for recovering the key.public java.lang.String getKeyName()
public void setKeyName(java.lang.String keyName)
keyName
- string that contains the name of the key.public java.lang.String getTrustStoreRef()
public void setTrustStoreRef(java.lang.String ref)
ref
- string that contains the reference name of the trustStore.public java.lang.String getTrustStorePath()
public void setTrustStorePath(java.lang.String path)
path
- String that contains the path to the trustStore.public java.lang.String getTrustStoreType()
public void setTrustStoreType(java.lang.String type)
type
- a string that contains the type of trustStore.public char[] getTrustStorePassword()
public void setTrustStorePassword(char[] passwd)
storePassword
- a character array that contains the password used to check the integrity of the
trustStore or to unlock it.public java.lang.String getTrustedSTSAlias()
public void setTrustedSTSAlias(java.lang.String alias)
alias
- a string that contains the alias name.public boolean isTrustAnySigner()
public void setTrustAnySigner(boolean option)
option
- boolean for the flag whether to trust any SAML token issuer.public boolean isSignatureRequired()
public void setIsSignatureRequired(boolean option)
option
- boolean flag whether the signature by the SAML token issuer is required.public long getClockSkew()
public void setClockSkew(long time)
time
- a long integer representing time for the clockSkew value in milliseconds.public boolean enforceOneTimeUse()
public boolean enforceAudienceRestriction()
public void setEnforceOneTimeUse(boolean flag)
option
- boolean flag whether OneTimeUse or DoNotCacheCondition validation is required.public void setEnforceAudienceRestriction(boolean flag)
option
- boolean flag whether AudienceRestriction validation is required.public java.util.ArrayList<java.lang.String[]> getTrustedIssuers()
public void setTrustedIssuers(java.util.ArrayList<java.lang.String[]> issuers)
public java.lang.String getConfirmationMethod()
public void setConfirmationMethod(java.lang.String method)
method
- a string identifying the Subject ConfirmationMethod.public void setEncryptionAlgorithm(java.lang.String encryptionAlgorithm)
encryptionAlgorithm
- encryption algorithmpublic java.lang.String getEncryptionAlgorithm()
public java.util.List<java.lang.String> getCRLPaths()
public java.util.List<java.lang.String> getX509Paths()
public void setX509Path(java.util.List value)
X509
- Certificate Listpublic void setCRLPath(java.util.List value)
revoked
- certificate list file
|
IBM WebSphere Application ServerTM Release 7 |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |