IBM WebSphere Application ServerTM
Release 7

com.ibm.wsspi.wssecurity.saml.config
Interface ConsumerConfig

All Superinterfaces:
Configuration, ConsumerConfiguration

public interface ConsumerConfig
extends ConsumerConfiguration

This interface encapsulates getter and setter methods for the configuration attributes of the SAML token consumer.

User should never implement this interface directly, and is required to use SAMLTokenFactory to get an instance of ConsumerConfig.


Field Summary
static long DEFAULT_CLOCKSKEW
           
 
Method Summary
 void addCertStore(java.security.cert.CertStore certStore)
          Adds a cert store to the current cert store list
 void addCRLPath(java.lang.String value)
          Adds revoked certificate list.
 void addX509Path(java.lang.String value)
          Adds Intermediate certificate file.
 java.lang.String getAlgorithmSuite()
          Returns the Encryption Algorithm for encrypted token or key.
 java.lang.String getAliasForTokenProvider()
          Returns a string representing the key alias corresponding to the token provider.
 java.util.List<java.security.cert.CertStore> getCertStores()
          Gets the cert store list
 long getClockSkew()
          Return the allowable clock skew.
 java.util.List<java.lang.String> getCRLPaths()
          Get the list of revoked certificate list files.
 KeyInformationConfig getKeyInformationConfig()
          Returns the KeyInformationConfig object to be be used to decrypt an encrypted SAML token or key.
 KeyStoreConfig getKeyStoreConfig()
          Returns the KeyStoreConfig object used for the decryption of a SAML token or keys.
 boolean getRevocationEnabled()
          Gets the setting of the revocationEnabled flag
 KeyStoreConfig getTrustStoreConfig()
          Returns the KeyStoreConfig object used in the validation of the SAML Enveloped-Signature.
 java.util.List<java.lang.String> getX509Paths()
          Get the list of intermediate certificate files.
 boolean isAssertionSignatureRequired()
          Returns an indication as to whether this token consumer requires signed SAML assertions.
 void setAlgorithmSuite(java.lang.String alg)
          Sets the encryption algorithm for the encrypted token or key.
 void setAliasForTokenProvider(java.lang.String alias)
          Sets alias for Token provider's key.
 void setAssertionSignatureRequired(boolean option)
          Indicates if signature on the assertion is required by this consumer.
 void setCertStores(java.util.List<java.security.cert.CertStore> certStores)
          Sets the cert store list
 void setClockSkew(long time)
          Set clock skew
 void setCRLPath(java.util.List value)
          Sets revoked certificate list.
 void setKeyInformationConfig(KeyInformationConfig kic)
          Sets the Key Information configuration attribute.
 void setKeyStoreConfig(KeyStoreConfig ksc)
          Sets the KeyStore configuration attribute.
 void setRevocationEnabled(boolean value)
          Enables certificate revocation.
 void setTrustAnySTS(boolean option)
          Indicates if this consumer trusts all token providers.
 void setTrustStoreConfig(KeyStoreConfig tsc)
          Sets the TrustStore configuration attribute.
 void setX509Path(java.util.List value)
          Sets intermediate certificate file lists.
 boolean trustAnySTS()
          Returns an indication as to whether this token consumer trusts all token providers.
 
Methods inherited from interface com.ibm.wsspi.wssecurity.core.config.Configuration
validate
 

Field Detail

DEFAULT_CLOCKSKEW

static final long DEFAULT_CLOCKSKEW
See Also:
Constant Field Values
Method Detail

getAlgorithmSuite

java.lang.String getAlgorithmSuite()
Returns the Encryption Algorithm for encrypted token or key.

Returns:
a string representing the Encryption Algorithm for encrypted SAML token or keys.

getKeyInformationConfig

KeyInformationConfig getKeyInformationConfig()
Returns the KeyInformationConfig object to be be used to decrypt an encrypted SAML token or key.

Returns:
KeyInformationConfig for the decryption of encrypted SAML token or keys.
See Also:
KeyInformationConfig

getKeyStoreConfig

KeyStoreConfig getKeyStoreConfig()
Returns the KeyStoreConfig object used for the decryption of a SAML token or keys.

Returns:
KeyStoreConfig for the decryption of encrypted SAML token or Keys.
See Also:
KeyStoreConfig

getTrustStoreConfig

KeyStoreConfig getTrustStoreConfig()
Returns the KeyStoreConfig object used in the validation of the SAML Enveloped-Signature.

Returns:
KeyStoreConfig object to be used for the SAML Enveloped-Signature validation.
See Also:
KeyStoreConfig

getAliasForTokenProvider

java.lang.String getAliasForTokenProvider()
Returns a string representing the key alias corresponding to the token provider.

Returns:
alias name for the token provider's key.

isAssertionSignatureRequired

boolean isAssertionSignatureRequired()
Returns an indication as to whether this token consumer requires signed SAML assertions.

Returns:
boolean true or false indicating if the consumer of the SAML token requires signed assertions.

trustAnySTS

boolean trustAnySTS()
Returns an indication as to whether this token consumer trusts all token providers.

Returns:
boolean true or false indicating if the consumer of the SAML token trusts all token providers.

setAlgorithmSuite

void setAlgorithmSuite(java.lang.String alg)
Sets the encryption algorithm for the encrypted token or key.

Parameters:
alg - a string representing the algorithm.

setKeyInformationConfig

void setKeyInformationConfig(KeyInformationConfig kic)
Sets the Key Information configuration attribute.

See Also:
KeyInformationConfig

setKeyStoreConfig

void setKeyStoreConfig(KeyStoreConfig ksc)
Sets the KeyStore configuration attribute.

See Also:
KeyStoreConfig

setTrustStoreConfig

void setTrustStoreConfig(KeyStoreConfig tsc)
Sets the TrustStore configuration attribute.

Parameters:
tsc - of KeyStoreConfig type.
See Also:
KeyStoreConfig

setAliasForTokenProvider

void setAliasForTokenProvider(java.lang.String alias)
Sets alias for Token provider's key.

Parameters:
alias - name for the provider's key.

setAssertionSignatureRequired

void setAssertionSignatureRequired(boolean option)
Indicates if signature on the assertion is required by this consumer.

Parameters:
option - boolean true or false.

setTrustAnySTS

void setTrustAnySTS(boolean option)
Indicates if this consumer trusts all token providers.

Parameters:
option - boolean true or false.

getClockSkew

long getClockSkew()
Return the allowable clock skew.

Returns:
the maximum allowable clock skew

setClockSkew

void setClockSkew(long time)
Set clock skew

Parameters:
clock - kew in milliseconds

getX509Paths

java.util.List<java.lang.String> getX509Paths()
Get the list of intermediate certificate files.

Returns:
the list of intermediate certificate files

getCRLPaths

java.util.List<java.lang.String> getCRLPaths()
Get the list of revoked certificate list files.

Returns:
the list of CRL files

addX509Path

void addX509Path(java.lang.String value)
Adds Intermediate certificate file.

Parameters:
CRL - file

addCRLPath

void addCRLPath(java.lang.String value)
Adds revoked certificate list.

Parameters:
revoked - certificate list

setX509Path

void setX509Path(java.util.List value)
Sets intermediate certificate file lists.

Parameters:
intermediate - certificate file list

setCRLPath

void setCRLPath(java.util.List value)
Sets revoked certificate list.

Parameters:
revoked - certificate list

setRevocationEnabled

void setRevocationEnabled(boolean value)
Enables certificate revocation. This sets the revocationEnabled flag, for use in the PKIXBuilderParameters. This revocationEnabled is used in conjunction with certificate revocation lists

Parameters:
boolean - true or false indicating if certificate revocation should be turned on

getRevocationEnabled

boolean getRevocationEnabled()
Gets the setting of the revocationEnabled flag

Returns:
boolean true or false indicating if certificate revocation is enabled

setCertStores

void setCertStores(java.util.List<java.security.cert.CertStore> certStores)
Sets the cert store list

Parameters:
cert - store list

getCertStores

java.util.List<java.security.cert.CertStore> getCertStores()
Gets the cert store list

Returns:
cert store list

addCertStore

void addCertStore(java.security.cert.CertStore certStore)
Adds a cert store to the current cert store list

Parameters:
cert - store

IBM WebSphere Application ServerTM
Release 7