com.ibm.wsspi.wssecurity.saml.config
Interface RequesterConfig
-
- All Superinterfaces:
- Configuration, RequesterConfiguration
public interface RequesterConfig extends RequesterConfiguration
This interface encapsulates the configuration information for the requesting entity of the SAML token.
User should never implement this interface directly, and is required to useSAMLTokenFactory
to get an instance of RequesterConfig.
-
-
Nested Class Summary
Nested Classes Modifier and Type Interface and Description static class
RequesterConfig.requestMode
-
Nested classes/interfaces inherited from interface com.ibm.wsspi.wssecurity.core.token.config.RequesterConfiguration
RequesterConfiguration.RSTT, RequesterConfiguration.RSTT13
-
-
Field Summary
Fields Modifier and Type Field and Description static long
DEFAULT_CLOCKSKEW
-
Method Summary
Methods Modifier and Type Method and Description boolean
enableNotBefore()
java.lang.String
getAddress()
java.lang.String
getAuthenticatingAuthority()
java.lang.String
getAuthenticationMethod()
Retrieves the type of authentication used by the requester; password authentication.java.lang.String
getAuthnContextDecl()
java.lang.String
getAuthnContextDeclRef()
long
getClockSkew()
Return the allowable clock skew.java.lang.String
getConfirmationMethod()
Retrieves the SAML confirmation method used by the requester.java.lang.String
getEncryptionKeyInfoType()
Retrieves the type of encryption that the requester chooses to apply when holder of key subject confirmation is used.java.lang.String
getHolderOfKeyKeyInfoType()
Retrieves the value type of the holder of key material; e.g a key value indicates the presence of a key material.java.lang.String
getInResponseTo()
RequesterConfig.requestMode
getIssueMode()
java.lang.String
getKeyAliasForAppliesTo()
Retrieves the recipient's key alias that is used to encrypt the proof of key info in the subject confirmation of the SAML token.java.lang.String
getKeyAliasForRequester()
Retrieves the requester's key alias name to be used for the holder of key confirmation.long
getNotOnOrAfter()
java.lang.String
getRecipient()
java.lang.String
getRequesterDNSAddress()
Retrieves the DNS address for the requester.java.lang.String
getRequesterIPAddress()
Retrieves the IP address for the requester.long
getSessionNotOnOrAfter()
java.lang.String
getSignatureKeyInfoType()
Retrieves the type of public key used for the signature on the assertion (e.g.; X509Certificate).java.lang.String
getStatementType()
Retrieves the type of SAML statement being requested.boolean
includeCredentialToken()
boolean
includeExpiration()
boolean
includeGroupIds()
boolean
includeHostName()
boolean
includeOID()
boolean
includePrimaryGroupId()
boolean
includeRealmName()
boolean
includeSecurityName()
boolean
includeUniqueSecurityName()
boolean
isAssertionSignatureRequired()
Retrieves the indication of whether or not this requester requires a signature on the SAML assertion.boolean
isEncryptSAML()
boolean
isOneTimeUse()
Retrieves the indication of whether or not this requester requires an OneTimeUse assertion.boolean
isSessionIndexEnabled()
Retrieves the indication of whether the session between the requester and the authentication service to which the user authenticates will be indexed (uniquely identified) in the SAML assertion.void
setAddress(java.lang.String url)
void
setAssertionSignatureRequired(boolean option)
Sets the indication of whether or not this requester requires a signature on the SAML assertion.void
setAuthenticatingAuthority(java.lang.String url)
void
setAuthenticationMethod(java.lang.String method)
Sets the type of authentication used by the requester; password authentication.void
setAuthnContextDecl(java.lang.String url)
void
setAuthnContextDeclRef(java.lang.String url)
void
setClockSkew(long time)
Set clock skewvoid
setConfirmationMethod(java.lang.String method)
Sets the confirmation method to be used (e.g. bearer, holder of key or sender vouches)void
setEnableNotBefore(boolean notBefore)
void
setEncryptionKeyInfoType(java.lang.String type)
Sets the type of encryption that the requester chooses to apply when holder of key subject confirmation is used.void
setEncryptSAML(boolean enc)
void
setHolderOfKeyKeyInfoType(java.lang.String type)
Sets the value type of the holder of key material; e.g a keyValue indicates the presence of a key material.void
setIncludeCredentialToken(boolean flag)
Sets boolean flag to assert CredentialToken from WSCredential as an SAML attribute.void
setIncludeExpiration(boolean flag)
Sets boolean flag to assert Expiration from WSCredential as an SAML attribute.void
setIncludeGroupIds(boolean flag)
Sets boolean flag to assert GroupIds from WSCredential as an SAML attribute.void
setIncludeHostName(boolean flag)
Sets boolean flag to assert HostName from WSCredential as an SAML attribute.void
setIncludeOID(boolean flag)
Sets boolean flag to assert OID from WSCredential as an SAML attribute.void
setIncludePrimaryGroupId(boolean flag)
Sets boolean flag to assert PrimaryGroupId from WSCredential as an SAML attribute.void
setIncludeRealmName(boolean flag)
Sets boolean flag to assert realm from WSCredential as an SAML attribute.void
setIncludeSecurityName(boolean flag)
Sets boolean flag to assert SecurityName from WSCredential as an SAML attribute.void
setIncludeUniqueSecurityName(boolean flag)
Sets boolean flag to assert UniqueSecurityName from WSCredential as an SAML attribute.void
setInResponseTo(java.lang.String url)
void
setIssueMode(RequesterConfig.requestMode mode)
void
setKeyAliasForAppliesTo(java.lang.String type)
Sets the recipient's key alias that is used to encrypt the proof of key info in the subject confirmation of the SAML token.void
setKeyAliasForRequester(java.lang.String alias)
Sets the requester's key alias name to be used for the holder of key confirmation.void
setNotOnOrAfter(long minutes)
void
setOneTimeUse(boolean option)
Sets the indication of whether or not this requester requires an OneTimeUse assertion.void
setRecipient(java.lang.String url)
void
setRequesterDNSAddress(java.lang.String dns)
Sets the DNS address for the SubjectLocality.void
setRequesterIPAddress(java.lang.String ip)
Sets the IP address for the SubjectLocality.void
setSessionNotOnOrAfter(long minutes)
void
setSignatureKeyInfoType(java.lang.String type)
Sets the type of public key used for the signature on the assertion (e.g.; X509Certificate).void
setStatementType(java.lang.String type)
Sets the type of SAML statement being requested.void
setUseSha2ForSignature(boolean flag)
Set the flag.void
setUseUniqueSecurityName(boolean flag)
Sets boolean flag to use UniqueSecurityName from WSCredential as NameID or NameIdentifier.boolean
useSha2ForSignature()
Return the flag.boolean
useUniqueSecurityName()
-
Methods inherited from interface com.ibm.wsspi.wssecurity.core.token.config.RequesterConfiguration
getRSTTProperties, setRSTTProperties
-
Methods inherited from interface com.ibm.wsspi.wssecurity.core.config.Configuration
validate
-
-
-
-
Field Detail
-
DEFAULT_CLOCKSKEW
static final long DEFAULT_CLOCKSKEW
- See Also:
- Constant Field Values
-
-
Method Detail
-
getConfirmationMethod
java.lang.String getConfirmationMethod()
Retrieves the SAML confirmation method used by the requester. Subject confirmation is of three type:- bearer
- holder of key
- sender vouches <\UL>
- Returns:
- a string indicating the confirmation method used.
-
getEncryptionKeyInfoType
java.lang.String getEncryptionKeyInfoType()
Retrieves the type of encryption that the requester chooses to apply when holder of key subject confirmation is used.- Returns:
- a string indicating the type of encryption key to be used.
-
getHolderOfKeyKeyInfoType
java.lang.String getHolderOfKeyKeyInfoType()
Retrieves the value type of the holder of key material; e.g a key value indicates the presence of a key material.- Returns:
- a string indicating the type of of holder of key value.
-
isSessionIndexEnabled
boolean isSessionIndexEnabled()
Retrieves the indication of whether the session between the requester and the authentication service to which the user authenticates will be indexed (uniquely identified) in the SAML assertion.- Returns:
- a boolean value indicating whether the authentication session is to be indexed.
-
getSignatureKeyInfoType
java.lang.String getSignatureKeyInfoType()
Retrieves the type of public key used for the signature on the assertion (e.g.; X509Certificate).- Returns:
- a string representing the type of public key used for the signature on the assertion.
-
getStatementType
java.lang.String getStatementType()
Retrieves the type of SAML statement being requested.- Returns:
- a string representing the type of statement requested.
-
getAuthenticationMethod
java.lang.String getAuthenticationMethod()
Retrieves the type of authentication used by the requester; password authentication.- Returns:
- a string representing the type of authentication used by the requester.
-
getKeyAliasForAppliesTo
java.lang.String getKeyAliasForAppliesTo()
Retrieves the recipient's key alias that is used to encrypt the proof of key info in the subject confirmation of the SAML token.- Returns:
- a string representing the key alias for the recipient (consumer of the SAML token).
-
getKeyAliasForRequester
java.lang.String getKeyAliasForRequester()
Retrieves the requester's key alias name to be used for the holder of key confirmation.- Returns:
- a string representing the key alias for the requester of the SAML token.
-
getRequesterDNSAddress
java.lang.String getRequesterDNSAddress()
Retrieves the DNS address for the requester.- Returns:
- a string representing the requester's DNS address.
-
getRequesterIPAddress
java.lang.String getRequesterIPAddress()
Retrieves the IP address for the requester.- Returns:
- a string representing the requester's IP address.
-
isAssertionSignatureRequired
boolean isAssertionSignatureRequired()
Retrieves the indication of whether or not this requester requires a signature on the SAML assertion.- Returns:
- a boolean for whether the requester requires signed assertions.
-
isOneTimeUse
boolean isOneTimeUse()
Retrieves the indication of whether or not this requester requires an OneTimeUse assertion.- Returns:
- a boolean for whether the requester requires an OneTimeUse assertion.
-
setConfirmationMethod
void setConfirmationMethod(java.lang.String method)
Sets the confirmation method to be used (e.g. bearer, holder of key or sender vouches)- Parameters:
a
- string representing the subject confirmation method to be used.
-
setEncryptionKeyInfoType
void setEncryptionKeyInfoType(java.lang.String type)
Sets the type of encryption that the requester chooses to apply when holder of key subject confirmation is used.- Parameters:
a
- string indicating the type of encryption key to be used.
-
setHolderOfKeyKeyInfoType
void setHolderOfKeyKeyInfoType(java.lang.String type)
Sets the value type of the holder of key material; e.g a keyValue indicates the presence of a key material.- Parameters:
a
- string indicating the type of of holder of key value.
-
setSignatureKeyInfoType
void setSignatureKeyInfoType(java.lang.String type)
Sets the type of public key used for the signature on the assertion (e.g.; X509Certificate).- Parameters:
a
- string representing the type of public key used for the signature on the assertion.
-
setStatementType
void setStatementType(java.lang.String type)
Sets the type of SAML statement being requested.- Parameters:
a
- string representing the type of statement requested.
-
setAuthenticationMethod
void setAuthenticationMethod(java.lang.String method)
Sets the type of authentication used by the requester; password authentication.- Parameters:
a
- string representing the type of authentication used by the requester.
-
setKeyAliasForAppliesTo
void setKeyAliasForAppliesTo(java.lang.String type)
Sets the recipient's key alias that is used to encrypt the proof of key info in the subject confirmation of the SAML token.- Parameters:
a
- string representing the key alias for the recipient (consumer of the SAML token).
-
setKeyAliasForRequester
void setKeyAliasForRequester(java.lang.String alias)
Sets the requester's key alias name to be used for the holder of key confirmation.- Parameters:
a
- string representing the key alias for the requester of the SAML token.
-
setRequesterDNSAddress
void setRequesterDNSAddress(java.lang.String dns)
Sets the DNS address for the SubjectLocality.- Parameters:
a
- string representing the system's DNS address where requester is authenticated.
-
setRequesterIPAddress
void setRequesterIPAddress(java.lang.String ip)
Sets the IP address for the SubjectLocality.- Parameters:
a
- string representing the system's IP address where requester is authenticated.
-
setAssertionSignatureRequired
void setAssertionSignatureRequired(boolean option)
Sets the indication of whether or not this requester requires a signature on the SAML assertion.- Parameters:
a
- boolean for whether the requester requires signed assertions.
-
setOneTimeUse
void setOneTimeUse(boolean option)
Sets the indication of whether or not this requester requires an OneTimeUse assertion.- Parameters:
a
- boolean for whether the requester requires requires an OneTimeUse assertion.
-
getClockSkew
long getClockSkew()
Return the allowable clock skew.- Returns:
- the maximum allowable clock skew
-
setClockSkew
void setClockSkew(long time)
Set clock skew- Parameters:
clock
- skew in milliseconds
-
includeRealmName
boolean includeRealmName()
-
setIncludeRealmName
void setIncludeRealmName(boolean flag)
Sets boolean flag to assert realm from WSCredential as an SAML attribute.- Parameters:
boolean
- flag to assert realm from WSCredential as an SAML attribute.
-
includeSecurityName
boolean includeSecurityName()
-
setIncludeSecurityName
void setIncludeSecurityName(boolean flag)
Sets boolean flag to assert SecurityName from WSCredential as an SAML attribute.- Parameters:
boolean
- flag to assert SecurityName from WSCredential as an SAML attribute.
-
includeUniqueSecurityName
boolean includeUniqueSecurityName()
-
setIncludeUniqueSecurityName
void setIncludeUniqueSecurityName(boolean flag)
Sets boolean flag to assert UniqueSecurityName from WSCredential as an SAML attribute.- Parameters:
boolean
- flag to assert UniqueSecurityName from WSCredential as an SAML attribute.
-
includeCredentialToken
boolean includeCredentialToken()
-
setIncludeCredentialToken
void setIncludeCredentialToken(boolean flag)
Sets boolean flag to assert CredentialToken from WSCredential as an SAML attribute.- Parameters:
boolean
- flag to assert CredentialToken from WSCredential as an SAML attribute.
-
includeOID
boolean includeOID()
-
setIncludeOID
void setIncludeOID(boolean flag)
Sets boolean flag to assert OID from WSCredential as an SAML attribute.- Parameters:
boolean
- flag to assert OID from WSCredential as an SAML attribute.
-
includeExpiration
boolean includeExpiration()
-
setIncludeExpiration
void setIncludeExpiration(boolean flag)
Sets boolean flag to assert Expiration from WSCredential as an SAML attribute.- Parameters:
boolean
- flag to assert Expiration from WSCredential as an SAML attribute.
-
includePrimaryGroupId
boolean includePrimaryGroupId()
-
setIncludePrimaryGroupId
void setIncludePrimaryGroupId(boolean flag)
Sets boolean flag to assert PrimaryGroupId from WSCredential as an SAML attribute.- Parameters:
boolean
- flag to assert PrimaryGroupId from WSCredential as an SAML attribute.
-
includeGroupIds
boolean includeGroupIds()
-
setIncludeGroupIds
void setIncludeGroupIds(boolean flag)
Sets boolean flag to assert GroupIds from WSCredential as an SAML attribute.- Parameters:
boolean
- flag to assert GroupIds from WSCredential as an SAML attribute.
-
includeHostName
boolean includeHostName()
-
setIncludeHostName
void setIncludeHostName(boolean flag)
Sets boolean flag to assert HostName from WSCredential as an SAML attribute.- Parameters:
boolean
- flag to assert HostName from WSCredential as an SAML attribute.
-
useUniqueSecurityName
boolean useUniqueSecurityName()
-
setUseUniqueSecurityName
void setUseUniqueSecurityName(boolean flag)
Sets boolean flag to use UniqueSecurityName from WSCredential as NameID or NameIdentifier.- Parameters:
boolean
- flag to use UniqueSecurityName from WSCredential as NameID or NameIdentifier.
-
getIssueMode
RequesterConfig.requestMode getIssueMode()
-
setIssueMode
void setIssueMode(RequesterConfig.requestMode mode)
-
useSha2ForSignature
boolean useSha2ForSignature()
Return the flag.- Returns:
- the flag if use Sha2 for signature
-
setUseSha2ForSignature
void setUseSha2ForSignature(boolean flag)
Set the flag.- Parameters:
the
- flag to use Sha2 for signature
-
setInResponseTo
void setInResponseTo(java.lang.String url)
-
getInResponseTo
java.lang.String getInResponseTo()
-
setRecipient
void setRecipient(java.lang.String url)
-
getRecipient
java.lang.String getRecipient()
-
setAddress
void setAddress(java.lang.String url)
-
getAddress
java.lang.String getAddress()
-
setEnableNotBefore
void setEnableNotBefore(boolean notBefore)
-
enableNotBefore
boolean enableNotBefore()
-
setNotOnOrAfter
void setNotOnOrAfter(long minutes)
-
getNotOnOrAfter
long getNotOnOrAfter()
-
setAuthnContextDeclRef
void setAuthnContextDeclRef(java.lang.String url)
-
getAuthnContextDeclRef
java.lang.String getAuthnContextDeclRef()
-
setAuthnContextDecl
void setAuthnContextDecl(java.lang.String url)
-
getAuthnContextDecl
java.lang.String getAuthnContextDecl()
-
setAuthenticatingAuthority
void setAuthenticatingAuthority(java.lang.String url)
-
getAuthenticatingAuthority
java.lang.String getAuthenticatingAuthority()
-
setSessionNotOnOrAfter
void setSessionNotOnOrAfter(long minutes)
-
getSessionNotOnOrAfter
long getSessionNotOnOrAfter()
-
setEncryptSAML
void setEncryptSAML(boolean enc)
-
isEncryptSAML
boolean isEncryptSAML()
-
-