The SAMLGenerateLoginModule can be used to obtain an application generated SAML token
from a shared state object that is intialized in the application's JAAS login module.
Additionally, the GenericIssuedTokenGenerateLoginModule can also be used to obtain an
application generated SAML token from the shared state. For more information, read the
Generating and consuming SAML tokens using stacked JAAS login modules topic.
About this task
The following procedure describes the setup that is required
to use this functionality.
Procedure
- Save off the shared state object into a class variable
in the initialize method of the JAAS login module.
import com.ibm.websphere.wssecurity.wssapi.token.SecurityToken;
import com.ibm.websphere.wssecurity.wssapi.token.SAMLToken;
import com.ibm.wsspi.wssecurity.core.Constants;
public class myLoginModule implements LoginModule {
...
private Map _sharedState;
...
public void initialize(Subject subject,
CallbackHandle rcallbackHandler,
Map<String, ?> sharedState,
Map<String, ?> options) {
...
this._sharedState = sharedState;
...
}
- Put the application generated SAMLToken on the sharedState
object by using one of the following methods:
- Create an ArrayList of SecurityToken and put the application generated
SAMLToken as the only entry in this list. The WS-Security runtime
loops through the list and uses only the first hit.
- Put the ArrayList object in the _sharedState object with the key
com.ibm.wsspi.wssecurity.core.Constants.WSSECURITY_TOKEN_TO_BE_INSERTED.
com.ibm.wsspi.wssecurity.core.Constants.
WSSECURITY_TOKEN_TO_BE_INSERTED
public boolean login() throws LoginException {
...
SAMLToken mySamlToken=someSAMLToken;
ArrayList<SecurityToken> tokenList =
new ArrayList<SecurityToken>();
tokenList.add(mySamlToken);
_sharedState.put(
Constants.WSSECURITY_TOKEN_TO_BE_INSERTED,
tokenList);
...
}
- Use the GenericSecurityTokenFactory.putGeneratorTokenToSharedState
method to put the SAML token on the _sharedState object.
import com.ibm.websphere.wssecurity.wssapi.token.GenericSecurityTokenFactory;
public boolean login() throws LoginException {
...
SAMLToken mySamlToken=someSAMLToken;
GenericSecurityTokenFactory factory = GenericSecurityTokenFactory.getInstance();
factory.putGeneratorTokenToSharedState(this._sharedState, mySamlToken);
...
}