TrustAuthorityClient.java revision 4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1c
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * Copyright (c) 2007 Sun Microsystems Inc. All Rights Reserved
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * The contents of this file are subject to the terms
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * of the Common Development and Distribution License
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * (the License). You may not use this file except in
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * compliance with the License.
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * You can obtain a copy of the License at
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * https://opensso.dev.java.net/public/CDDLv1.0.html or
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * See the License for the specific language governing
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * permission and limitations under the License.
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * When distributing Covered Code, include this CDDL
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * Header Notice in each file and include the License file
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * If applicable, add the following below the CDDL Header,
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * with the fields enclosed by brackets [] replaced by
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * your own identifying information:
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * "Portions Copyrighted [year] [name of copyright owner]"
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * $Id: TrustAuthorityClient.java,v 1.29 2009/10/13 23:19:48 mallas Exp $
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Fosterimport com.sun.identity.wss.security.SecurityToken;
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Fosterimport com.sun.identity.wss.provider.ProviderConfig;
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Fosterimport com.sun.identity.wss.provider.TrustAuthorityConfig;
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Fosterimport com.sun.identity.wss.security.AssertionToken;
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Fosterimport com.sun.identity.wss.security.FAMSecurityToken;
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Fosterimport com.sun.identity.wss.security.SAML2Token;
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Fosterimport com.sun.identity.wss.security.UserNameToken;
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Fosterimport com.sun.identity.classloader.FAMClassLoader;
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Fosterimport com.sun.identity.wss.security.SecurityMechanism;
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Fosterimport com.sun.identity.wss.trust.WSTrustFactory;
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Fosterimport com.sun.identity.wss.trust.RequestSecurityToken;
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Fosterimport com.sun.identity.wss.trust.RequestSecurityTokenResponse;
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Fosterimport com.sun.identity.wss.trust.RequestSecurityTokenResponseCollection;
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Fosterimport com.sun.identity.common.SystemConfigurationUtil;
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Fosterimport com.sun.identity.shared.jaxrpc.SOAPClient;
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Fosterimport com.sun.identity.wss.security.handler.SOAPRequestHandler;
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Fosterimport com.sun.identity.wss.security.SecurityException;
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Fosterimport com.sun.identity.wss.trust.RequestedProofToken;
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * The class <code>TrustAuthorityClient</code> is a client API class that is
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * used to obtain the Security Tokens from the trusted authority services such
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * as Security Token Service (STS) or Liberty Discovery Service.
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * In this current OpenSSO 8.0 release, this client API is used as STS client
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * API class that retrieves Security Tokens from STS service by making WS-Trust
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * request and receiving WS-Trust response.
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * @supported.all.api
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster private static final String KEYTYPE = "KeyType";
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster private byte[] secretKey;
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * Creates a new instance of TrustAuthorityClient.
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * Returns the <code>SecurityToken</code> for the web services client from
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * a trusted authority, which is Security Token Service (STS).
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * The web services client configuation and web service
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * information is identified by the client provider configuration.
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * @param pc Provider configuration of the web services client.
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * @param credential User's credential. The user's credential could be
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * Single Sign-On Token or a SAML Assertion or any other object.
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * @return SecurityToken security token for the web services consumer.
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * @exception FAMSTSException if it's unable to retrieve security token.
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster return getSecurityToken(pc,null,null,null,credential,null,null, null);
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * Returns the <code>SecurityToken</code> for the web services client from
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * a trusted authority, which is Security Token Service (STS).
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * The web services client configuation and web service
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * information is identified by the client provider configuration.
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * @param pc Provider configuration of the web services client.
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * @param credential User's credential. The user's credential could be
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * Single Sign-On Token or a SAML Assertion or any other object.
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * @param context Web context under which this class is running.
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * @return SecurityToken security token for the web services consumer.
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * @exception FAMSTSException if it's unable to retrieve security token.
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster ServletContext context) throws FAMSTSException {
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster return getSecurityToken(pc,null,null,null,credential,null,null,context);
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * Returns the <code>SecurityToken</code> for the web services client from
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * a trusted authority, which is Security Token Service (STS).
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * @param wspEndPoint Web Service Provider end point.
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * @param stsEndPoint Security Token Service end point.
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * @param stsMexEndPoint Security Token Service MEX end point.
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * @param credential User's credential. The user's credential could be
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * Single Sign-On Token or a SAML Assertion or any other object.
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * @param securityMech Required Security Mechanism by Web Service Client.
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * @param context web context under which this class is running.
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * @return SecurityToken security token for the web services consumer.
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster * @exception FAMSTSException if it's unable to retrieve security token.
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster ServletContext context) throws FAMSTSException {
5c099afa7c9361afc2f4477fec0e3018588d7840Allan Foster return getSecurityToken(null,wspEndPoint,stsEndPoint,stsMexEndPoint,
return null;
throw new FAMSTSException(
return null;
throws FAMSTSException {
+ stsEndpoint);
+ stsMexAddress);
+ wspEndPoint);
+ keyType);
data,
null);
throw new FAMSTSException (
throw new FAMSTSException (
data,
null);
data,
null);
throw new FAMSTSException(
throw new FAMSTSException(
throw new FAMSTSException(
return null;
throws FAMSTSException {
throws FAMSTSException {
throw new FAMSTSException (
throw new FAMSTSException (
return null;
throws FAMSTSException {
throw new FAMSTSException(
throw new FAMSTSException(
return claimTypes;