STSRemoteConfig.java revision 4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1c
/**
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2008 Sun Microsystems Inc. All Rights Reserved
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at opensso/legal/CDDLv1.0.txt.
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*
* $Id: STSRemoteConfig.java,v 1.6 2009/11/16 21:52:59 mallas Exp $
*/
/**
* This class provides STS service configuration remotely so that the
* authentication provider could use this configuration while validating
* the requests to the STS Service.
*/
public class STSRemoteConfig {
private String stsEndpoint;
private boolean isResponseSign = false;
private boolean isResponseEncrypt = false;
private boolean isRequestSign = false;
private boolean isRequestEncrypt = false;
private boolean isRequestHeaderEncrypt = false;
private String privateKeyType;
private String privateKeyAlias;
private String publicKeyAlias;
private String kerberosDomainServer;
private String kerberosDomain;
private String kerberosServicePrincipal;
private String kerberosKeyTabFile;
private boolean isVerifyKrbSignature = false;
private int encryptionStrength = 0;
private boolean detectUserTokenReplay = true;
private boolean detectMessageReplay = true;
public STSRemoteConfig() {
try {
} catch (SSOException ssoEx) {
} catch (SMSException smsEx) {
}
}
/**
* This method reads values from service schema.
*/
}
}
}
} else {
}
}
.booleanValue();
}
.booleanValue();
}
.booleanValue();
}
.booleanValue();
}
.booleanValue();
}
}
}
}
}
if(usercredentials == null) {
usercredentials = new ArrayList();
}
while(stVal.hasMoreTokens()) {
if(index == -1) {
return;
}
if(st.hasMoreTokens()) {
}
}
if(st1.hasMoreTokens()) {
}
}
}
}
}
}
}
}
}
.booleanValue();
}
}
}
}
}
}
.booleanValue();
}
if(signedElements == null) {
signedElements = new ArrayList();
} else {
}
}
}
}
return this.type;
}
}
return this.issuer;
}
/**
* Returns the list of security mechanims that the STS service is configured.
*
* @return list of security mechanisms.
*/
public List getSecurityMechanisms() {
return this.secMech;
}
/**
* Sets the list of security mechanisms.
*
* @param authMech the list of security mechanisms.
*/
}
/**
* Checks if the response needs to be signed or not.
*
* @return true if the response needs to be signed.
*/
public boolean isResponseSignEnabled() {
return this.isResponseSign;
}
/**
* Sets the response sign enable flag.
*
* @param enable enables the response signing.
*/
public void setResponseSignEnabled(boolean enable) {
this.isResponseSign = enable;
}
/**
* Checks if the response needs to be encrypted or not.
*
* @return true if the response needs to be encrypted.
*/
public boolean isResponseEncryptEnabled() {
return this.isResponseEncrypt;
}
/**
* Sets the response encrypt enable flag.
*
* @param enable enables the response encryption.
*/
public void setResponseEncryptEnabled(boolean enable) {
this.isResponseEncrypt = enable;
}
/**
* Checks if the request needs to be signed or not.
*
* @return true if the request needs to be signed.
*/
public boolean isRequestSignEnabled() {
return this.isRequestSign;
}
/**
* Sets the request sign enable flag.
*
* @param enable enables the request signing.
*/
public void setRequestSignEnabled(boolean enable) {
this.isRequestSign = enable;
}
/**
* Checks if the request needs to be encrypted or not.
*
* @return true if the request needs to be encrypted.
*/
public boolean isRequestEncryptEnabled() {
return this.isRequestEncrypt;
}
/**
* Sets the request encrypt enable flag.
*
* @param enable enables the request encryption.
*/
public void setRequestEncryptEnabled(boolean enable) {
this.isRequestEncrypt = enable;
}
/**
* Checks if the request header needs to be encrypted or not.
*
* @return true if the request header needs to be encrypted.
*/
public boolean isRequestHeaderEncryptEnabled() {
return this.isRequestHeaderEncrypt;
}
/**
* Sets the request header encrypt enable flag.
*
* @param enable enables the request header encryption.
*/
public void setRequestHeaderEncryptEnabled(boolean enable) {
this.isRequestHeaderEncrypt = enable;
}
/**
* Returns the key type for the security provider at STS service.
*
* @return the key type of the security provider at STS service.
*/
public String getPrivateKeyType() {
return privateKeyType;
}
/**
* Sets the key type for the security provider at STS service.
*
* @param keyType the key type for the security provider at STS service.
*/
this.privateKeyType = keyType;
}
/**
* Returns the key alias for the security provider at STS service.
*
* @return the key alias of the security provider at STS service.
*/
public String getPrivateKeyAlias() {
return privateKeyAlias;
}
/**
* Sets the key alias for the security provider at STS service.
*
* @param alias the key alias for the security provider at STS service.
*/
this.privateKeyAlias = alias;
}
/**
* Returns the Public key alias for this provider's partner.
*
* @return the Public key alias of the provider's partner.
*/
public String getPublicKeyAlias() {
return publicKeyAlias;
}
/**
* Sets the Public key alias for this provider's partner.
*
* @param alias the Public key alias for this provider's partner.
*/
this.publicKeyAlias = alias;
}
/**
* Returns STS Endpoint
* @return the STS endpoint
*/
public String getSTSEndpoint() {
return stsEndpoint;
}
/**
* Returns Kerberos Domain Controller Domain
* @return Kerberos Domain Controller Domain
*/
public String getKDCDomain() {
return kerberosDomain;
}
/**
* Sets Kerberos Domain Controller Domain
* @param domain Kerberos Domain Controller Domain
*/
this.kerberosDomain = domain;
}
/**
* Returns Kerberos Domain Controller Server.
* @return Kerberos Domain Controller Server.
*/
public String getKDCServer() {
return kerberosDomainServer;
}
/**
* Sets Kerberos Domain Controller Server
* @param kdcServer Kerberos Domain Controller Server
*/
this.kerberosDomainServer = kdcServer;
}
/**
* This method is used by the web services provider to get the key tab file.
* @return the keytab file.
*/
public String getKeyTabFile() {
return kerberosKeyTabFile;
}
/**
* Sets the keytab file
* @param file the fully qualified file path
*/
this.kerberosKeyTabFile = file;
}
/**
* Returns kerberos service principal
* @return the kerberos service principal
*/
public String getKerberosServicePrincipal() {
return kerberosServicePrincipal;
}
/**
* Sets kerberos service principal.
* @param principal the kerberos service principal.
*/
this.kerberosServicePrincipal = principal;
}
/**
* Returns true if kerberos signature needs to be validated.
* The signature validation is supported only with JDK6 onwards.
* @return true if the signature validation needs to be validated.
*/
public boolean isValidateKerberosSignature() {
return isVerifyKrbSignature;
}
/**
* Sets a boolean flag to enable or disable validate kerberos signature.
* @param validate boolean flag to enable or disable validate krb signature.
*/
public void setValidateKerberosSignature(boolean validate) {
this.isVerifyKrbSignature = validate;
}
/**
* Sets the user credentials list.
* @param usercredentials list of <code>PasswordCredential</code>objects.
*/
this.usercredentials = usercredentials;
}
/**
* Returns the list of <code>PasswordCredential</code>s of the user.
*
* @return the list of <code>PasswordCredential</code> objects.
*/
return usercredentials;
}
/**
* Returns encryption algorithm
* @return the encryption algorithm
*/
public String getEncryptionAlgorithm() {
return encryptionAlgorithm;
}
/**
* Sets the encryption algorithm
* @param algorithm the encryption algorithm
*/
this.encryptionAlgorithm = algorithm;
}
/**
* Returns the encryption strength;
* @return the encryption strength;
*/
public int getEncryptionStrength() {
return encryptionStrength;
}
/**
* Sets the encryption data strength.
* @param encryptionStrength the encryption data strength.
*/
public void setEncryptionStrength(int encryptionStrength) {
this.encryptionStrength = encryptionStrength;
}
/**
* Returns signing reference type.
* @return the signing reference type.
*/
public String getSigningRefType() {
return signingRefType;
}
/**
* Set signing reference type.
* @param refType the signing reference type.
*/
this.signingRefType = refType;
}
/**
* Returns authentication chain used for authenticating sts clients.
* @return the authentication chain name.
*/
public String getAuthenticationChain() {
return authChain;
}
/**
* Sets the authentication chain name.
* @param authChain the authentication chain name.
*/
}
/**
* Returns true if the user name token replay is enabled.
* @return true if the user name token replay is enabled.
*/
public boolean isUserTokenDetectReplayEnabled() {
return detectUserTokenReplay;
}
/**
* Enable or disable the detection of user token replay
* @param enable true if the detection of user token replay is enabled.
*/
public void setDetectUserTokenReplay(boolean enable) {
this.detectUserTokenReplay = enable;
}
/**
* Returns true if the message replay detection is enabled.
* @return true if the message replay detection is enabled.
*/
public boolean isMessageReplayDetectionEnabled() {
return detectMessageReplay;
}
/**
* Enable or disable the message replay detection.
* @param enable true if the detection of the message replay is enabled.
*/
public void setMessageReplayDetection(boolean enable) {
this.detectMessageReplay = enable;
}
/**
* Returns the list of signed elements.
* @return the list of signed elements.
*/
public List getSignedElements() {
return signedElements;
}
/**
* Sets the signed elements
* @param signedElements the signed elements.
*/
this.signedElements = signedElements;
}
}