com.sun.xml.ws.security.IssuedTokenContext Maven / Gradle / Ivy
Show all versions of xws-security Show documentation
/*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the license at
* https://glassfish.dev.java.net/public/CDDLv1.0.html.
* See the License for the specific language governing
* permissions and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at https://glassfish.dev.java.net/public/CDDLv1.0.html.
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* you own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*
* Copyright 2006 Sun Microsystems Inc. All Rights Reserved
*/
/*
* IssuedTokenContext.java
*
* Created on October 24, 2005, 6:55 AM
*
* To change this template, choose Tools | Template Manager
* and open the template in the editor.
*/
package com.sun.xml.ws.security;
import java.security.Key;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import com.sun.xml.wss.XWSSecurityException;
import java.net.URI;
import java.security.KeyPair;
import java.util.Date;
import java.util.Map;
import javax.security.auth.Subject;
/**
* This interface is the SPI defined by WS-Security to enable WS-Trust/SecureConversation
* specific security interactions.
*
* This interface represents a Context containing information
* populated and used by the Trust and the Security Enforcement Layers
* (for example the proof-token of an Issued token needs to be used
* by the SecurityEnforcement Layer to secure the message).
*
*
*/
public interface IssuedTokenContext {
public static String CLAIMED_ATTRUBUTES = "cliamedAttributes";
public static String TARGET_SERVICE_CERTIFICATE = "tagetedServiceCertificate";
public static String STS_CERTIFICATE = "stsCertificate";
public static String STS_PRIVATE_KEY = "stsPrivateKey";
public static String WS_TRUST_VERSION = "wstVersion";
public static String CONFIRMATION_METHOD = "samlConfirmationMethod";
public static String CONFIRMATION_KEY_INFO = "samlConfirmationKeyInfo";
public static String AUTHN_CONTEXT = "authnContext";
void setTokenIssuer(String issuer);
String getTokenIssuer();
/**
* Requestor Certificate(s)
* @return the sender certificate, null otherwise
*/
X509Certificate getRequestorCertificate();
/**
* Append the Requestor Certificate that was used in an
* incoming message.
*/
void setRequestorCertificate(X509Certificate cert);
/**
* Requestor username if any
* @return the requestor username if provided
*/
String getRequestorUsername();
/**
* set requestor username
*/
void setRequestorUsername(String username);
Subject getRequestorSubject();
void setRequestorSubject(Subject subject);
void setTokenType(String tokenType);
String getTokenType();
void setKeyType(String keyType);
String getKeyType();
void setAppliesTo(String appliesTo);
String getAppliesTo();
/**
* Depending on the server policy, set the Token to be
* used in Securing requests and/or responses
*/
void setSecurityToken(Token tok);
/**
* Depending on the policy get the Token to be
* used in Securing requests and/or responses. The token returned
* is to be used only for inserting into the SecurityHeader, if the
* getAssociatedProofToken is not null, and it should also be used for
* securing the message if there is no Proof Token associated.
*/
Token getSecurityToken();
/**
* Set the Proof Token Associated with the SecurityToken
*
* when the SecurityToken is a SecurityContext token (as defined in
* WS-SecureConversation) and Derived Keys are being used then
* the Proof Token is the
*/
void setAssociatedProofToken(Token token);
/**
* get the Proof Token (if any) associated with the SecurityToken, null otherwise
*/
Token getAssociatedProofToken();
/**
* If the token returned doesnt allow use of wsu:id attribute then a STR is returned as
* which needs to be inserted into a for example.
* @return STR if set, null otherwise
*
*/
Token getAttachedSecurityTokenReference();
/**
* If the token returned doesnt allow use of wsu:id attribute then a STR is returned as
* which needs to be inserted into a for example.
* @return STR if set, null otherwise
*
*/
Token getUnAttachedSecurityTokenReference();
/**
* If the token returned doesnt allow use of wsu:id attribute then a STR is returned as
* which needs to be inserted into a for example
*
*/
void setAttachedSecurityTokenReference(Token str);
/**
* If the token returned doesnt allow use of wsu:id attribute then a STR is returned as
* which needs to be inserted into a for example
*
*/
void setUnAttachedSecurityTokenReference(Token str);
/**
* get the SecurityPolicy to be applied for the request or response
* to which this SecurityContext corresponds to
*
* This allows the Client and/or the Service (WSP/STS) to dynamically inject
* policy to be applied. For example in the case of SignChallenge when the
* Initiator (client) has to sign a specific challenge.
*
* Note: Inserting an un-solicited RSTR into a SOAP Header can also be expressed as
* a policy and the subsequent requirement to sign the RSTR will also be expressed as
* a policy
*
* TODO: There is no policy today to insert a specific element to a SOAP Header, we
* need to extend the policy definitions in XWS-Security.
*/
ArrayList