public interface STSCoreConfig
Modifier and Type | Method and Description |
---|---|
void |
addTokenProvider(String key,
SecurityTokenProvider provider)
Allows you to add a token provider to handle a particular namespace
|
void |
copy(STSCoreConfig thatConfig) |
boolean |
encryptIssuedToken()
Indicates whether the issued token should be encrypted or not.
|
Certificate |
getCertificate(String alias)
Obtains the certificate identified by the specified alias.
|
long |
getIssuedTokenTimeout()
Obtains the timeout value (in milliseconds) for issued tokens.
|
SecurityTokenProvider |
getProviderForService(String serviceName)
Given the name of a service provider, obtains the provider that must be used when issuing tokens to clients of
that
service.
|
SecurityTokenProvider |
getProviderForTokenElementNS(String family,
QName qname)
Obtains the token provider that can handle tokens that have the specified local name and namespace.
|
SecurityTokenProvider |
getProviderForTokenType(String tokenType)
Given a token type, obtains the token provider that should be used to handle token requests of that type.
|
List<SecurityTokenProvider> |
getProvidersByFamily(String familyName)
Get a list of
SecurityTokenProvider that belong to a family |
X509Certificate |
getServiceProviderCertificate(String serviceName)
Obtains the certificate of the specified service provider.
|
PublicKey |
getServiceProviderPublicKey(String serviceName)
Obtains the public key of the specified service provider.
|
String |
getSigningCertificateAlias() |
KeyPair |
getSTSKeyPair()
Obtains a reference to the
KeyPair object that contains the STS PrivateKey and PublicKey . |
String |
getSTSName()
Obtains the unique name of the secure token service.
|
List<SecurityTokenProvider> |
getTokenProviders()
Get an unmodifiable list of token providers
|
String |
getTokenTypeForService(String serviceName)
Given the name of a service provider, obtains the type of the token that should be used when issuing tokens to
clients of
that service.
|
void |
removeTokenProvider(String key)
Remove a token provider with the passed key
|
boolean |
signIssuedToken()
Indicates whether the issued token should be digitally signed or not.
|
String getSigningCertificateAlias()
void copy(STSCoreConfig thatConfig)
String getSTSName()
Obtains the unique name of the secure token service.
String
representing the STS name.boolean encryptIssuedToken()
Indicates whether the issued token should be encrypted or not.
true
if the issued token is to be encrypted; false
otherwise.boolean signIssuedToken()
Indicates whether the issued token should be digitally signed or not.
true
if the issued token is to be signed; false
otherwise.long getIssuedTokenTimeout()
Obtains the timeout value (in milliseconds) for issued tokens.
KeyPair getSTSKeyPair()
Obtains a reference to the KeyPair
object that contains the STS PrivateKey
and PublicKey
.
KeyPair
.String getTokenTypeForService(String serviceName)
Given the name of a service provider, obtains the type of the token that should be used when issuing tokens to clients of that service.
serviceName
- the name of the service provider that requires a token from its clients.String
representing the type of the token that suits the specified service.List<SecurityTokenProvider> getProvidersByFamily(String familyName)
SecurityTokenProvider
that belong to a familyfamilyName
- SecurityTokenProvider#family()}
SecurityTokenProvider getProviderForService(String serviceName)
Given the name of a service provider, obtains the provider that must be used when issuing tokens to clients of
that
service. When requesting a token to the STS, a client can specify the service it needs the token for using the
AppliesTo
element. Based on the service provider name, the STS identifies the type of the token that is
to be
issued and then selects the appropriate token provider to handle the request.
serviceName
- the name of the service provider that requires a token from its clients.SecurityTokenProvider
that must be used in order to issue tokens to clients
of
the
specified service.SecurityTokenProvider getProviderForTokenType(String tokenType)
Given a token type, obtains the token provider that should be used to handle token requests of that type. When a
client
doesn't specify the service provider name through the AppliesTo
element, it must specify the token type
through
the TokenType
element. The STS uses the supplied type to select the appropriate token provider.
tokenType
- a String
representing the type of the token.SecurityTokenProvider
that must be used to handle token requests of the
specified
type.SecurityTokenProvider getProviderForTokenElementNS(String family, QName qname)
Obtains the token provider that can handle tokens that have the specified local name and namespace. When a
validate,
renew, or cancel request is made, the token type is not set in the WS-Trust request. In these cases the
SecurityTokenProvider
must be determined using the security token itself.
family
- a String
representing the familyqname
- a QName
representing the token element namespace. (e.g.
urn:oasis:names:tc:SAML:2.0:assertion
).SecurityTokenProvider
that must be used to handle the request that contains
only the
security token.PublicKey getServiceProviderPublicKey(String serviceName)
Obtains the public key of the specified service provider. The returned key is used to encrypt issued tokens.
serviceName
- the name of the service provider (normally the provider URL).PublicKey
X509Certificate getServiceProviderCertificate(String serviceName)
Obtains the certificate of the specified service provider. The returned certificate is used to encrypt issued tokens.
serviceName
- the name of the service provider (normally the provider URL).PublicKey
Certificate getCertificate(String alias)
Obtains the certificate identified by the specified alias.
alias
- the alias associated with the certificate in the keystore.Certificate
obtained from the keystore, or null
if no certificate was found.void addTokenProvider(String key, SecurityTokenProvider provider)
key
- provider
- List<SecurityTokenProvider> getTokenProviders()
void removeTokenProvider(String key)
key
- Copyright © 2017 JBoss by Red Hat. All rights reserved.