PicketLink Federation Core 2.1.6.Final-redhat-2

org.picketlink.identity.federation.core.wstrust.auth
Class STSValidatingLoginModule

java.lang.Object
  extended by org.picketlink.identity.federation.core.wstrust.auth.AbstractSTSLoginModule
      extended by org.picketlink.identity.federation.core.wstrust.auth.STSValidatingLoginModule
All Implemented Interfaces:
LoginModule

public class STSValidatingLoginModule
extends AbstractSTSLoginModule

JAAS LoginModule for JBoss STS (Security Token Service) that validates security tokens.

This LoginModule only performs validation of existing SAML Assertions and does not issue any such Assertions.

Configuration example

 <application-policy name="saml-validate-token">
   <authentication>
     <login-module code="org.picketlink.identity.federation.core.wstrust.auth.STSValidatingLoginModule" flag="required">
       <module-option name="configFile">/sts-client.properties</module-option>
     </login-module>
   </authentication>
 </application-policy>
 
 

Author:
Daniel Bevenius

Field Summary
 
Fields inherited from class org.picketlink.identity.federation.core.wstrust.auth.AbstractSTSLoginModule
callbackHandler, enableCacheInvalidation, ENDPOINT_ADDRESS, injectCallerPrincipalGroup, IS_BATCH, isBatch, logger, options, OPTIONS_CREDENTIALS, OPTIONS_PW_STACKING, PASSWORD_KEY, passwordStacking, PORT_NAME, ROLE_KEY, roleKey, samlToken, securityDomain, SERVICE_NAME, SHARED_TOKEN, sharedState, STS_CONFIG_FILE, subject, success, useFirstPass, useOptionsCredentials, USERNAME_KEY
 
Constructor Summary
STSValidatingLoginModule()
           
 
Method Summary
 Element invokeSTS(STSClient stsClient)
          This method will validate the token with the configured STS.
 
Methods inherited from class org.picketlink.identity.federation.core.wstrust.auth.AbstractSTSLoginModule
abort, commit, createBuilder, createWSTrustClient, getCallbackHandler, getConfiguration, getMappingManager, getOptions, getRequiredOption, getSharedPassword, getSharedToken, getSharedUsername, getSubject, initialize, isSuccess, isUseFirstPass, isUseOptionsConfig, isUsePasswordStacking, login, logout, populateSubject, removeAllSamlCredentials, setSamlToken, setSharedToken, setSuccess, useCredentialsFromCallback, useCredentialsFromOptions, useCredentialsFromSharedState
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

STSValidatingLoginModule

public STSValidatingLoginModule()
Method Detail

invokeSTS

public Element invokeSTS(STSClient stsClient)
                  throws WSTrustException,
                         LoginException
This method will validate the token with the configured STS.

Specified by:
invokeSTS in class AbstractSTSLoginModule
Returns:
Element The token that was validated.
Throws:
LoginException - If it was not possible to validate the token for any reason.
WSTrustException

PicketLink Federation Core 2.1.6.Final-redhat-2

Copyright © 2013 JBoss by Red Hat. All Rights Reserved.