PicketLink Federation Core 2.1.6.Final-redhat-2

org.picketlink.identity.federation.core.sts
Interface STSCoreConfig

All Known Subinterfaces:
STSConfiguration
All Known Implementing Classes:
PicketLinkSTSConfiguration

public interface STSCoreConfig

Configuration for the STS Core

Since:
Dec 27, 2010
Author:
Stefan Guilhen, Anil.Saldhana@redhat.com

Method Summary
 void addTokenProvider(String key, SecurityTokenProvider provider)
          Allows you to add a token provider to handle a particular namespace
 void copy(STSCoreConfig thatConfig)
           
 boolean encryptIssuedToken()
           Indicates whether the issued token should be encrypted or not.
 Certificate getCertificate(String alias)
           Obtains the certificate identified by the specified alias.
 long getIssuedTokenTimeout()
           Obtains the timeout value (in milliseconds) for issued tokens.
 SecurityTokenProvider getProviderForService(String serviceName)
           Given the name of a service provider, obtains the provider that must be used when issuing tokens to clients of that service.
 SecurityTokenProvider getProviderForTokenElementNS(String family, QName qname)
           Obtains the token provider that can handle tokens that have the specified local name and namespace.
 SecurityTokenProvider getProviderForTokenType(String tokenType)
           Given a token type, obtains the token provider that should be used to handle token requests of that type.
 List<SecurityTokenProvider> getProvidersByFamily(String familyName)
          Get a list of SecurityTokenProvider that belong to a family
 PublicKey getServiceProviderPublicKey(String serviceName)
           Obtains the public key of the specified service provider.
 KeyPair getSTSKeyPair()
           Obtains a reference to the KeyPair object that contains the STS PrivateKey and PublicKey.
 String getSTSName()
           Obtains the unique name of the secure token service.
 List<SecurityTokenProvider> getTokenProviders()
          Get an unmodifiable list of token providers
 String getTokenTypeForService(String serviceName)
           Given the name of a service provider, obtains the type of the token that should be used when issuing tokens to clients of that service.
 void removeTokenProvider(String key)
          Remove a token provider with the passed key
 boolean signIssuedToken()
           Indicates whether the issued token should be digitally signed or not.
 

Method Detail

copy

void copy(STSCoreConfig thatConfig)

getSTSName

String getSTSName()

Obtains the unique name of the secure token service.

Returns:
a String representing the STS name.

encryptIssuedToken

boolean encryptIssuedToken()

Indicates whether the issued token should be encrypted or not.

Returns:
true if the issued token is to be encrypted; false otherwise.

signIssuedToken

boolean signIssuedToken()

Indicates whether the issued token should be digitally signed or not.

Returns:
true if the issued token is to be signed; false otherwise.

getIssuedTokenTimeout

long getIssuedTokenTimeout()

Obtains the timeout value (in milliseconds) for issued tokens.

Returns:
the token timeout value.

getSTSKeyPair

KeyPair getSTSKeyPair()

Obtains a reference to the KeyPair object that contains the STS PrivateKey and PublicKey.

Returns:
a reference to the STS KeyPair.

getTokenTypeForService

String getTokenTypeForService(String serviceName)

Given the name of a service provider, obtains the type of the token that should be used when issuing tokens to clients of that service.

Parameters:
serviceName - the name of the service provider that requires a token from its clients.
Returns:
a String representing the type of the token that suits the specified service.

getProvidersByFamily

List<SecurityTokenProvider> getProvidersByFamily(String familyName)
Get a list of SecurityTokenProvider that belong to a family

Parameters:
familyName -
Returns:
See Also:
SecurityTokenProvider#family()}

getProviderForService

SecurityTokenProvider getProviderForService(String serviceName)

Given the name of a service provider, obtains the provider that must be used when issuing tokens to clients of that service. When requesting a token to the STS, a client can specify the service it needs the token for using the AppliesTo element. Based on the service provider name, the STS identifies the type of the token that is to be issued and then selects the appropriate token provider to handle the request.

Parameters:
serviceName - the name of the service provider that requires a token from its clients.
Returns:
a reference to the SecurityTokenProvider that must be used in order to issue tokens to clients of the specified service.

getProviderForTokenType

SecurityTokenProvider getProviderForTokenType(String tokenType)

Given a token type, obtains the token provider that should be used to handle token requests of that type. When a client doesn't specify the service provider name through the AppliesTo element, it must specify the token type through the TokenType element. The STS uses the supplied type to select the appropriate token provider.

Parameters:
tokenType - a String representing the type of the token.
Returns:
a reference to the SecurityTokenProvider that must be used to handle token requests of the specified type.

getProviderForTokenElementNS

SecurityTokenProvider getProviderForTokenElementNS(String family,
                                                   QName qname)

Obtains the token provider that can handle tokens that have the specified local name and namespace. When a validate, renew, or cancel request is made, the token type is not set in the WS-Trust request. In these cases the SecurityTokenProvider must be determined using the security token itself.

Parameters:
family - a String representing the family
qname - a QName representing the token element namespace. (e.g. urn:oasis:names:tc:SAML:2.0:assertion).
Returns:
a reference to the SecurityTokenProvider that must be used to handle the request that contains only the security token.

getServiceProviderPublicKey

PublicKey getServiceProviderPublicKey(String serviceName)

Obtains the public key of the specified service provider. The returned key is used to encrypt issued tokens.

Parameters:
serviceName - the name of the service provider (normally the provider URL).
Returns:
a reference to the provider's PublicKey

getCertificate

Certificate getCertificate(String alias)

Obtains the certificate identified by the specified alias.

Parameters:
alias - the alias associated with the certificate in the keystore.
Returns:
the Certificate obtained from the keystore, or null if no certificate was found.

addTokenProvider

void addTokenProvider(String key,
                      SecurityTokenProvider provider)
Allows you to add a token provider to handle a particular namespace

Parameters:
key -
provider -

getTokenProviders

List<SecurityTokenProvider> getTokenProviders()
Get an unmodifiable list of token providers

Returns:

removeTokenProvider

void removeTokenProvider(String key)
Remove a token provider with the passed key

Parameters:
key -

PicketLink Federation Core 2.1.6.Final-redhat-2

Copyright © 2013 JBoss by Red Hat. All Rights Reserved.