Package org.apache.cxf.ws.security.trust

Class AbstractSTSClient

java.lang.Object
org.apache.cxf.ws.security.trust.AbstractSTSClient
All Implemented Interfaces:
Configurable, InterceptorProvider
Direct Known Subclasses:
STSClient
public abstract class AbstractSTSClient extends Object implements Configurable, InterceptorProvider
An abstract class with some functionality to invoke on a SecurityTokenService (STS) via the WS-Trust protocol.

  • Field Details

    • bus

      protected Bus bus

    • name

      protected String name

    • client

      protected Client client

    • location

      protected String location

    • wsdlLocation

      protected String wsdlLocation

    • serviceName

      protected QName serviceName

    • endpointName

      protected QName endpointName

    • policy

      protected org.apache.neethi.Policy policy

    • soapVersion

      protected String soapVersion

    • keySize

      protected int keySize

    • requiresEntropy

      protected boolean requiresEntropy

    • template

      protected Element template

    • customContent

      protected Object customContent

    • claims

      protected Object claims

    • claimsCallbackHandler

      protected CallbackHandler claimsCallbackHandler

    • algorithmSuite

      protected org.apache.wss4j.policy.model.AlgorithmSuite algorithmSuite

    • namespace

      protected String namespace

    • addressingNamespace

      protected String addressingNamespace

    • wspNamespace

      protected String wspNamespace

    • onBehalfOf

      protected Object onBehalfOf

    • enableAppliesTo

      protected boolean enableAppliesTo

    • useCertificateForConfirmationKeyInfo

      protected boolean useCertificateForConfirmationKeyInfo

    • isSecureConv

      protected boolean isSecureConv

    • isSpnego

      protected boolean isSpnego

    • enableLifetime

      protected boolean enableLifetime

    • ttl

      protected int ttl

    • sendRenewing

      protected boolean sendRenewing

    • allowRenewing

      protected boolean allowRenewing

    • allowRenewingAfterExpiry

      protected boolean allowRenewingAfterExpiry

    • actAs

      protected Object actAs

    • tokenType

      protected String tokenType

    • keyType

      protected String keyType

    • sendKeyType

      protected boolean sendKeyType

    • message

      protected Message message

    • context

      protected String context

    • useKeyCertificate

      protected X509Certificate useKeyCertificate

    • ctx

      protected Map<String,Object> ctx

    • in

      protected List<Interceptor<? extends Message>> in

    • out

      protected List<Interceptor<? extends Message>> out

    • outFault

      protected List<Interceptor<? extends Message>> outFault

    • inFault

      protected List<Interceptor<? extends Message>> inFault

    • features

      protected List<Feature> features

    • tlsClientParameters

      protected TLSClientParameters tlsClientParameters

  • Constructor Details

    • AbstractSTSClient

      public AbstractSTSClient(Bus b)

  • Method Details

    • getBeanName

      public String getBeanName()
      Description copied from interface: Configurable
      Get the configurable object's Bean name
      Specified by:
      getBeanName in interface Configurable
      Returns:
      the bean name

    • setBeanName

      public void setBeanName(String s)

    • getLocation

      public String getLocation()

    • setLocation

      public void setLocation(String location)

    • setMessage

      public void setMessage(Message message)

    • setTtl

      public void setTtl(int ttl)

    • setEnableLifetime

      public void setEnableLifetime(boolean enableLifetime)

    • setSendRenewing

      public void setSendRenewing(boolean sendRenewing)

    • setTlsClientParameters

      public void setTlsClientParameters(TLSClientParameters tlsClientParameters)

    • setPolicy

      public void setPolicy(Object newPolicy)
      Sets the WS-P policy that is applied to communications between this client and the remote server if no value is supplied for setWsdlLocation(String).

      Accepts Policy or Element as input.

      Parameters:
      newPolicy - the policy object
      Throws:
      IllegalArgumentException - if newPolicy is not one of the supported types.

    • setSoap12

      public void setSoap12()

    • setSoap11

      public void setSoap11()

    • setSoap11

      public void setSoap11(boolean b)

    • setAddressingNamespace

      public void setAddressingNamespace(String ad)

    • setTrust

      public void setTrust(org.apache.wss4j.policy.model.Trust10 trust)

    • isRequiresEntropy

      public boolean isRequiresEntropy()

    • setRequiresEntropy

      public void setRequiresEntropy(boolean requiresEntropy)

    • isSecureConv

      public boolean isSecureConv()

    • setSecureConv

      public void setSecureConv(boolean secureConv)

    • isSpnego

      public boolean isSpnego()

    • setSpnego

      public void setSpnego(boolean spnego)

    • isAllowRenewing

      public boolean isAllowRenewing()

    • setAllowRenewing

      public void setAllowRenewing(boolean allowRenewing)

    • isAllowRenewingAfterExpiry

      public boolean isAllowRenewingAfterExpiry()

    • setAllowRenewingAfterExpiry

      public void setAllowRenewingAfterExpiry(boolean allowRenewingAfterExpiry)

    • isEnableAppliesTo

      public boolean isEnableAppliesTo()

    • setEnableAppliesTo

      public void setEnableAppliesTo(boolean enableAppliesTo)

    • getContext

      public String getContext()

    • setContext

      public void setContext(String context)

    • setAlgorithmSuite

      public void setAlgorithmSuite(org.apache.wss4j.policy.model.AlgorithmSuite ag)

    • getRequestContext

      public Map<String,Object> getRequestContext()

    • setProperties

      public void setProperties(Map<String,Object> p)

    • getProperties

      public Map<String,Object> getProperties()

    • setWsdlLocation

      public void setWsdlLocation(String wsdl)

    • getWsdlLocation

      public String getWsdlLocation()

    • setServiceName

      public void setServiceName(String qn)

    • setEndpointName

      public void setEndpointName(String qn)

    • setServiceQName

      public void setServiceQName(QName qn)

    • getServiceQName

      public QName getServiceQName()

    • setEndpointQName

      public void setEndpointQName(QName qn)

    • getEndpointQName

      public QName getEndpointQName()

    • setActAs

      public void setActAs(Object actAs)

    • setCustomContent

      public void setCustomContent(Object customContent)

    • setKeySize

      public void setKeySize(int i)

    • getKeySize

      public int getKeySize()

    • setTokenType

      public void setTokenType(String tokenType)

    • getTokenType

      public String getTokenType()

    • setSendKeyType

      public void setSendKeyType(boolean sendKeyType)

    • setKeyType

      public void setKeyType(String keyType)

    • setOnBehalfOf

      public void setOnBehalfOf(Object onBehalfOf)

    • setUseCertificateForConfirmationKeyInfo

      public void setUseCertificateForConfirmationKeyInfo(boolean useCertificate)
      Indicate whether to use the signer's public X509 certificate for the subject confirmation key info when creating a RequestsSecurityToken message. If the property is set to 'false', only the public key value will be provided in the request. If the property is set to 'true' the complete certificate will be sent in the request. Note: this setting is only applicable for assertions that use an asymmetric proof key

    • isUseCertificateForConfirmationKeyInfo

      public boolean isUseCertificateForConfirmationKeyInfo()

    • setPolicyInternal

      protected void setPolicyInternal(org.apache.neethi.Policy newPolicy)

    • setPolicyInternal

      protected void setPolicyInternal(Element newPolicy)

    • setPolicyInternal

      protected void setPolicyInternal(String policyReference)

    • getClient

      public Client getClient() throws BusException, EndpointException
      Throws:
      BusException
      EndpointException

    • configureViaEPR

      public void configureViaEPR(org.apache.cxf.ws.addressing.EndpointReferenceType ref, boolean useEPRWSAAddrAsMEXLocation)

    • findMEXLocation

      protected String findMEXLocation(org.apache.cxf.ws.addressing.EndpointReferenceType ref, boolean useEPRWSAAddrAsMEXLocation)

    • findMEXLocation

      protected String findMEXLocation(Element ref)

    • createClient

      protected void createClient() throws BusException, EndpointException
      Throws:
      BusException
      EndpointException

    • findOperation

      protected BindingOperationInfo findOperation(String suffix)

    • issue

      protected AbstractSTSClient.STSResponse issue(String appliesTo, String action, String requestType, String binaryExchange) throws Exception
      Make an "Issue" invocation and return the response as a STSResponse Object
      Throws:
      Exception

    • getOnBehalfOfToken

      public Element getOnBehalfOfToken() throws Exception
      Get the "OnBehalfOf" element to be sent to the STS.
      Throws:
      Exception

    • getActAsToken

      public Element getActAsToken() throws Exception
      Get the "ActAs" element to be sent to the STS.
      Throws:
      Exception

    • getCustomContent

      public Element getCustomContent() throws Exception
      Get some custom Element to be inserted into the RequestSecurityToken
      Throws:
      Exception

    • getDelegationSecurityToken

      protected Element getDelegationSecurityToken(Object delegationObject) throws Exception
      Throws:
      Exception

    • writeElementsForRSTSymmetricKey

      protected byte[] writeElementsForRSTSymmetricKey(W3CDOMStreamWriter writer, boolean wroteKeySize) throws Exception
      Throws:
      Exception

    • writeElementsForRSTPublicKey

      protected void writeElementsForRSTPublicKey(W3CDOMStreamWriter writer, X509Certificate cert) throws Exception
      Throws:
      Exception

    • addBinaryExchange

      protected void addBinaryExchange(String binaryExchange, W3CDOMStreamWriter writer) throws XMLStreamException
      Throws:
      XMLStreamException

    • addKeySize

      protected void addKeySize(int keysize, W3CDOMStreamWriter writer) throws XMLStreamException
      Throws:
      XMLStreamException

    • addRequestType

      protected void addRequestType(String requestType, W3CDOMStreamWriter writer) throws XMLStreamException
      Throws:
      XMLStreamException

    • getDocumentElement

      protected Element getDocumentElement(DOMSource ds)

    • renew

      public AbstractSTSClient.STSResponse renew(SecurityToken tok) throws Exception
      Make an "Renew" invocation and return the response as a STSResponse Object
      Throws:
      Exception

    • getAddressingAssertion

      protected PrimitiveAssertion getAddressingAssertion()

    • validate

      protected AbstractSTSClient.STSResponse validate(SecurityToken tok, String tokentype) throws Exception
      Make an "Validate" invocation and return the response as a STSResponse Object
      Throws:
      Exception

    • cancel

      protected AbstractSTSClient.STSResponse cancel(SecurityToken token) throws Exception
      Make an "Cancel" invocation and return the response as a STSResponse Object
      Throws:
      Exception

    • useSecondaryParameters

      protected boolean useSecondaryParameters()

    • writeKeyType

      protected String writeKeyType(W3CDOMStreamWriter writer, String keyTypeToWrite) throws XMLStreamException
      Throws:
      XMLStreamException

    • getCert

      protected X509Certificate getCert(org.apache.wss4j.common.crypto.Crypto crypto) throws Exception
      Throws:
      Exception

    • addLifetime

      protected void addLifetime(XMLStreamWriter writer) throws XMLStreamException
      Throws:
      XMLStreamException

    • addAppliesTo

      protected void addAppliesTo(XMLStreamWriter writer, String appliesTo) throws XMLStreamException
      Throws:
      XMLStreamException

    • addTokenType

      protected void addTokenType(XMLStreamWriter writer) throws XMLStreamException
      Throws:
      XMLStreamException

    • addClaims

      protected void addClaims(XMLStreamWriter writer) throws Exception
      Throws:
      Exception

    • createSecurityToken

      protected SecurityToken createSecurityToken(Element el, byte[] requestorEntropy) throws org.apache.wss4j.common.ext.WSSecurityException, org.apache.xml.security.exceptions.Base64DecodingException
      Throws:
      org.apache.wss4j.common.ext.WSSecurityException
      org.apache.xml.security.exceptions.Base64DecodingException

    • decryptKey

      protected byte[] decryptKey(Element child) throws TrustException, org.apache.wss4j.common.ext.WSSecurityException, org.apache.xml.security.exceptions.Base64DecodingException
      Throws:
      TrustException
      org.apache.wss4j.common.ext.WSSecurityException
      org.apache.xml.security.exceptions.Base64DecodingException

    • createHandler

      protected CallbackHandler createHandler()

    • getProperty

      protected Object getProperty(String s)

    • createCrypto

      protected org.apache.wss4j.common.crypto.Crypto createCrypto(boolean decrypt) throws IOException, org.apache.wss4j.common.ext.WSSecurityException
      Throws:
      IOException
      org.apache.wss4j.common.ext.WSSecurityException

    • findID

      protected String findID(Element rar, Element rur, Element rst)

    • getIDFromSTR

      protected String getIDFromSTR(Element el)

    • setTemplate

      public void setTemplate(Element rstTemplate)

    • setClaims

      public void setClaims(Object rstClaims)
      Set a Claims Object to be included in the request. This Object can be either a DOM Element, which will be copied "as is" into the request, or else a org.apache.cxf.rt.security.claims.ClaimCollection Object.

    • getOutFaultInterceptors

      public List<Interceptor<? extends Message>> getOutFaultInterceptors()
      Description copied from interface: InterceptorProvider
      Returns the list of interceptors attached to the outgoing fault interceptor chain of the object.
      Specified by:
      getOutFaultInterceptors in interface InterceptorProvider
      Returns:
      List outgoing fault interceptor chain

    • getInFaultInterceptors

      public List<Interceptor<? extends Message>> getInFaultInterceptors()
      Description copied from interface: InterceptorProvider
      Returns the list of interceptors attached to the incoming fault interceptor chain of the object.
      Specified by:
      getInFaultInterceptors in interface InterceptorProvider
      Returns:
      List incoming fault interceptor chain

    • getInInterceptors

      public List<Interceptor<? extends Message>> getInInterceptors()
      Description copied from interface: InterceptorProvider
      Returns the list of interceptors attached to the incoming interceptor chain of the object.
      Specified by:
      getInInterceptors in interface InterceptorProvider
      Returns:
      List incoming interceptor chain

    • getOutInterceptors

      public List<Interceptor<? extends Message>> getOutInterceptors()
      Description copied from interface: InterceptorProvider
      Returns the list of interceptors attached to the outgoing interceptor chain of the object.
      Specified by:
      getOutInterceptors in interface InterceptorProvider
      Returns:
      List outgoing interceptor chain

    • setInInterceptors

      public void setInInterceptors(List<Interceptor<? extends Message>> interceptors)

    • setInFaultInterceptors

      public void setInFaultInterceptors(List<Interceptor<? extends Message>> interceptors)

    • setOutInterceptors

      public void setOutInterceptors(List<Interceptor<? extends Message>> interceptors)

    • setOutFaultInterceptors

      public void setOutFaultInterceptors(List<Interceptor<? extends Message>> interceptors)

    • setFeatures

      public void setFeatures(List<? extends Feature> f)

    • getFeatures

      public List<Feature> getFeatures()

    • getClaimsCallbackHandler

      public CallbackHandler getClaimsCallbackHandler()

    • setClaimsCallbackHandler

      public void setClaimsCallbackHandler(CallbackHandler claimsCallbackHandler)

    • getWspNamespace

      public String getWspNamespace()

    • setWspNamespace

      public void setWspNamespace(String wspNamespace)

    • getUseKeyCertificate

      public X509Certificate getUseKeyCertificate()

    • setUseKeyCertificate

      public void setUseKeyCertificate(X509Certificate useKeyCertificate)

    • setNamespace

      public void setNamespace(String namespace)