com.bea.security.saml2.providers.registry
Class WebSSOSPPartnerImpl

java.lang.Object
  com.bea.security.saml2.providers.registry.WebSSOSPPartnerImpl

All Implemented Interfaces:

BindingClientPartner, MetadataPartner, Partner, SPPartner, WebSSOPartner, WebSSOSPPartner, Serializable

public class WebSSOSPPartnerImpl
extends Object
implements WebSSOSPPartner, Serializable

See Also:

Serialized Form

Field Summary

Fields inherited from interface com.bea.security.saml2.providers.registry.Partner

ASSERTION_TYPE_BEARER, ASSERTION_TYPE_HOLDER_OF_KEY, ASSERTION_TYPE_SENDER_VOUCHES

Fields inherited from interface com.bea.security.saml2.providers.registry.Partner

ASSERTION_TYPE_BEARER, ASSERTION_TYPE_HOLDER_OF_KEY, ASSERTION_TYPE_SENDER_VOUCHES

Constructor Summary

WebSSOSPPartnerImpl()

Method Summary

String	getArtifactBindingPostForm() Gets the POST form for the HTTP/Artifact binding.
IndexedEndpoint[]	getArtifactResolutionService()
IndexedEndpoint[]	getAssertionConsumerService() Get the Aseertion Consumer Service for the SP partner.
String[]	getAudienceURIs() Returns an array of <Audience> URI values for the <AudienceRestriction> condition of SAML assertions.
String	getClientPassword()
String	getClientPasswordEncrypted() Returns encrypted client binding password, if available
String	getClientUsername() Get the binding client username.
String	getContactPersonCompany()
String	getContactPersonEmailAddress()
String	getContactPersonGivenName()
String	getContactPersonSurName()
String	getContactPersonTelephoneNumber()
String	getContactPersonType()
String	getDescription() Returns the description for this partner.
String	getEntityID() Returns this partner's entity ID, which must be a URI.
String	getErrorURL() This error url is part of saml 2.0 metadata, is not actually used by any implementation in CSS.
String	getName() Returns this partner's name.
String	getOrganizationName()
String	getOrganizationURL()
String	getPostBindingPostForm() Gets the POST form for the HTTP/POST binding.
String	getServiceProviderNameMapperClassname() Returns classname of SP Provider name mapper for the conversion from SAML2 attributes to JAAS Subject principals
X509Certificate	getSSOSigningCert() Get the SSON Signing Certificate.
int	getTimeToLive() Get the Time To Live value.
int	getTimeToLiveOffset() Get the Time To Live Offset value.
X509Certificate	getTransportLayerClientCert() Get the transport level security (TLS/SSL) client certificate.
boolean	isArtifactBindingUsePOSTMethod() Gets the artifact binding use POST HTTP method flag.
boolean	isClientPasswordSet() Check whether the ClientPassword is set
boolean	isEnabled() Returns the enabled flag for this partner.
boolean	isGenerateAttributes() The flag of whether to generate <AttributeStatment> in the assertion for this partner.
boolean	isIncludeOneTimeUseCondition() Get the IncludeOneTimeUseCondition value.
boolean	isKeyinfoIncluded() Get the Keyinfo Included value.
boolean	isNameModified() Returns the nameModified flag for this partner.
boolean	isPlainPasswordChanged()
boolean	isWantArtifactRequestSigned() Gets the flag that determines if the <ArtifactRequest> documents will be signed
boolean	isWantAssertionsSigned() Indicates if this partner want assertion signed.
boolean	isWantAuthnRequestsSigned() Indicates wether the request for this SP should be signed.
void	setArtifactBindingPostForm(String postForm) Sets the POST form for the HTTP/Artifact binding.
void	setArtifactBindingUsePOSTMethod(boolean isArtifactUsePost)
void	setArtifactResolutionService(IndexedEndpoint[] artifactResolutionService)
void	setAssertionConsumerService(IndexedEndpoint[] assertionConsumerService) set the ACS service end points.
void	setAudienceURIs(String[] audienceURIs) Sets the <Audience> URI values for this partner.
void	setClientPassword(String clientPassword) Set the password that must be used by this partner when access bindings of the local site, e.g.
void	setClientPasswordEncrypted(String clientPasswordEncrypted)
void	setClientUsername(String clientUsername) Set the binding client username.
void	setContactPersonCompany(String contactPersonCompany)
void	setContactPersonEmailAddress(String contactPersonEmailAddress)
void	setContactPersonGivenName(String contactPersonGivenName)
void	setContactPersonSurName(String contactPersonSurName)
void	setContactPersonTelephoneNumber(String contactPersonTelephoneNumber)
void	setContactPersonType(String contactPersonType)
void	setDescription(String description) Set the description for this partner.
void	setEnabled(boolean enabled) Set the enabled flag for this partner.
void	setEntityID(String entityID) Set the entity ID for this partner
void	setErrorURL(String errorURL)
void	setGenerateAttributes(boolean generateAttributes) set the generate attribute flag.
void	setIncludeOneTimeUseCondition(boolean includeOneTimeUseCondition) Set the IncludeOneTimeUseCondition value.
void	setKeyinfoIncluded(boolean keyinfoIncluded) Set the Keyinfo Included value.
void	setName(String name) Set the partner's name.
void	setOrganizationName(String organizationName)
void	setOrganizationURL(String organizationURL)
void	setPostBindingPostForm(String postForm) Sets the POST form for the HTTP/POST binding.
void	setServiceProviderNameMapperClassname(String serviceProviderNameMapperClassname) Sets SP Provider name mapper classname
void	setSSOSigningCert(X509Certificate ssoSigningCert) Set the SSO Signing Certificate.
void	setTimeToLive(int timeToLive) Set the Time To Live value, as a number of seconds.
void	setTimeToLiveOffset(int timeToLiveOffset) Set the Time To Live Offset value, as a positive or negative number of seconds.
void	setTransportLayerClientCert(X509Certificate transportLayerClientCert) Set the transport layer security (TLS/SSL) client certificate.
void	setWantArtifactRequestSigned(boolean wantSigned) Sets the flag that determines if the <ArtifactRequest> documents will be signed
void	setWantAssertionsSigned(boolean wantAssertionsSigned) set the want assertion signed flag.
void	setWantAuthnRequestsSigned(boolean wantAuthnRequestsSigned)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

WebSSOSPPartnerImpl

public WebSSOSPPartnerImpl()

Method Detail

getArtifactResolutionService

public IndexedEndpoint[] getArtifactResolutionService()

Specified by:

getArtifactResolutionService in interface WebSSOPartner

setArtifactResolutionService

public void setArtifactResolutionService(IndexedEndpoint[] artifactResolutionService)

Specified by:

setArtifactResolutionService in interface WebSSOPartner

getAssertionConsumerService

public IndexedEndpoint[] getAssertionConsumerService()

Description copied from interface: WebSSOSPPartner

Get the Aseertion Consumer Service for the SP partner.

Specified by:

getAssertionConsumerService in interface WebSSOSPPartner

Returns:

the Indexed Endpoint for the ACS service.

setAssertionConsumerService

public void setAssertionConsumerService(IndexedEndpoint[] assertionConsumerService)

Description copied from interface: WebSSOSPPartner

set the ACS service end points.

Specified by:

setAssertionConsumerService in interface WebSSOSPPartner

getAudienceURIs

public String[] getAudienceURIs()

Description copied from interface: Partner

Returns an array of <Audience> URI values for the <AudienceRestriction> condition of SAML assertions. In General cases, for IdP partners, this configuration specifies a list of audiences of the local site, one of which must be in each assertion from the IdP. For SP partners, this configuration specifies the audience list to include in generated assertions.

Note that for Web SSO cases, this value is not honored. The only Audience URI for Web SSO is the IdP's Entity ID.

Specified by:

getAudienceURIs in interface Partner

Returns:

<Audience> URI values

See Also:

MetadataPartner.getEntityID()

setAudienceURIs

public void setAudienceURIs(String[] audienceURIs)

Description copied from interface: Partner

Sets the <Audience> URI values for this partner.

Specified by:

setAudienceURIs in interface Partner

Parameters:

audienceURIs - <Audience> URI values

See Also:

Partner.getAudienceURIs()

getSSOSigningCert

public X509Certificate getSSOSigningCert()

Description copied from interface: WebSSOPartner

Get the SSON Signing Certificate. The certificate is used to verify signatures on all signed documents for the Web SSO profile.

Specified by:

getSSOSigningCert in interface WebSSOPartner

Returns:

The SSO Signing Certificate.

setSSOSigningCert

public void setSSOSigningCert(X509Certificate ssoSigningCert)

Description copied from interface: WebSSOPartner

Set the SSO Signing Certificate.

Specified by:

setSSOSigningCert in interface WebSSOPartner

Parameters:

ssoSigningCert - The SSO Signing Certificate to set.

See Also:

WebSSOPartner.getSSOSigningCert()

getClientPassword

public String getClientPassword()

setClientPassword

public void setClientPassword(String clientPassword)

Description copied from interface: BindingClientPartner

Set the password that must be used by this partner when access bindings of the local site, e.g. SOAP/HTTS binding

Specified by:

setClientPassword in interface BindingClientPartner

Parameters:

clientPassword - The client binding password to set.

getClientUsername

public String getClientUsername()

Description copied from interface: BindingClientPartner

Get the binding client username. This is the username that must be used by this partner when connecting to bindings of the local site, e.g. SOAP/HTTPS binding.

Specified by:

getClientUsername in interface BindingClientPartner

Returns:

The binding client username.

setClientUsername

public void setClientUsername(String clientUsername)

Description copied from interface: BindingClientPartner

Set the binding client username.

Specified by:

setClientUsername in interface BindingClientPartner

Parameters:

clientUsername - The binding client username

See Also:

BindingClientPartner.getClientUsername()

getContactPersonCompany

public String getContactPersonCompany()

Specified by:

getContactPersonCompany in interface MetadataPartner

setContactPersonCompany

public void setContactPersonCompany(String contactPersonCompany)

Specified by:

setContactPersonCompany in interface MetadataPartner

getContactPersonEmailAddress

public String getContactPersonEmailAddress()

Specified by:

getContactPersonEmailAddress in interface MetadataPartner

setContactPersonEmailAddress

public void setContactPersonEmailAddress(String contactPersonEmailAddress)

Specified by:

setContactPersonEmailAddress in interface MetadataPartner

getContactPersonGivenName

public String getContactPersonGivenName()

Specified by:

getContactPersonGivenName in interface MetadataPartner

setContactPersonGivenName

public void setContactPersonGivenName(String contactPersonGivenName)

Specified by:

setContactPersonGivenName in interface MetadataPartner

getContactPersonSurName

public String getContactPersonSurName()

Specified by:

getContactPersonSurName in interface MetadataPartner

setContactPersonSurName

public void setContactPersonSurName(String contactPersonSurName)

Specified by:

setContactPersonSurName in interface MetadataPartner

getContactPersonTelephoneNumber

public String getContactPersonTelephoneNumber()

Specified by:

getContactPersonTelephoneNumber in interface MetadataPartner

setContactPersonTelephoneNumber

public void setContactPersonTelephoneNumber(String contactPersonTelephoneNumber)

Specified by:

setContactPersonTelephoneNumber in interface MetadataPartner

getContactPersonType

public String getContactPersonType()

Specified by:

getContactPersonType in interface MetadataPartner

setContactPersonType

public void setContactPersonType(String contactPersonType)

Specified by:

setContactPersonType in interface MetadataPartner

getDescription

public String getDescription()

Description copied from interface: Partner

Returns the description for this partner.

Specified by:

getDescription in interface Partner

Returns:

description.

setDescription

public void setDescription(String description)

Description copied from interface: Partner

Set the description for this partner.

Specified by:

setDescription in interface Partner

Parameters:

description - The description value to set.

isEnabled

public boolean isEnabled()

Description copied from interface: Partner

Returns the enabled flag for this partner. This value indicates whether or not the partner is enabled.

Specified by:

isEnabled in interface Partner

Returns:

enabled flag.

setEnabled

public void setEnabled(boolean enabled)

Description copied from interface: Partner

Set the enabled flag for this partner.

Specified by:

setEnabled in interface Partner

Parameters:

enabled - The enabled flag to set.

getEntityID

public String getEntityID()

Description copied from interface: MetadataPartner

Returns this partner's entity ID, which must be a URI. This value is the expected <Issuer> value for documents from this partner and the default value for <Audience> for documents sent to this partner.

Specified by:

getEntityID in interface MetadataPartner

Returns:

entity ID

setEntityID

public void setEntityID(String entityID)

Description copied from interface: MetadataPartner

Set the entity ID for this partner

Specified by:

setEntityID in interface MetadataPartner

Parameters:

entityID - Partner entity ID

getErrorURL

public String getErrorURL()

Description copied from interface: MetadataPartner

This error url is part of saml 2.0 metadata, is not actually used by any implementation in CSS.

Specified by:

getErrorURL in interface MetadataPartner

Returns:

error url.

setErrorURL

public void setErrorURL(String errorURL)

Specified by:

setErrorURL in interface MetadataPartner

isWantAssertionsSigned

public boolean isWantAssertionsSigned()

Description copied from interface: SPPartner

Indicates if this partner want assertion signed. if true, the assertion for this partner will be signed.

Specified by:

isWantAssertionsSigned in interface SPPartner

Returns:

the want assertion signed flag.

setWantAssertionsSigned

public void setWantAssertionsSigned(boolean wantAssertionsSigned)

Description copied from interface: SPPartner

set the want assertion signed flag.

Specified by:

setWantAssertionsSigned in interface SPPartner

See Also:

SPPartner.isWantAssertionsSigned()

isGenerateAttributes

public boolean isGenerateAttributes()

Description copied from interface: SPPartner

The flag of whether to generate <AttributeStatment> in the assertion for this partner. if set, the default implementation will generate group infrormation as an Attributestatement in the assertion if there is any.

Specified by:

isGenerateAttributes in interface SPPartner

Returns:

the generated attribute flag.

setGenerateAttributes

public void setGenerateAttributes(boolean generateAttributes)

Description copied from interface: SPPartner

set the generate attribute flag.

Specified by:

setGenerateAttributes in interface SPPartner

See Also:

SPPartner.isGenerateAttributes()

isIncludeOneTimeUseCondition

public boolean isIncludeOneTimeUseCondition()

Description copied from interface: SPPartner

Get the IncludeOneTimeUseCondition value. This is a boolean value that indicates whether a OneTimeUse condition should be included in this partner's assertions.

Specified by:

isIncludeOneTimeUseCondition in interface SPPartner

Returns:

the include one-time-use condition flag

setIncludeOneTimeUseCondition

public void setIncludeOneTimeUseCondition(boolean includeOneTimeUseCondition)

Description copied from interface: SPPartner

Set the IncludeOneTimeUseCondition value. If true, a OneTimeUse condition will be added to this partner's assertions.

Specified by:

setIncludeOneTimeUseCondition in interface SPPartner

Parameters:

includeOneTimeUseCondition - inlcude OneTimeUse Condition flag

isKeyinfoIncluded

public boolean isKeyinfoIncluded()

Description copied from interface: SPPartner

Get the Keyinfo Included value. If true, assertion signatures will include the signing certificate as a keyinfo element in the signature.

Specified by:

isKeyinfoIncluded in interface SPPartner

Returns:

The Keyinfo Included value.

setKeyinfoIncluded

public void setKeyinfoIncluded(boolean keyinfoIncluded)

Description copied from interface: SPPartner

Set the Keyinfo Included value. If set to true, signed assertions will include the signing certificate as a keyinfo element in the signature.

Specified by:

setKeyinfoIncluded in interface SPPartner

Parameters:

keyinfoIncluded - The Keyinfo Included value to set.

getOrganizationName

public String getOrganizationName()

Specified by:

getOrganizationName in interface MetadataPartner

setOrganizationName

public void setOrganizationName(String organizationName)

Specified by:

setOrganizationName in interface MetadataPartner

getOrganizationURL

public String getOrganizationURL()

Specified by:

getOrganizationURL in interface MetadataPartner

setOrganizationURL

public void setOrganizationURL(String organizationURL)

Specified by:

setOrganizationURL in interface MetadataPartner

getServiceProviderNameMapperClassname

public String getServiceProviderNameMapperClassname()

Description copied from interface: SPPartner

Returns classname of SP Provider name mapper for the conversion from SAML2 attributes to JAAS Subject principals

Specified by:

getServiceProviderNameMapperClassname in interface SPPartner

Returns:

SP Provider name mapper classname

setServiceProviderNameMapperClassname

public void setServiceProviderNameMapperClassname(String serviceProviderNameMapperClassname)

Description copied from interface: SPPartner

Sets SP Provider name mapper classname

Specified by:

setServiceProviderNameMapperClassname in interface SPPartner

Parameters:

serviceProviderNameMapperClassname - Name mapper classname

See Also:

SPPartner.getServiceProviderNameMapperClassname()

getTimeToLive

public int getTimeToLive()

Description copied from interface: SPPartner

Get the Time To Live value. This is the validity period for the partner's assertions -- the number of seconds between the NotBefore and NotOnOrAfter times.

Specified by:

getTimeToLive in interface SPPartner

Returns:

The Time To Live value.

setTimeToLive

public void setTimeToLive(int timeToLive)

Description copied from interface: SPPartner

Set the Time To Live value, as a number of seconds. If non-zero, overrides the SAML Credential Mapper's default Time To Live setting.

Specified by:

setTimeToLive in interface SPPartner

Parameters:

timeToLive - The Time To Live value, in seconds.

getTimeToLiveOffset

public int getTimeToLiveOffset()

Description copied from interface: SPPartner

Get the Time To Live Offset value. When generating an assertion, this value -- a positive or negative number of seconds -- is added the current time to arrive at the assertions NotBefore time.

Specified by:

getTimeToLiveOffset in interface SPPartner

Returns:

The Time To Live Offset.

setTimeToLiveOffset

public void setTimeToLiveOffset(int timeToLiveOffset)

Description copied from interface: SPPartner

Set the Time To Live Offset value, as a positive or negative number of seconds. If non-zero, overrides the SAML Credential Mapper's default Time To Live Offset value.

Specified by:

setTimeToLiveOffset in interface SPPartner

Parameters:

timeToLiveOffset - The Time To Live Offset value to set.

getTransportLayerClientCert

public X509Certificate getTransportLayerClientCert()

Description copied from interface: BindingClientPartner

Get the transport level security (TLS/SSL) client certificate. This is the certificate that must be used by this partner when connecting to bindings of the local site, e.g. SOAP/HTTPS binding, using SSL/TLS.

Specified by:

getTransportLayerClientCert in interface BindingClientPartner

Returns:

The transport level security (SSL/TLS) client certificate.

setTransportLayerClientCert

public void setTransportLayerClientCert(X509Certificate transportLayerClientCert)

Description copied from interface: BindingClientPartner

Set the transport layer security (TLS/SSL) client certificate.

Specified by:

setTransportLayerClientCert in interface BindingClientPartner

Parameters:

transportLayerClientCert - The client certificate

See Also:

BindingClientPartner.getTransportLayerClientCert()

isWantAuthnRequestsSigned

public boolean isWantAuthnRequestsSigned()

Description copied from interface: WebSSOSPPartner

Indicates wether the request for this SP should be signed. Note there is another method with the same name in WebSSOIdpPartner, but have different meaning. Maybe this one should be renamed.

Specified by:

isWantAuthnRequestsSigned in interface WebSSOSPPartner

Returns:

true then the authn request must be signed.

setWantAuthnRequestsSigned

public void setWantAuthnRequestsSigned(boolean wantAuthnRequestsSigned)

Specified by:

setWantAuthnRequestsSigned in interface WebSSOSPPartner

isNameModified

public boolean isNameModified()

Description copied from interface: Partner

Returns the nameModified flag for this partner. This value indicates whether or not the partner name is modified.

Specified by:

isNameModified in interface Partner

Returns:

nameModified flag.

setName

public void setName(String name)

Description copied from interface: Partner

Set the partner's name. Name is required for a partner.

Specified by:

setName in interface Partner

getName

public String getName()

Description copied from interface: Partner

Returns this partner's name.

Specified by:

getName in interface Partner

Returns:

partner name

getClientPasswordEncrypted

public String getClientPasswordEncrypted()

Description copied from interface: BindingClientPartner

Returns encrypted client binding password, if available

Specified by:

getClientPasswordEncrypted in interface BindingClientPartner

Returns:

the encrypted ClientPassword if the ClientPassword is set and the encrypted value is available

isClientPasswordSet

public boolean isClientPasswordSet()

Description copied from interface: BindingClientPartner

Check whether the ClientPassword is set

Specified by:

isClientPasswordSet in interface BindingClientPartner

Returns:

true if ClientPassword attribute is set (not 'null' and not empty string)

See Also:

BindingClientPartner.setClientPassword(String)

getArtifactBindingPostForm

public String getArtifactBindingPostForm()

Description copied from interface: WebSSOPartner

Gets the POST form for the HTTP/Artifact binding. This form, if present, is used in place of the default POST form when POSTing to a partner HTTP/Artifact binding

Specified by:

getArtifactBindingPostForm in interface WebSSOPartner

Returns:

The POST form.

setArtifactBindingPostForm

public void setArtifactBindingPostForm(String postForm)

Description copied from interface: WebSSOPartner

Sets the POST form for the HTTP/Artifact binding. Parameter is a URI indicating the location, with full application context, of the form that should be used.

Specified by:

setArtifactBindingPostForm in interface WebSSOPartner

Parameters:

postForm - The URI of the POST form to set.

getPostBindingPostForm

public String getPostBindingPostForm()

Description copied from interface: WebSSOPartner

Gets the POST form for the HTTP/POST binding. This form, if present, is used in place of the default POST form when POSTing to a partner HTTP/POST binding

Specified by:

getPostBindingPostForm in interface WebSSOPartner

Returns:

The POST form.

setPostBindingPostForm

public void setPostBindingPostForm(String postForm)

Description copied from interface: WebSSOPartner

Sets the POST form for the HTTP/POST binding. Parameter is a URI indicating the location, with full application context, of the form that should be used.

Specified by:

setPostBindingPostForm in interface WebSSOPartner

Parameters:

postForm - The URI of the POST form to set.

isWantArtifactRequestSigned

public boolean isWantArtifactRequestSigned()

Description copied from interface: WebSSOPartner

Gets the flag that determines if the <ArtifactRequest> documents will be signed

Specified by:

isWantArtifactRequestSigned in interface WebSSOPartner

Returns:

Want <ArtifactRequest> documents signed flag

setWantArtifactRequestSigned

public void setWantArtifactRequestSigned(boolean wantSigned)

Description copied from interface: WebSSOPartner

Sets the flag that determines if the <ArtifactRequest> documents will be signed

Specified by:

setWantArtifactRequestSigned in interface WebSSOPartner

Parameters:

wantSigned - want signed flag

isArtifactBindingUsePOSTMethod

public boolean isArtifactBindingUsePOSTMethod()

Description copied from interface: WebSSOPartner

Gets the artifact binding use POST HTTP method flag. If true, use POST when sending an artifact to partner artifact bindings; else, if false, use the GET method.

Specified by:

isArtifactBindingUsePOSTMethod in interface WebSSOPartner

Returns:

use POST HTTP method flag

setArtifactBindingUsePOSTMethod

public void setArtifactBindingUsePOSTMethod(boolean isArtifactUsePost)

Specified by:

setArtifactBindingUsePOSTMethod in interface WebSSOPartner

setClientPasswordEncrypted

public void setClientPasswordEncrypted(String clientPasswordEncrypted)

isPlainPasswordChanged

public boolean isPlainPasswordChanged()