com.sun.identity.wss.provider
Class TrustAuthorityConfig

java.lang.Object
  extended by com.sun.identity.wss.provider.TrustAuthorityConfig
Direct Known Subclasses:
DiscoveryConfig, STSConfig

public abstract class TrustAuthorityConfig
extends Object

This abstract class TrustAuthorityConfig represents the configuration of a Trusted Authority entity.

The Trusted Authority configuration is used to register the provider configuration information at a Trusted Authority.

This class can be extended to define the trust authority config such as Discovery client configuration, WS-Trust protocol based client (STS client) configuration.

Pluggable implementation of this abstract class can choose to store this configuration in desired configuration store. This pluggable implementation class can be configured in client's AMConfig.properties as value of "com.sun.identity.wss.discovery.config.plugin" property for Discovery client configuration and "com.sun.identity.wss.sts.config.plugin" property for STS client configuration. Having obtained an instance of TrustAuthorityConfig, its methods can be called to create, delete, modify, retrieve WSS agent profile and configuration for Discovery client or STS client attributes (key /value pairs).

All the static methods in this class are for the persistent operations.


Field Summary
protected static SSOToken customAdminToken
           
static String DISCOVERY_TRUST_AUTHORITY
          Trusted Authority client configuration type.
protected  String encryptionAlgorithm
           
protected  int encryptionStrength
           
protected  String endpoint
           
protected  boolean isRequestEncrypted
           
protected  boolean isRequestHeaderEncrypted
           
protected  boolean isRequestSigned
           
protected  boolean isResponseEncrypted
           
protected  boolean isResponseSigned
           
protected  String name
           
protected  String privateKeyAlias
           
protected  String publicKeyAlias
           
protected  List secMech
           
protected  String signingRefType
           
static String STS_TRUST_AUTHORITY
           
protected  String type
           
protected  List usercredentials
           
static String WSS_DISCOVERY_CONFIG_PLUGIN
          Property string for the web services discovery client configuration plugin.
static String WSS_STS_CONFIG_PLUGIN
          Property string for the web services STS client configuration plugin.
 
Constructor Summary
TrustAuthorityConfig()
           
 
Method Summary
protected abstract  void delete()
          Deletes the trust authrority configuration.
static void deleteConfig(String name, String type)
          Deletes the trust authority configuration.
static TrustAuthorityConfig getConfig(String name, String type)
          Returns the trust authority configuration object.
 String getEncryptionAlgorithm()
          Returns the encryption algorithm.
 int getEncryptionStrength()
          Returns the encryption data strength.
 String getEndpoint()
          Returns the trust authority end point.
 String getKeyAlias()
          Returns the key alias for this trust authority client.
 String getName()
          Returns the trust authority name.
 String getPublicKeyAlias()
          Returns the Public key alias for this trust authority client's partner.
 List getSecurityMech()
          Returns the list of security mechanisms that the trust authority supports.
 String getSigningRefType()
          Returns signing reference type.
 String getType()
          Returns the trust authority type.
 List getUsers()
          Returns the list of PasswordCredentials of the user.
protected abstract  void init(String name, String type, SSOToken ssoToken)
          Initialize the trust authority.
 boolean isRequestEncryptEnabled()
          Checks if the request needs to be encrypted or not.
 boolean isRequestHeaderEncryptEnabled()
          Checks if the request header needs to be encrypted or not.
 boolean isRequestSignEnabled()
          Checks if the request needs to be signed or not.
 boolean isResponseEncryptEnabled()
          Checks if the response needs to be encrypted or not.
 boolean isResponseSignEnabled()
          Checks if the response needs to be signed or not.
static void saveConfig(TrustAuthorityConfig config)
          Saves the trust authority configuration.
 void setAdminToken(SSOToken adminToken)
          Sets the admin token.
 void setEncryptionAlgorithm(String encAlg)
          Sets the encryption algorithm.
 void setEncryptionStrength(int keyStrength)
          Sets the encryption data strength.
 void setEndpoint(String endpoint)
          Sets the trust authority end point.
 void setKeyAlias(String alias)
          Sets the key alias for this trust authority client.
 void setName(String name)
          Sets the trust authority name.
 void setPublicKeyAlias(String alias)
          Sets the Public key alias for this trust authority client's partner.
 void setRequestEncryptEnabled(boolean enable)
          Sets the request encrypt enable flag.
 void setRequestHeaderEncryptEnabled(boolean enable)
          Sets the request header encrypt enable flag.
 void setRequestSignEnabled(boolean enable)
          Sets the request sign enable flag.
 void setResponseEncryptEnabled(boolean enable)
          Sets the response encrypt enable flag.
 void setResponseSignEnabled(boolean enable)
          Sets the response sign enable flag.
 void setSecurityMechs(List secMech)
          Sets the list of security mechanisms that the trust authority supports.
 void setSigningRefType(String refType)
          Sets the signing reference type.
 void setType(String type)
          Sets the trust authority type.
 void setUsers(List usercredentials)
          Sets the user credentials list.
protected abstract  void store()
          Saves the trust authority configuration.
 

Field Detail

endpoint

protected String endpoint

privateKeyAlias

protected String privateKeyAlias

publicKeyAlias

protected String publicKeyAlias

name

protected String name

type

protected String type

secMech

protected List secMech

isResponseSigned

protected boolean isResponseSigned

isResponseEncrypted

protected boolean isResponseEncrypted

isRequestSigned

protected boolean isRequestSigned

isRequestEncrypted

protected boolean isRequestEncrypted

isRequestHeaderEncrypted

protected boolean isRequestHeaderEncrypted

usercredentials

protected List usercredentials

encryptionAlgorithm

protected String encryptionAlgorithm

encryptionStrength

protected int encryptionStrength

signingRefType

protected String signingRefType

customAdminToken

protected static SSOToken customAdminToken

WSS_DISCOVERY_CONFIG_PLUGIN

public static final String WSS_DISCOVERY_CONFIG_PLUGIN
Property string for the web services discovery client configuration plugin.

See Also:
Constant Field Values

WSS_STS_CONFIG_PLUGIN

public static final String WSS_STS_CONFIG_PLUGIN
Property string for the web services STS client configuration plugin.

See Also:
Constant Field Values

DISCOVERY_TRUST_AUTHORITY

public static final String DISCOVERY_TRUST_AUTHORITY
Trusted Authority client configuration type.

See Also:
Constant Field Values

STS_TRUST_AUTHORITY

public static final String STS_TRUST_AUTHORITY
See Also:
Constant Field Values
Constructor Detail

TrustAuthorityConfig

public TrustAuthorityConfig()
Method Detail

getName

public String getName()
Returns the trust authority name.

Returns:
the name of the trust authority.

setName

public void setName(String name)
Sets the trust authority name.

Parameters:
name - the name of the trust authority.

getType

public String getType()
Returns the trust authority type.

Returns:
the type of the trust authority.

setType

public void setType(String type)
Sets the trust authority type.

Parameters:
type - the type of the trust authority.

getEndpoint

public String getEndpoint()
Returns the trust authority end point.

Returns:
the endpoint of the trust authority.

setEndpoint

public void setEndpoint(String endpoint)
Sets the trust authority end point.

Parameters:
endpoint - the end point for the trust authority.

getKeyAlias

public String getKeyAlias()
Returns the key alias for this trust authority client.

Returns:
the key alias of the trust authority client.

setKeyAlias

public void setKeyAlias(String alias)
Sets the key alias for this trust authority client.

Parameters:
alias - the key alias for the trust authority client.

getPublicKeyAlias

public String getPublicKeyAlias()
Returns the Public key alias for this trust authority client's partner.

Returns:
the Public key alias of the trust authority client's partner.

setPublicKeyAlias

public void setPublicKeyAlias(String alias)
Sets the Public key alias for this trust authority client's partner.

Parameters:
alias - the Public key alias for this trust authority client's partner.

setSecurityMechs

public void setSecurityMechs(List secMech)
Sets the list of security mechanisms that the trust authority supports.

Parameters:
secMech - list of security mechanisms that the trust authority supports.

getSecurityMech

public List getSecurityMech()
Returns the list of security mechanisms that the trust authority supports.


isResponseSignEnabled

public boolean isResponseSignEnabled()
Checks if the response needs to be signed or not.

Returns:
true if the response needs to be signed.

setResponseSignEnabled

public void setResponseSignEnabled(boolean enable)
Sets the response sign enable flag.

Parameters:
enable - enables the response signing.

isResponseEncryptEnabled

public boolean isResponseEncryptEnabled()
Checks if the response needs to be encrypted or not.

Returns:
true if the response needs to be encrypted.

setResponseEncryptEnabled

public void setResponseEncryptEnabled(boolean enable)
Sets the response encrypt enable flag.

Parameters:
enable - enables the response encryption.

isRequestSignEnabled

public boolean isRequestSignEnabled()
Checks if the request needs to be signed or not.

Returns:
true if the request needs to be signed.

setRequestSignEnabled

public void setRequestSignEnabled(boolean enable)
Sets the request sign enable flag.

Parameters:
enable - enables the request signing.

isRequestEncryptEnabled

public boolean isRequestEncryptEnabled()
Checks if the request needs to be encrypted or not.

Returns:
true if the request needs to be encrypted.

setRequestEncryptEnabled

public void setRequestEncryptEnabled(boolean enable)
Sets the request encrypt enable flag.

Parameters:
enable - enables the request encryption.

isRequestHeaderEncryptEnabled

public boolean isRequestHeaderEncryptEnabled()
Checks if the request header needs to be encrypted or not.

Returns:
true if the request header needs to be encrypted.

setRequestHeaderEncryptEnabled

public void setRequestHeaderEncryptEnabled(boolean enable)
Sets the request header encrypt enable flag.

Parameters:
enable - enables the request header encryption.

setUsers

public void setUsers(List usercredentials)
Sets the user credentials list.

Parameters:
usercredentials - list of PasswordCredentialobjects.

getUsers

public List getUsers()
Returns the list of PasswordCredentials of the user.

Returns:
the list of PasswordCredential objects.

getSigningRefType

public String getSigningRefType()
Returns signing reference type.

Returns:
the signing reference type.

setSigningRefType

public void setSigningRefType(String refType)
Sets the signing reference type.

Parameters:
refType - the signing reference type.

getEncryptionAlgorithm

public String getEncryptionAlgorithm()
Returns the encryption algorithm.

Returns:
the encryption algorithm

setEncryptionAlgorithm

public void setEncryptionAlgorithm(String encAlg)
Sets the encryption algorithm.

Parameters:
encAlg - the encryption algorithm.

getEncryptionStrength

public int getEncryptionStrength()
Returns the encryption data strength.

Returns:
the encryption data strength.

setEncryptionStrength

public void setEncryptionStrength(int keyStrength)
Sets the encryption data strength.

Parameters:
keyStrength - the encryption data strength.

init

protected abstract void init(String name,
                             String type,
                             SSOToken ssoToken)
                      throws ProviderException
Initialize the trust authority.

Parameters:
name - the name of the trust authority.
type - the type of the trust authority.
ssoToken - Single sign-on token.
Throws:
ProviderException - if the initialization fails.

store

protected abstract void store()
                       throws ProviderException
Saves the trust authority configuration.

Throws:
ProviderException - if the trust authority configuration is unable to save.

delete

protected abstract void delete()
                        throws ProviderException
Deletes the trust authrority configuration.

Throws:
ProviderException

getConfig

public static TrustAuthorityConfig getConfig(String name,
                                             String type)
                                      throws ProviderException
Returns the trust authority configuration object.

Parameters:
name - the name of the trust authority.
type - the type of the trust authority. The type must have one of the following values.

TrustAuthorityConfig.DISCOVERY_TRUST_AUTHORITY

TrustAuthorityConfig.STS_TRUST_AUTHORITY

Throws:
ProviderException - if any failure in retrieving the trust authority configuration.

saveConfig

public static void saveConfig(TrustAuthorityConfig config)
                       throws ProviderException
Saves the trust authority configuration.

Parameters:
config - the trust authority configuration.
Throws:
ProviderException - if any failure in saving the configuration.

deleteConfig

public static void deleteConfig(String name,
                                String type)
                         throws ProviderException
Deletes the trust authority configuration.

Parameters:
name - the name of the trust authority configuration.
type - the type of the trust authority. The type must have one of the values.

TrustAuthorityConfig.DISCOVERY_TRUST_AUTHORITY

TrustAuthorityConfig.STS_TRUST_AUTHORITY

Throws:
ProviderException - if any failure in deleting the trust authority configuration.

setAdminToken

public void setAdminToken(SSOToken adminToken)
Sets the admin token. This admin token is required to be set if "create", "delete" or "save" operations are invoked on this TrustAuthorityConfig object. This admin token needs to be the valid SSOToken of the user who has "Agent Administrator" privileges.

Parameters:
adminToken - the agent admin token.