Skip navigation links

Overview  Package   Class  Tree  Deprecated  Index  Help 
Oracle Fusion Middleware Java API Reference for Oracle WebCenter Portal
11g Release 1 (11.1.1.6.0)
E15995-04
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

oracle.webcenter.security.common
Class WCSecurityUtility

java.lang.Object
  extended by oracle.webcenter.security.common.WCSecurityUtility

public final class WCSecurityUtility
extends java.lang.Object
Since:
11.1.1.4.0

This class contains all public utility APIs related to WebCenter Security.

Method Summary
static IdentityStore getDefaultIdentityStore()
          Gets the default identity store configured
static User getUserFromUserName(java.lang.String username)
          Gets the user object given the user name
static java.lang.String issueTrustServiceSecurityToken()
          Issues a security token that any WebCenter or Web 2.0 Client can pass in its request header to the REST Service for securely propagating the user identity.

 

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

 

Method Detail

issueTrustServiceSecurityToken

public static java.lang.String issueTrustServiceSecurityToken()
Issues a security token that any WebCenter or Web 2.0 Client can pass in its request header to the REST Service for securely propagating the user identity.

This API is intended for use in service to service authentication and identity propagation. The endpoint must be configured with the Trust Service Identity Asserter to establish the security context using the user identity embedded in the header.

The WebCenter REST client is expected to dispatch the request with this token and header set to "Authorization" to the REST URL (or any other application url), where the OPSS TrustService Identity Asserter is configured.

Example Usage: 

 URL url = new URL("http://host:port/rest/api/resourceIndex");
 String token = WCSecurityUtility.issueTrustServiceSecurityToken();
 final String AUTH_TYPE_name="OIT";
 HttpURLConnection connection = (HttpURLConnection) url.openConnection();
 connection.setRequestMethod("GET");
 connection.setDoOutput(true);
 connection.setReadTimeout(10000);
 connection.setRequestProperty("Authorization", AUTH_TYPE_NAME + " " + token);
 connection.connect();
Returns:
base64 encoded security token. Return null if any error occured on the platform layer while issuing the token.

getDefaultIdentityStore

public static IdentityStore getDefaultIdentityStore()
                                             throws oracle.security.jps.JpsException
Gets the default identity store configured
Returns:
returns the identity store throws the JPS exception if the identity store could not be got
Throws:
oracle.security.jps.JpsException

getUserFromUserName

public static User getUserFromUserName(java.lang.String username)
                                throws IMException
Gets the user object given the user name
Parameters:
username - the name string of the user
Returns:
returns the idm user object throws the IM exception if the user could not be found
Throws:
IMException

Skip navigation links

Overview  Package   Class  Tree  Deprecated  Index  Help 
Oracle Fusion Middleware Java API Reference for Oracle WebCenter Portal
11g Release 1 (11.1.1.6.0)
E15995-04
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

Copyright © 2009, 2011, Oracle and/or its affiliates. All rights reserved.