Skip navigation links

Overview  Package   Class  Tree  Deprecated  Index  Help 
Oracle Fusion Middleware Java API Reference for Oracle WebCenter Portal
11g Release 1 (11.1.1.8.0)
E15995-07
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

oracle.webcenter.security.common
Class WCSecurityUtility

java.lang.Object
  extended by oracle.webcenter.security.common.WCSecurityUtility

public final class WCSecurityUtility
extends java.lang.Object
Since:
11.1.1.4.0

This class contains all public utility APIs related to WebCenter Security.

Method Summary
static java.lang.String getCurrentImpersonatorId()
          Get the user identifier of the impersonator if the current user is in an impersonation session
static IdentityStore getDefaultIdentityStore()
          Gets the default identity store configured
static User getUserFromUserName(java.lang.String username)
          Gets the user object given the user name
static boolean isImpersonationConfigured()
          Checks if impersonation feature is configured for the system
static boolean isServiceConfigured(java.lang.String serviceId)
          In this API, we check whether the given service is configured or not
static java.lang.String issueTrustServiceSecurityToken()
          Issues a security token that any WebCenter or Web 2.0 Client can pass in its request header to the REST Service for securely propagating the user identity.
static boolean isUserInImpersonationSession()
          Checks if the current user is in an impersonation session

 

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

 

Method Detail

issueTrustServiceSecurityToken

public static java.lang.String issueTrustServiceSecurityToken()
Issues a security token that any WebCenter or Web 2.0 Client can pass in its request header to the REST Service for securely propagating the user identity.

This API is intended for use in service to service authentication and identity propagation. The endpoint must be configured with the Trust Service Identity Asserter to establish the security context using the user identity embedded in the header.

The WebCenter REST client is expected to dispatch the request with this token and header set to "Authorization" to the REST URL (or any other application url), where the OPSS TrustService Identity Asserter is configured.

Example Usage: 

 URL url = new URL("http://host:port/rest/api/resourceIndex");
 String token = WCSecurityUtility.issueTrustServiceSecurityToken();
 final String AUTH_TYPE_name="OIT";
 HttpURLConnection connection = (HttpURLConnection) url.openConnection();
 connection.setRequestMethod("GET");
 connection.setDoOutput(true);
 connection.setReadTimeout(10000);
 connection.setRequestProperty("Authorization", AUTH_TYPE_NAME + " " + token);
 connection.connect();
Returns:
base64 encoded security token. Return null if any error occured on the platform layer while issuing the token.

getDefaultIdentityStore

public static IdentityStore getDefaultIdentityStore()
                                             throws oracle.security.jps.JpsException
Gets the default identity store configured
Returns:
returns the identity store throws the JPS exception if the identity store could not be got
Throws:
oracle.security.jps.JpsException

getUserFromUserName

public static User getUserFromUserName(java.lang.String username)
                                throws IMException
Gets the user object given the user name
Parameters:
username - the name string of the user
Returns:
returns the idm user object throws the IM exception if the user could not be found
Throws:
IMException

isImpersonationConfigured

public static boolean isImpersonationConfigured()
Checks if impersonation feature is configured for the system
Returns:
true if impersonation is configured, false otherwise.

isUserInImpersonationSession

public static boolean isUserInImpersonationSession()
Checks if the current user is in an impersonation session
Returns:
true if current user is in an impersonation session, false otherwise

getCurrentImpersonatorId

public static java.lang.String getCurrentImpersonatorId()
Get the user identifier of the impersonator if the current user is in an impersonation session
Returns:
User Identifier of the current impersonator, null if there is no impersonation session

isServiceConfigured

public static boolean isServiceConfigured(java.lang.String serviceId)
                                   throws java.lang.Exception
In this API, we check whether the given service is configured or not
Throws:
java.lang.Exception

Skip navigation links

Overview  Package   Class  Tree  Deprecated  Index  Help 
Oracle Fusion Middleware Java API Reference for Oracle WebCenter Portal
11g Release 1 (11.1.1.8.0)
E15995-07
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

Copyright © 2009, 2013, Oracle and/or its affiliates. All rights reserved.