oracle.security.jps.callback

Class AbstractSAMLTokenCallback

java.lang.Object

oracle.security.jps.callback.PropertyCallback

oracle.security.jps.callback.AbstractSAMLTokenCallback

All Implemented Interfaces:

javax.security.auth.callback.Callback, JpsCallback

Direct Known Subclasses:

SAML2TokenCallback, SAMLTokenCallback

public abstract class AbstractSAMLTokenCallback
extends PropertyCallback

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.String	ADD_ASSERTION_TO_SUBJECT_PROPERTY property name for adding assertion to the OPSS subject private credential sets.
static java.lang.String	DN_MAPPING_ATTRIBUTE_PROPERTY property name for determining which part of the DN is used to identify the user.
static java.lang.String	USER_ATTRIBUTE_PROPERTY property name for determining the overriding saml nameid format specifier - used if the format is null or unspecified
static java.lang.String	USER_MAPPING_ATTRIBUTE_PROPERTY property name for determining which user attribute is mapped for searches in idstore to identify the user.

Fields inherited from class oracle.security.jps.callback.PropertyCallback

ADD_APPLICATION_ROLE_PROPERTY, ADD_AUTHENTICATED_ROLE_PROPERTY, REMOVE_ANONYMOUS_ROLE_PROPERTY

Constructor Summary

Constructors

Constructor and Description
AbstractSAMLTokenCallback()

Method Summary

Methods

Modifier and Type	Method and Description
java.util.List<java.lang.String>	getAudienceUris() Gets relying party URIs for validating SAML audience restriction condition.
long	getClockSkew() Gets the clock skew between the client and server machine for validating SAML NotBefore and NotOn condition.
java.util.List<java.lang.String>	getTrustedIssuers() Gets the trusted issuers for validating SAML assertion issuer.
java.lang.Boolean	getVirtualUserAllowed() Gets the value of property used to indicate whether to allow virtual user.
void	setAudienceUris(java.util.List<java.lang.String> audienceUris) Sets relying party URIs for validating SAML audience restriction condition.
void	setClockSkew(long clockSkew) Sets the clock skew between the client and server machine for validating SAML NotBefore and NotOn condition.
void	setTrustedIssuers(java.util.List<java.lang.String> trustedIssuers) Sets the trusted issuers for validating SAML assertion issuer.
void	setVirtualUserAllowed(java.lang.Boolean virtualUserAllowed) Sets the value of property used to indicate whether to allow virtual user.

Methods inherited from class oracle.security.jps.callback.PropertyCallback

getCallbackType, getProperties, setProperties

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

DN_MAPPING_ATTRIBUTE_PROPERTY

public static final java.lang.String DN_MAPPING_ATTRIBUTE_PROPERTY

property name for determining which part of the DN is used to identify the user.

See Also:

Constant Field Values

ADD_ASSERTION_TO_SUBJECT_PROPERTY

public static final java.lang.String ADD_ASSERTION_TO_SUBJECT_PROPERTY

property name for adding assertion to the OPSS subject private credential sets.

See Also:

Constant Field Values

USER_MAPPING_ATTRIBUTE_PROPERTY

public static final java.lang.String USER_MAPPING_ATTRIBUTE_PROPERTY

property name for determining which user attribute is mapped for searches in idstore to identify the user.

See Also:

Constant Field Values

USER_ATTRIBUTE_PROPERTY

public static final java.lang.String USER_ATTRIBUTE_PROPERTY

property name for determining the overriding saml nameid format specifier - used if the format is null or unspecified

See Also:

Constant Field Values

Constructor Detail

AbstractSAMLTokenCallback

public AbstractSAMLTokenCallback()

Method Detail

getAudienceUris

public java.util.List<java.lang.String> getAudienceUris()

Gets relying party URIs for validating SAML audience restriction condition.

Returns:

list of relying party URIs

setAudienceUris

public void setAudienceUris(java.util.List<java.lang.String> audienceUris)

Sets relying party URIs for validating SAML audience restriction condition.

The method is protected by code based permission oracle.security.jps.JpsPermission("IdentityAssertion", "execute").

Parameters:

audienceUris - list of relying party URIs. Can be null or empty list.

Throws:

java.security.AccessControlException - if required permission is not granted.

getClockSkew

public long getClockSkew()

Gets the clock skew between the client and server machine for validating SAML NotBefore and NotOn condition.

Returns:

clockSkew in milliseconds

setClockSkew

public void setClockSkew(long clockSkew)

Sets the clock skew between the client and server machine for validating SAML NotBefore and NotOn condition.

Parameters:

clockSkew - in milliseconds

getTrustedIssuers

public java.util.List<java.lang.String> getTrustedIssuers()

Gets the trusted issuers for validating SAML assertion issuer.

Returns:

List of trusted issuers.

setTrustedIssuers

public void setTrustedIssuers(java.util.List<java.lang.String> trustedIssuers)

Sets the trusted issuers for validating SAML assertion issuer.

The method is protected by code based permission oracle.security.jps.JpsPermission("IdentityAssertion", "execute").

Parameters:

trustedIssuers - List of trusted issuers, can be null

Throws:

java.security.AccessControlException - if required permission not granted.

getVirtualUserAllowed

public java.lang.Boolean getVirtualUserAllowed()

Gets the value of property used to indicate whether to allow virtual user.

Returns:

true if virtual user is enabled

setVirtualUserAllowed

public void setVirtualUserAllowed(java.lang.Boolean virtualUserAllowed)

Sets the value of property used to indicate whether to allow virtual user. The method is protected by code based permission oracle.security.jps.JpsPermission("IdentityAssertion.setVirtualUserAllowed", "execute").

Parameters:

virtualUserAllowed - the value of property, can be null

Throws:

java.security.AccessControlException - if required permission not granted