public final class WCSecurityUtility
extends java.lang.Object
This class contains all public utility APIs related to WebCenter Security.
Modifier and Type | Method and Description |
---|---|
static java.lang.String |
getCurrentImpersonatorId()
Get the user identifier of the impersonator if the current user is in an
impersonation session
|
static oracle.security.idm.IdentityStore |
getDefaultIdentityStore()
Gets the default identity store configured
|
static oracle.webcenter.framework.security.idm.WebCenterUser |
getUserFromUserName(java.lang.String username)
Gets the user object given the user name
|
static boolean |
isImpersonationConfigured()
Checks if impersonation feature is configured for the system
|
static boolean |
isServiceConfigured(java.lang.String serviceId)
In this API, we check whether the given service
is configured or not
|
static boolean |
isServiceEnabled(java.lang.String serviceId,
java.lang.String scopeGuid) |
static java.lang.String |
issueTrustServiceSecurityToken()
Issues a security token that any WebCenter or Web 2.0 Client can
pass in its request header to the REST Service for securely propagating
the user identity.
|
static boolean |
isUserInImpersonationSession()
Checks if the current user is in an impersonation session
|
public static java.lang.String issueTrustServiceSecurityToken()
This API is intended for use in service to service authentication and identity propagation. The endpoint must be configured with the Trust Service Identity Asserter to establish the security context using the user identity embedded in the header.
The WebCenter REST client is expected to dispatch the request with this token and header set to "Authorization" to the REST URL (or any other application url), where the OPSS TrustService Identity Asserter is configured.
Example Usage:
URL url = new URL("http://host:port/rest/api/resourceIndex");
String token = WCSecurityUtility.issueTrustServiceSecurityToken();
final String AUTH_TYPE_NAME = "OIT";
HttpURLConnection connection = (HttpURLConnection) url.openConnection();
connection.setRequestMethod("GET");
connection.setDoOutput(true);
connection.setReadTimeout(10000);
connection.setRequestProperty("Authorization", AUTH_TYPE_NAME + " " + token);
connection.connect();
public static oracle.security.idm.IdentityStore getDefaultIdentityStore() throws oracle.security.jps.JpsException
oracle.security.jps.JpsException
public static oracle.webcenter.framework.security.idm.WebCenterUser getUserFromUserName(java.lang.String username) throws oracle.webcenter.framework.service.WebCenterMemberException
username
- the name string of the useroracle.webcenter.framework.service.WebCenterMemberException
public static boolean isImpersonationConfigured()
public static boolean isUserInImpersonationSession()
public static java.lang.String getCurrentImpersonatorId()
public static boolean isServiceConfigured(java.lang.String serviceId) throws java.lang.Exception
java.lang.Exception
public static boolean isServiceEnabled(java.lang.String serviceId, java.lang.String scopeGuid)