Skip navigation links

com.bea.common.security.saml2
Interface SingleSignOnServicesConfigSpi

All Known Subinterfaces:

SingleSignOnServicesMBean

public interface SingleSignOnServicesConfigSpi

Non-environment specific configuration for SAML 2.0 SingleSignOnServices

Method Summary

abstract int	getArtifactMaxCacheSize() Gets the maximum size of the artifact cache.
abstract int	getArtifactTimeout() Gets the maximum timeout (in seconds) of artifacts stored in the local cache.
abstract int	getAuthnRequestMaxCacheSize() Gets the maximum size of the <AuthnRequest> document cache.
abstract int	getAuthnRequestTimeout() Gets the maximum timeout (in seconds) of <AuthnRequest> documents stored in the local cache.
abstract String	getBasicAuthPassword() The password used to assign Basic Authentication credentials to outgoing HTTPS connections
abstract byte[]	getBasicAuthPasswordEncrypted() The encrypted password used assign Basic Authentication credentials to outgoing HTTPS connections..
abstract String	getBasicAuthUsername() Get the Basic Authentication username.
abstract String	getContactPersonCompany() Contact person company.
abstract String	getContactPersonEmailAddress() Contact person e-mail address.
abstract String	getContactPersonGivenName() Contact person given name.
abstract String	getContactPersonSurName() Contact person surname.
abstract String	getContactPersonTelephoneNumber() Contact person telephone number.
abstract String	getContactPersonType() Contact person type value.
abstract String	getDefaultURL() Gets the SP's Default URL.
abstract String	getEntityID() Entity ID
abstract String	getErrorPath() Gets the Error Path URL.
abstract String	getIdentityProviderPreferredBinding() Gets the preferred binding type for endpoints of identity provider services
abstract String	getLoginReturnQueryParameter() Gets the name of the query string parameter to extract from the response following use of Login URL
abstract String	getLoginURL() Gets the Login URL to redirect callers to when IdP receives a request from an anonymous end user.
abstract String	getOrganizationName() Organization name.
abstract String	getOrganizationURL() The Organization URL.
abstract String	getPublishedSiteURL() Get the published site URL.
abstract String	getServiceProviderPreferredBinding() Gets the preferred binding type for endpoints of service provider services
abstract String	getSSOSigningKeyAlias() Get the SSO Signing key alias.
abstract String	getSSOSigningKeyPassPhrase() The passphrase used to retrieve the local site's SSO signing key from the keystore.
abstract byte[]	getSSOSigningKeyPassPhraseEncrypted() The encrypted passphrase used to retrieve the local site's SSO signing key from the keystore.
abstract String	getTransportLayerSecurityKeyAlias() Get the TLS/SSL key alias.
abstract String	getTransportLayerSecurityKeyPassPhrase() The passphrase used to retrieve the local site's TLS/SSL key from the keystore.
abstract byte[]	getTransportLayerSecurityKeyPassPhraseEncrypted() The encrypted passphrase used to retrieve the local site's TLS/SSL key from the keystore.
abstract boolean	isForceAuthn() Gets the force authentication flag
abstract boolean	isIdentityProviderArtifactBindingEnabled() Gets the identity provider artifact binding enabled flag
abstract boolean	isIdentityProviderEnabled() Gets the identity provider enabled flag
abstract boolean	isIdentityProviderPOSTBindingEnabled() Gets the identity provider POST binding enabled flag
abstract boolean	isIdentityProviderRedirectBindingEnabled() Gets the identity provider redirect binding enabled flag
abstract boolean	isPassive() Gets the passive flag
abstract boolean	isPOSTOneUseCheckEnabled() Specifies whether the POST one-use check is enabled.
abstract boolean	isRecipientCheckEnabled() Specifies whether the recipient/destination check is enabled.
abstract boolean	isReplicatedCacheEnabled() Gets replicated cache enabled flag.
abstract boolean	isServiceProviderArtifactBindingEnabled() Gets the service provider artifact binding enabled flag
abstract boolean	isServiceProviderEnabled() Service provider enabled flag.
abstract boolean	isServiceProviderPOSTBindingEnabled() Gets the service provider POST binding enabled flag
abstract boolean	isSignAuthnRequests() Sign <AuthnRequest> documents flag.
abstract boolean	isWantArtifactRequestsSigned() Gets the flag that determines if the <ArtifactRequest> documents will be signed
abstract boolean	isWantAssertionsSigned() Advertized flag indicating requirement that incoming assertions be signed
abstract boolean	isWantAuthnRequestsSigned() Gets the flag that determines if <AuthnRequest> documents will be signed
abstract boolean	isWantBasicAuthClientAuthentication() Gets the flag that determines if Basic Authentication client authentication is wanted.
abstract boolean	isWantTransportLayerSecurityClientAuthentication() Gets the flag that determines if TLS/SSL client authentication is wanted.

Method Detail

getContactPersonGivenName

String getContactPersonGivenName()

Contact person given name.

Returns:

Contact person given name.

getContactPersonSurName

String getContactPersonSurName()

Contact person surname.

Returns:

Contact person surname

getContactPersonType

String getContactPersonType()

Contact person type value.

Returns:

Contact person type.

getContactPersonCompany

String getContactPersonCompany()

Contact person company.

Returns:

Contact person company.

getContactPersonTelephoneNumber

String getContactPersonTelephoneNumber()

Contact person telephone number.

Returns:

Contact person telephone number.

getContactPersonEmailAddress

String getContactPersonEmailAddress()

Contact person e-mail address.

Returns:

Contact person e-mail address.

getOrganizationName

String getOrganizationName()

Organization name.

Returns:

Organization name.

getOrganizationURL

String getOrganizationURL()

The Organization URL.

Returns:

Organization URL.

getPublishedSiteURL

String getPublishedSiteURL()

Get the published site URL.

Returns:

The published site URL.

getEntityID

String getEntityID()

Entity ID

Returns:

Entity ID

getErrorPath

String getErrorPath()

Gets the Error Path URL. Partner sites may redirect users to this URL for more information if SSO fails.

Returns:

The Error Path URL

isServiceProviderEnabled

boolean isServiceProviderEnabled()

Service provider enabled flag.

Returns:

Service provider enabled flag; 'true', if the service provider is enabled

getDefaultURL

String getDefaultURL()

Gets the SP's Default URL. When an unsolicited SSO response arrives at the SP without an accompanying target URL, the user (if authenticated) is redirected to the default URL.

Returns:

the default URL

isServiceProviderArtifactBindingEnabled

boolean isServiceProviderArtifactBindingEnabled()

Gets the service provider artifact binding enabled flag

Returns:

Service provider artifact binding enabled flag; if 'true', local services will support endpoint with artifact binding when acting in the role of service provider

isServiceProviderPOSTBindingEnabled

boolean isServiceProviderPOSTBindingEnabled()

Gets the service provider POST binding enabled flag

Returns:

Service provider POST binding enabled flag; if 'true', local services will support endpoint with POST binding when acting in the role of service provider

getServiceProviderPreferredBinding

String getServiceProviderPreferredBinding()

Gets the preferred binding type for endpoints of service provider services

Returns:

Preferred binding type for endpoints

isSignAuthnRequests

boolean isSignAuthnRequests()

Sign <AuthnRequest> documents flag.

Returns:

Sign <AuthnRequest> documents flag.

isWantAssertionsSigned

boolean isWantAssertionsSigned()

Advertized flag indicating requirement that incoming assertions be signed

Returns:

Want incoming assertions signed flag

getSSOSigningKeyAlias

String getSSOSigningKeyAlias()

Get the SSO Signing key alias. The key is used to generate signatures on all the outgoing documents, like <AuthnRequest>, <Response>

Returns:

The SSO Signing key.

getSSOSigningKeyPassPhrase

String getSSOSigningKeyPassPhrase()

The passphrase used to retrieve the local site's SSO signing key from the keystore.

Returns:

The signingKeyPassPhrase.

getSSOSigningKeyPassPhraseEncrypted

byte[] getSSOSigningKeyPassPhraseEncrypted()

The encrypted passphrase used to retrieve the local site's SSO signing key from the keystore.

Returns:

The encrypted signingKeyPassPhrase.

isForceAuthn

boolean isForceAuthn()

Gets the force authentication flag

Returns:

Force authentication flag

isPassive

boolean isPassive()

Gets the passive flag

Returns:

Passive flag

isIdentityProviderEnabled

boolean isIdentityProviderEnabled()

Gets the identity provider enabled flag

Returns:

Identity provider enabled flag; if 'true', local services will act in the role of identity provider

isIdentityProviderArtifactBindingEnabled

boolean isIdentityProviderArtifactBindingEnabled()

Gets the identity provider artifact binding enabled flag

Returns:

Identity provider artifact binding enabled flag; if 'true', local services will support endpoint with artifact binding when acting in the role of identity provider

isIdentityProviderPOSTBindingEnabled

boolean isIdentityProviderPOSTBindingEnabled()

Gets the identity provider POST binding enabled flag

Returns:

Identity provider POST binding enabled flag; if 'true', local services will support endpoint with POST binding when acting in the role of identity provider

isIdentityProviderRedirectBindingEnabled

boolean isIdentityProviderRedirectBindingEnabled()

Gets the identity provider redirect binding enabled flag

Returns:

Identity provider redirect binding enabled flag; if 'true', local services will support endpoint with redirect binding when acting in the role of identity provider

getIdentityProviderPreferredBinding

String getIdentityProviderPreferredBinding()

Gets the preferred binding type for endpoints of identity provider services

Returns:

Preferred binding type for endpoints

isWantAuthnRequestsSigned

boolean isWantAuthnRequestsSigned()

Gets the flag that determines if <AuthnRequest> documents will be signed

Returns:

Want <AuthnRequest> documents signed flag

getLoginURL

String getLoginURL()

Gets the Login URL to redirect callers to when IdP receives a request from an anonymous end user.

Returns:

Login URL.

getLoginReturnQueryParameter

String getLoginReturnQueryParameter()

Gets the name of the query string parameter to extract from the response following use of Login URL

Returns:

Login return query parameter

isRecipientCheckEnabled

boolean isRecipientCheckEnabled()

Specifies whether the recipient/destination check is enabled. When true, the recipient of the SAML Request/Response must match the URL in the HTTP Request.

Returns:

The recipient check enabled value.

isPOSTOneUseCheckEnabled

boolean isPOSTOneUseCheckEnabled()

Specifies whether the POST one-use check is enabled.

Returns:

The POST one-use check enabled value.

getTransportLayerSecurityKeyAlias

String getTransportLayerSecurityKeyAlias()

Get the TLS/SSL key alias. The key is used to establish outgoing TLS/SSL connections.

Returns:

The TLS/SSL Signing key.

getTransportLayerSecurityKeyPassPhrase

String getTransportLayerSecurityKeyPassPhrase()

The passphrase used to retrieve the local site's TLS/SSL key from the keystore.

Returns:

The key PassPhrase.

getTransportLayerSecurityKeyPassPhraseEncrypted

byte[] getTransportLayerSecurityKeyPassPhraseEncrypted()

The encrypted passphrase used to retrieve the local site's TLS/SSL key from the keystore.

Returns:

The encrypted signingKeyPassPhrase.

getBasicAuthUsername

String getBasicAuthUsername()

Get the Basic Authentication username. This username is used to assign Basic Authentication credentials to outgoing HTTPS connections.

Returns:

The Basic Authentication username.

getBasicAuthPassword

String getBasicAuthPassword()

The password used to assign Basic Authentication credentials to outgoing HTTPS connections

Returns:

The Basic Authentication password.

getBasicAuthPasswordEncrypted

byte[] getBasicAuthPasswordEncrypted()

The encrypted password used assign Basic Authentication credentials to outgoing HTTPS connections..

Returns:

The encrypted signingKeyPassPhrase.

isWantArtifactRequestsSigned

boolean isWantArtifactRequestsSigned()

Gets the flag that determines if the <ArtifactRequest> documents will be signed

Returns:

Want <ArtifactRequest> documents signed flag

isWantTransportLayerSecurityClientAuthentication

boolean isWantTransportLayerSecurityClientAuthentication()

Gets the flag that determines if TLS/SSL client authentication is wanted. If true, callers to TLS/SSL bindings of the local site must specify client authentication (two-way SSL) and the identity specified must validate against TLS certificate of the binding client partner.

Returns:

Want TLS/SSL client authentication flag

isWantBasicAuthClientAuthentication

boolean isWantBasicAuthClientAuthentication()

Gets the flag that determines if Basic Authentication client authentication is wanted. If true, callers to HTTPS bindings of the local site must specify a basic authentication header and the username and password must validate against the basic authetnication values of the binding client partner.

Returns:

Want basic authentication client authentication flag

getAuthnRequestMaxCacheSize

int getAuthnRequestMaxCacheSize()

Gets the maximum size of the <AuthnRequest> document cache. This cache is of documents issued by the local SP that are awaiting response from a partner IdP. Specify '0' to indicate that the cache is unbounded.

Returns:

Maximum size of <AuthnRequest> document cache.

getAuthnRequestTimeout

int getAuthnRequestTimeout()

Gets the maximum timeout (in seconds) of <AuthnRequest> documents stored in the local cache. This cache is of documents issued by the local SP that are awaiting response from a partner IdP. Documents that reach this maximum timeout age will be expired from the local cache even if no response has yet been received from the partner IdP. If a reponse is subsequently returned by the partner IdP, the cache will behave as if the <AuthnRequest> had never been generated.

Returns:

Maximum timeout (in seconds) of <AuthnRequest> documents stored in the local cache.

getArtifactMaxCacheSize

int getArtifactMaxCacheSize()

Gets the maximum size of the artifact cache. This cache is of artifacts issued by the local site that are awaiting referencing by a partner. Specify '0' to indicate that the cache is unbounded.

Returns:

Maximum size of artifact cache.

getArtifactTimeout

int getArtifactTimeout()

Gets the maximum timeout (in seconds) of artifacts stored in the local cache. This cache is of artifacts issued by the local site that are awaiting referencing by a partner. Artifacts that reach this maximum timeout age will be expired from the local cache even if no reference request has yet been received from the partner. If a reference request is subsequently received from the partner, the cache will behave as if the artifact had never been generated.

Returns:

Maximum timeout (in seconds) of artifacts stored in the local cache.

isReplicatedCacheEnabled

boolean isReplicatedCacheEnabled()

Gets replicated cache enabled flag. By default, the in-memory cache is used and replicated cache is disabled. To support cluster, this flag must be set to true so that the cache will be switch to replicated implementation.

Returns:

replicated cache enabled flag.

Skip navigation links