Package org.apache.cxf.ws.security.trust

Class AbstractSTSClient

  • All Implemented Interfaces:
    org.apache.cxf.configuration.Configurable, org.apache.cxf.interceptor.InterceptorProvider
    Direct Known Subclasses:
    STSClient
    public abstract class AbstractSTSClient
extends Object
implements org.apache.cxf.configuration.Configurable, org.apache.cxf.interceptor.InterceptorProvider
    An abstract class with some functionality to invoke on a SecurityTokenService (STS) via the WS-Trust protocol.

    • Field Detail

      • bus

        protected org.apache.cxf.Bus bus

      • client

        protected org.apache.cxf.endpoint.Client client

      • location

        protected String location

      • wsdlLocation

        protected String wsdlLocation

      • serviceName

        protected QName serviceName

      • endpointName

        protected QName endpointName

      • policy

        protected org.apache.neethi.Policy policy

      • soapVersion

        protected String soapVersion

      • keySize

        protected int keySize

      • requiresEntropy

        protected boolean requiresEntropy

      • template

        protected Element template

      • customContent

        protected Object customContent

      • claims

        protected Object claims

      • algorithmSuite

        protected org.apache.wss4j.policy.model.AlgorithmSuite algorithmSuite

      • namespace

        protected String namespace

      • addressingNamespace

        protected String addressingNamespace

      • wspNamespace

        protected String wspNamespace

      • onBehalfOf

        protected Object onBehalfOf

      • enableAppliesTo

        protected boolean enableAppliesTo

      • useCertificateForConfirmationKeyInfo

        protected boolean useCertificateForConfirmationKeyInfo

      • isSecureConv

        protected boolean isSecureConv

      • isSpnego

        protected boolean isSpnego

      • enableLifetime

        protected boolean enableLifetime

      • ttl

        protected int ttl

      • sendRenewing

        protected boolean sendRenewing

      • allowRenewing

        protected boolean allowRenewing

      • allowRenewingAfterExpiry

        protected boolean allowRenewingAfterExpiry

      • actAs

        protected Object actAs

      • tokenType

        protected String tokenType

      • keyType

        protected String keyType

      • sendKeyType

        protected boolean sendKeyType

      • message

        protected org.apache.cxf.message.Message message

      • context

        protected String context

      • in

        protected List<org.apache.cxf.interceptor.Interceptor<? extends org.apache.cxf.message.Message>> in

      • out

        protected List<org.apache.cxf.interceptor.Interceptor<? extends org.apache.cxf.message.Message>> out

      • outFault

        protected List<org.apache.cxf.interceptor.Interceptor<? extends org.apache.cxf.message.Message>> outFault

      • inFault

        protected List<org.apache.cxf.interceptor.Interceptor<? extends org.apache.cxf.message.Message>> inFault

      • features

        protected List<org.apache.cxf.feature.Feature> features

      • tlsClientParameters

        protected org.apache.cxf.configuration.jsse.TLSClientParameters tlsClientParameters

    • Constructor Detail

      • AbstractSTSClient

        public AbstractSTSClient​(org.apache.cxf.Bus b)

    • Method Detail

      • getBeanName

        public String getBeanName()
        Specified by:
        getBeanName in interface org.apache.cxf.configuration.Configurable

      • setBeanName

        public void setBeanName​(String s)

      • getLocation

        public String getLocation()

      • setLocation

        public void setLocation​(String location)

      • setMessage

        public void setMessage​(org.apache.cxf.message.Message message)

      • setTtl

        public void setTtl​(int ttl)

      • setEnableLifetime

        public void setEnableLifetime​(boolean enableLifetime)

      • setSendRenewing

        public void setSendRenewing​(boolean sendRenewing)

      • setTlsClientParameters

        public void setTlsClientParameters​(org.apache.cxf.configuration.jsse.TLSClientParameters tlsClientParameters)

      • setPolicy

        public void setPolicy​(Object newPolicy)
        Sets the WS-P policy that is applied to communications between this client and the remote server if no value is supplied for setWsdlLocation(String).

        Accepts Policy or Element as input.

        Parameters:
        newPolicy - the policy object
        Throws:
        IllegalArgumentException - if newPolicy is not one of the supported types.

      • setSoap12

        public void setSoap12()

      • setSoap11

        public void setSoap11()

      • setSoap11

        public void setSoap11​(boolean b)

      • setAddressingNamespace

        public void setAddressingNamespace​(String ad)

      • setTrust

        public void setTrust​(org.apache.wss4j.policy.model.Trust10 trust)

      • isRequiresEntropy

        public boolean isRequiresEntropy()

      • setRequiresEntropy

        public void setRequiresEntropy​(boolean requiresEntropy)

      • isSecureConv

        public boolean isSecureConv()

      • setSecureConv

        public void setSecureConv​(boolean secureConv)

      • isSpnego

        public boolean isSpnego()

      • setSpnego

        public void setSpnego​(boolean spnego)

      • isAllowRenewing

        public boolean isAllowRenewing()

      • setAllowRenewing

        public void setAllowRenewing​(boolean allowRenewing)

      • isAllowRenewingAfterExpiry

        public boolean isAllowRenewingAfterExpiry()

      • setAllowRenewingAfterExpiry

        public void setAllowRenewingAfterExpiry​(boolean allowRenewingAfterExpiry)

      • isEnableAppliesTo

        public boolean isEnableAppliesTo()

      • setEnableAppliesTo

        public void setEnableAppliesTo​(boolean enableAppliesTo)

      • getContext

        public String getContext()

      • setContext

        public void setContext​(String context)

      • setAlgorithmSuite

        public void setAlgorithmSuite​(org.apache.wss4j.policy.model.AlgorithmSuite ag)

      • setWsdlLocation

        public void setWsdlLocation​(String wsdl)

      • getWsdlLocation

        public String getWsdlLocation()

      • setServiceName

        public void setServiceName​(String qn)

      • setEndpointName

        public void setEndpointName​(String qn)

      • setServiceQName

        public void setServiceQName​(QName qn)

      • getServiceQName

        public QName getServiceQName()

      • setEndpointQName

        public void setEndpointQName​(QName qn)

      • getEndpointQName

        public QName getEndpointQName()

      • setActAs

        public void setActAs​(Object actAs)

      • setCustomContent

        public void setCustomContent​(Object customContent)

      • setKeySize

        public void setKeySize​(int i)

      • getKeySize

        public int getKeySize()

      • setTokenType

        public void setTokenType​(String tokenType)

      • getTokenType

        public String getTokenType()

      • setSendKeyType

        public void setSendKeyType​(boolean sendKeyType)

      • setKeyType

        public void setKeyType​(String keyType)

      • setOnBehalfOf

        public void setOnBehalfOf​(Object onBehalfOf)

      • setUseCertificateForConfirmationKeyInfo

        public void setUseCertificateForConfirmationKeyInfo​(boolean useCertificate)
        Indicate whether to use the signer's public X509 certificate for the subject confirmation key info when creating a RequestsSecurityToken message. If the property is set to 'false', only the public key value will be provided in the request. If the property is set to 'true' the complete certificate will be sent in the request. Note: this setting is only applicable for assertions that use an asymmetric proof key

      • isUseCertificateForConfirmationKeyInfo

        public boolean isUseCertificateForConfirmationKeyInfo()

      • setPolicyInternal

        protected void setPolicyInternal​(org.apache.neethi.Policy newPolicy)

      • setPolicyInternal

        protected void setPolicyInternal​(Element newPolicy)

      • setPolicyInternal

        protected void setPolicyInternal​(String policyReference)

      • getClient

        public org.apache.cxf.endpoint.Client getClient()
                                         throws org.apache.cxf.BusException,
                                                org.apache.cxf.endpoint.EndpointException
        Throws:
        org.apache.cxf.BusException
        org.apache.cxf.endpoint.EndpointException

      • configureViaEPR

        public void configureViaEPR​(org.apache.cxf.ws.addressing.EndpointReferenceType ref,
                            boolean useEPRWSAAddrAsMEXLocation)

      • findMEXLocation

        protected String findMEXLocation​(org.apache.cxf.ws.addressing.EndpointReferenceType ref,
                                 boolean useEPRWSAAddrAsMEXLocation)

      • findMEXLocation

        protected String findMEXLocation​(Element ref)

      • createClient

        protected void createClient()
                     throws org.apache.cxf.BusException,
                            org.apache.cxf.endpoint.EndpointException
        Throws:
        org.apache.cxf.BusException
        org.apache.cxf.endpoint.EndpointException

      • findOperation

        protected org.apache.cxf.service.model.BindingOperationInfo findOperation​(String suffix)

      • getOnBehalfOfToken

        public Element getOnBehalfOfToken()
                           throws Exception
        Get the "OnBehalfOf" element to be sent to the STS.
        Throws:
        Exception

      • getActAsToken

        public Element getActAsToken()
                      throws Exception
        Get the "ActAs" element to be sent to the STS.
        Throws:
        Exception

      • getCustomContent

        public Element getCustomContent()
                         throws Exception
        Get some custom Element to be inserted into the RequestSecurityToken
        Throws:
        Exception

      • writeElementsForRSTSymmetricKey

        protected byte[] writeElementsForRSTSymmetricKey​(org.apache.cxf.staxutils.W3CDOMStreamWriter writer,
                                                 boolean wroteKeySize)
                                          throws Exception
        Throws:
        Exception

      • writeElementsForRSTPublicKey

        protected void writeElementsForRSTPublicKey​(org.apache.cxf.staxutils.W3CDOMStreamWriter writer,
                                            X509Certificate cert)
                                     throws Exception
        Throws:
        Exception

      • getAddressingAssertion

        protected org.apache.cxf.ws.policy.builder.primitive.PrimitiveAssertion getAddressingAssertion()

      • useSecondaryParameters

        protected boolean useSecondaryParameters()

      • createSecurityToken

        protected SecurityToken createSecurityToken​(Element el,
                                            byte[] requestorEntropy)
                                     throws org.apache.wss4j.common.ext.WSSecurityException,
                                            org.apache.xml.security.exceptions.Base64DecodingException
        Throws:
        org.apache.wss4j.common.ext.WSSecurityException
        org.apache.xml.security.exceptions.Base64DecodingException

      • decryptKey

        protected byte[] decryptKey​(Element child)
                     throws TrustException,
                            org.apache.wss4j.common.ext.WSSecurityException,
                            org.apache.xml.security.exceptions.Base64DecodingException
        Throws:
        TrustException
        org.apache.wss4j.common.ext.WSSecurityException
        org.apache.xml.security.exceptions.Base64DecodingException

      • createCrypto

        protected org.apache.wss4j.common.crypto.Crypto createCrypto​(boolean decrypt)
                                                      throws IOException,
                                                             org.apache.wss4j.common.ext.WSSecurityException
        Throws:
        IOException
        org.apache.wss4j.common.ext.WSSecurityException

      • setTemplate

        public void setTemplate​(Element rstTemplate)

      • setClaims

        public void setClaims​(Object rstClaims)
        Set a Claims Object to be included in the request. This Object can be either a DOM Element, which will be copied "as is" into the request, or else a org.apache.cxf.rt.security.claims.ClaimCollection Object.

      • getOutFaultInterceptors

        public List<org.apache.cxf.interceptor.Interceptor<? extends org.apache.cxf.message.Message>> getOutFaultInterceptors()
        Specified by:
        getOutFaultInterceptors in interface org.apache.cxf.interceptor.InterceptorProvider

      • getInFaultInterceptors

        public List<org.apache.cxf.interceptor.Interceptor<? extends org.apache.cxf.message.Message>> getInFaultInterceptors()
        Specified by:
        getInFaultInterceptors in interface org.apache.cxf.interceptor.InterceptorProvider

      • getInInterceptors

        public List<org.apache.cxf.interceptor.Interceptor<? extends org.apache.cxf.message.Message>> getInInterceptors()
        Specified by:
        getInInterceptors in interface org.apache.cxf.interceptor.InterceptorProvider

      • getOutInterceptors

        public List<org.apache.cxf.interceptor.Interceptor<? extends org.apache.cxf.message.Message>> getOutInterceptors()
        Specified by:
        getOutInterceptors in interface org.apache.cxf.interceptor.InterceptorProvider

      • setInInterceptors

        public void setInInterceptors​(List<org.apache.cxf.interceptor.Interceptor<? extends org.apache.cxf.message.Message>> interceptors)

      • setInFaultInterceptors

        public void setInFaultInterceptors​(List<org.apache.cxf.interceptor.Interceptor<? extends org.apache.cxf.message.Message>> interceptors)

      • setOutInterceptors

        public void setOutInterceptors​(List<org.apache.cxf.interceptor.Interceptor<? extends org.apache.cxf.message.Message>> interceptors)

      • setOutFaultInterceptors

        public void setOutFaultInterceptors​(List<org.apache.cxf.interceptor.Interceptor<? extends org.apache.cxf.message.Message>> interceptors)

      • setFeatures

        public void setFeatures​(List<? extends org.apache.cxf.feature.Feature> f)

      • getFeatures

        public List<org.apache.cxf.feature.Feature> getFeatures()

      • getClaimsCallbackHandler

        public CallbackHandler getClaimsCallbackHandler()

      • setClaimsCallbackHandler

        public void setClaimsCallbackHandler​(CallbackHandler claimsCallbackHandler)

      • getWspNamespace

        public String getWspNamespace()

      • setWspNamespace

        public void setWspNamespace​(String wspNamespace)

      • setUseKeyCertificate

        public void setUseKeyCertificate​(X509Certificate useKeyCertificate)

      • setNamespace

        public void setNamespace​(String namespace)