File Doc Category Size Date Package
BaseSTSImpl.java API Doc Example 16130 Tue May 29 16:57:04 BST 2007 com.sun.xml.ws.security.trust.sts

BaseSTSImpl

java.lang.Object

public abstract class BaseSTSImpl extends Object implements com.sun.xml.ws.api.security.trust.BaseSTS

The Base class of an STS implementation. This could be used to implement the actual STS. The sub class could override the methods of this class to customize the implementation.

Fields Summary
public static final int
DEFAULT_TIMEOUT
The default value of the timeout for the tokens issued by this STS
public static final String
DEFAULT_ISSUER
public static final String
STS_CONFIGURATION
The xml element tag for STS Configuration
public static final String
DEFAULT_IMPL
The default implementation class for the Trust contract. This class issues SAML tokens.
public static final String
DEFAULT_APPLIESTO
The default value for AppliesTo if appliesTo is not specified.
public static final String
APPLIES_TO
The String AppliesTo
public static final String
LIFETIME
The String LifeTime that is used to specify lifetime of the tokens issued by this STS.
public static final String
ALIAS
The String CertAlias that is used in the configuration. This identifies the alias of the Service that this STS serves.
public static final String
ENCRYPT_KEY
The String encrypt-issued-key
public static final String
ENCRYPT_TOKEN
The String encrypt-issued-token
public static final String
CONTRACT
The String Contract.
public static final String
ISSUER
public static final String
TOKEN_TYPE
The String TokenType.
public static final String
KEY_TYPE
The String KeyType.
public static final String
SERVICE_PROVIDERS
The String ServiceProviders.
public static final String
END_POINT
The String endPoint.
private static final QName
Q_EK
private static final QName
Q_ET
private static final QName
Q_EP
Constructors Summary
Methods Summary
private javax.xml.transform.Source cancel(com.sun.xml.ws.api.security.trust.config.STSConfiguration config, java.lang.String appliesTo, com.sun.xml.ws.security.trust.WSTrustElementFactory eleFac, com.sun.xml.ws.security.trust.elements.RequestSecurityToken rst)
return null;
com.sun.xml.ws.api.security.trust.config.STSConfiguration getConfiguration()
final MessageContext msgCtx = getMessageContext(); //final CallbackHandler handler = (CallbackHandler)msgCtx.get(WSTrustConstants.STS_CALL_BACK_HANDLER); final SecurityEnvironment secEnv = (SecurityEnvironment)msgCtx.get(WSTrustConstants.SECURITY_ENVIRONMENT); //Get Runtime STSConfiguration STSConfiguration rtConfig = WSTrustFactory.getRuntimeSTSConfiguration(); if (rtConfig != null){ if (rtConfig.getCallbackHandler() == null){ rtConfig.getOtherOptions().put(WSTrustConstants.SECURITY_ENVIRONMENT, secEnv); } return rtConfig; } // Get default STSConfiguration DefaultSTSConfiguration config = new DefaultSTSConfiguration(); config.getOtherOptions().put(WSTrustConstants.SECURITY_ENVIRONMENT, secEnv); //config.setCallbackHandler(handler); final Iterator iterator = (Iterator)msgCtx.get( Constants.SUN_TRUST_SERVER_SECURITY_POLICY_NS); if (iterator == null){ throw new WebServiceException("STS configuration information is not available"); } while(iterator.hasNext()) { final PolicyAssertion assertion = (PolicyAssertion)iterator.next(); if (!STS_CONFIGURATION.equals(assertion.getName().getLocalPart())) { continue; } config.setEncryptIssuedToken(Boolean.parseBoolean(assertion.getAttributeValue(Q_ET))); config.setEncryptIssuedKey(Boolean.parseBoolean(assertion.getAttributeValue(Q_EK))); final Iterator<PolicyAssertion> stsConfig = assertion.getNestedAssertionsIterator(); while(stsConfig.hasNext()){ final PolicyAssertion serviceSTSPolicy = stsConfig.next(); if(LIFETIME.equals(serviceSTSPolicy.getName().getLocalPart())){ config.setIssuedTokenTimeout(Integer.parseInt(serviceSTSPolicy.getValue())); continue; } if(CONTRACT.equals(serviceSTSPolicy.getName().getLocalPart())){ config.setType(serviceSTSPolicy.getValue()); continue; } if(ISSUER.equals(serviceSTSPolicy.getName().getLocalPart())){ config.setIssuer(serviceSTSPolicy.getValue()); continue; } if(SERVICE_PROVIDERS.equals(serviceSTSPolicy.getName().getLocalPart())){ final Iterator<PolicyAssertion> serviceProviders = serviceSTSPolicy.getNestedAssertionsIterator(); String endpointUri = null; while(serviceProviders.hasNext()){ final PolicyAssertion serviceProvider = serviceProviders.next(); endpointUri = serviceProvider.getAttributeValue(Q_EP); if (endpointUri == null){ endpointUri = serviceProvider.getAttributeValue(new QName("", END_POINT.toLowerCase())); } final DefaultTrustSPMetadata data = new DefaultTrustSPMetadata(endpointUri); final Iterator<PolicyAssertion> spConfig = serviceProvider.getNestedAssertionsIterator(); while(spConfig.hasNext()){ final PolicyAssertion policy = spConfig.next(); if(ALIAS.equals(policy.getName().getLocalPart())){ data.setCertAlias(policy.getValue()); }else if (TOKEN_TYPE.equals(policy.getName().getLocalPart())){ data.setTokenType(policy.getValue()); }else if (KEY_TYPE.equals(policy.getName().getLocalPart())){ data.setKeyType(policy.getValue()); } } config.addTrustSPMetadata(data, endpointUri); } } } } return config;
protected abstract javax.xml.ws.handler.MessageContext getMessageContext()
The actual STS class should override this method to return the correct MessageContext
return
The MessageContext
public javax.xml.transform.Source invoke(javax.xml.transform.Source rstElement)
Implementation of the invoke method of the Provider interface
param
rstElement The message comprising of RequestSecurityToken.
return
The response message comprising of RequestSecurityTokenResponse
throws
WebServiceException if there is an error processing request. The cause of the WebServiceException may be set to a subclass of ProtocolException to control the protocol level representation of the exception.
Source rstrEle = null; try{ // Get RequestSecurityToken final WSTrustElementFactory eleFac = WSTrustElementFactory.newInstance(); final RequestSecurityToken rst = eleFac.createRSTFrom(rstElement); //String tokenType = null; String appliesTo = null; final AppliesTo applTo = rst.getAppliesTo(); if(applTo != null){ appliesTo = WSTrustUtil.getAppliesToURI(applTo); } if (appliesTo == null){ appliesTo = DEFAULT_APPLIESTO; } // if(rst.getTokenType()!=null){ // tokenType = rst.getTokenType().toString(); // } final STSConfiguration config = getConfiguration(); if(rst.getRequestType().toString().equals(WSTrustConstants.ISSUE_REQUEST)){ rstrEle = issue(config, appliesTo, eleFac, rst); }else if(rst.getRequestType().toString().equals(WSTrustConstants.CANCEL_REQUEST)){ rstrEle = cancel(config, appliesTo, eleFac, rst); }else if(rst.getRequestType().toString().equals(WSTrustConstants.RENEW_REQUEST)){ rstrEle = renew(config, appliesTo, eleFac, rst); }else if(rst.getRequestType().toString().equals(WSTrustConstants.VALIDATE_REQUEST)){ rstrEle = validate(config, appliesTo, eleFac, rst); } } catch (Exception ex){ //ex.printStackTrace(); throw new WebServiceException(ex); } return rstrEle;
private javax.xml.transform.Source issue(com.sun.xml.ws.api.security.trust.config.STSConfiguration config, java.lang.String appliesTo, com.sun.xml.ws.security.trust.WSTrustElementFactory eleFac, com.sun.xml.ws.security.trust.elements.RequestSecurityToken rst)
// Create the RequestSecurityTokenResponse message final WSTrustContract<RequestSecurityToken, RequestSecurityTokenResponse> contract = WSTrustFactory.newWSTrustContract(config, appliesTo); final IssuedTokenContext context = new IssuedTokenContextImpl(); try { context.setRequestorSubject(SubjectAccessor.getRequesterSubject(getMessageContext())); } catch (XWSSecurityException ex) { throw new WSTrustException("error getting subject",ex); } final RequestSecurityTokenResponse rstr = contract.issue(rst, context); /* Token samlToken = rstr.getRequestedSecurityToken().getToken(); rstr.getRequestedSecurityToken().setAny(null); Element samlEle = (Element)samlToken.getTokenValue(); Element rstrEle = eleFac.toElement(rstr); Document doc = rstrEle.getOwnerDocument(); samlEle = (Element)doc.importNode(samlEle, true); NodeList list = rstrEle.getElementsByTagNameNS("*", "RequestedSecurityToken"); Element rdstEle = (Element)list.item(0); rdstEle.appendChild(samlEle); return new DOMSource(rstrEle);*/ return eleFac.toSource(rstr);
private javax.xml.transform.Source renew(com.sun.xml.ws.api.security.trust.config.STSConfiguration config, java.lang.String appliesTo, com.sun.xml.ws.security.trust.WSTrustElementFactory eleFac, com.sun.xml.ws.security.trust.elements.RequestSecurityToken rst)
Source rstrEle; // Create the RequestSecurityTokenResponse message final WSTrustContract<RequestSecurityToken, RequestSecurityTokenResponse> contract = WSTrustFactory.newWSTrustContract(config, appliesTo); final IssuedTokenContext context = new IssuedTokenContextImpl(); final RequestSecurityTokenResponse rstr = contract.renew(rst, context); rstrEle = eleFac.toSource(rstr); return rstrEle;
private javax.xml.transform.Source validate(com.sun.xml.ws.api.security.trust.config.STSConfiguration config, java.lang.String appliesTo, com.sun.xml.ws.security.trust.WSTrustElementFactory eleFac, com.sun.xml.ws.security.trust.elements.RequestSecurityToken rst)
Source rstrEle; // Create the RequestSecurityTokenResponse message final WSTrustContract<RequestSecurityToken, RequestSecurityTokenResponse> contract = WSTrustFactory.newWSTrustContract(config, appliesTo); final IssuedTokenContext context = new IssuedTokenContextImpl(); final RequestSecurityTokenResponse rstr = contract.validate(rst, context); rstrEle = eleFac.toSource(rstr); return rstrEle;