com.ibm.websphere.wssecurity.wssapi.token
Interface SecurityContextToken13
All Superinterfaces:
- public interface SecurityContextToken13
- extends SecurityToken
It is defined in the specifications of WS-SecureConvesation
Following is the sample code to get the security context token.
String path = "service/uri"; // path of security token service
WSSFactory factory = WSSFactory.getInstance();
// generate the WSSGenerationContext and WSSConsumingContext objects
// for request the security context token to the security token services.
// configuration for a construction the message to request the security context token
WSSGenerationContext gencontBootstrap = configureWSSGenerationContextForBootstrap();
// configuration for a validation the message containing the security context token
WSSConsumingContext concontBootstrap = configureWSSConsumingContextForBootstrap();
// configuration for a construction the message to send to the application
WSSGenerationContext gencontApp = configureWSSGenerationContextForApplication();
// configuration for a validation the message to be received from the application
WSSConsumingContext concontApp = configureWSSConsumingContextForApplication();
// create the security context tokens
SCTGenerateCallbackHandler sctgch = new SCTGenerateCallbackHandler(gencontBootstrap, concontBootstrap, path, WSSEncryption.AES128);
SecurityToken[] scts = factory.newSecurityTokens(new Class[] {SecurityContextToken13.class}, sctgch);
SecurityContextToken13 sct = null;
if(scts != null ){
if(scts.length != 0) {
sct = (SecurityContextToken13)scts[0];
// renew the security context token
sct.renew(gencontBootstrap, concontBootstrap);
// validate the security context token
boolean isvalidate = sct.validate(gencontapp, concontapp);
//cancel the security context token
sct.cancel(gencontapp, concontapp);
}
}
Notes: The specification describes the security token service provides some security context tokens.
The current version provides the one security context token in a array of security token.
See Also:
Field Summary
| Modifier and Type | Field and Description |
|---|---|
|
STATUS_CANCELLED
Represents that the security context token is canceled.
|
|
STATUS_ISSUED
Represents that the security context token is issued.
|
|
STATUS_RENEWED
Represents that the security context token is renewed.
|
|
TokenQname
Represents the QName of this class, <wsu:SecurityContextToken>.
|
|
ValueType
Represents the value type.
|
| Fields inherited from interface com.ibm.websphere.wssecurity.wssapi.token.SecurityToken |
|---|
DECRYPTING_KEY, ENCRYPTING_KEY, REF_EMBEDDED, REF_KEYID, REF_STR, REF_THUMBPRINT, SIGNING_KEY, VERIFING_KEY |
Method Summary
| Modifier and Type | Method and Description |
|---|---|
|
cancel()
Cancels this security context token, terminating its use.
|
|
cancel(WSSGenerationContext gencont,WSSConsumingContext concont)
Cancels this security context token, terminating its use.
|
|
getCreation(java.lang.String instance)
Returns the creation date of the instance.
|
getDerivedKeyToken(java.lang.String algorithm,java.lang.String clientLabel,java.lang.String serviceLabel)
Retreives the derived key token related with this security context token.
|
|
|
getExpiration(java.lang.String instance)
Returns the expiration date of the instance.
|
|
getIdentifier()
Returns the value of <wsu:Identifier>.
|
|
getInstances()
Returns values of the <wsu:Instance>.
|
|
getStatus(java.lang.String instance)
Returns the status of the instance.
|
|
renew()
Renews this security context token with new expiration semantics.
|
|
renew(WSSGenerationContext gencont,WSSConsumingContext concont)
Renews this security context token with new expiration semantics.
|
|
validate()
Evaluates the validity of current this security context token.
|
|
validate(WSSGenerationContext gencont,WSSConsumingContext concont)
Evaluates the validity of current security context token.
|
| Methods inherited from interface com.ibm.websphere.wssecurity.wssapi.token.SecurityToken |
|---|
getId, getKey, getKeyIdentifier, getKeyIdentifierEncodingType, getKeyIdentifierValueType, getKeyName, getPrincipal, getReferenceURI, getThumbprint, getThumbprintEncodingType, getThumbprintValueType, getTokenQname, getValueType, getXML |
Field Detail
STATUS_ISSUED
- static final int STATUS_ISSUED
Represents that the security context token is issued.
See Also:
STATUS_RENEWED
- static final int STATUS_RENEWED
Represents that the security context token is renewed.
See Also:
STATUS_CANCELLED
- static final int STATUS_CANCELLED
Represents that the security context token is canceled.
See Also:
TokenQname
- static final javax.xml.namespace.QName TokenQname
Represents the QName of this class, <wsu:SecurityContextToken>.
- NamespaceURI: "http://schemas.xmlsoap.org/ws/2005/02/sc"
- LocalPart: "SecurityContextToken"
ValueType
- static final javax.xml.namespace.QName ValueType
Represents the value type.
- ValueType: "http://schemas.xmlsoap.org/ws/2005/02/sc/sct"
Method Detail
cancel
- void cancel()
- throws WSSException
Cancels this security context token, terminating its use.
It will invokes com.ibm.security.trust10.client.STSRequestorFactory.cancel(java.lang.Object service).
Throws:
WSSException - if the security context token is not canceled cancel
- void cancel(WSSGenerationContext gencont,
- WSSConsumingContext concont)
- throws WSSException
Cancels this security context token, terminating its use.
Parameters:
gencont - WS-Security configuration of canceling the security context token to the security token service concont - WS-Security configuration of canceling the security context token to the security token service Throws:
WSSException - if the security context token is not canceled. validate
- boolean validate()
- throws WSSException
Evaluates the validity of current this security context token.
Returns:
true if it is valid.
false if it is invalid.
false if it is invalid.
Throws:
WSSException - if the security context token is not validated. validate
- boolean validate(WSSGenerationContext gencont,
- WSSConsumingContext concont)
- throws WSSException
Evaluates the validity of current security context token.
Parameters:
gencont - WS-Security configuration of canceling the security context token to the security token service concont - WS-Security configuration of canceling the security context token to the security token service Returns:
true if it is valid.
false if it is invalid.
false if it is invalid.
Throws:
WSSException - if the security context token is not validated. renew
- void renew()
- throws WSSException
Renews this security context token with new expiration semantics.
Throws:
WSSException - if the the security context token is not recreated renew
- void renew(WSSGenerationContext gencont,
- WSSConsumingContext concont)
- throws WSSException
Renews this security context token with new expiration semantics.
Parameters:
gencont - WS-Security configuration of canceling the security context token to the security token service concont - WS-Security configuration of canceling the security context token to the security token service Throws:
WSSException - if the security context token is not recreated. getDerivedKeyToken
- DerivedKeyToken getDerivedKeyToken( java.lang.String algorithm,
- java.lang.String clientLabel,
- java.lang.String serviceLabel)
- throws WSSException
Retreives the derived key token related with this security context token.
Parameters:
algorithm - to use for generating the derived key Returns:
derived key token
Throws:
WSSException - if the derived key is not created getIdentifier
- java.lang.String getIdentifier( )
Returns the value of <wsu:Identifier>.
Returns:
value of the identifier
getInstances
- java.lang.String[] getInstances( )
Returns values of the <wsu:Instance>.
Returns:
all of instance names
getCreation
- java.util.Date getCreation(java.lang.String instance)
Returns the creation date of the instance.
Parameters:
instance - instance Returns:
the creation date
getExpiration
- java.util.Date getExpiration(java.lang.String instance)
Returns the expiration date of the instance.
Parameters:
instance - instance Returns:
the expiration date
getStatus
- int getStatus(java.lang.String instance)
Returns the status of the instance.
It will return the STATUS_ISSUED,
STATUS_RENEWED,
or STATUS_CANCELLED.
Parameters:
instance - instance Returns:
status