|
|||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectcom.ibm.wsspi.security.token.WSSecurityPropagationHelper
This class provides some propagation helper methods including whether propagation is enabled or not.
Field Summary | |
---|---|
static boolean |
rmiInboundPropagationEnabled
|
static boolean |
rmiOutboundPropagationEnabled
|
static boolean |
webInboundPropagationEnabled
|
Method Summary | |
---|---|
static PropagationToken |
addPropagationToken(PropagationToken token)
|
static WSSecurityPropagationHelper |
getInstance()
|
static PropagationToken |
getPropagationToken(java.lang.String name,
int version)
This method gets the propagation token on the current thread of execution based upon a specific key. |
static java.lang.String |
getRealmFromUniqueID(java.lang.String uniqueID)
This method accepts the uniqueID returned from the validateLTPAToken method. |
static java.lang.String |
getUserFromUniqueID(java.lang.String uniqueID)
This method accepts the uniqueID returned from the validateLTPAToken method. |
boolean |
isRMIInboundPropagationEnabled()
This method returns whether this server advertises that it accepts inbound propagation logins. |
boolean |
isRMIOutboundPropagationEnabled()
This method returns whether this server will propagate security attributes outbound provided the target server supports propagation. |
boolean |
isWebInboundPropagationEnabled()
This method returns whether this server, when receiving an SSO token, will try to go to the originating server to get propagated security attributes. |
static java.lang.String |
validateLTPAToken(byte[] token)
|
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
public static boolean rmiInboundPropagationEnabled
public static boolean rmiOutboundPropagationEnabled
public static boolean webInboundPropagationEnabled
Method Detail |
public static WSSecurityPropagationHelper getInstance()
public boolean isRMIInboundPropagationEnabled()
This method returns whether this server advertises that it accepts inbound propagation logins. It is typically used in inbound login configurations to determine whether to do something propagation related.
public boolean isRMIOutboundPropagationEnabled()
This method returns whether this server will propagate security attributes outbound provided the target server supports propagation. It is typically used in outbound login configurations to determine whether to do something propagation related.
public boolean isWebInboundPropagationEnabled()
This method returns whether this server, when receiving an SSO token, will try to go to the originating server to get propagated security attributes. When disabled, the server will login with the LTPA token as it did in previous releases. When enabled, the Subject created will be the serialized version from the originating server based on information in the SSO token.
public static PropagationToken getPropagationToken(java.lang.String name, int version) throws WSSecurityException
This method gets the propagation token on the current thread of execution based upon a specific key. The default PropagationToken has the following key: com.ibm.wsspi.security.token.AttributeNameConstants.WSPROPTOKEN_KEY_V1 For a custom PropagationToken implementation, you must know the token name and version and create the key in the format getPropagationToken("name:version"); The Propagation Token feature must be enabled for this to return a token. The token interface that is returned is com.ibm.wsspi.security.token.PropagationToken. If the originating caller is UNAUTHENTICATED, this API will return null until an authenticated caller is found in the Subject. The attributes one might be interested in are: com.ibm.wsspi.security.token.AttributeNameConstants.WSPROP_CALLERS com.ibm.wsspi.security.token.AttributeNameConstants.WSPROP_HOSTS WSPROP_CALLERS will return a | delimited string of callers with the first in the list being the originating caller. Any additional callers listed are due to context switches from a J2EE runAs or JAAS doAs change. Example: realm/user1|realm/user2 WSPROP_HOSTS will return a | delimited string of hosts with the first in the list being the originating host. Each subsequent host the invocation lands on will be logged here. Example: Cell:Node1:Server1|Cell:Node2:Server1 Note: Custom attributes may be added to the propagation token but the codebase must have the proper Java 2 Security permissions to do so.
name
- java.lang.Stringversion
- int
WSSecurityException
public static PropagationToken addPropagationToken(PropagationToken token) throws WSSecurityException
WSSecurityException
public static java.lang.String validateLTPAToken(byte[] token) throws WSLoginFailedException
WSLoginFailedException
public static java.lang.String getUserFromUniqueID(java.lang.String uniqueID)
This method accepts the uniqueID returned from the validateLTPAToken method. You can also use this method to parse the uniqueID returned from the UserRegistry.getUniqueUserId (uid) method. It returns the unique userid portion of this string. For an LDAP registry, this is the DN. For a LocalOS registry, this is the LocalOS unique identifier.
public static java.lang.String getRealmFromUniqueID(java.lang.String uniqueID)
This method accepts the uniqueID returned from the validateLTPAToken method. It returns the realm portion of this string. The realm can be used to determine where the token came from.
|
|||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |