com.ibm.websphere.wssecurity.wssapi.token

Interface SAMLToken

    • Field Detail

      • GET_SAMLATTRIBUTES_PERM

        static final java.security.SecurityPermission GET_SAMLATTRIBUTES_PERM
        this is the java2 security permission needed to retrieve attributes from a SAML token.
    • Method Detail

      • getSamlID

        java.lang.String getSamlID()
        Retrieves the identifier associated with this SAML assertion.
        Returns:
        a string representing the ID for SAML 2.0, or AssertionID for SAML 1.1.
      • getAssertionQName

        javax.xml.namespace.QName getAssertionQName()
        Return SAML Assertion namespace, defined in a schema SAML-XSD.
        Returns:
        SAML Assertion namespace, defined in a schema SAML-XSD It is "urn:oasis:names:tc:SAML:1.0:assertion" for SAML 1.1, and "urn:oasis:names:tc:SAML:2.0:assertion" for SAML 2.0.
      • getSamlExpires

        java.util.Date getSamlExpires()
        Return SAML Expiration time.
        Returns:
        SAML Token expiration time, which is delimited by the NotOnOrAfter attribute in element.
      • getSamlCreated

        java.util.Date getSamlCreated()
        Retrieves the SAML assertion creation date.
        Returns:
        SAML Token creation Date based on the NotBefore attribute in element.
      • getConfirmationMethod

        java.lang.String getConfirmationMethod()
        Retrieves the Subject Confirmation Method used in this SAML token. based on the SAML token profile for versions 1.1 and 2.0.
        Returns:
        SAML SubjectConfirmation Method, and valid method is holder-of-key, bearer, or sender-vouches. the returned string is based on the OASIS SAML token profile 1.1 and SAML token profile 2.0.
        See Also:
        OASIS SAML Token Profile 1.1, OASIS SAML Token Profile 2.0
      • getHolderOfKeyBytes

        byte[] getHolderOfKeyBytes()
        Retrieves the key bytes from the Holder-of-Key Element of this SAML token.
        Returns:
        the shared secret key bytes for a symmetric holder-of-key assertion.
      • getSAMLIssuerName

        java.lang.String getSAMLIssuerName()
        Retrieves the name of issuer.
        Returns:
        issuer name of the SAML authority responsible for the claims in the SAML assertion.
      • getAuthenticationMethod

        java.lang.String getAuthenticationMethod()
        Retrieves the authentication method that was used to authenticate the token holder.
        Returns:
        the authentication method that took place prior to the token's creation. For example "password", "kerberos", "ltpa".
      • getAuthenticationInstant

        java.util.Date getAuthenticationInstant()
        Retrieves the authentication time when the token holder is authenticated.
        Returns:
        the authentication time when the token holder is authenticated.
      • getSubjectDNS

        java.lang.String getSubjectDNS()
        Retrieves DNSAddress in SubjectLocality.
        Returns:
        DNSAddress in SubjectLocality.
      • getSubjectIPAddress

        java.lang.String getSubjectIPAddress()
        Retrieves IPAddress in SubjectLocality.
        Returns:
        IPAddress in SubjectLocality.
      • getAudienceRestriction

        java.util.List<java.lang.String> getAudienceRestriction()
        Retrieves AudienceRestriction String name list.
        Returns:
        AudienceRestriction String name list.
      • isOneTimeUse

        boolean isOneTimeUse()
        Retrieves flag to indicate OneTimeUse or DoNotCacheCondition.
        Returns:
        flag to indicate OneTimeUse or DoNotCacheCondition.
      • hasProxyRestriction

        boolean hasProxyRestriction()
        Retrieves flag to indicate ProxyRestriction.
        Returns:
        flag to indicate ProxyRestriction.
      • getProxyRestrictionCount

        long getProxyRestrictionCount()
        Retrieves number of ProxyRestriction Count.
        Returns:
        number of ProxyRestriction Count.
      • getroxyRestrictionAudience

        java.util.List<java.lang.String> getroxyRestrictionAudience()
        Retrieves String list of ProxyRestriction Audience.
        Returns:
        String list of ProxyRestriction Audience.
      • getSAMLAttributes

        java.util.List<com.ibm.wsspi.wssecurity.saml.data.SAMLAttribute> getSAMLAttributes()
        Retrieves the list of all attributes contained in the SAML token. When the token is in "readOnly" mode, a copy of the token's SAMLAttribute list is returned. However, even though nothing can be added or removed from list, the attributes themselves could be changed, thus altering the existing SAMLAttributes. For this reason, this method method requires the "wssapi.SAMLToken.getSAMLAttributes" Java Security permission .
      • getStringAttributes

        java.util.Map<java.lang.String,java.lang.String> getStringAttributes()
        Retrieves a Map of SAML attributes that consist of single (key, string value) pairs only.
        Returns:
        a Map of SAML Attributes that consist of single key with single String value. To get a complete Attribute list, use method getSAMLAttributes().
      • getSAMLNameID

        com.ibm.wsspi.wssecurity.saml.data.SAMLNameID getSAMLNameID()
        Retrieves SAML NameId or NameIdentifier assertion associated with the token holder.
        Returns:
        SAML NameID or NameIdentifier assertion associated with the token holder.
      • setTokenReadOnly

        void setTokenReadOnly()
        sets the SAMLToken to read only mode, meaning when we get any kind of SAMLAtributes, we return only copies instead of direct references. This will prevent modifications to SAMLToken attributes held in the token.
      • isReadOnly

        boolean isReadOnly()
        Retrieves readOnly flag.
        Returns:
        readOnly flag.
      • getXMLInputStream

        java.io.InputStream getXMLInputStream()
                                              throws WSSException
        Retrieves InputSream form of SAML Assertion.
        Returns:
        an InputStream form of SAML Assertion.
        Throws:
        WSSException
      • getSignerCertificate

        java.security.cert.X509Certificate getSignerCertificate()
        Retrieves SAML signer's X.509 Certificate
        Returns:
        SAML signer's X.509 Certificate
IBM WebSphere Application ServerTM
Release 8.5