org.apache.cxf.ws.security.trust
Class STSTokenValidator
java.lang.Object
org.apache.cxf.ws.security.trust.STSTokenValidator
- All Implemented Interfaces:
- org.apache.wss4j.dom.validate.Validator
public class STSTokenValidator
- extends Object
- implements org.apache.wss4j.dom.validate.Validator
A WSS4J-based Validator to validate a received WS-Security credential by dispatching
it to a STS via WS-Trust. The default binding is "validate", but "issue" is also possible
by setting the "useIssueBinding" property. In this case, the credentials are sent via
"OnBehalfOf" unless the "useOnBehalfOf" property is set to "false", in which case the
credentials are used depending on the security policy of the STS endpoint (e.g. in a
UsernameToken if this is what the policy requires). Setting "useOnBehalfOf" to "false" +
"useIssueBinding" to "true" only works for validating UsernameTokens.
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
STSTokenValidator
public STSTokenValidator()
STSTokenValidator
public STSTokenValidator(boolean alwaysValidateToSts)
- Construct a new instance.
- Parameters:
alwaysValidateToSts - whether to always validate the token to the STS
validate
public org.apache.wss4j.dom.validate.Credential validate(org.apache.wss4j.dom.validate.Credential credential,
org.apache.wss4j.dom.handler.RequestData data)
throws org.apache.wss4j.common.ext.WSSecurityException
- Specified by:
validate in interface org.apache.wss4j.dom.validate.Validator
- Throws:
org.apache.wss4j.common.ext.WSSecurityException
validateWithSTS
public org.apache.wss4j.dom.validate.Credential validateWithSTS(org.apache.wss4j.dom.validate.Credential credential,
org.apache.cxf.message.Message message)
throws org.apache.wss4j.common.ext.WSSecurityException
- Throws:
org.apache.wss4j.common.ext.WSSecurityException
isValidatedLocally
protected boolean isValidatedLocally(org.apache.wss4j.dom.validate.Credential credential,
org.apache.wss4j.dom.handler.RequestData data)
throws org.apache.wss4j.common.ext.WSSecurityException
- Throws:
org.apache.wss4j.common.ext.WSSecurityException
isUseIssueBinding
public boolean isUseIssueBinding()
setUseIssueBinding
public void setUseIssueBinding(boolean useIssueBinding)
isUseOnBehalfOf
public boolean isUseOnBehalfOf()
setUseOnBehalfOf
public void setUseOnBehalfOf(boolean useOnBehalfOf)
getStsClient
public STSClient getStsClient()
setStsClient
public void setStsClient(STSClient stsClient)
getTokenStore
public TokenStore getTokenStore()
setTokenStore
public void setTokenStore(TokenStore tokenStore)
Apache CXF