org.eclipse.higgins.sts.api
Interface IRequestSecurityToken

public interface IRequestSecurityToken

Interface representing the RequestSecurityToken

Author:

mikemci at us dot ibm dot com

Method Summary

IElement	getAllowPostdating() Gets the AllowPostdating element that indicates that returned tokens should allow requests for postdated tokens.
List	getAnyOtherElements() Gets the list of any other elements (other than those explicitly named)
IAppliesTo	getAppliesTo() Gets this optional element that specifies the scope for the service(s) to which this token applies.
URI	getAuthenticationType() Gets the AuthenticationType
IElement	getBase() Gets the Base token
IElement	getCancelTarget() Gets the required CancelTarget element that identifies the token to be cancelled.
URI	getCanonicalizationAlgorithm() Gets the optional CanonicalizationAlgorithm URI element that indicates the canonicalization method used within the returned token.
IElement	getClaims() Gets the Claims element that may be optional and/or required.
IElement	getClientPseudonym()
URI	getComputedKeyAlgorithm() Gets the optional URI element that indicates desired algorithm to use when computed keys are used for issued tokens.
String	getContext() Gets the optional URI that specifies an identifier/context for this request.
Object	getData() Gets the associated data object (this object is not serialized in the message)
Boolean	getDelegatable() Gets the Delegatable element which should be used in conjunction with the <wst:DelegateTo> element.
IElement	getDelegateTo() Gets the optional DelegateTo element.
IDigitalIdentity	getDigitalIdentity() Gets the Digital Identity
IElement	getEncryption() Gets the optional Encryption element that specifies that the requestor desires any returned secrets in issued security tokens to be encrypted for the specified token.
URI	getEncryptionAlgorithm() Gets the optional EncryptionAlgorithm URI element that indicates the encryption algorithm used within the returned token.
URI	getEncryptWith() Gets the optional EncryptWith element that specifies the desired encryption algorithm to used with the issued security token.
IElement	getEntropy() Gets the optional Entropy element that allows a requestor to specify entropy that is to be used in creating the key.
Boolean	getForwardable() Gets the Forwardable element
IInformationCardReference	getInformationCardReference()
IEndpointReference	getIssuer() Gets the Issuer element EndpointReference of the issuer of the security token that is presented in the message.
Integer	getKeySize() Gets the optional KeySize element that indicates the size of the key required specified in number of bits.
URI	getKeyType() Gets the optional URI element that indicates the type of key desired in this RequestSecurityToken.
ILifetime	getLifetime() Gets the Lifetime element that specifies the duration of time between creation and expiration that the request is valid. The issuer does not have to honour this and may return a more or less restrictive duration.
IElement	getOnBehalfOf() Gets the optional OnBehalfOf element that indicates that the requestor is making the request on behalf of another.
IElement	getPolicy() Gets the optional Policy element that specifies a policy that indicates desired settings for the requested token.
IElement	getPolicyReference() Gets the optional PolicyReference element that specifies a reference to a policy that indicates desired settings for the requested token.
IElement	getProofEncryption() Gets the optional ProofEncryption element within the request.
IElement	getRenewing() Gets optional Renewing element that is used to specify renew semantics for types that support this operation.
IElement	getRenewTarget() Gets the required (when using a Renewal binding) RenewTarget element used when renewing an expired token.
IElement	getRequestDisplayToken() Gets the RequestDisplayToken
URI	getRequestType() Gets the required RequestType element that is used to indicate the type of function that is being requested, specified as a URI.
URI	getSignatureAlgorithm() Gets optional URI element that indicates the desired SignatureAlgorithm used within the returned token.
URI	getSignWith() Gets the optional SignWith URI element that indicates the desired signature algorithm to be used with the issued security token.
URI	getTokenType() Gets the optional element that describes the type of security token requested, specified as a URI.
IElement	getUseKey() Gets the UseKey element that specifies which existing key to use, rather than creating a new one.
IElement	getValidateTarget() Gets the required ValidateTarget element that identifies the token being validated.
void	setAllowPostdating(IElement elemAllowPostdating) Sets the AllowPostdating element that indicates that returned tokens should allow requests for postdated tokens.
void	setAppliesTo(IAppliesTo appliesTo) Sets this optional element that specifies the scope for the service(s) to which this token applies. Note that at least, either this element (AppliesTo) or the TokenType element SHOULD be defined in a RequestSecurityToken message.
void	setAuthenticationType(URI uriAuthenticationType) Sets the AuthenticationType
void	setBase(IElement elemBase) Sets the Base token
void	setCancelTarget(IElement elemCancelTarget) Sets the required (when using a Cancellation binding) CancelTarget element that identifies the token to be cancelled.
void	setCanonicalizationAlgorithm(URI uriCanonicalizationAlgorithm) Sets the optional CanonicalizationAlgorithm URI element that indicates the canonicalization method used within the returned token.
void	setClaims(IElement elemClaims) Sets the Claims element that may be optional and/or required.
void	setClientPseudonym(IElement clientPseudonym)
void	setComputedKeyAlgorithm(URI uriComputedKeyAlgorithm) Sets the optional URI element that indicates desired algorithm to use when computed keys are used for issued tokens
void	setContext(String strContext) Sets the optional URI that specifies an identifier/context for this request.
void	setData(Object objectData) Sets the associated data object (this object is not serialized in the message)
void	setDelegatable(boolean bDelegatable) Sets the Delegatable element which should be used in conjunction with the <wst:DelegateTo> element.
void	setDelegateTo(IElement elemDelegateTo) Sets the optional DelegateTo element.
void	setDigitalIdentity(IDigitalIdentity digitalIdentity) Sets the Digital Identity
void	setEncryption(IElement elemEncryption) Sets the optional Encryption element that specifies that the requestor desires any returned secrets in issued security tokens to be encrypted for the specified token.
void	setEncryptionAlgorithm(URI uriEncryptionAlgorithm) Sets the optional EncryptionAlgorithm URI element that indicates the encryption algorithm used within the returned token.
void	setEncryptWith(URI uriEncryptWith) Sets the optional EncryptWith element that specifies the desired encryption algorithm to used with the issued security token.
void	setEntropy(IElement elemEntropy) Sets the optional Entropy element that allows a requestor to specify entropy that is to be used in creating the key.
void	setForwardable(boolean bForwardable) Sets the optional Forwardable element.
void	setInformationCardReference(IInformationCardReference informationCardReference)
void	setIssuer(IEndpointReference eprIssuer) Sets the Issuer element EndpointReference of the issuer of the security token that is presented in the message.
void	setKeySize(int nKeySize) Sets the optional KeySize element that indicates the size of the key required specified in number of bits.
void	setKeyType(URI uriKeyType) Sets the optional URI element that indicates the type of key desired in this RequestSecurityToken.
void	setLifetime(ILifetime ltLifetime) Sets the Lifetime element that specifies the duration of time between creation and expiration that the request is valid. The issuer does not have to honour this and may return a more or less restrictive duration.
void	setOnBehalfOf(IElement elemOnBehalfOf) Sets the optional OnBehalfOf element that indicates that the requestor is making the request on behalf of another.
void	setPolicy(IElement elemPolicy) Sets the optional Policy element that specifies a policy that indicates desired settings for the requested token.
void	setPolicyReference(IElement elemPolicyReference) Sets the optional PolicyReference element that specifies a reference to a policy that indicates desired settings for the requested token.
void	setProofEncryption(IElement elemProofEncryption) Sets the optional ProofEncryption element within the request.
void	setRenewing(IElement elemRenewing) Sets optional Renewing element that is used to specify renew semantics for types that support this operation.
void	setRenewTarget(IElement elemRenewTarget) Sets the required (when using a Renewal binding) RenewTarget element used when renewing an expired token.
void	setRequestDisplayToken(IElement elemRequestDisplayToken) Sets the RequestDisplayToken
void	setRequestType(URI uriRequestType) Sets the required RequestType element that is used to indicate the type of function that is being requested, specified as a URI.
void	setSignatureAlgorithm(URI uriSignatureAlgorithm) Sets the optional URI element that indicates the desired SignatureAlgorithm used within the returned token.
void	setSignWith(URI uriSignWith) Sets the optional SignWith URI element that indicates the desired signature algorithm to be used with the issued security token.
void	setTokenType(URI uriTokenType) Sets the optional element that describes the type of security token requested, specified as a URI.
void	setUseKey(IElement elemUseKey) Sets the UseKey element that specifies which existing key to use, rather than creating a new one.
void	setValidateTarget(IElement elemValidateTarget) Sets the required (when using a Validation binding) ValidateTarget element that identifies the token being validated.

Method Detail

getClientPseudonym

public IElement getClientPseudonym()

setClientPseudonym

public void setClientPseudonym(IElement clientPseudonym)

getInformationCardReference

public IInformationCardReference getInformationCardReference()

setInformationCardReference

public void setInformationCardReference(IInformationCardReference informationCardReference)

getComputedKeyAlgorithm

public URI getComputedKeyAlgorithm()

Gets the optional URI element that indicates desired algorithm to use when computed keys are used for issued tokens.

Returns:

URI

getDigitalIdentity

public IDigitalIdentity getDigitalIdentity()

Gets the Digital Identity

Returns:

the Digital Identity

setDigitalIdentity

public void setDigitalIdentity(IDigitalIdentity digitalIdentity)

Sets the Digital Identity

getContext

public String getContext()

Gets the optional URI that specifies an identifier/context for this request.

Returns:

the Context URI

getBase

public IElement getBase()

Gets the Base token

Returns:

the Base

getTokenType

public URI getTokenType()

Gets the optional element that describes the type of security token requested, specified as a URI.

Returns:

the TokenType

getRequestDisplayToken

public IElement getRequestDisplayToken()

Gets the RequestDisplayToken

Returns:

the RequestDisplayToken

getRequestType

public URI getRequestType()

Gets the required RequestType element that is used to indicate the type of function that is being requested, specified as a URI.
The values are defined by the WS-Trust specifications.

Returns:

the RequestType

getAppliesTo

public IAppliesTo getAppliesTo()

Gets this optional element that specifies the scope for the service(s) to which this token applies.

Returns:

the AppliesTo

getCancelTarget

public IElement getCancelTarget()

Gets the required CancelTarget element that identifies the token to be cancelled.

Returns:

the CancelTarget

getValidateTarget

public IElement getValidateTarget()

Gets the required ValidateTarget element that identifies the token being validated.

Returns:

the ValidateTarget

getRenewTarget

public IElement getRenewTarget()

Gets the required (when using a Renewal binding) RenewTarget element used when renewing an expired token.

Returns:

the RenewTarget

getClaims

public IElement getClaims()

Gets the Claims element that may be optional and/or required. Optional or required is determined and defined by the requested service's policy.

Returns:

the Claims

getEntropy

public IElement getEntropy()

Gets the optional Entropy element that allows a requestor to specify entropy that is to be used in creating the key.

Returns:

the Entropy

getLifetime

public ILifetime getLifetime()

Gets the Lifetime element that specifies the duration of time between creation and expiration that the request is valid.
The issuer does not have to honour this and may return a more or less restrictive duration.

Returns:

the Lifetime

getAllowPostdating

public IElement getAllowPostdating()

Gets the AllowPostdating element that indicates that returned tokens should allow requests for postdated tokens.

Returns:

the AllowPostdating

getRenewing

public IElement getRenewing()

Gets optional Renewing element that is used to specify renew semantics for types that support this operation.

Returns:

the Renewing

getOnBehalfOf

public IElement getOnBehalfOf()

Gets the optional OnBehalfOf element that indicates that the requestor is making the request on behalf of another.

Returns:

the OnBehalfOf

getIssuer

public IEndpointReference getIssuer()

Gets the Issuer element EndpointReference of the issuer of the security token that is presented in the message.

Returns:

the Issuer element EndpointReference

getAuthenticationType

public URI getAuthenticationType()

Gets the AuthenticationType

Returns:

the AuthenticationType

getKeyType

public URI getKeyType()

Gets the optional URI element that indicates the type of key desired in this RequestSecurityToken.

Returns:

the KeyType

getKeySize

public Integer getKeySize()

Gets the optional KeySize element that indicates the size of the key required specified in number of bits.

Returns:

the KeySize

getSignatureAlgorithm

public URI getSignatureAlgorithm()

Gets optional URI element that indicates the desired SignatureAlgorithm used within the returned token.

Returns:

the SignatureAlgorithm

getEncryption

public IElement getEncryption()

Gets the optional Encryption element that specifies that the requestor desires any returned secrets in issued security tokens to be encrypted for the specified token.

Returns:

the Encryption

getEncryptionAlgorithm

public URI getEncryptionAlgorithm()

Gets the optional EncryptionAlgorithm URI element that indicates the encryption algorithm used within the returned token.

Returns:

the EncryptionAlgorithm

getCanonicalizationAlgorithm

public URI getCanonicalizationAlgorithm()

Gets the optional CanonicalizationAlgorithm URI element that indicates the canonicalization method used within the returned token.

Returns:

the CanonicalizationAlgorithm

getProofEncryption

public IElement getProofEncryption()

Gets the optional ProofEncryption element within the request.

Returns:

the ProofEncryption

getUseKey

public IElement getUseKey()

Gets the UseKey element that specifies which existing key to use, rather than creating a new one.

Returns:

the UseKey

getSignWith

public URI getSignWith()

Gets the optional SignWith URI element that indicates the desired signature algorithm to be used with the issued security token.

Returns:

the SignWith

getEncryptWith

public URI getEncryptWith()

Gets the optional EncryptWith element that specifies the desired encryption algorithm to used with the issued security token.

Returns:

the EncryptWith

getDelegateTo

public IElement getDelegateTo()

Gets the optional DelegateTo element.

Returns:

the DelegateTo

getForwardable

public Boolean getForwardable()

Gets the Forwardable element

Returns:

Boolean value representing whether the request is bound to the requestor's machine or service

getDelegatable

public Boolean getDelegatable()

Gets the Delegatable element which should be used in conjunction with the <wst:DelegateTo> element.

Returns:

Boolean value representing whether the returned token MAY be delegated to another party

getPolicy

public IElement getPolicy()

Gets the optional Policy element that specifies a policy that indicates desired settings for the requested token.

Returns:

the Policy

getPolicyReference

public IElement getPolicyReference()

Gets the optional PolicyReference element that specifies a reference to a policy that indicates desired settings for the requested token.

Returns:

the PolicyReference

getAnyOtherElements

public List getAnyOtherElements()

Gets the list of any other elements (other than those explicitly named)

Returns:

the list of any other elements (other than those explicitly named)

getData

public Object getData()

Gets the associated data object (this object is not serialized in the message)

Returns:

the associated data object (this object is not serialized in the message)

setComputedKeyAlgorithm

public void setComputedKeyAlgorithm(URI uriComputedKeyAlgorithm)

Sets the optional URI element that indicates desired algorithm to use when computed keys are used for issued tokens

Parameters:

uriComputedKeyAlgorithm - is the URI value of a defined computed key algorithm.
Example URI:
new URI("http://schemas.xmlsoap.org/ws/2005/02/trust/CK/PSHA1")

setBase

public void setBase(IElement elemBase)

Sets the Base token

Parameters:

elemBase - the Base

setTokenType

public void setTokenType(URI uriTokenType)

Sets the optional element that describes the type of security token requested, specified as a URI.

Parameters:

uriTokenType - is the URI of the TokenType
An example of a SAML 1.0 TokenType URI:
urn:oasis:names:tc:SAML:1.0:assertion

setRequestDisplayToken

public void setRequestDisplayToken(IElement elemRequestDisplayToken)

Sets the RequestDisplayToken

Parameters:

elemRequestDisplayToken - the RequestDisplayToken

setRequestType

public void setRequestType(URI uriRequestType)

Sets the required RequestType element that is used to indicate the type of function that is being requested, specified as a URI.
The values are defined by the WS-Trust specifications.
An example of an 'Issue' RequestType URI, defined by the 2005-02 WS-Trust specification:
new URI("http://schemas.xmlsoap.org/ws/2005/02/trust/Issue")

Parameters:

uriRequestType - the RequestType

setAppliesTo

public void setAppliesTo(IAppliesTo appliesTo)

Sets this optional element that specifies the scope for the service(s) to which this token applies.
Note that at least, either this element (AppliesTo) or the TokenType element SHOULD be defined in a RequestSecurityToken message.

Parameters:

appliesTo - the AppliesTo

setCancelTarget

public void setCancelTarget(IElement elemCancelTarget)

Sets the required (when using a Cancellation binding) CancelTarget element that identifies the token to be cancelled.

Parameters:

elemCancelTarget - the CancelTarget

setValidateTarget

public void setValidateTarget(IElement elemValidateTarget)

Sets the required (when using a Validation binding) ValidateTarget element that identifies the token being validated.

Parameters:

elemValidateTarget - is an IElement that typically contains <wsse:SecurityTokenReference> pointing to the token, but may contain the token itself.

setRenewTarget

public void setRenewTarget(IElement elemRenewTarget)

Sets the required (when using a Renewal binding) RenewTarget element used when renewing an expired token.

Parameters:

elemRenewTarget - the RenewTarget

setClaims

public void setClaims(IElement elemClaims)

Sets the Claims element that may be optional and/or required. Optional or required is determined and defined by the requested service's policy.
Example of setting Claims:
String claims = "<wst:Claims Dialect='http://schemas.xmlsoap.org/ws/2005/05/identity' " + "xmlns:wst='http://schemas.xmlsoap.org/ws/2005/02/trust' " + "xmlns:cl='http://schemas.xmlsoap.org/ws/2005/05/identity'>" + "<username>user1@example.com</username>" + "<issuer>" + new URI("http://example.com") + "</issuer>" + "</wst:Claims>";
IElement claimsElement = new Element();
claimsElement.set(claims);
rst.setClaims(claimsElement);


Parameters:

elemClaims - the Claims

setEntropy

public void setEntropy(IElement elemEntropy)

Sets the optional Entropy element that allows a requestor to specify entropy that is to be used in creating the key.

Parameters:

elemEntropy - the Entropy

setLifetime

public void setLifetime(ILifetime ltLifetime)

Sets the Lifetime element that specifies the duration of time between creation and expiration that the request is valid.
The issuer does not have to honour this and may return a more or less restrictive duration.

Parameters:

ltLifetime - the Lifetime element to be associated with the RequestSecurityToken element

setAllowPostdating

public void setAllowPostdating(IElement elemAllowPostdating)

Sets the AllowPostdating element that indicates that returned tokens should allow requests for postdated tokens.

Parameters:

elemAllowPostdating -

setRenewing

public void setRenewing(IElement elemRenewing)

Sets optional Renewing element that is used to specify renew semantics for types that support this operation.

Parameters:

elemRenewing - the Renewing element. Example for setting the Renewing element:

String renewing = "<wst:Renewing Allow=\"true\" OK=\"false\"/>"
IElement renewingElement = new Element();
renewingElement.set(renewing);
rst.setRenewing(renewingElement);

If attributes are not specified (see snippet example below), then 'Allow' defaults to 'true' and 'OK' to 'false'.
<wst:Renewing/>

setOnBehalfOf

public void setOnBehalfOf(IElement elemOnBehalfOf)

Sets the optional OnBehalfOf element that indicates that the requestor is making the request on behalf of another.

Parameters:

elemOnBehalfOf - is the OnBehalfOf element will contain either a <wsse:SecurityTokenReference> or an <wsa:EndpointReference> element which will contain the identity on whose behalf the request is being made

setIssuer

public void setIssuer(IEndpointReference eprIssuer)

Sets the Issuer element EndpointReference of the issuer of the security token that is presented in the message.

Parameters:

eprIssuer - is the EndpointReference that specifies the Issuer

setAuthenticationType

public void setAuthenticationType(URI uriAuthenticationType)

Sets the AuthenticationType

Parameters:

uriAuthenticationType - the AuthenticationType

setKeyType

public void setKeyType(URI uriKeyType)

Sets the optional URI element that indicates the type of key desired in this RequestSecurityToken.

Parameters:

uriKeyType - is the type of key for this RequestSecurityToken
Example URIs:
http://schemas.xmlsoap.org/ws/2005/02/trust/SymmetricKey
http://schemas.xmlsoap.org/ws/2005/02/trust/PublicKey

setKeySize

public void setKeySize(int nKeySize)

Sets the optional KeySize element that indicates the size of the key required specified in number of bits. The receipient of this request SHOULD at least try to have the same strength as request.

Parameters:

nKeySize - the KeySize

setSignatureAlgorithm

public void setSignatureAlgorithm(URI uriSignatureAlgorithm)

Sets the optional URI element that indicates the desired SignatureAlgorithm used within the returned token.

Parameters:

uriSignatureAlgorithm - the SignatureAlgorithm

setEncryption

public void setEncryption(IElement elemEncryption)

Sets the optional Encryption element that specifies that the requestor desires any returned secrets in issued security tokens to be encrypted for the specified token.

Parameters:

elemEncryption - the Encryption

setEncryptionAlgorithm

public void setEncryptionAlgorithm(URI uriEncryptionAlgorithm)

Sets the optional EncryptionAlgorithm URI element that indicates the encryption algorithm used within the returned token.

Parameters:

uriEncryptionAlgorithm - the EncryptionAlgorithm

setCanonicalizationAlgorithm

public void setCanonicalizationAlgorithm(URI uriCanonicalizationAlgorithm)

Sets the optional CanonicalizationAlgorithm URI element that indicates the canonicalization method used within the returned token.

Parameters:

uriCanonicalizationAlgorithm - the CanonicalizationAlgorithm

setProofEncryption

public void setProofEncryption(IElement elemProofEncryption)

Sets the optional ProofEncryption element within the request.

Parameters:

elemProofEncryption - the ProofEncryption

setUseKey

public void setUseKey(IElement elemUseKey)

Sets the UseKey element that specifies which existing key to use, rather than creating a new one.

Parameters:

elemUseKey - the UseKey

setSignWith

public void setSignWith(URI uriSignWith)

Sets the optional SignWith URI element that indicates the desired signature algorithm to be used with the issued security token.

Parameters:

uriSignWith - the SignWith

setEncryptWith

public void setEncryptWith(URI uriEncryptWith)

Sets the optional EncryptWith element that specifies the desired encryption algorithm to used with the issued security token.

Parameters:

uriEncryptWith - the EncryptWith

setDelegateTo

public void setDelegateTo(IElement elemDelegateTo)

Sets the optional DelegateTo element.

Parameters:

elemDelegateTo - is the identity receiving the delegation, which is specified by setting this value to the security token or <wsse:SecurityTokenReference> element.

setForwardable

public void setForwardable(boolean bForwardable)

Sets the optional Forwardable element.

Parameters:

bForwardable - is the boolean value specifying whether this request is forwardable.

setDelegatable

public void setDelegatable(boolean bDelegatable)

Sets the Delegatable element which should be used in conjunction with the <wst:DelegateTo> element.

Parameters:

bDelegatable - is the boolean value specifying whether this request should be delegated.

setPolicy

public void setPolicy(IElement elemPolicy)

Sets the optional Policy element that specifies a policy that indicates desired settings for the requested token.

Parameters:

elemPolicy - the Policy

setPolicyReference

public void setPolicyReference(IElement elemPolicyReference)

Sets the optional PolicyReference element that specifies a reference to a policy that indicates desired settings for the requested token.

Parameters:

elemPolicyReference - the PolicyReference

setContext

public void setContext(String strContext)

Sets the optional URI that specifies an identifier/context for this request.

setData

public void setData(Object objectData)

Sets the associated data object (this object is not serialized in the message)

Parameters:

objectData - the data object to be associated (this object is not serialized in the message)