Package org.apache.cxf.ws.security.trust

Class STSTokenValidator

java.lang.Object
org.apache.cxf.ws.security.trust.STSTokenValidator
All Implemented Interfaces:
org.apache.wss4j.dom.validate.Validator
public class STSTokenValidator extends Object implements org.apache.wss4j.dom.validate.Validator
A WSS4J-based Validator to validate a received WS-Security credential by dispatching it to a STS via WS-Trust. The default binding is "validate", but "issue" is also possible by setting the "useIssueBinding" property. In this case, the credentials are sent via "OnBehalfOf" unless the "useOnBehalfOf" property is set to "false", in which case the credentials are used depending on the security policy of the STS endpoint (e.g. in a UsernameToken if this is what the policy requires). Setting "useOnBehalfOf" to "false" + "useIssueBinding" to "true" only works for validating UsernameTokens.

  • Constructor Details

    • STSTokenValidator

      public STSTokenValidator()

    • STSTokenValidator

      public STSTokenValidator(boolean alwaysValidateToSts)
      Construct a new instance.
      Parameters:
      alwaysValidateToSts - whether to always validate the token to the STS

  • Method Details

    • validate

      public org.apache.wss4j.dom.validate.Credential validate(org.apache.wss4j.dom.validate.Credential credential, org.apache.wss4j.dom.handler.RequestData data) throws org.apache.wss4j.common.ext.WSSecurityException
      Specified by:
      validate in interface org.apache.wss4j.dom.validate.Validator
      Throws:
      org.apache.wss4j.common.ext.WSSecurityException

    • validateWithSTS

      public org.apache.wss4j.dom.validate.Credential validateWithSTS(org.apache.wss4j.dom.validate.Credential credential, org.apache.cxf.message.Message message) throws org.apache.wss4j.common.ext.WSSecurityException
      Throws:
      org.apache.wss4j.common.ext.WSSecurityException

    • isValidatedLocally

      protected boolean isValidatedLocally(org.apache.wss4j.dom.validate.Credential credential, org.apache.wss4j.dom.handler.RequestData data) throws org.apache.wss4j.common.ext.WSSecurityException
      Throws:
      org.apache.wss4j.common.ext.WSSecurityException

    • isUseIssueBinding

      public boolean isUseIssueBinding()

    • setUseIssueBinding

      public void setUseIssueBinding(boolean useIssueBinding)

    • isUseOnBehalfOf

      public boolean isUseOnBehalfOf()

    • setUseOnBehalfOf

      public void setUseOnBehalfOf(boolean useOnBehalfOf)

    • getStsClient

      public STSClient getStsClient()

    • setStsClient

      public void setStsClient(STSClient stsClient)

    • getTokenStore

      public TokenStore getTokenStore()

    • setTokenStore

      public void setTokenStore(TokenStore tokenStore)

    • isDisableCaching

      public boolean isDisableCaching()

    • setDisableCaching

      public void setDisableCaching(boolean disableCaching)