Class DefaultSubjectProvider
java.lang.Object
org.apache.cxf.sts.token.provider.DefaultSubjectProvider
- All Implemented Interfaces:
SubjectProvider
A default implementation of SubjectProvider to create a SAML Assertion. The Subject name is the name
of the current principal, the subject name qualifier is a default URL that can be configured, and the
subject confirmation method is created according to the token type and key type. If the Subject
Confirmation Method is SymmetricKey or PublicKey, the appropriate KeyInfoBean object is created and
attached to the Subject.
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected static KeyInfoBeancreateEncryptedKeyKeyInfo(X509Certificate certificate, byte[] secret, Document doc, EncryptionProperties encryptionProperties, Crypto encryptionCrypto) Create an EncryptedKey KeyInfo.protected KeyInfoBeancreateKeyInfo(SubjectProviderParameters subjectProviderParameters) Create and return the KeyInfoBean to be inserted into the SubjectBeanprotected static KeyInfoBeancreatePublicKeyKeyInfo(X509Certificate certificate, PublicKey publicKey) Create a KeyInfoBean that contains an X.509 certificate or Public Keyprotected SubjectBeancreateSubjectBean(Principal principal, SubjectProviderParameters subjectProviderParameters) Create the SubjectBean using the specified principal.protected PrincipalgetPrincipal(SubjectProviderParameters subjectProviderParameters) Get the Principal (which is used as the Subject).getSubject(SubjectProviderParameters subjectProviderParameters) Get a SubjectBean object.protected StringgetSubjectConfirmationMethod(String tokenType, String keyType) Get the SubjectConfirmation method given a tokenType and keyTypevoidsetSubjectNameIDFormat(String subjectNameIDFormat) Set the SubjectNameIDFormat.voidsetSubjectNameQualifier(String subjectNameQualifier) Set the SubjectNameQualifier.
-
Constructor Details
-
DefaultSubjectProvider
public DefaultSubjectProvider()
-
-
Method Details
-
setSubjectNameQualifier
Set the SubjectNameQualifier. -
setSubjectNameIDFormat
Set the SubjectNameIDFormat. -
getSubject
Get a SubjectBean object.- Specified by:
getSubjectin interfaceSubjectProvider
-
getPrincipal
Get the Principal (which is used as the Subject). By default, we check the following (in order): - A valid OnBehalfOf principal - A valid principal associated with a token received as ValidateTarget - The principal associated with the request. We don't need to check to see if it is "valid" here, as it is not parsed by the STS (but rather the WS-Security layer). -
createSubjectBean
protected SubjectBean createSubjectBean(Principal principal, SubjectProviderParameters subjectProviderParameters) Create the SubjectBean using the specified principal. -
getSubjectConfirmationMethod
Get the SubjectConfirmation method given a tokenType and keyType -
createKeyInfo
Create and return the KeyInfoBean to be inserted into the SubjectBean -
createPublicKeyKeyInfo
protected static KeyInfoBean createPublicKeyKeyInfo(X509Certificate certificate, PublicKey publicKey) Create a KeyInfoBean that contains an X.509 certificate or Public Key -
createEncryptedKeyKeyInfo
protected static KeyInfoBean createEncryptedKeyKeyInfo(X509Certificate certificate, byte[] secret, Document doc, EncryptionProperties encryptionProperties, Crypto encryptionCrypto) throws WSSecurityException Create an EncryptedKey KeyInfo.- Throws:
WSSecurityException
-