001/** 002 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 003 * 004 * Copyright (c) 2007 Sun Microsystems Inc. All Rights Reserved 005 * 006 * The contents of this file are subject to the terms 007 * of the Common Development and Distribution License 008 * (the License). You may not use this file except in 009 * compliance with the License. 010 * 011 * You can obtain a copy of the License at 012 * https://opensso.dev.java.net/public/CDDLv1.0.html or 013 * opensso/legal/CDDLv1.0.txt 014 * See the License for the specific language governing 015 * permission and limitations under the License. 016 * 017 * When distributing Covered Code, include this CDDL 018 * Header Notice in each file and include the License file 019 * at opensso/legal/CDDLv1.0.txt. 020 * If applicable, add the following below the CDDL Header, 021 * with the fields enclosed by brackets [] replaced by 022 * your own identifying information: 023 * "Portions Copyrighted [year] [name of copyright owner]" 024 * 025 * $Id: SecurityMechanism.java,v 1.8 2008/08/31 15:50:03 mrudul_uchil Exp $ 026 * 027 */ 028 029package com.sun.identity.wss.security; 030 031import org.w3c.dom.Element; 032import java.util.HashMap; 033import java.util.Map; 034import java.util.Iterator; 035import java.util.ArrayList; 036import java.util.List; 037 038/** 039 * This class exposes the <code>SecurityMechanism</code>s used in the Web 040 * Services Security. 041 * @supported.all.api 042 */ 043public class SecurityMechanism { 044 045 // Initialize the security mechanism map 046 private static Map map = new HashMap(); 047 048 /** 049 * <code>URI</code> for the SAML Holder of Key security profile. 050 */ 051 public static final String WSS_NULL_SAML_HK_URI = 052 "urn:sun:wss:security:null:SAMLToken-HK"; 053 054 /** 055 * <code>URI</code> for the SAML Holder of Key security profile with 056 * <code>TLS</code> or <code>SSL</code> enabled. 057 */ 058 public static final String WSS_TLS_SAML_HK_URI = 059 "urn:sun:wss:security:TLS:SAMLToken-HK"; 060 061 /** 062 * <code>URI</code> for the SAML Holder of Key security profile with 063 * <code>TLS</code> or <code>SSL</code> and client auth enabled. 064 */ 065 public static final String WSS_CLIENT_TLS_SAML_HK_URI = 066 "urn:sun:wss:security:ClientTLS:SAMLToken-HK"; 067 068 /** 069 * <code>URI</code> for the SAML Sender vouches security profile. 070 */ 071 public static final String WSS_NULL_SAML_SV_URI = 072 "urn:sun:wss:security:null:SAMLToken-SV"; 073 074 /** 075 * <code>URI</code> for the SAML Sender vouches security profile with 076 * <code>TLS</code> or <code>SSL</code> enabled. 077 */ 078 public static final String WSS_TLS_SAML_SV_URI = 079 "urn:sun:wss:security:TLS:SAMLToken-SV"; 080 081 /** 082 * <code>URI</code> for the SAML Sender vouches security profile with 083 * <code>TLS</code> or <code>SSL</code> and client auth enabled. 084 */ 085 public static final String WSS_CLIENT_TLS_SAML_SV_URI = 086 "urn:sun:wss:security:ClientTLS:SAMLToken-SV"; 087 088 /** 089 * <code>URI</code> for the X509 token security profile. 090 */ 091 public static final String WSS_NULL_X509_TOKEN_URI = 092 "urn:sun:wss:security:null:X509Token"; 093 094 /** 095 * <code>URI</code> for the X509 security profile with 096 * <code>TLS</code> or <code>SSL</code> enabled. 097 */ 098 public static final String WSS_TLS_X509_TOKEN_URI = 099 "urn:sun:wss:security:TLS:X509Token"; 100 101 /** 102 * <code>URI</code> for the X509 token security profile with 103 * <code>TLS</code> or <code>SSL</code> and client auth enabled. 104 */ 105 public static final String WSS_CLIENT_TLS_X509_TOKEN_URI = 106 "urn:sun:wss:security:ClientTLS:X509Token"; 107 108 /** 109 * <code>URI</code> for the Username token security profile. 110 */ 111 public static final String WSS_NULL_USERNAME_TOKEN_URI = 112 "urn:sun:wss:security:null:UserNameToken"; 113 114 /** 115 * <code>URI</code> for the username token security profile with 116 * <code>TLS</code> or <code>SSL</code> enabled. 117 */ 118 public static final String WSS_TLS_USERNAME_TOKEN_URI = 119 "urn:sun:wss:security:TLS:UserNameToken"; 120 121 /** 122 * <code>URI</code> for the username token security profile with 123 * <code>TLS</code> or <code>SSL</code> and client auth enabled. 124 */ 125 public static final String WSS_CLIENT_TLS_USERNAME_TOKEN_URI = 126 "urn:sun:wss:security:ClientTLS:UserNameToken"; 127 128 /** 129 * <code>URI</code> for the Username token security profile. 130 */ 131 public static final String WSS_NULL_USERNAME_TOKEN_PLAIN_URI = 132 "urn:sun:wss:security:null:UserNameToken-Plain"; 133 134 /** 135 * <code>URI</code> for the username token security profile with 136 * <code>TLS</code> or <code>SSL</code> enabled. 137 */ 138 public static final String WSS_TLS_USERNAME_TOKEN_PLAIN_URI = 139 "urn:sun:wss:security:TLS:UserNameToken-Plain"; 140 141 /** 142 * <code>URI</code> for the username token security profile with 143 * <code>TLS</code> or <code>SSL</code> and client auth enabled. 144 */ 145 public static final String WSS_CLIENT_TLS_USERNAME_TOKEN_PLAIN_URI = 146 "urn:sun:wss:security:ClientTLS:UserNameToken-Plain"; 147 148 /** 149 * <code>URI</code> for all the liberty security profiles. 150 * This <code>URI</code> is mainly for the webservices clients where 151 * the real security mechanims are found from the liberty discovery service. 152 */ 153 public static final String LIBERTY_DS_SECURITY_URI = 154 "urn:sun:liberty:discovery:security"; 155 156 /** 157 * This <code>URI</code> is mainly for the webservices clients need to 158 * find the security token from the security token service. 159 */ 160 public static final String STS_SECURITY_URI = "urn:sun:wss:sts:security"; 161 162 /** 163 * <code>URI</code> for the liberty X509 token security profile. 164 */ 165 public static final String LIB_NULL_X509_TOKEN_URI = 166 "urn:liberty:security:2005-02:null:X509"; 167 168 /** 169 * <code>URI</code> for the liberty SAML Bearer token security profile. 170 */ 171 public static final String LIB_NULL_SAML_BEARER_TOKEN_URI = 172 "urn:liberty:security:2005-02:null:Bearer"; 173 174 /** 175 * <code>URI</code> for the liberty SAML token security profile. 176 */ 177 public static final String LIB_NULL_SAML_TOKEN_URI = 178 "urn:liberty:security:2005-02:null:SAML"; 179 180 /** 181 * <code>URI</code> for the liberty X509 token security profile with TLS. 182 */ 183 public static final String LIB_TLS_X509_TOKEN_URI = 184 "urn:liberty:security:2005-02:TLS:X509"; 185 186 /** 187 * <code>URI</code> for the liberty SAML Bearer token security profile with 188 * SSL enabled. 189 */ 190 public static final String LIB_TLS_SAML_BEARER_TOKEN_URI = 191 "urn:liberty:security:2005-02:TLS:Bearer"; 192 193 /** 194 * <code>URI</code> for the liberty SAML token security profile with SSL. 195 */ 196 public static final String LIB_TLS_SAML_TOKEN_URI = 197 "urn:liberty:security:2005-02:TLS:SAML"; 198 199 /** 200 * <code>URI</code> for the liberty X509 token security profile with TLS 201 * and client auth enabled. 202 */ 203 public static final String LIB_CLIENT_TLS_X509_TOKEN_URI = 204 "urn:liberty:security:2005-02:ClientTLS:X509"; 205 206 /** 207 * <code>URI</code> for the liberty SAML Bearer token security profile with 208 * SSL and client auth enabled. 209 */ 210 public static final String LIB_CLIENT_TLS_SAML_BEARER_TOKEN_URI = 211 "urn:liberty:security:2005-02:ClientTLS:Bearer"; 212 213 /** 214 * <code>URI</code> for the liberty SAML token security profile with SSL 215 * and client auth enabled. 216 */ 217 public static final String LIB_CLIENT_TLS_SAML_TOKEN_URI = 218 "urn:liberty:security:2005-02:ClientTLS:SAML"; 219 220 /** 221 * <code>URI</code> for the SAML2 Holder of Key security profile. 222 */ 223 public static final String WSS_NULL_SAML2_HK_URI = 224 "urn:sun:wss:security:null:SAML2Token-HK"; 225 226 /** 227 * <code>URI</code> for the SAML2 Holder of Key security profile with 228 * <code>TLS</code> or <code>SSL</code> enabled. 229 */ 230 public static final String WSS_TLS_SAML2_HK_URI = 231 "urn:sun:wss:security:TLS:SAML2Token-HK"; 232 233 /** 234 * <code>URI</code> for the SAML2 Holder of Key security profile with 235 * <code>TLS</code> or <code>SSL</code> and client auth enabled. 236 */ 237 public static final String WSS_CLIENT_TLS_SAML2_HK_URI = 238 "urn:sun:wss:security:ClientTLS:SAML2Token-HK"; 239 240 /** 241 * <code>URI</code> for the SAML2 Sender Vouches security profile. 242 */ 243 public static final String WSS_NULL_SAML2_SV_URI = 244 "urn:sun:wss:security:null:SAML2Token-SV"; 245 246 /** 247 * <code>URI</code> for the SAML2 Sender Vouches security profile with 248 * <code>TLS</code> or <code>SSL</code> enabled. 249 */ 250 public static final String WSS_TLS_SAML2_SV_URI = 251 "urn:sun:wss:security:TLS:SAML2Token-SV"; 252 253 /** 254 * <code>URI</code> for the SAML2 Sender Vouches security profile with 255 * <code>TLS</code> or <code>SSL</code> and client auth enabled. 256 */ 257 public static final String WSS_CLIENT_TLS_SAML2_SV_URI = 258 "urn:sun:wss:security:ClientTLS:SAML2Token-SV"; 259 260 /** 261 * <code>URI</code> for the anonymous security profile. 262 */ 263 public static final String WSS_NULL_ANONYMOUS_URI = 264 "urn:sun:wss:security:null:Anonymous"; 265 266 /** 267 * <code>URI</code> for the anonymous security profile with 268 * <code>TLS</code> or <code>SSL</code> enabled. 269 */ 270 public static final String WSS_TLS_ANONYMOUS_URI = 271 "urn:sun:wss:security:TLS:Anonymous"; 272 273 /** 274 * <code>URI</code> for the anonymous security profile with 275 * <code>TLS</code> or <code>SSL</code> and client auth enabled. 276 */ 277 public static final String WSS_CLIENT_TLS_ANONYMOUS_URI = 278 "urn:sun:wss:security:ClientTLS:Anonymous"; 279 280 /** 281 * <code>URI</code> for the Kerberos token security profile. 282 */ 283 public static final String WSS_NULL_KERBEROS_TOKEN_URI = 284 "urn:sun:wss:security:null:KerberosToken"; 285 286 /** 287 * <code>URI</code> for the Kerberos security profile with 288 * <code>TLS</code> or <code>SSL</code> enabled. 289 */ 290 public static final String WSS_TLS_KERBEROS_TOKEN_URI = 291 "urn:sun:wss:security:TLS:KerberosToken"; 292 293 /** 294 * <code>URI</code> for the Kerberos token security profile with 295 * <code>TLS</code> or <code>SSL</code> and client auth enabled. 296 */ 297 public static final String WSS_CLIENT_TLS_KERBEROS_TOKEN_URI = 298 "urn:sun:wss:security:ClientTLS:KerberosToken"; 299 300 301 static { 302 map.put("Anonymous", WSS_NULL_ANONYMOUS_URI); 303 map.put("TLS-Anonymous", WSS_TLS_ANONYMOUS_URI); 304 map.put("ClientTLS-Anonymous", WSS_CLIENT_TLS_ANONYMOUS_URI); 305 map.put("ClientTLS-SAML-HolderOfKey", WSS_CLIENT_TLS_SAML_HK_URI); 306 map.put("TLS-SAML-HolderOfKey", WSS_TLS_SAML_HK_URI); 307 map.put("SAML-HolderOfKey", WSS_NULL_SAML_HK_URI); 308 map.put("ClientTLS-SAML-SenderVouches", WSS_CLIENT_TLS_SAML_SV_URI); 309 map.put("TLS-SAML-SenderVouches", WSS_TLS_SAML_SV_URI); 310 map.put("SAML-SenderVouches", WSS_NULL_SAML_SV_URI); 311 map.put("X509Token", WSS_NULL_X509_TOKEN_URI); 312 map.put("TLS-X509Token", WSS_TLS_X509_TOKEN_URI); 313 map.put("ClientTLS-X509Token", WSS_CLIENT_TLS_X509_TOKEN_URI); 314 map.put("UserNameToken", WSS_NULL_USERNAME_TOKEN_URI); 315 map.put("TLS-UserNameToken", WSS_TLS_USERNAME_TOKEN_URI); 316 map.put("ClientTLS-UserNameToken", WSS_CLIENT_TLS_USERNAME_TOKEN_URI); 317 map.put("UserNameToken-Plain", WSS_NULL_USERNAME_TOKEN_PLAIN_URI); 318 map.put("TLS-UserNameToken-Plain", WSS_TLS_USERNAME_TOKEN_PLAIN_URI); 319 map.put("ClientTLS-UserNameToken-Plain", WSS_CLIENT_TLS_USERNAME_TOKEN_PLAIN_URI); 320 map.put("LibertyDiscoverySecurity", LIBERTY_DS_SECURITY_URI); 321 map.put("LibertyX509Token", LIB_NULL_X509_TOKEN_URI); 322 map.put("LibertyBearerToken", LIB_NULL_SAML_BEARER_TOKEN_URI); 323 map.put("LibertySAMLToken", LIB_NULL_SAML_TOKEN_URI); 324 map.put("TLS-LibertyX509Token", LIB_TLS_X509_TOKEN_URI); 325 map.put("TLS-LibertyBearerToken", LIB_TLS_SAML_BEARER_TOKEN_URI); 326 map.put("TLS-LibertySAMLToken", LIB_TLS_SAML_TOKEN_URI); 327 map.put("ClientTLS-LibertyX509Token", LIB_CLIENT_TLS_X509_TOKEN_URI); 328 map.put("ClientTLS-LibertyBearerToken", 329 LIB_CLIENT_TLS_SAML_BEARER_TOKEN_URI); 330 map.put("ClientTLS-LibertySAMLToken", LIB_CLIENT_TLS_SAML_TOKEN_URI); 331 map.put("SAML2-HolderOfKey", WSS_NULL_SAML2_HK_URI); 332 map.put("TLS-SAML2-HolderOfKey", WSS_TLS_SAML2_HK_URI); 333 map.put("ClientTLS-SAML2-HolderOfKey", WSS_CLIENT_TLS_SAML2_HK_URI); 334 map.put("SAML2-SenderVouches", WSS_NULL_SAML2_SV_URI); 335 map.put("TLS-SAML2-SenderVouches", WSS_TLS_SAML2_SV_URI); 336 map.put("ClientTLS-SAML2-SenderVouches", WSS_CLIENT_TLS_SAML2_SV_URI); 337 map.put("STSSecurity", STS_SECURITY_URI); 338 map.put("KerberosToken", WSS_NULL_KERBEROS_TOKEN_URI); 339 map.put("TLS-KerberosToken", WSS_TLS_KERBEROS_TOKEN_URI); 340 map.put("ClientTLS-KerberosToken", WSS_CLIENT_TLS_KERBEROS_TOKEN_URI); 341 } 342 343 // The following defines Security mechanism objects. 344 345 /** 346 * Defines the security mechanism for the saml token holder of key 347 * with SSL and client auth enabled. 348 */ 349 public static final SecurityMechanism WSS_CLIENT_TLS_SAML_HK = 350 new SecurityMechanism("ClientTLS-SAML-HolderOfKey"); 351 352 /** 353 * Defines the security mechanism for the saml token holder of key 354 * with SSL enabled. 355 */ 356 public static final SecurityMechanism WSS_TLS_SAML_HK = 357 new SecurityMechanism("TLS-SAML-HolderOfKey"); 358 359 /** 360 * Defines the security mechanism for the saml token holder of key. 361 */ 362 public static final SecurityMechanism WSS_NULL_SAML_HK = 363 new SecurityMechanism("SAML-HolderOfKey"); 364 365 /** 366 * Defines the security mechanism for the saml token sender vouches 367 * with SSL and client auth enabled. 368 */ 369 public static final SecurityMechanism WSS_CLIENT_TLS_SAML_SV = 370 new SecurityMechanism("ClientTLS-SAML-SenderVouches"); 371 372 /** 373 * Defines the security mechanism for the saml token sender vouches 374 * with SSL enabled. 375 */ 376 public static final SecurityMechanism WSS_TLS_SAML_SV = 377 new SecurityMechanism("TLS-SAML-SenderVouches"); 378 379 /** 380 * Defines the security mechanism for the saml token sender vouches. 381 */ 382 public static final SecurityMechanism WSS_NULL_SAML_SV = 383 new SecurityMechanism("SAML-SenderVouches"); 384 385 /** 386 * Defines the security mechanism for the X509 token profile. 387 */ 388 public static final SecurityMechanism WSS_NULL_X509_TOKEN = 389 new SecurityMechanism("X509Token"); 390 391 /** 392 * Defines the security mechanism for the X509 token profile with 393 * SSL enabled. 394 */ 395 public static final SecurityMechanism WSS_TLS_X509_TOKEN = 396 new SecurityMechanism("TLS-X509Token"); 397 398 /** 399 * Defines the security mechanism for the X509 token profile with 400 * SSL and client auth enabled. 401 */ 402 public static final SecurityMechanism WSS_CLIENT_TLS_X509_TOKEN = 403 new SecurityMechanism("ClientTLS-X509Token"); 404 405 /** 406 * Defines the security mechanism for the Username token profile. 407 */ 408 public static final SecurityMechanism WSS_NULL_USERNAME_TOKEN = 409 new SecurityMechanism("UserNameToken"); 410 411 /** 412 * Defines the security mechanism for the Username token profile 413 * with SSL enabled. 414 */ 415 public static final SecurityMechanism WSS_TLS_USERNAME_TOKEN = 416 new SecurityMechanism("TLS-UserNameToken"); 417 418 /** 419 * Defines the security mechanism for the Username token profile 420 * with SSL and client auth enabled. 421 */ 422 public static final SecurityMechanism WSS_CLIENT_TLS_USERNAME_TOKEN = 423 new SecurityMechanism("ClientTLS-UserNameToken"); 424 425 /** 426 * Defines the security mechanism for the Username token profile. 427 */ 428 public static final SecurityMechanism WSS_NULL_USERNAME_TOKEN_PLAIN = 429 new SecurityMechanism("UserNameToken-Plain"); 430 431 /** 432 * Defines the security mechanism for the Username token profile 433 * with SSL enabled. 434 */ 435 public static final SecurityMechanism WSS_TLS_USERNAME_TOKEN_PLAIN = 436 new SecurityMechanism("TLS-UserNameToken-Plain"); 437 438 /** 439 * Defines the security mechanism for the Username token profile 440 * with SSL and client auth enabled. 441 */ 442 public static final SecurityMechanism WSS_CLIENT_TLS_USERNAME_TOKEN_PLAIN = 443 new SecurityMechanism("ClientTLS-UserNameToken-Plain"); 444 445 /** 446 * Defines the security mechanism for the Liberty token profiles. 447 */ 448 public static final SecurityMechanism LIBERTY_DS_SECURITY = 449 new SecurityMechanism("LibertyDiscoverySecurity", true); 450 451 /** 452 * Defines the security mechanism for the security token service profiles. 453 */ 454 public static final SecurityMechanism STS_SECURITY = 455 new SecurityMechanism("STSSecurity", true); 456 /** 457 * Defines the security mechanism for the Liberty x509 token profile. 458 */ 459 public static final SecurityMechanism LIB_NULL_X509_TOKEN = 460 new SecurityMechanism("LibertyX509Token", true); 461 462 /** 463 * Defines the security mechanism for the Liberty bearer token profile. 464 */ 465 public static final SecurityMechanism LIB_NULL_SAML_BEARER_TOKEN = 466 new SecurityMechanism("LibertyBearerToken", true); 467 468 /** 469 * Defines the security mechanism for the Liberty SAML token profile. 470 */ 471 public static final SecurityMechanism LIB_NULL_SAML_TOKEN = 472 new SecurityMechanism("LibertySAMLToken", true); 473 474 /** 475 * Defines the security mechanism for the Liberty x509 token profile 476 * with SSL enabled. 477 */ 478 public static final SecurityMechanism LIB_TLS_X509_TOKEN = 479 new SecurityMechanism("TLS-LibertyX509Token", true); 480 481 /** 482 * Defines the security mechanism for the Liberty bearer token profile 483 * with SSL enabled. 484 */ 485 public static final SecurityMechanism LIB_TLS_SAML_BEARER_TOKEN = 486 new SecurityMechanism("TLS-LibertyBearerToken", true); 487 488 /** 489 * Defines the security mechanism for the Liberty SAML token profile 490 * with SSL enabled. 491 */ 492 public static final SecurityMechanism LIB_TLS_SAML_TOKEN = 493 new SecurityMechanism("TLS-LibertySAMLToken", true); 494 495 /** 496 * Defines the security mechanism for the Liberty x509 token profile 497 * with SSL and client auth enabled. 498 */ 499 public static final SecurityMechanism LIB_CLIENT_TLS_X509_TOKEN = 500 new SecurityMechanism("ClientTLS-LibertyX509Token", true); 501 502 /** 503 * Defines the security mechanism for the Liberty bearer token profile 504 * with SSL and client auth enabled. 505 */ 506 public static final SecurityMechanism LIB_CLIENT_TLS_SAML_BEARER_TOKEN = 507 new SecurityMechanism("ClientTLS-LibertyBearerToken", true); 508 509 /** 510 * Defines the security mechanism for the Liberty SAML token profile 511 * with SSL and client auth enabled. 512 */ 513 public static final SecurityMechanism LIB_CLIENT_TLS_SAML_TOKEN = 514 new SecurityMechanism("ClientTLS-LibertySAMLToken", true); 515 516 /** 517 * Defines the security mechanism for the saml2 token holder of key 518 * with SSL and client auth enabled. 519 */ 520 public static final SecurityMechanism WSS_CLIENT_TLS_SAML2_HK = 521 new SecurityMechanism("ClientTLS-SAML2-HolderOfKey"); 522 523 /** 524 * Defines the security mechanism for the saml2 token holder of key 525 * with SSL enabled. 526 */ 527 public static final SecurityMechanism WSS_TLS_SAML2_HK = 528 new SecurityMechanism("TLS-SAML2-HolderOfKey"); 529 530 /** 531 * Defines the security mechanism for the saml2 token holder of key. 532 */ 533 public static final SecurityMechanism WSS_NULL_SAML2_HK = 534 new SecurityMechanism("SAML2-HolderOfKey"); 535 536 /** 537 * Defines the security mechanism for the saml2 token sender vouches 538 * with SSL and client auth enabled. 539 */ 540 public static final SecurityMechanism WSS_CLIENT_TLS_SAML2_SV = 541 new SecurityMechanism("ClientTLS-SAML2-SenderVouches"); 542 543 /** 544 * Defines the security mechanism for the saml2 token sender vouches 545 * with SSL enabled. 546 */ 547 public static final SecurityMechanism WSS_TLS_SAML2_SV = 548 new SecurityMechanism("TLS-SAML2-SenderVouches"); 549 550 /** 551 * Defines the security mechanism for the saml2 token sender vouches. 552 */ 553 public static final SecurityMechanism WSS_NULL_SAML2_SV = 554 new SecurityMechanism("SAML2-SenderVouches"); 555 556 /** 557 * Defines the security mechanism for the anonymous token 558 * with SSL and client auth enabled. 559 */ 560 public static final SecurityMechanism WSS_CLIENT_TLS_ANONYMOUS = 561 new SecurityMechanism("ClientTLS-Anonymous"); 562 563 /** 564 * Defines the security mechanism for the anonymous token 565 * with SSL. 566 */ 567 public static final SecurityMechanism WSS_TLS_ANONYMOUS = 568 new SecurityMechanism("TLS-Anonymous"); 569 570 /** 571 * Defines the security mechanism for the anonymous token. 572 */ 573 public static final SecurityMechanism WSS_NULL_ANONYMOUS = 574 new SecurityMechanism("Anonymous"); 575 /** 576 * Defines the security mechanism for the Kerberos token profile. 577 */ 578 public static final SecurityMechanism WSS_NULL_KERBEROS_TOKEN = 579 new SecurityMechanism("KerberosToken"); 580 581 /** 582 * Defines the security mechanism for the Kerberos token profile with 583 * SSL enabled. 584 */ 585 public static final SecurityMechanism WSS_TLS_KERBEROS_TOKEN = 586 new SecurityMechanism("TLS-KerberosToken"); 587 588 /** 589 * Defines the security mechanism for the Kerberos token profile with 590 * SSL and client auth enabled. 591 */ 592 public static final SecurityMechanism WSS_CLIENT_TLS_KERBEROS_TOKEN = 593 new SecurityMechanism("ClientTLS-KerberosToken"); 594 595 596 private String sechMech = null; 597 private String uri = null; 598 private boolean lookupEnabled = false; 599 private boolean registerEnabled = false; 600 601 /** 602 * Constructs <code>SecurityMechanism</code>. 603 * 604 * @param name the security mechanism name. 605 * 606 */ 607 public SecurityMechanism(String name) { 608 this.sechMech = name; 609 this.uri = (String)map.get(sechMech); 610 } 611 612 /** 613 * Constructs <code>SecurityMechanism</code>. 614 * @param name the name of the security mechanism. 615 * @param useTA the boolean variable to let enable for the 616 * trust authority look up or registration. 617 */ 618 public SecurityMechanism(String name, boolean useTA) { 619 this.sechMech = name; 620 this.uri = (String)map.get(sechMech); 621 this.lookupEnabled = useTA; 622 this.registerEnabled = useTA; 623 } 624 625 /** 626 * Returns the security mechanism name. 627 * 628 * @return the name of the security mechanism. 629 */ 630 public String getName() { 631 return sechMech; 632 } 633 634 /** 635 * Returns the <code>URI</code> of the security mechanism. 636 * 637 * @return the name of the security mechanism. 638 */ 639 public String getURI() { 640 return uri; 641 } 642 643 /** 644 * Checks if the Trust Authrotiy registration is required 645 * for this security mechanism. 646 * 647 * @return true if the trust authority registration is required. 648 */ 649 public boolean isTARegistrationRequired() { 650 return registerEnabled; 651 } 652 653 /** 654 * Checks if the Trust Authority lookup is required for this 655 * security mechanism. 656 * 657 * @return true if the trust authority lookup is required. 658 */ 659 public boolean isTALookupRequired() { 660 return lookupEnabled; 661 } 662 663 /** 664 * Returns the security mechanism for the corresponding 665 * security mechanism <code>URI</code>. 666 * 667 * @return the security mechanism object. 668 */ 669 public static SecurityMechanism getSecurityMechanism(String uri) { 670 if(uri == null) { 671 return null; 672 } 673 Iterator entries = map.entrySet().iterator(); 674 while(entries.hasNext()) { 675 Map.Entry entry = (Map.Entry)entries.next(); 676 String key = (String)entry.getKey(); 677 String value = (String)entry.getValue(); 678 if(value.equals(uri)) { 679 if(uri.equals(LIBERTY_DS_SECURITY_URI) || 680 uri.equals(LIB_NULL_X509_TOKEN_URI) || 681 uri.equals(LIB_TLS_X509_TOKEN_URI) || 682 uri.equals(LIB_CLIENT_TLS_X509_TOKEN_URI) || 683 uri.equals(LIB_NULL_SAML_TOKEN_URI) || 684 uri.equals(LIB_TLS_SAML_TOKEN_URI) || 685 uri.equals(LIB_CLIENT_TLS_SAML_TOKEN_URI) || 686 uri.equals(LIB_NULL_SAML_BEARER_TOKEN_URI) || 687 uri.equals(LIB_TLS_SAML_BEARER_TOKEN_URI) || 688 uri.equals(LIB_CLIENT_TLS_SAML_BEARER_TOKEN_URI) || 689 uri.equals(STS_SECURITY_URI)) { 690 return new SecurityMechanism(key, true); 691 } else { 692 return new SecurityMechanism(key); 693 } 694 } 695 } 696 return null; 697 } 698 699 /** 700 * Returns the list of liberty security mechanism URIs. 701 * @return the list of liberty security mechanism URIs. 702 */ 703 public static List getLibertySecurityMechanismURIs() { 704 List list = new ArrayList(); 705 list.add(LIB_NULL_X509_TOKEN_URI); 706 list.add(LIB_TLS_X509_TOKEN_URI); 707 list.add(LIB_CLIENT_TLS_X509_TOKEN_URI); 708 list.add(LIB_NULL_SAML_BEARER_TOKEN_URI); 709 list.add(LIB_TLS_SAML_BEARER_TOKEN_URI); 710 list.add(LIB_CLIENT_TLS_SAML_BEARER_TOKEN_URI); 711 list.add(LIB_NULL_SAML_TOKEN_URI); 712 list.add(LIB_TLS_SAML_TOKEN_URI); 713 list.add(LIB_CLIENT_TLS_SAML_TOKEN_URI); 714 return list; 715 } 716 717 /** 718 * Returns all the list of <code>SecurityMechanism</code>s supported 719 * by the Web Services Client. 720 * @return the list of <code>SecurityMechanism<code>s supported 721 * by the Web Services Client. 722 */ 723 public static List getAllWSCSecurityMechanisms() { 724 List list = new ArrayList(); 725 list.add(WSS_NULL_ANONYMOUS); 726 list.add(WSS_NULL_SAML_SV); 727 list.add(WSS_NULL_SAML_HK); 728 list.add(WSS_NULL_X509_TOKEN); 729 list.add(WSS_NULL_KERBEROS_TOKEN); 730 list.add(WSS_NULL_USERNAME_TOKEN); 731 list.add(WSS_NULL_USERNAME_TOKEN_PLAIN); 732 list.add(WSS_NULL_SAML2_SV); 733 list.add(WSS_NULL_SAML2_HK); 734 list.add(LIBERTY_DS_SECURITY); 735 list.add(STS_SECURITY); 736 return list; 737 } 738 739 /** 740 * Returns all the list of <code>SecurityMechanism<code>s supported 741 * by the Web Services Provider. 742 * @return the list of <code>SecurityMechanism</code>s supported 743 * by the Web Services Provider. 744 */ 745 public static List getAllWSPSecurityMechanisms() { 746 List list = new ArrayList(); 747 list.add(WSS_NULL_ANONYMOUS); 748 list.add(WSS_NULL_SAML_SV); 749 list.add(WSS_NULL_SAML_HK); 750 list.add(WSS_NULL_X509_TOKEN); 751 list.add(WSS_NULL_KERBEROS_TOKEN); 752 list.add(WSS_NULL_USERNAME_TOKEN); 753 list.add(WSS_NULL_USERNAME_TOKEN_PLAIN); 754 list.add(WSS_NULL_SAML2_SV); 755 list.add(WSS_NULL_SAML2_HK); 756 list.add(LIB_NULL_X509_TOKEN); 757 list.add(LIB_NULL_SAML_BEARER_TOKEN); 758 list.add(LIB_NULL_SAML_TOKEN); 759 return list; 760 } 761 762}