|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
public interface CredentialVaultService
Portlet Service for legacy portlets to access the WebSphere Portal Credential Vault. The portlet service offers the following functionality:
Available Secret Types in the Credential Vault are definied as
constants in this interface. Please note that not all types have to be
available in the defined Vault Segments, depending on the utilized Vault
Adapter implementation. Supported types per segment can be retrieved through
VaultSegmentConfig#getSupportedSecretTypes()
.
Available Credential Types in the Credential Vault are defined
externally in a credential type registry configuration file and can be
retrieved through the method
getCredentialTypes()
that returns their
respective type string. Default credential type strings are defined as
constants in the interface CredentialTypes
.
Field Summary | |
---|---|
static java.lang.String |
PREDEFINED_SLOT_USER_JAAS_SUBJECT
Deprecated. This is the name of a predefined slot to store the transient JAAS credential. |
static int |
SECRET_TYPE_BYTEARRAY
Deprecated. The user's secret is in binary form. |
static int |
SECRET_TYPE_JAAS_SUBJECT
Deprecated. The user's secret is a JAAS Subject. |
static int |
SECRET_TYPE_JAVA_OBJECT
Deprecated. The user's secret is a java object. |
static int |
SECRET_TYPE_NO_SECRET_DATA
Deprecated. Type for credential objects that do not contain a secret. |
static int |
SECRET_TYPE_UNDEFINED
Deprecated. Used only for the super class CredentialSecret of the secret classes as secret type. |
static int |
SECRET_TYPE_USERID_STRING_PASSWORD_STRING
Deprecated. The user's secret is a userid/password pair. |
Method Summary | |
---|---|
CredentialSlotConfig |
createSlot(java.lang.String resourceName,
ObjectID segmentId,
java.util.Map descriptions,
java.util.Map keywords,
int secretType,
boolean active,
boolean portletPrivate,
org.apache.jetspeed.portlet.PortletRequest portletRequest)
Deprecated. Creates a new credential slot in the given vault segment. |
void |
deleteSlot(java.lang.String slotName)
Deprecated. Deletes an existing credential slot. |
java.util.Iterator |
getAccessibleSlots(org.apache.jetspeed.portlet.PortletRequest request)
Deprecated. Returns an iterator of all credential slots that a portlet is authorized to use |
java.util.List |
getAllVaultSegments()
Deprecated. Returns a List of all available Vault Segments. |
Credential |
getCredential(java.lang.String slotId,
java.lang.String type,
java.util.Map config,
org.apache.jetspeed.portlet.PortletRequest request)
Deprecated. Returns a specific credential from a specific slot. |
java.util.Iterator |
getCredentialTypes()
Deprecated. Returns an Iterator over all available credential types that are registered in the credential type registry. |
ObjectID |
getDefaultUserVaultSegmentPortalId()
Deprecated. Returns the ObjectID of the default user managed vault segment. |
Credential |
getLTPATokenCredential(java.lang.String slotId,
java.util.Map config,
org.apache.jetspeed.portlet.PortletRequest request)
Deprecated. Returns a LTPA Token credential. |
java.lang.String |
getSlotDescription(java.lang.String slotId,
java.util.Locale locale)
Deprecated. Returns a credential slot's description for the specified locale. |
javax.security.auth.Subject |
getUserSubject(org.apache.jetspeed.portlet.PortletRequest request)
Deprecated. Returns the user's JAAS Subject. |
void |
setCredentialSecretBinary(java.lang.String slotId,
byte[] secret,
org.apache.jetspeed.portlet.PortletRequest portletRequest)
Deprecated. Sets a credential's binary secret on a given slot. |
void |
setCredentialSecretUserPassword(java.lang.String slotId,
java.lang.String userId,
char[] password,
org.apache.jetspeed.portlet.PortletRequest portletRequest)
Deprecated. Sets a credential's user/password secret on a given slot. |
Field Detail |
---|
static final int SECRET_TYPE_UNDEFINED
static final int SECRET_TYPE_USERID_STRING_PASSWORD_STRING
static final int SECRET_TYPE_BYTEARRAY
static final int SECRET_TYPE_JAVA_OBJECT
static final int SECRET_TYPE_NO_SECRET_DATA
static final int SECRET_TYPE_JAAS_SUBJECT
static final java.lang.String PREDEFINED_SLOT_USER_JAAS_SUBJECT
Method Detail |
---|
java.util.Iterator getCredentialTypes()
CredentialTypes
dependent on the actual portal configuration.
String
objects representing all
credential types that are registered in the credential type
registryjava.lang.String getSlotDescription(java.lang.String slotId, java.util.Locale locale) throws org.apache.jetspeed.portlet.service.PortletServiceException
slotId
- The credential (slot) id.locale
- The description locale. If set to null
, the
default locale will be used.
org.apache.jetspeed.portlet.service.PortletServiceException
- if the description could not been
retrieved.java.util.Iterator getAccessibleSlots(org.apache.jetspeed.portlet.PortletRequest request) throws org.apache.jetspeed.portlet.service.PortletServiceException
request
- The portlet request is needed by the CredentialVault
service in order to determine information about the portlet.
CredentialSlotConfig
objects
representing all credential slots that a portlet is authorized to
use
org.apache.jetspeed.portlet.service.PortletServiceException
- if the list of slots could not been
retrieved.void setCredentialSecretBinary(java.lang.String slotId, byte[] secret, org.apache.jetspeed.portlet.PortletRequest portletRequest) throws org.apache.jetspeed.portlet.service.PortletServiceException
slotId
- The credential (slot) id.secret
- The credential secret data in binary form.portletRequest
- The portlet request is used to determine parameters
like the portlet id and user id.
org.apache.jetspeed.portlet.service.PortletServiceException
- if the credential secret is not of the
type binary or if the secret could not be set.void setCredentialSecretUserPassword(java.lang.String slotId, java.lang.String userId, char[] password, org.apache.jetspeed.portlet.PortletRequest portletRequest) throws org.apache.jetspeed.portlet.service.PortletServiceException
slotId
- The credential (slot) id.userId
- The credential's userId.password
- The credential's password.portletRequest
- The portlet request is used to determine parameters
like the portlet id and user id.
org.apache.jetspeed.portlet.service.PortletServiceException
- if the credential secret is not of the
type user/password or if the secret could not be set.CredentialSlotConfig createSlot(java.lang.String resourceName, ObjectID segmentId, java.util.Map descriptions, java.util.Map keywords, int secretType, boolean active, boolean portletPrivate, org.apache.jetspeed.portlet.PortletRequest portletRequest) throws org.apache.jetspeed.portlet.service.PortletServiceException
CredentialSlotConfig
object holds the Slot ID of the newly
generated slot. If one of the required parameters is null, an exception
is thrown.
resourceName
- Name of the resource. Must not be null.segmentId
- ObjectId of the segment that this slot is created in.
Must not be null. Must be the ObjectID of a user mapped segment.
As there is currently just one user mapped segment in the system,
this parameter must contain the result of the method
getDefaultUserVaultSegmentPortalId()
!descriptions
- The slot descriptions as a Map
, keyed
by their corresponding Locale
objects Key:
Locale
(max length 64 characters) Value:
String
(max length 255 characters) The given map
can be empty.keywords
- The slot keywords as a Map
, keyed by
their corresponding Locale
objects Key:
Locale
(max length 64 characters). Can be null.
Value: String
(max length 255 characters) The given
map can be empty.secretType
- The secrtet type identifier. Must not be null.active
- Flag whether this credential may only be returned in form
of an active credential object (true
) or both as
active and passive credential objects (false
)portletPrivate
- Flag whether the credential secret is portlet
secific (true
) or shared between all of a user's
portlets (false
).portletRequest
- The portlet request. Must not be null.
CredentialSlotConfig
object.
org.apache.jetspeed.portlet.service.PortletServiceException
void deleteSlot(java.lang.String slotName) throws org.apache.jetspeed.portlet.service.PortletServiceException
CredentialSlotConfig#getSlotId()
.
slotName
- The credential (slot) id.
org.apache.jetspeed.portlet.service.PortletServiceException
- Is thrown if the credential slot could
not be deleted or found.ObjectID getDefaultUserVaultSegmentPortalId() throws org.apache.jetspeed.portlet.service.PortletServiceException
null
, if no user managed vault segment is
configured in the system.
org.apache.jetspeed.portlet.service.PortletServiceException
- Is thrown if the user segment could
not be found.java.util.List getAllVaultSegments() throws org.apache.jetspeed.portlet.service.PortletServiceException
VaultSegmentConfig
objects representing
all vault segments.
org.apache.jetspeed.portlet.service.PortletServiceException
- Is thrown if the segments could not be
retrieved.Credential getCredential(java.lang.String slotId, java.lang.String type, java.util.Map config, org.apache.jetspeed.portlet.PortletRequest request) throws org.apache.jetspeed.portlet.service.PortletServiceException, CredentialSecretNotSetException
CredentialSlotConfig#getSlotId()
.
slotId
- The credential (slot) id.type
- The credential type as specified in the credential type
registry. Default credential type strings are defined as constants
in the interface CredentialTypes
.config
- The backend application specific configuration that is
needed to initialize this credential. This is one part of the
credential configuration. The credential vault service will
usually add further information to this config from other sources:
the user's secret from the actual credential store and the
credential instance specific parameters from the portal's
credential configuration. This parameter can be null.request
- The portlet request is used to determine information about
the portlet.
org.apache.jetspeed.portlet.service.PortletServiceException
- if the credential could not been
retrieved - either for technical or secuity reasons.
CredentialSecretNotSetException
- if the requested credential
secret is not set (by the user or admin).Credential getLTPATokenCredential(java.lang.String slotId, java.util.Map config, org.apache.jetspeed.portlet.PortletRequest request) throws org.apache.jetspeed.portlet.service.PortletServiceException, CredentialSecretNotSetException
slotId
- The credential (slot) id.config
- The backend application specific configuration that is
needed to initialize this credential. This is one part of the
credential configuration. The credential vault service adds
further information to this config from other sources:
the user's secret from the actual credential store, the
credential instance specific parameters from the portal's
credential configuration and the LTPA_TOKEN_TYPE configured in
the VaultService.properties file.request
- The portlet request is used to determine information about
the portlet.
com.ibm.wps.services.credentialvault.exceptions.VaultServiceException
- if the credential could not been
retrieved - either for technical or secuity reasons.
CredentialSecretNotSetException
- if the requested credential
secret is not set (by the user or admin).
org.apache.jetspeed.portlet.service.PortletServiceException
javax.security.auth.Subject getUserSubject(org.apache.jetspeed.portlet.PortletRequest request) throws org.apache.jetspeed.portlet.service.PortletServiceException
PortletServiceException
is thrown.
Note: The returned object is a transient credential.
request
- The portlet request is used to determine the user.
org.apache.jetspeed.portlet.service.PortletServiceException
- if the subject could not been
retrieved, e.g. because there is no logged in user.
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |