Package org.apache.cxf.sts.token.provider

Class DefaultConditionsProvider

    • Constructor Detail

      • DefaultConditionsProvider

        public DefaultConditionsProvider()

    • Method Detail

      • getFutureTimeToLive

        public long getFutureTimeToLive()
        Get how long (in seconds) a client-supplied Created Element is allowed to be in the future. The default is 60 seconds to avoid common problems relating to clock skew.

      • setFutureTimeToLive

        public void setFutureTimeToLive​(long futureTimeToLive)
        Set how long (in seconds) a client-supplied Created Element is allowed to be in the future. The default is 60 seconds to avoid common problems relating to clock skew.

      • setLifetime

        public void setLifetime​(long lifetime)
        Set the default lifetime in seconds for issued SAML tokens
        Parameters:
        lifetime - default lifetime in seconds

      • getLifetime

        public long getLifetime()
        Get the default lifetime in seconds for issued SAML token where requestor doesn't specify a lifetime element
        Specified by:
        getLifetime in interface ConditionsProvider
        Returns:
        the lifetime in seconds

      • setMaxLifetime

        public void setMaxLifetime​(long maxLifetime)
        Set the maximum lifetime in seconds for issued SAML tokens
        Parameters:
        maxLifetime - maximum lifetime in seconds

      • getMaxLifetime

        public long getMaxLifetime()
        Get the maximum lifetime in seconds for issued SAML token if requestor specifies lifetime element
        Returns:
        the maximum lifetime in seconds

      • isAcceptClientLifetime

        public boolean isAcceptClientLifetime()
        Is client lifetime element accepted Default: false

      • setAcceptClientLifetime

        public void setAcceptClientLifetime​(boolean acceptClientLifetime)
        Set whether client lifetime is accepted

      • isFailLifetimeExceedance

        public boolean isFailLifetimeExceedance()
        If requested lifetime exceeds shall it fail (default) or overwrite with maximum lifetime

      • setFailLifetimeExceedance

        public void setFailLifetimeExceedance​(boolean failLifetimeExceedance)
        If requested lifetime exceeds shall it fail (default) or overwrite with maximum lifetime

      • createAudienceRestrictions

        protected List<org.apache.wss4j.common.saml.bean.AudienceRestrictionBean> createAudienceRestrictions​(TokenProviderParameters providerParameters)
        Create a list of AudienceRestrictions to be added to the Conditions Element of the issued Assertion. The default behaviour is to add a single Audience URI per AudienceRestriction Element. The Audience URIs are from an AppliesTo address, and the wst:Participants (if either exist).

      • extractAddressFromParticipantsEPR

        protected String extractAddressFromParticipantsEPR​(Object participants)
        Extract an address from a Participants EPR DOM element