com.pingidentity.opentoken
Class AgentConfiguration

java.lang.Object
  extended by com.pingidentity.opentoken.AgentConfiguration

public class AgentConfiguration
extends Object

Represents the configuration state of an Agent instance. Provides methods for configuration file I/O.


Field Summary
static String AGENT_CONFIG_FILE_DEFALUT
          Default location on disk for the configuration file
static String COOKIE_DOMAIN_DEFAULT
          Default domain to use when writing a token as a cookie
static String COOKIE_PATH_DEFAULT
          Default path to use when writing a token as a cookie
static boolean DETECT_MALFORMED_ATTRIBUTES_DEFAULT
          Default flag to enable/disable Detect Malformed Attributes
static String ISO8601_FORMAT
          Date/time format to use for not-before, not-on-or-after, and renew-until
static int NOT_BEFORE_TOLERANCE_DEFAULT
          Default number of seconds in the future that validation of the not-before field will permit
static boolean OBFUSCATE_PASSWORD_DEFAULT
          Default flag indicating if the password should be obfuscated
static boolean REMOVE_TRAILING_BACKSLASH_DEFAULT
          Default flag to enable/disable Trailing Backslash Removal
static int RENEW_UNTIL_LIFETIME_DEFALUT
          Sets the span of time (in seconds) during which this token may be renewed
static boolean SECURE_COOKIE_DEFAULT
          Default flag indicating if cookie will be sent only via secure transport (HTTPS)
static boolean SESSION_COOKIE_DEFAULT
          Default flag indicating if cookie will expire at the end of the browser session or in getTokenLifetime() seconds
static int TOKEN_LIFETIME_DEFAULT
          Default number of seconds that token will be valid
static String TOKEN_NAME_DEFAULT
          Default name to use to identify the token (either as a query parameter or cookie)
static boolean USE_COOKIE_DEFAULT
          Default flag indicating if the token will be exchanged using a cookie
static boolean USE_SUN_JCE_DEFAULT
          Default flag indicating if the SunJCE provider should be used for Token encryption
static boolean USE_VERBOSE_TOKEN_EXCEPTION_MESSAGES_DEFAULT
          Default flag indicating if verbose error messages should be used in TokenException
static TimeZone UTC_TZ
          Timezone to use for not-before, not-on-or-after, and renew-until
 
Constructor Summary
AgentConfiguration()
          Constructs an AgentConfiguration instance using configuration file on CLASSPATH.
AgentConfiguration(boolean loadDefaultConfigurationFile)
          Constructs an AgentConfiguration instance using configuration file on CLASSPATH.
AgentConfiguration(InputStream configStream)
          Constructs an AgentConfiguration instance using configuration from the provided InputStream.
AgentConfiguration(String file)
          Constructs an AgentConfiguration instance using configuration file on CLASSPATH.
 
Method Summary
 AgentConfiguration copy()
          Creates a copy of the current AgentConfiguration instance.
 int getCipherSuite()
          Returns the number representing which cipher suite to be used for token encryption.
 String getCookieDomain()
          Returns the domain used when writing a token as a cookie.
 String getCookiePath()
          Returns the path used when writing a token as a cookie.
 int getNotBeforeTolerance()
          Returns the number of seconds in the future that validation of the not-before field will permit.
 String getPassword()
          Gets the password to use for token encryption; actual key is generated via PBKDF2.
 int getRenewUntilLifetime()
          Sets the span of time (in seconds) during which this token may be renewed.
 int getTokenLifetime()
          Returns the span of time (in seconds) during which generated tokens will be considered valid.
 String getTokenName()
          Returns the name used to identify the token (either as a query parameter or cookie).
 boolean isDetectMalformedAttributes()
          Indicates whether Detect Malformed Attributes or not.
 boolean isObfuscatePassword()
          Returns a flag indicating if the password should be obfuscated.
 boolean isRemoveTrailingBackslash()
          Indicates whether remove trailing backslash in attributes or not
 boolean isSecureCookie()
          Returns a flag indicating if cookie will only be sent via secure transport (HTTPS).
 boolean isSessionCookie()
          Returns a flag indicating if cookie will expire at the end of the browser session or in getTokenLifetime() seconds.
 boolean isUseCookie()
          Returns a flag indicating if the token will be exchanged using a cookie.
 boolean isUseSunJCE()
          Returns a flag indicating if the SunJCE provider should be used for token encryption, otherwise, use JVM default.
 boolean isUseVerboseErrorMessages()
          Indicates whether TokenException is to contain a verbose error message rather than generic.
 void loadConfiguration(InputStream is)
          Reads agent configuration from an InputStream that was previously generated by storeConfiguration or PingFederate.
 void setCipherSuite(int cipherSuite)
          Sets the number representing which cipher suite to be used for token encryption.
 void setCookieDomain(String cookieDomain)
          Sets the domain to be used when writing a token as a cookie.
 void setCookiePath(String cookiePath)
          Sets the path to be used when writing a token as a cookie.
 void setDetectMalformedAttributes(boolean detectMalformedAttributes)
          Sets the Detect Malformed Attribute value.
 void setNotBeforeTolerance(int notBeforeTolerance)
          Sets the number of seconds in the future that validation of the not-before field will permit.
 void setObfuscatePassword(boolean obfuscatePassword)
          Sets a flag indicating if the password should be obfuscated.
 void setObfuscatePasword(boolean obfuscatePassword)
          Deprecated.  
 void setPassword(String password)
          Sets the unobfuscated (clear) password that will be used.
 void setRemoveTrailingBackslash(boolean removeTrailingBackslash)
          Sets the Remove Trailing Backslash value.
 void setRenewUntilLifetime(int renewUntilLifetime)
          Returns the span of time during which generated tokens will be acceptable for renewal.
 void setSecureCookie(boolean secureCookie)
          Returns a flag indicating if cookie will only be sent via secure transport (HTTPS).
 void setSessionCookie(boolean sessionCookie)
          Sets a flag indicating if cookie will expire at the end of the browser session or in getTokenLifetime() seconds.
 void setTokenLifetime(int tokenLifetime)
          Sets the span of time during which generated tokens will be considered valid.
 void setTokenName(String tokenName)
          Sets the name to be used to identify the token (either as a query parameter or cookie).
 void setUseCookie(boolean useCookie)
          Sets a flag indicating if the token will be exchanged using a cookie (or, alternatively, a query parameter)
 void setUseSunJCE(boolean useSunJCE)
          Sets a flag indicating if the SunJCE provider should be used for Token encryption.
 void setUseVerboseErrorMessages(boolean useVerboseErrorMessages)
          Sets the indicator for verbose error messages in TokenException.
 void storeConfiguration(OutputStream os)
          Writes agent configuration to an OutputStream.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

USE_VERBOSE_TOKEN_EXCEPTION_MESSAGES_DEFAULT

public static final boolean USE_VERBOSE_TOKEN_EXCEPTION_MESSAGES_DEFAULT
Default flag indicating if verbose error messages should be used in TokenException

See Also:
Constant Field Values

DETECT_MALFORMED_ATTRIBUTES_DEFAULT

public static final boolean DETECT_MALFORMED_ATTRIBUTES_DEFAULT
Default flag to enable/disable Detect Malformed Attributes

See Also:
Constant Field Values

REMOVE_TRAILING_BACKSLASH_DEFAULT

public static final boolean REMOVE_TRAILING_BACKSLASH_DEFAULT
Default flag to enable/disable Trailing Backslash Removal

See Also:
Constant Field Values

TOKEN_LIFETIME_DEFAULT

public static final int TOKEN_LIFETIME_DEFAULT
Default number of seconds that token will be valid

See Also:
Constant Field Values

RENEW_UNTIL_LIFETIME_DEFALUT

public static final int RENEW_UNTIL_LIFETIME_DEFALUT
Sets the span of time (in seconds) during which this token may be renewed

See Also:
Constant Field Values

NOT_BEFORE_TOLERANCE_DEFAULT

public static final int NOT_BEFORE_TOLERANCE_DEFAULT
Default number of seconds in the future that validation of the not-before field will permit

See Also:
Constant Field Values

USE_SUN_JCE_DEFAULT

public static final boolean USE_SUN_JCE_DEFAULT
Default flag indicating if the SunJCE provider should be used for Token encryption

See Also:
Constant Field Values

OBFUSCATE_PASSWORD_DEFAULT

public static final boolean OBFUSCATE_PASSWORD_DEFAULT
Default flag indicating if the password should be obfuscated

See Also:
Constant Field Values

SESSION_COOKIE_DEFAULT

public static final boolean SESSION_COOKIE_DEFAULT
Default flag indicating if cookie will expire at the end of the browser session or in getTokenLifetime() seconds

See Also:
Constant Field Values

SECURE_COOKIE_DEFAULT

public static final boolean SECURE_COOKIE_DEFAULT
Default flag indicating if cookie will be sent only via secure transport (HTTPS)

See Also:
Constant Field Values

USE_COOKIE_DEFAULT

public static final boolean USE_COOKIE_DEFAULT
Default flag indicating if the token will be exchanged using a cookie

See Also:
Constant Field Values

COOKIE_PATH_DEFAULT

public static final String COOKIE_PATH_DEFAULT
Default path to use when writing a token as a cookie

See Also:
Constant Field Values

COOKIE_DOMAIN_DEFAULT

public static final String COOKIE_DOMAIN_DEFAULT
Default domain to use when writing a token as a cookie

See Also:
Constant Field Values

TOKEN_NAME_DEFAULT

public static final String TOKEN_NAME_DEFAULT
Default name to use to identify the token (either as a query parameter or cookie)

See Also:
Constant Field Values

AGENT_CONFIG_FILE_DEFALUT

public static final String AGENT_CONFIG_FILE_DEFALUT
Default location on disk for the configuration file

See Also:
Constant Field Values

ISO8601_FORMAT

public static final String ISO8601_FORMAT
Date/time format to use for not-before, not-on-or-after, and renew-until

See Also:
Constant Field Values

UTC_TZ

public static final TimeZone UTC_TZ
Timezone to use for not-before, not-on-or-after, and renew-until

Constructor Detail

AgentConfiguration

public AgentConfiguration(InputStream configStream)
                   throws IOException
Constructs an AgentConfiguration instance using configuration from the provided InputStream.

Parameters:
configStream - an InputStream containing agent configuration.
Throws:
IOException - when the configuration is invalid or the configStream generates an error

AgentConfiguration

public AgentConfiguration()
Constructs an AgentConfiguration instance using configuration file on CLASSPATH. Will look for file with name AGENT_CONFIG_FILE_DEFALUT. If the file is not found, an Agent will be constructed using default values.


AgentConfiguration

public AgentConfiguration(boolean loadDefaultConfigurationFile)
Constructs an AgentConfiguration instance using configuration file on CLASSPATH. Will look for file with name AGENT_CONFIG_FILE_DEFALUT if loadDefaultConfigurationFile is true.

Parameters:
loadDefaultConfigurationFile - flag indicating if default configuration file should be loaded

AgentConfiguration

public AgentConfiguration(String file)
                   throws IOException
Constructs an AgentConfiguration instance using configuration file on CLASSPATH. If the file is not found on CLASSPATH, will attempt to use provided filename as a fully qualified path to a file.

Parameters:
file - filename on CLASSPATH or fully qualified path to the file on disk
Throws:
IOException
Method Detail

isUseVerboseErrorMessages

public boolean isUseVerboseErrorMessages()
Indicates whether TokenException is to contain a verbose error message rather than generic.

See Also:
USE_VERBOSE_TOKEN_EXCEPTION_MESSAGES_DEFAULT

setUseVerboseErrorMessages

public void setUseVerboseErrorMessages(boolean useVerboseErrorMessages)
Sets the indicator for verbose error messages in TokenException.

See Also:
USE_VERBOSE_TOKEN_EXCEPTION_MESSAGES_DEFAULT

isRemoveTrailingBackslash

public boolean isRemoveTrailingBackslash()
Indicates whether remove trailing backslash in attributes or not

See Also:
REMOVE_TRAILING_BACKSLASH_DEFAULT

setRemoveTrailingBackslash

public void setRemoveTrailingBackslash(boolean removeTrailingBackslash)
Sets the Remove Trailing Backslash value.

See Also:
REMOVE_TRAILING_BACKSLASH_DEFAULT

isDetectMalformedAttributes

public boolean isDetectMalformedAttributes()
Indicates whether Detect Malformed Attributes or not.

See Also:
DETECT_MALFORMED_ATTRIBUTES_DEFAULT

setDetectMalformedAttributes

public void setDetectMalformedAttributes(boolean detectMalformedAttributes)
Sets the Detect Malformed Attribute value.

See Also:
DETECT_MALFORMED_ATTRIBUTES_DEFAULT

getTokenLifetime

public int getTokenLifetime()
Returns the span of time (in seconds) during which generated tokens will be considered valid.

See Also:
TOKEN_LIFETIME_DEFAULT

setTokenLifetime

public void setTokenLifetime(int tokenLifetime)
Sets the span of time during which generated tokens will be considered valid.

Parameters:
tokenLifetime - the timespan (in seconds)
See Also:
TOKEN_LIFETIME_DEFAULT

getRenewUntilLifetime

public int getRenewUntilLifetime()
Sets the span of time (in seconds) during which this token may be renewed.

See Also:
RENEW_UNTIL_LIFETIME_DEFALUT

setRenewUntilLifetime

public void setRenewUntilLifetime(int renewUntilLifetime)
Returns the span of time during which generated tokens will be acceptable for renewal.

Parameters:
renewUntilLifetime - the timespan (in seconds)
See Also:
RENEW_UNTIL_LIFETIME_DEFALUT

getNotBeforeTolerance

public int getNotBeforeTolerance()
Returns the number of seconds in the future that validation of the not-before field will permit.

See Also:
NOT_BEFORE_TOLERANCE_DEFAULT

setNotBeforeTolerance

public void setNotBeforeTolerance(int notBeforeTolerance)
Sets the number of seconds in the future that validation of the not-before field will permit.

Parameters:
notBeforeTolerance - number of seconds
See Also:
NOT_BEFORE_TOLERANCE_DEFAULT

getCipherSuite

public int getCipherSuite()
Returns the number representing which cipher suite to be used for token encryption.

See Also:
Token.CIPHER_SUITE_3DES168CBC, Token.CIPHER_SUITE_AES128CBC, Token.CIPHER_SUITE_AES256CBC, Token.CIPHER_SUITE_NULL

setCipherSuite

public void setCipherSuite(int cipherSuite)
Sets the number representing which cipher suite to be used for token encryption.

Parameters:
cipherSuite - the suite number
See Also:
Token.CIPHER_SUITE_3DES168CBC, Token.CIPHER_SUITE_AES128CBC, Token.CIPHER_SUITE_AES256CBC, Token.CIPHER_SUITE_NULL

isUseSunJCE

public boolean isUseSunJCE()
Returns a flag indicating if the SunJCE provider should be used for token encryption, otherwise, use JVM default.

See Also:
java.security.Provider, JavaTM Cryptography Extension (JCE), USE_SUN_JCE_DEFAULT

setUseSunJCE

public void setUseSunJCE(boolean useSunJCE)
Sets a flag indicating if the SunJCE provider should be used for Token encryption.

Parameters:
useSunJCE - if true, SunJCE is used; if false, the JVM default is used
See Also:
java.security.Provider, JavaTM Cryptography Extension (JCE)

isObfuscatePassword

public boolean isObfuscatePassword()
Returns a flag indicating if the password should be obfuscated.

See Also:
OBFUSCATE_PASSWORD_DEFAULT

setObfuscatePasword

public void setObfuscatePasword(boolean obfuscatePassword)
Deprecated. 

Sets a flag indicating if the password should be obfuscated.

Parameters:
obfuscatePassword - if true, password is obfuscated

setObfuscatePassword

public void setObfuscatePassword(boolean obfuscatePassword)
Sets a flag indicating if the password should be obfuscated.

Parameters:
obfuscatePassword - if true, password is obfuscated

isSessionCookie

public boolean isSessionCookie()
Returns a flag indicating if cookie will expire at the end of the browser session or in getTokenLifetime() seconds.

See Also:
javax.servlet.http.Cookie#setMaxAge(int), SESSION_COOKIE_DEFAULT

setSessionCookie

public void setSessionCookie(boolean sessionCookie)
Sets a flag indicating if cookie will expire at the end of the browser session or in getTokenLifetime() seconds.

Parameters:
sessionCookie - true if cookie should expire at the end of the browser session; false if Cookie should expire in #getTokenLifeTime() seconds
See Also:
javax.servlet.http.Cookie#setMaxAge(int)

isSecureCookie

public boolean isSecureCookie()
Returns a flag indicating if cookie will only be sent via secure transport (HTTPS).

See Also:
javax.servlet.http.Cookie#setSecure(boolean), SECURE_COOKIE_DEFAULT

setSecureCookie

public void setSecureCookie(boolean secureCookie)
Returns a flag indicating if cookie will only be sent via secure transport (HTTPS).

Parameters:
secureCookie - true if cookie will be sent only via secure transport (HTTPS); false if permissable to send cookie via unsecure transport (HTTP)
See Also:
javax.servlet.http.Cookie#setSecure(boolean)

isUseCookie

public boolean isUseCookie()
Returns a flag indicating if the token will be exchanged using a cookie.

Returns:
true if token will be exchanged as a cookie; false if the token will be exchanged as a query parameter
See Also:
USE_COOKIE_DEFAULT

setUseCookie

public void setUseCookie(boolean useCookie)
Sets a flag indicating if the token will be exchanged using a cookie (or, alternatively, a query parameter)

Parameters:
useCookie - true if token will be exchanged as a cookie; false if the token will be exchanged as a query parameter

getCookiePath

public String getCookiePath()
Returns the path used when writing a token as a cookie.

See Also:
COOKIE_PATH_DEFAULT

setCookiePath

public void setCookiePath(String cookiePath)
Sets the path to be used when writing a token as a cookie.

Parameters:
cookiePath - the path

getCookieDomain

public String getCookieDomain()
Returns the domain used when writing a token as a cookie.

See Also:
COOKIE_DOMAIN_DEFAULT

setCookieDomain

public void setCookieDomain(String cookieDomain)
Sets the domain to be used when writing a token as a cookie.

Parameters:
cookieDomain - the domain

getPassword

public String getPassword()
Gets the password to use for token encryption; actual key is generated via PBKDF2.

See Also:
http://tools.ietf.org/html/rfc2898#appendix-A.2

setPassword

public void setPassword(String password)
Sets the unobfuscated (clear) password that will be used. Note: This methods does not set or use the obfuscated password stored in agent-config.txt.

Parameters:
password - the unobfuscated password

getTokenName

public String getTokenName()
Returns the name used to identify the token (either as a query parameter or cookie).

See Also:
TOKEN_NAME_DEFAULT

setTokenName

public void setTokenName(String tokenName)
Sets the name to be used to identify the token (either as a query parameter or cookie).

Parameters:
tokenName - the token name

storeConfiguration

public void storeConfiguration(OutputStream os)
                        throws IOException
Writes agent configuration to an OutputStream. The configuration is stored as a series of name=value pairs.

Parameters:
os - destination of configuration data
Throws:
IOException

loadConfiguration

public void loadConfiguration(InputStream is)
                       throws IOException
Reads agent configuration from an InputStream that was previously generated by storeConfiguration or PingFederate.

Parameters:
is - source of configuration data
Throws:
IOException

copy

public AgentConfiguration copy()
Creates a copy of the current AgentConfiguration instance.

Returns:
copy of current AgentConfiguration instance
See Also:
org.apache.commons.beanutils.BeanUtils#cloneBean(java.lang.Object)


Copyright © 2012. All Rights Reserved.