com.sun.xml.wss
Class NonceManager

java.lang.Object
  extended by com.sun.xml.ws.commons.AbstractMOMRegistrationAware
      extended by com.sun.xml.wss.NonceManager
All Implemented Interfaces:
MOMRegistrationAware
Direct Known Subclasses:
DefaultNonceManager, HANonceManager

@ManagedObject
@Description(value="per-endpoint NonceManager")
@AMXMetadata(type="WSNonceManager")
public abstract class NonceManager
extends AbstractMOMRegistrationAware

This abstract class defines an SPI that Metro Application developers can implement, to handle custom validation of Nonces used in conjunction with Password-Digest Authentication. A repeated nonce would generally indicate a possible replay-attack. The SPI implementation class needs to be specified as a META-INF/services entry with name "com.sun.xml.xwss.NonceManager". A default implementation of this SPI is returned if no entry is configured.


Nested Class Summary
static class NonceManager.NonceException
          Exception to be thrown when an Error in processing received nonces occurs.
 
Field Summary
protected static Logger LOGGER
           
static String nonceManager
           
 
Constructor Summary
NonceManager()
           
 
Method Summary
static void deleteInstance(WSEndpoint endpoint)
           
static NonceManager getInstance(long maxNonceAge, WSEndpoint endpoint)
           
 long getMaxNonceAge()
           
 void setMaxNonceAge(long maxNonceAge)
          Set the approximate maximum age for which a received nonce needs to be stored by the NonceManager
abstract  boolean validateNonce(String nonce, String created)
           
 
Methods inherited from class com.sun.xml.ws.commons.AbstractMOMRegistrationAware
isRegisteredAtMOM, setRegisteredAtMOM
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

LOGGER

protected static final Logger LOGGER

nonceManager

public static final String nonceManager
See Also:
Constant Field Values
Constructor Detail

NonceManager

public NonceManager()
Method Detail

getMaxNonceAge

@ManagedAttribute
public long getMaxNonceAge()
Returns:
the approximate maximum age for which a received nonce would be stored by the NonceManager

setMaxNonceAge

public void setMaxNonceAge(long maxNonceAge)
Set the approximate maximum age for which a received nonce needs to be stored by the NonceManager

Parameters:
maxNonceAge -

validateNonce

public abstract boolean validateNonce(String nonce,
                                      String created)
                               throws NonceManager.NonceException
Parameters:
nonce - the nonce to be validated
created - the creation time of the nonce as indicated in the UsernameToken
Returns:
true if the nonce is not a replay
Throws:
NonceManager.NonceException - if a replay is detected

getInstance

public static NonceManager getInstance(long maxNonceAge,
                                       WSEndpoint endpoint)
Parameters:
maxNonceAge - the approximate maximum age for which a received nonce would be stored by the NonceManager
Returns:
the singleton instance of the configured NonceManager, calling getInstance with different maxNonceAge will have no effect and will instead return the same NonceManager which was initialized first.

deleteInstance

public static void deleteInstance(WSEndpoint endpoint)


Copyright © 2005-2015 Oracle Corporation. All Rights Reserved.