You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by na...@apache.org on 2008/03/19 16:11:07 UTC
svn commit: r638860 - in
/webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas:
./ client/ impl/
Author: nandana
Date: Wed Mar 19 08:11:04 2008
New Revision: 638860
URL: http://svn.apache.org/viewvc?rev=638860&view=rev
Log:
validation binding issues
Added:
webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/impl/SAMLTokenValidator.java
Modified:
webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/RahasConstants.java
webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/TokenRequestDispatcher.java
webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/TokenRequestDispatcherConfig.java
webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/TokenValidator.java
webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/client/STSClient.java
webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/errors.properties
Modified: webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/RahasConstants.java
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/RahasConstants.java?rev=638860&r1=638859&r2=638860&view=diff
==============================================================================
--- webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/RahasConstants.java (original)
+++ webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/RahasConstants.java Wed Mar 19 08:11:04 2008
@@ -46,6 +46,15 @@
public static final String
REQUEST_SECURITY_TOKEN_RESPONSE_COLLECTION = "RequestSecurityTokenResponseCollection";
public final static String BINARY_SECRET = "BinarySecret";
+
+ /* <wst:RequestSecurityTokenResponse>
+ * <wst:TokenType>http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Status</wst:TokenType>
+ * <wst:Status>
+ * <wst:Code>http://schemas.xmlsoap.org/ws/2005/02/trust/status/valid</wst:Code>
+ * </wst:Status> ... </wst:RequestSecurityTokenResponse>"
+ */
+ public static final String STATUS = "Status";
+ public static final String CODE = "Code";
}
public static class IssuanceBindingLocalNames {
@@ -101,12 +110,18 @@
public static final String RSTR_ACTION_CANCEL = "/RSTR" + REQ_TYPE_CANCEL;
public static final String RSTR_ACTION_SCT = "/RSTR/SCT";
public static final String RSTR_ACTION_CANCEL_SCT = "/RSTR/SCT" + REQ_TYPE_CANCEL;
+
+ //Status codes
+ public static final String STATUS_CODE_VALID = "/status/valid";
+ public static final String STATUS_CODE_INVALID = "/status/invalid";
+
+ public static final String TOK_TYPE_STATUS = "/RSTR/Status";
//Token types
public static final String TOK_TYPE_SAML_10 = "http://docs.oasis-open.org/wss/" +
"oasis-wss-saml-token-profile-1.1#SAMLV1.1";
//Attrs
- public static final String ATTR_TYPE = "Type";
+ public static final String ATTR_TYPE = "Type";
public static final String ATTR_CLAIMS_DIALECT = "Dialect";
}
Modified: webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/TokenRequestDispatcher.java
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/TokenRequestDispatcher.java?rev=638860&r1=638859&r2=638860&view=diff
==============================================================================
--- webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/TokenRequestDispatcher.java (original)
+++ webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/TokenRequestDispatcher.java Wed Mar 19 08:11:04 2008
@@ -20,6 +20,7 @@
import org.apache.axis2.context.MessageContext;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.rahas.impl.SAMLTokenValidator;
public class TokenRequestDispatcher {
@@ -79,8 +80,24 @@
} else if((RahasConstants.WST_NS_05_02 + RahasConstants.REQ_TYPE_VALIDATE).equals(reqType) ||
(RahasConstants.WST_NS_05_12 + RahasConstants.REQ_TYPE_VALIDATE).equals(reqType)) {
log.debug("validate");
- throw new UnsupportedOperationException("TODO: handle " +
- "validate requests");
+
+ TokenValidator validator;
+ if (tokenType == null || tokenType.trim().length() == 0) {
+ validator = config.getDefaultValidatorInstance();
+ } else {
+ validator = config.getValidator(tokenType);
+ }
+
+ SOAPEnvelope response = validator.validate(data);
+
+ outMsgCtx.getOptions().setAction(
+ TrustUtil.getActionValue(data.getVersion(),
+ RahasConstants.RSTR_ACTION_VALIDATE));
+
+ return response;
+
+
+
} else if((RahasConstants.WST_NS_05_02 + RahasConstants.REQ_TYPE_RENEW).equals(reqType) ||
(RahasConstants.WST_NS_05_12 + RahasConstants.REQ_TYPE_RENEW).equals(reqType)) {
log.debug("renew");
Modified: webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/TokenRequestDispatcherConfig.java
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/TokenRequestDispatcherConfig.java?rev=638860&r1=638859&r2=638860&view=diff
==============================================================================
--- webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/TokenRequestDispatcherConfig.java (original)
+++ webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/TokenRequestDispatcherConfig.java Wed Mar 19 08:11:04 2008
@@ -34,18 +34,21 @@
private final static QName DISPATCHER_CONFIG = new QName("token-dispatcher-configuration");
private final static QName ISSUER = new QName("issuer");
private final static QName CANCELER = new QName("canceler");
+ private final static QName VALIDATOR = new QName("validator");
private final static QName TOKEN_TYPE = new QName("tokenType");
private final static QName CLASS_ATTR = new QName("class");
private final static QName DEFAULT_ATTR = new QName("default");
private final static QName CONFIGURATION_ELEMENT = new QName("configuration");
private Map issuers;
+ private Map validators;
private Map configFiles = new Hashtable();
private Map configElements = new Hashtable();
private Map configParamNames = new Hashtable();
private String defaultIssuerClassName;
private String defaultCancelerClassName;
+ private String defaultValidatorClassName;
public static TokenRequestDispatcherConfig load(OMElement configElem) throws TrustException {
@@ -56,6 +59,9 @@
// Issuers
handleIssuers(configElem, conf);
+
+ //Validators
+ handleValidators(configElem, conf);
// Cancelers
handleCancelers(configElem, conf);
@@ -128,6 +134,53 @@
}
}
}
+
+ private static void handleValidators(OMElement configElem,
+ TokenRequestDispatcherConfig conf) throws TrustException {
+
+ for (Iterator issuerElems = configElem.getChildrenWithName(VALIDATOR);
+ issuerElems.hasNext();) {
+
+ OMElement element = (OMElement) issuerElems.next();
+
+ //get the class attr
+ String validatorClass = element.getAttributeValue(CLASS_ATTR);
+ if (validatorClass == null) {
+ throw new TrustException("missingClassName");
+ }
+ String isDefault = element.getAttributeValue(DEFAULT_ATTR);
+ if (isDefault != null && "true".equalsIgnoreCase(isDefault)) {
+ //Use the first default issuer as the default isser
+ if (conf.defaultValidatorClassName == null) {
+ conf.defaultValidatorClassName = validatorClass;
+ } else {
+ throw new TrustException("badDispatcherConfigMultipleDefaultValidators");
+ }
+ }
+
+ processConfiguration(element, conf, validatorClass);
+
+ //Process token types
+ for (Iterator tokenTypes = element.getChildrenWithName(TOKEN_TYPE);
+ tokenTypes.hasNext();) {
+ OMElement type = (OMElement) tokenTypes.next();
+ String value = type.getText();
+ if (value == null || value.trim().length() == 0) {
+ throw new TrustException("invalidTokenTypeDefinition",
+ new String[]{"Validator", validatorClass});
+ }
+ if (conf.validators == null) {
+ conf.validators = new Hashtable();
+ }
+ //If the token type is not already declared then add it to the
+ //table with the issuer classname
+ if (!conf.validators.keySet().contains(value)) {
+ conf.validators.put(value, validatorClass);
+ }
+ }
+ }
+
+ }
private static void processConfiguration(OMElement element,
TokenRequestDispatcherConfig conf,
@@ -190,6 +243,20 @@
return null;
}
}
+
+ public TokenValidator getDefaultValidatorInstance() throws TrustException {
+ if (this.defaultValidatorClassName != null) {
+ try {
+ return createValidator(this.defaultValidatorClassName);
+ } catch (Exception e) {
+ throw new TrustException("cannotLoadClass",
+ new String[]{this.defaultValidatorClassName}, e);
+ }
+ } else {
+ return null;
+ }
+ }
+
public String getDefaultIssuerName() {
return this.defaultIssuerClassName;
@@ -213,6 +280,24 @@
new String[]{this.defaultIssuerClassName}, e);
}
}
+
+ public TokenValidator getValidator(String tokenType) throws TrustException {
+ String validatorClassName = null;
+ //try to find the validator class name from the tokenType<->validator map
+ if (this.validators != null) {
+ validatorClassName = (String) this.validators.get(tokenType);
+ }
+ //If a specific validator is not found use the default issuer
+ if (validatorClassName == null) {
+ validatorClassName = this.defaultValidatorClassName;
+ }
+ try {
+ return createValidator(validatorClassName);
+ } catch (Exception e) {
+ throw new TrustException("cannotLoadClass",
+ new String[]{this.defaultValidatorClassName}, e);
+ }
+ }
/**
* @param issuerClassName
@@ -232,5 +317,13 @@
canceler.setConfigurationFile((String) this.configFiles.get(cancelerClassName));
canceler.setConfigurationParamName((String) this.configParamNames.get(cancelerClassName));
return canceler;
+ }
+
+ private TokenValidator createValidator(String validatorClassName) throws Exception {
+ TokenValidator validator = (TokenValidator) Loader.loadClass(validatorClassName).newInstance();
+ validator.setConfigurationElement((OMElement) this.configElements.get(validatorClassName));
+ validator.setConfigurationFile((String) this.configFiles.get(validatorClassName));
+ validator.setConfigurationParamName((String) this.configParamNames.get(validatorClassName));
+ return validator;
}
}
Modified: webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/TokenValidator.java
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/TokenValidator.java?rev=638860&r1=638859&r2=638860&view=diff
==============================================================================
--- webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/TokenValidator.java (original)
+++ webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/TokenValidator.java Wed Mar 19 08:11:04 2008
@@ -16,6 +16,7 @@
package org.apache.rahas;
+import org.apache.axiom.om.OMElement;
import org.apache.axiom.soap.SOAPEnvelope;
public interface TokenValidator {
@@ -24,7 +25,7 @@
* Validate the token specified in the given request.
*
* @param data
- * A populated <code>RahasData</code> instance
+ * A populated <code>RahasData</code> instance
* @return Response SOAPEnveloper
* @throws TrustException
*/
@@ -47,9 +48,9 @@
* token-dispatcher-configuration
*
* @param configElement
- * <code>OMElement</code> representing the configuration
+ * <code>OMElement</code> representing the configuration
*/
- public void setConfigurationElement(String configElement);
+ public void setConfigurationElement(OMElement configElement);
/**
* Set the name of the configuration parameter.
Modified: webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/client/STSClient.java
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/client/STSClient.java?rev=638860&r1=638859&r2=638860&view=diff
==============================================================================
--- webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/client/STSClient.java (original)
+++ webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/client/STSClient.java Wed Mar 19 08:11:04 2008
@@ -84,7 +84,7 @@
private byte[] requestorEntropy;
- private String addressingNs = AddressingConstants.Final.WSA_NAMESPACE;
+ private String addressingNs = AddressingConstants.Submission.WSA_NAMESPACE;
private int keySize;
@@ -166,6 +166,41 @@
}
}
+ public boolean validateToken(String tokenId,
+ String issuerAddress,
+ Policy issuerPolicy) throws TrustException {
+ try {
+ QName rstQn = new QName("requestSecurityToken");
+ String requestType =
+ TrustUtil.getWSTNamespace(version) + RahasConstants.REQ_TYPE_VALIDATE;
+
+ ServiceClient client = getServiceClient(rstQn, issuerAddress);
+
+ client.getServiceContext().setProperty(RAMPART_POLICY, issuerPolicy);
+ client.getOptions().setSoapVersionURI(this.soapVersion);
+ if(this.addressingNs != null) {
+ client.getOptions().setProperty(AddressingConstants.WS_ADDRESSING_VERSION, this.addressingNs);
+ }
+ client.engageModule("addressing");
+ client.engageModule("rampart");
+
+ this.processPolicy(issuerPolicy, null);
+
+ OMElement response = client.sendReceive(rstQn,
+ createValidateRequest(requestType));
+
+ System.out.println(response.toString());
+
+ return true;
+
+
+ } catch (AxisFault e) {
+ log.error("errorInValidatingToken", e);
+ throw new TrustException("errorInObtainingToken", new String[]{issuerAddress});
+ }
+
+ }
+
private ServiceClient getServiceClient(QName rstQn,
String issuerAddress) throws AxisFault {
AxisService axisService =
@@ -510,6 +545,28 @@
return rst;
+
+ }
+
+ private OMElement createValidateRequest(String requestType) throws TrustException {
+
+ log.debug("Creating request with request type: " + requestType);
+
+ OMElement rst = TrustUtil.createRequestSecurityTokenElement(version);
+
+ TrustUtil.createRequestTypeElement(this.version, rst, requestType);
+
+ OMElement tokenTypeElem = TrustUtil.createTokenTypeElement(this.version, rst);
+
+ String tokenType =
+ TrustUtil.getWSTNamespace(version) + RahasConstants.TOK_TYPE_STATUS;
+
+ tokenTypeElem.setText(tokenType);
+
+ System.out.println(rst.toString());
+
+ return rst;
+
}
Modified: webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/errors.properties
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/errors.properties?rev=638860&r1=638859&r2=638860&view=diff
==============================================================================
--- webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/errors.properties (original)
+++ webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/errors.properties Wed Mar 19 08:11:04 2008
@@ -28,7 +28,8 @@
UnableToRenew = The requested renewal failed
-errorInObtainingToken = Error in obtaining token from : \"{0}\"
+errorInObtainingToken = Error in obtaining token from : \"{0}\"
+errorInValidatingToken = Error in validating token from : \"{0}\"
incorrectConfiguration = The given configuration element is not a "token-dispatcher-configuration" element
missingClassName = Class attribute missing
cannotLoadClass = Error in loading and instantiating the class \"{0}\"
Added: webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/impl/SAMLTokenValidator.java
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/impl/SAMLTokenValidator.java?rev=638860&view=auto
==============================================================================
--- webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/impl/SAMLTokenValidator.java (added)
+++ webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/impl/SAMLTokenValidator.java Wed Mar 19 08:11:04 2008
@@ -0,0 +1,250 @@
+package org.apache.rahas.impl;
+
+import java.security.PublicKey;
+import java.security.cert.X509Certificate;
+
+import javax.xml.namespace.QName;
+
+import org.apache.axiom.om.OMElement;
+import org.apache.axiom.om.impl.dom.jaxp.DocumentBuilderFactoryImpl;
+import org.apache.axiom.soap.SOAPEnvelope;
+import org.apache.axis2.context.MessageContext;
+import org.apache.axis2.description.Parameter;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.rahas.RahasConstants;
+import org.apache.rahas.RahasData;
+import org.apache.rahas.Token;
+import org.apache.rahas.TokenStorage;
+import org.apache.rahas.TokenValidator;
+import org.apache.rahas.TrustException;
+import org.apache.rahas.TrustUtil;
+import org.apache.ws.security.components.crypto.Crypto;
+import org.apache.ws.security.components.crypto.CryptoFactory;
+import org.opensaml.SAMLAssertion;
+import org.opensaml.SAMLException;
+import org.w3c.dom.Element;
+
+/**
+ * Implementation of a SAML Token Validator for the Security Token Service.
+ */
+public class SAMLTokenValidator implements TokenValidator {
+
+ Log log = LogFactory.getLog(SAMLTokenValidator.class);
+
+ private String configFile;
+ private OMElement configElement;
+ private String configParamName;
+
+ /**
+ * Returns a SOAPEnvelope with the result of the validation.
+ *
+ * @param data
+ * the RahasData object, containing information about the
+ * request.
+ */
+ public SOAPEnvelope validate(RahasData data) throws TrustException {
+ // retrieve the message context
+ MessageContext inMsgCtx = data.getInMessageContext();
+
+ // retrieve the list of tokens from the message context
+ TokenStorage tkStorage = TrustUtil.getTokenStore(inMsgCtx);
+
+ try {
+ // Set the DOM impl to DOOM
+ DocumentBuilderFactoryImpl.setDOOMRequired(true);
+
+ // Create envelope
+ SOAPEnvelope env = TrustUtil.createSOAPEnvelope(inMsgCtx
+ .getEnvelope().getNamespace().getNamespaceURI());
+
+ // Create RSTR element, with respective version
+ OMElement rstrElem;
+ int wstVersion = data.getVersion();
+ if (RahasConstants.VERSION_05_02 == wstVersion) {
+ rstrElem = TrustUtil.createRequestSecurityTokenResponseElement(
+ wstVersion, env.getBody());
+ } else {
+ OMElement rstrcElem = TrustUtil
+ .createRequestSecurityTokenResponseCollectionElement(
+ wstVersion, env.getBody());
+ rstrElem = TrustUtil.createRequestSecurityTokenResponseElement(
+ wstVersion, rstrcElem);
+ }
+
+ // Create TokenType element, set to RSTR/Status
+ TrustUtil.createTokenTypeElement(wstVersion, rstrElem).setText(
+ TrustUtil.getWSTNamespace(wstVersion)
+ + RahasConstants.TOK_TYPE_STATUS);
+
+ // Create Status element
+ OMElement statusElement = createMessageElement(wstVersion,
+ rstrElem, RahasConstants.LocalNames.STATUS);
+
+ //TODO this is wrong, figure out a way to get the token to validate
+ Token tk = tkStorage.getToken(tkStorage.getTokenIdentifiers()[0]);
+
+ // create the crypto object
+ PublicKey issuerPBKey = getIssuerPublicKey(inMsgCtx);
+
+ boolean valid = isValid(tk, issuerPBKey);
+ String validityCode;
+
+ if (valid) {
+ validityCode = RahasConstants.STATUS_CODE_VALID;
+ } else {
+ validityCode = RahasConstants.STATUS_CODE_INVALID;
+ }
+
+ // Create Code element (inside Status) and set it to the
+ // correspondent value
+ createMessageElement(wstVersion, statusElement,
+ RahasConstants.LocalNames.CODE).setText(
+ TrustUtil.getWSTNamespace(wstVersion) + validityCode);
+
+ return env;
+ } finally {
+ DocumentBuilderFactoryImpl.setDOOMRequired(false);
+ }
+ }
+
+ /**
+ * Checks whether the token is valid or not, by verifying the issuer's own
+ * signature. If it has been signed by the token issuer, then it is a valid
+ * token.
+ *
+ * @param token
+ * the token to validate.
+ * @return true if the token has been signed by the issuer.
+ */
+ private boolean isValid(Token token, PublicKey issuerPBKey) {
+ // extract SAMLAssertion object from token
+ OMElement assertionOMElement = token.getToken();
+ SAMLAssertion samlAssertion = null;
+
+ try {
+ samlAssertion = new SAMLAssertion((Element) assertionOMElement);
+
+ log.info("Verifying token validity...");
+
+ // check if the token has been signed by the issuer.
+ samlAssertion.verify(issuerPBKey);
+
+ } catch (SAMLException e) {
+ log.error("Could not verify signature", e);
+ return false;
+ }
+
+ // if there was no exception, then the token is valid
+ return true;
+ }
+
+ //here we basically reuse the SAMLTokenIssuer config
+ // to create the crypto object, so we can load the issuer's certificates
+ private PublicKey getIssuerPublicKey(MessageContext inMsgCtx) {
+ PublicKey issuerPBKey = null;
+ SAMLTokenIssuerConfig config = null;
+
+ try {
+ if (configElement != null) {
+ config = new SAMLTokenIssuerConfig(
+ configElement
+ .getFirstChildWithName(SAMLTokenIssuerConfig.SAML_ISSUER_CONFIG));
+ }
+
+ // Look for the file
+ if ((config == null) && (configFile != null)) {
+ config = new SAMLTokenIssuerConfig(configFile);
+ }
+
+ // Look for the param
+ if ((config == null) && (configParamName != null)) {
+ Parameter param = inMsgCtx.getParameter(configParamName);
+ if ((param != null) && (param.getParameterElement() != null)) {
+ config = new SAMLTokenIssuerConfig(param
+ .getParameterElement().getFirstChildWithName(
+ SAMLTokenIssuerConfig.SAML_ISSUER_CONFIG));
+ } else {
+ throw new TrustException("expectedParameterMissing",
+ new String[] { configParamName });
+ }
+ }
+
+ if (config == null) {
+ throw new TrustException("configurationIsNull");
+ }
+
+ Crypto crypto;
+ if (config.cryptoElement != null) { // crypto props
+ // defined as
+ // elements
+ crypto = CryptoFactory.getInstance(TrustUtil
+ .toProperties(config.cryptoElement), inMsgCtx
+ .getAxisService().getClassLoader());
+ } else { // crypto props defined in a properties file
+ crypto = CryptoFactory.getInstance(config.cryptoPropertiesFile,
+ inMsgCtx.getAxisService().getClassLoader());
+ }
+
+ X509Certificate[] issuerCerts = crypto
+ .getCertificates(config.issuerKeyAlias);
+
+ issuerPBKey = issuerCerts[0].getPublicKey();
+
+ } catch (Exception e) {
+ log.error("Could not retrieve issuer public key", e);
+ }
+ return issuerPBKey;
+ }
+
+ /**
+ * Returns the <wst:Status> element.
+ *
+ * @param version
+ * WS-Trust version.
+ * @param parent
+ * the parent OMElement.
+ */
+ private static OMElement createMessageElement(int version,
+ OMElement parent, String elementName) throws TrustException {
+ return createOMElement(parent, TrustUtil.getWSTNamespace(version),
+ elementName, RahasConstants.WST_PREFIX);
+ }
+
+ private static OMElement createOMElement(OMElement parent, String ns,
+ String ln, String prefix) {
+ return parent.getOMFactory().createOMElement(new QName(ns, ln, prefix),
+ parent);
+ }
+
+ // ========================================================================
+
+ /**
+ * Set the configuration file of this TokenValidator. <p/> This is the text
+ * value of the <configuration-file> element of the
+ * token-dispatcher-configuration
+ *
+ * @param configFile
+ */
+ public void setConfigurationFile(String configFile) {
+ this.configFile = configFile;
+ }
+
+ /**
+ * Set the name of the configuration parameter. <p/> If this is used then
+ * there must be a <code>org.apache.axis2.description.Parameter</code>
+ * object available in the via the messageContext when the
+ * <code>TokenValidator</code> is called.
+ *
+ * @param configParamName
+ * @see org.apache.axis2.description.Parameter
+ */
+ public void setConfigurationParamName(String configParamName) {
+ this.configParamName = configParamName;
+ }
+
+ public void setConfigurationElement(OMElement configElement) {
+ this.configElement = configElement;
+ }
+
+}