Package com.sun.xml.wss

Class NonceManager

java.lang.Object

com.sun.xml.ws.commons.AbstractMOMRegistrationAware

com.sun.xml.wss.NonceManager

All Implemented Interfaces:

MOMRegistrationAware

Direct Known Subclasses:

DefaultNonceManager, HANonceManager

@ManagedObject
@Description("per-endpoint NonceManager")
@AMXMetadata(type="WSNonceManager")
public abstract class NonceManager
extends AbstractMOMRegistrationAware

This abstract class defines an SPI that Metro Application developers can implement, to handle custom validation of Nonces used in conjunction with Password-Digest Authentication. A repeated nonce would generally indicate a possible replay-attack. The SPI implementation class needs to be specified as a META-INF/services entry with name "com.sun.xml.xwss.NonceManager". A default implementation of this SPI is returned if no entry is configured.

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	NonceManager.NonceException	Exception to be thrown when an Error in processing received nonces occurs.

Field Summary

Fields

Modifier and Type	Field	Description
protected static Logger	LOGGER
static String	nonceManager

Constructor Summary

Constructors

Constructor	Description
NonceManager()

Method Summary

Modifier and Type	Method	Description
static void	deleteInstance(WSEndpoint endpoint)
static NonceManager	getInstance(long maxNonceAge, WSEndpoint endpoint)
long	getMaxNonceAge()
void	setMaxNonceAge(long maxNonceAge)	Set the approximate maximum age for which a received nonce needs to be stored by the NonceManager
abstract boolean	validateNonce(String nonce, String created)

Methods inherited from class com.sun.xml.ws.commons.AbstractMOMRegistrationAware

isRegisteredAtMOM, setRegisteredAtMOM

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

LOGGER

protected static final Logger LOGGER

nonceManager

public static final String nonceManager

See Also:

Constant Field Values

Constructor Detail

NonceManager

public NonceManager()

Method Detail

getMaxNonceAge

@ManagedAttribute
public long getMaxNonceAge()

Returns:

the approximate maximum age for which a received nonce would be stored by the NonceManager

setMaxNonceAge

public void setMaxNonceAge(long maxNonceAge)

Set the approximate maximum age for which a received nonce needs to be stored by the NonceManager

Parameters:

maxNonceAge -

validateNonce

public abstract boolean validateNonce(String nonce,
                                      String created)
                               throws NonceManager.NonceException

Parameters:

nonce - the nonce to be validated

created - the creation time of the nonce as indicated in the UsernameToken

Returns:

true if the nonce is not a replay

Throws:

NonceManager.NonceException - if a replay is detected

getInstance

public static NonceManager getInstance(long maxNonceAge,
                                       WSEndpoint endpoint)

Parameters:

maxNonceAge - the approximate maximum age for which a received nonce would be stored by the NonceManager

Returns:

the singleton instance of the configured NonceManager, calling getInstance with different maxNonceAge will have no effect and will instead return the same NonceManager which was initialized first.

deleteInstance

public static void deleteInstance(WSEndpoint endpoint)