The TokenValidateOperation
TokenValidateOperation is an extension of AbstractOperation used to validate tokens in the STS. It implements the ValidateOperation interface in the STS provider framework. For validation, the below property from AbstractOperation can be configured:
- List<TokenValidator> tokenValidators - A list of TokenValidator implementations to use to validate tokens.
Recall that AbstractOperation uses the RequestParser to parse a client request into TokenRequirements and KeyRequirements objects. TokenValidateOperation first checks that a "ValidateTarget" token was received and successfully parsed (if so it will be stored in the TokenRequirements object). If no token was received then an exception is thrown.