org.apache.ws.sandbox.security.conversation
Class DerivedKeyCallbackHandler
java.lang.Object
org.apache.ws.sandbox.security.conversation.DerivedKeyCallbackHandler
- All Implemented Interfaces:
- javax.security.auth.callback.CallbackHandler
- public class DerivedKeyCallbackHandler
- extends java.lang.Object
- implements javax.security.auth.callback.CallbackHandler
Method Summary |
void |
addDerivedKey(java.lang.String uuid,
DerivedKeyInfo dkInfo)
Adds a derived key into a session identified by the uuid |
static void |
addSecurtiyContext(java.lang.String uuid,
SecurityContextInfo info)
|
static long |
getDerivedKeyLength(java.lang.String uuid)
|
static ConversationSession |
getSession(java.lang.String uuid)
|
void |
handle(javax.security.auth.callback.Callback[] callbacks)
|
static void |
setDerivedKeyLength(java.lang.String uuid,
long keyLength)
In cases where fixed size derived keys are used; this method can be used to
specifu the key size of a perticular session |
static void |
setLabelForSession(java.lang.String uuid,
java.lang.String label)
If the Label element is not available in a DerivedKeyToken element then
the value given here will be use in the key derivation
This value will be bound to the session. |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
conversationSessionTable
public static java.util.Hashtable conversationSessionTable
- The set of all the sessions
DerivedKeyCallbackHandler
public DerivedKeyCallbackHandler()
addSecurtiyContext
public static void addSecurtiyContext(java.lang.String uuid,
SecurityContextInfo info)
- Parameters:
uuid
- info
-
setDerivedKeyLength
public static void setDerivedKeyLength(java.lang.String uuid,
long keyLength)
throws ConversationException
- In cases where fixed size derived keys are used; this method can be used to
specifu the key size of a perticular session
- Parameters:
uuid
- The identifier of the security context of the sessionkeyLength
- the desired key size
- Throws:
ConversationException
- If the specified session is not available
(There can be sevral reasons for this : expiration etc. will have to look into this)
getDerivedKeyLength
public static long getDerivedKeyLength(java.lang.String uuid)
throws ConversationException
- Throws:
ConversationException
getSession
public static ConversationSession getSession(java.lang.String uuid)
throws ConversationException
- Throws:
ConversationException
setLabelForSession
public static void setLabelForSession(java.lang.String uuid,
java.lang.String label)
throws ConversationException
- If the Label element is not available in a DerivedKeyToken element then
the value given here will be use in the key derivation
This value will be bound to the session. (There will be one label value for
the session and it should not change during a derivation sequence
- Parameters:
uuid
- The identifier of the security context of the sessionlabel
- The label value as a string
- Throws:
ConversationException
- If the specified session is not available
(There can be sevral reasons for this : expiration etc. will have to look into this)
addDerivedKey
public void addDerivedKey(java.lang.String uuid,
DerivedKeyInfo dkInfo)
throws ConversationException
- Adds a derived key into a session identified by the uuid
- Parameters:
uuid
- The uuid of the sessiondkInfo
- The derived key as a DerivedKeyInfo
object
- Throws:
ConversationException
- If the uuid is not in the list of sessions
This should be done here and not in the handle
method since for example if the session is expired
the request should not pass this point
In the scenario that we'r concerned here one party creates a derived key, encryps the message with it and sends
The receiver should decrypt the message with that derived key. Therefore if the session is expired
that fact will be only evident at this point where, the derived key is being added into the relevant session.
handle
public void handle(javax.security.auth.callback.Callback[] callbacks)
throws javax.security.auth.callback.UnsupportedCallbackException
- Specified by:
handle
in interface javax.security.auth.callback.CallbackHandler
- Parameters:
callbacks
-
- Throws:
javax.security.auth.callback.UnsupportedCallbackException
Copyright © 2004-2008 Apache Web Services. All Rights Reserved.