|
|||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.apache.ws.security.WSSecurityEngine
WS-Security Engine.
Field Summary | |
static javax.xml.namespace.QName |
binaryToken
wsse:BinarySecurityToken as defined by WS Security specification |
static javax.xml.namespace.QName |
DERIVED_KEY_TOKEN
wsc:DerivedKeyToken as defined by WS-SecureConversation specification |
static javax.xml.namespace.QName |
ENCRYPTED_KEY
xenc:EncryptedKey as defined by XML Encryption specification,
enhanced by WS Security specification |
static javax.xml.namespace.QName |
REFERENCE_LIST
xenc:ReferenceList as defined by XML Encryption specification, |
static javax.xml.namespace.QName |
SAML_TOKEN
saml:Assertion as defined by SAML specification |
static javax.xml.namespace.QName |
SECURITY_CONTEXT_TOKEN
wsc:SecurityContextToken as defined by WS-SecureConversation specification |
static javax.xml.namespace.QName |
SIGNATURE
ds:Signature as defined by XML Signature specification,
enhanced by WS Security specification |
static javax.xml.namespace.QName |
signatureConfirmation
wsse11:signatureConfirmation as defined by OASIS WS Security specification, |
static javax.xml.namespace.QName |
timeStamp
wsu:Timestamp as defined by OASIS WS Security specification, |
static javax.xml.namespace.QName |
usernameToken
wsse:UsernameToken as defined by WS Security specification |
static java.lang.String |
VALUE_TYPE
|
Constructor Summary | |
WSSecurityEngine()
|
Method Summary | |
static WSSecurityEngine |
getInstance()
Get a singleton instance of security engine. |
java.util.Vector |
processSecurityHeader(org.w3c.dom.Document doc,
java.lang.String actor,
javax.security.auth.callback.CallbackHandler cb,
Crypto crypto)
Process the security header given the soap envelope as W3C document. |
java.util.Vector |
processSecurityHeader(org.w3c.dom.Document doc,
java.lang.String actor,
javax.security.auth.callback.CallbackHandler cb,
Crypto sigCrypto,
Crypto decCrypto)
Process the security header given the soap envelope as W3C document. |
protected java.util.Vector |
processSecurityHeader(org.w3c.dom.Element securityHeader,
javax.security.auth.callback.CallbackHandler cb,
Crypto sigCrypto,
Crypto decCrypto)
Process the security header given the wsse:Security DOM
Element. |
static void |
setWssConfig(WSSConfig wsc)
|
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
public static final java.lang.String VALUE_TYPE
public static final javax.xml.namespace.QName binaryToken
wsse:BinarySecurityToken
as defined by WS Security specification
public static final javax.xml.namespace.QName usernameToken
wsse:UsernameToken
as defined by WS Security specification
public static final javax.xml.namespace.QName timeStamp
wsu:Timestamp
as defined by OASIS WS Security specification,
public static final javax.xml.namespace.QName signatureConfirmation
wsse11:signatureConfirmation
as defined by OASIS WS Security specification,
public static final javax.xml.namespace.QName SIGNATURE
ds:Signature
as defined by XML Signature specification,
enhanced by WS Security specification
public static final javax.xml.namespace.QName ENCRYPTED_KEY
xenc:EncryptedKey
as defined by XML Encryption specification,
enhanced by WS Security specification
public static final javax.xml.namespace.QName REFERENCE_LIST
xenc:ReferenceList
as defined by XML Encryption specification,
public static final javax.xml.namespace.QName SAML_TOKEN
saml:Assertion
as defined by SAML specification
public static final javax.xml.namespace.QName DERIVED_KEY_TOKEN
wsc:DerivedKeyToken
as defined by WS-SecureConversation specification
public static final javax.xml.namespace.QName SECURITY_CONTEXT_TOKEN
wsc:SecurityContextToken
as defined by WS-SecureConversation specification
Constructor Detail |
public WSSecurityEngine()
Method Detail |
public static WSSecurityEngine getInstance()
public static void setWssConfig(WSSConfig wsc)
wsc
- set the static WSSConfig to other than defaultpublic java.util.Vector processSecurityHeader(org.w3c.dom.Document doc, java.lang.String actor, javax.security.auth.callback.CallbackHandler cb, Crypto crypto) throws WSSecurityException
wsse:Security
is availabe with the
defined actor.
doc
- the SOAP envelope as Document
actor
- the engine works on behalf of this actor
. Refer
to the SOAP specification about actor
or role
cb
- a callback hander to the caller to resolve passwords during
encryption and UsernameToken
handlingcrypto
- the object that implements the access to the keystore and the
handling of certificates.
WSSecurityException
processSecurityHeader(Element securityHeader, CallbackHandler cb,Crypto sigCrypto, Crypto decCrypto)
public java.util.Vector processSecurityHeader(org.w3c.dom.Document doc, java.lang.String actor, javax.security.auth.callback.CallbackHandler cb, Crypto sigCrypto, Crypto decCrypto) throws WSSecurityException
wsse:Security
is availabe with the
defined actor.
doc
- the SOAP envelope as Document
actor
- the engine works on behalf of this actor
. Refer
to the SOAP specification about actor
or role
cb
- a callback hander to the caller to resolve passwords during
encryption and UsernameToken
handlingsigCrypto
- the object that implements the access to the keystore and the
handling of certificates for SignaturedecCrypto
- the object that implements the access to the keystore and the
handling of certificates for Decryption
WSSecurityException
processSecurityHeader(Element securityHeader, CallbackHandler cb,Crypto sigCrypto, Crypto decCrypto)
protected java.util.Vector processSecurityHeader(org.w3c.dom.Element securityHeader, javax.security.auth.callback.CallbackHandler cb, Crypto sigCrypto, Crypto decCrypto) throws WSSecurityException
wsse:Security
DOM
Element.
This function loops over all direct child elements of the
wsse:Security
header. If it finds a knwon element, it
transfers control to the appropriate handling function. The method
processes the known child elements in the same order as they appear in
the wsse:Security
element. This is in accordance to the WS
Security specification.
Currently the functions can handle the following child elements:
securityHeader
- the wsse:Security
header elementcb
- a callback hander to the caller to resolve passwords during
encryption and UsernameToken
handlingsigCrypto
- the object that implements the access to the keystore and the
handling of certificates used for SignaturedecCrypto
- the object that implements the access to the keystore and the
handling of certificates used for Decryption
WSSecurityEngineResult
. Each element in the
the Vector represents the result of a security action. The elements
are ordered according to the sequence of the security actions in the
wsse:Signature header. The Vector maybe empty if no security processing
was performed.
WSSecurityException
|
|||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |