Package org.apache.ws.security
Class WSSecurityEngine
- java.lang.Object
-
- org.apache.ws.security.WSSecurityEngine
-
public class WSSecurityEngine extends java.lang.Object
WS-Security Engine.- Author:
- Davanum Srinivas (dims@yahoo.com)., Werner Dittmann (Werner.Dittmann@t-online.de).
-
-
Field Summary
Fields Modifier and Type Field Description static javax.xml.namespace.QName
binaryToken
wsse:BinarySecurityToken
as defined by WS Security specificationstatic javax.xml.namespace.QName
DERIVED_KEY_TOKEN_05_02
wsc:DerivedKeyToken
as defined by WS-SecureConversation specificationstatic javax.xml.namespace.QName
DERIVED_KEY_TOKEN_05_12
wsc:DerivedKeyToken
as defined by WS-SecureConversation specification in WS-SXstatic javax.xml.namespace.QName
ENCRYPTED_KEY
xenc:EncryptedKey
as defined by XML Encryption specification, enhanced by WS Security specificationstatic javax.xml.namespace.QName
REFERENCE_LIST
xenc:ReferenceList
as defined by XML Encryption specification,static javax.xml.namespace.QName
SAML_TOKEN
saml:Assertion
as defined by SAML specificationstatic javax.xml.namespace.QName
SECURITY_CONTEXT_TOKEN_05_02
wsc:SecurityContextToken
as defined by WS-SecureConversation specificationstatic javax.xml.namespace.QName
SECURITY_CONTEXT_TOKEN_05_12
wsc:SecurityContextToken
as defined by WS-SecureConversation specification in WS-SXstatic javax.xml.namespace.QName
SIGNATURE
ds:Signature
as defined by XML Signature specification, enhanced by WS Security specificationstatic javax.xml.namespace.QName
signatureConfirmation
wsse11:signatureConfirmation
as defined by OASIS WS Security specification,static javax.xml.namespace.QName
timeStamp
wsu:Timestamp
as defined by OASIS WS Security specification,static javax.xml.namespace.QName
usernameToken
wsse:UsernameToken
as defined by WS Security specificationstatic java.lang.String
VALUE_TYPE
-
Constructor Summary
Constructors Constructor Description WSSecurityEngine()
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description static WSSecurityEngine
getInstance()
Get a singleton instance of security engine.java.util.Vector
processSecurityHeader(org.w3c.dom.Document doc, java.lang.String actor, javax.security.auth.callback.CallbackHandler cb, Crypto crypto)
Process the security header given the soap envelope as W3C document.java.util.Vector
processSecurityHeader(org.w3c.dom.Document doc, java.lang.String actor, javax.security.auth.callback.CallbackHandler cb, Crypto sigCrypto, Crypto decCrypto)
Process the security header given the soap envelope as W3C document.protected java.util.Vector
processSecurityHeader(org.w3c.dom.Element securityHeader, javax.security.auth.callback.CallbackHandler cb, Crypto sigCrypto, Crypto decCrypto)
Process the security header given thewsse:Security
DOM Element.static void
setWssConfig(WSSConfig wsc)
-
-
-
Field Detail
-
VALUE_TYPE
public static final java.lang.String VALUE_TYPE
- See Also:
- Constant Field Values
-
binaryToken
public static final javax.xml.namespace.QName binaryToken
wsse:BinarySecurityToken
as defined by WS Security specification
-
usernameToken
public static final javax.xml.namespace.QName usernameToken
wsse:UsernameToken
as defined by WS Security specification
-
timeStamp
public static final javax.xml.namespace.QName timeStamp
wsu:Timestamp
as defined by OASIS WS Security specification,
-
signatureConfirmation
public static final javax.xml.namespace.QName signatureConfirmation
wsse11:signatureConfirmation
as defined by OASIS WS Security specification,
-
SIGNATURE
public static final javax.xml.namespace.QName SIGNATURE
ds:Signature
as defined by XML Signature specification, enhanced by WS Security specification
-
ENCRYPTED_KEY
public static final javax.xml.namespace.QName ENCRYPTED_KEY
xenc:EncryptedKey
as defined by XML Encryption specification, enhanced by WS Security specification
-
REFERENCE_LIST
public static final javax.xml.namespace.QName REFERENCE_LIST
xenc:ReferenceList
as defined by XML Encryption specification,
-
SAML_TOKEN
public static final javax.xml.namespace.QName SAML_TOKEN
saml:Assertion
as defined by SAML specification
-
DERIVED_KEY_TOKEN_05_02
public static final javax.xml.namespace.QName DERIVED_KEY_TOKEN_05_02
wsc:DerivedKeyToken
as defined by WS-SecureConversation specification
-
SECURITY_CONTEXT_TOKEN_05_02
public static final javax.xml.namespace.QName SECURITY_CONTEXT_TOKEN_05_02
wsc:SecurityContextToken
as defined by WS-SecureConversation specification
-
DERIVED_KEY_TOKEN_05_12
public static final javax.xml.namespace.QName DERIVED_KEY_TOKEN_05_12
wsc:DerivedKeyToken
as defined by WS-SecureConversation specification in WS-SX
-
SECURITY_CONTEXT_TOKEN_05_12
public static final javax.xml.namespace.QName SECURITY_CONTEXT_TOKEN_05_12
wsc:SecurityContextToken
as defined by WS-SecureConversation specification in WS-SX
-
-
Method Detail
-
getInstance
public static WSSecurityEngine getInstance()
Get a singleton instance of security engine.- Returns:
- ws-security engine.
-
setWssConfig
public static void setWssConfig(WSSConfig wsc)
- Parameters:
wsc
- set the static WSSConfig to other than default
-
processSecurityHeader
public java.util.Vector processSecurityHeader(org.w3c.dom.Document doc, java.lang.String actor, javax.security.auth.callback.CallbackHandler cb, Crypto crypto) throws WSSecurityException
Process the security header given the soap envelope as W3C document. This is the main entry point to verify or decrypt a SOAP enevelope. First check if awsse:Security
is availabe with the defined actor.- Parameters:
doc
- the SOAP envelope asDocument
actor
- the engine works on behalf of thisactor
. Refer to the SOAP specification aboutactor
orrole
cb
- a callback hander to the caller to resolve passwords during encryption andUsernameToken
handlingcrypto
- the object that implements the access to the keystore and the handling of certificates.- Returns:
- a result vector
- Throws:
WSSecurityException
- See Also:
processSecurityHeader(Element securityHeader, CallbackHandler cb,Crypto sigCrypto, Crypto decCrypto)
-
processSecurityHeader
public java.util.Vector processSecurityHeader(org.w3c.dom.Document doc, java.lang.String actor, javax.security.auth.callback.CallbackHandler cb, Crypto sigCrypto, Crypto decCrypto) throws WSSecurityException
Process the security header given the soap envelope as W3C document. This is the main entry point to verify or decrypt a SOAP enevelope. First check if awsse:Security
is availabe with the defined actor.- Parameters:
doc
- the SOAP envelope asDocument
actor
- the engine works on behalf of thisactor
. Refer to the SOAP specification aboutactor
orrole
cb
- a callback hander to the caller to resolve passwords during encryption andUsernameToken
handlingsigCrypto
- the object that implements the access to the keystore and the handling of certificates for SignaturedecCrypto
- the object that implements the access to the keystore and the handling of certificates for Decryption- Returns:
- a result vector
- Throws:
WSSecurityException
- See Also:
processSecurityHeader(Element securityHeader, CallbackHandler cb,Crypto sigCrypto, Crypto decCrypto)
-
processSecurityHeader
protected java.util.Vector processSecurityHeader(org.w3c.dom.Element securityHeader, javax.security.auth.callback.CallbackHandler cb, Crypto sigCrypto, Crypto decCrypto) throws WSSecurityException
Process the security header given thewsse:Security
DOM Element. This function loops over all direct child elements of thewsse:Security
header. If it finds a knwon element, it transfers control to the appropriate handling function. The method processes the known child elements in the same order as they appear in thewsse:Security
element. This is in accordance to the WS Security specification. Currently the functions can handle the following child elements:- Parameters:
securityHeader
- thewsse:Security
header elementcb
- a callback hander to the caller to resolve passwords during encryption andUsernameToken
handlingsigCrypto
- the object that implements the access to the keystore and the handling of certificates used for SignaturedecCrypto
- the object that implements the access to the keystore and the handling of certificates used for Decryption- Returns:
- a Vector of
WSSecurityEngineResult
. Each element in the the Vector represents the result of a security action. The elements are ordered according to the sequence of the security actions in the wsse:Signature header. The Vector maybe empty if no security processing was performed. - Throws:
WSSecurityException
-
-