Class SecurityTokenReference
- java.lang.Object
-
- org.apache.ws.security.message.token.SecurityTokenReference
-
public class SecurityTokenReference extends java.lang.Object
Security Token Reference.- Author:
- Davanum Srinivas (dims@yahoo.com).
-
-
Field Summary
Fields Modifier and Type Field Description protected org.w3c.dom.Element
element
static java.lang.String
KEY_NAME
static java.lang.String
SAML_ID_URI
static java.lang.String
SECURITY_TOKEN_REFERENCE
static java.lang.String
SKI_URI
static java.lang.String
THUMB_URI
-
Constructor Summary
Constructors Constructor Description SecurityTokenReference(org.w3c.dom.Document doc)
Constructor.SecurityTokenReference(org.w3c.dom.Element elem)
Constructor.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description boolean
containsKeyIdentifier()
Method containsKeyIdentifier.boolean
containsReference()
Method containsReferenceboolean
containsX509Data()
Method containsX509Databoolean
containsX509IssuerSerial()
Method containsX509IssuerSerialorg.w3c.dom.Element
getElement()
get the dom element.org.w3c.dom.Element
getFirstElement()
get the first child element.java.security.cert.X509Certificate[]
getKeyIdentifier(Crypto crypto)
Gets the KeyIdentifer.Reference
getReference()
Gets the Reference.byte[]
getSKIBytes()
org.w3c.dom.Element
getTokenElement(org.w3c.dom.Document doc, WSDocInfo docInfo)
Gets the signing token element, which maybe aBinarySecurityToken
or a SAML token.java.security.cert.X509Certificate[]
getX509IssuerSerial(Crypto crypto)
Gets the certificate identified with X509 issuerSerial data.java.lang.String
getX509IssuerSerialAlias(Crypto crypto)
Gets the alias name of the certificate identified with X509 issuerSerial data.java.lang.String
getX509SKIAlias(Crypto crypto)
int
length(java.lang.String namespace, java.lang.String localname)
Method length.int
lengthKeyIdentifier()
Method lengthKeyIdentifier.int
lengthReference()
Method lengthReference.int
lengthX509Data()
Method lengthX509Data.int
lengthX509IssuerSerial()
Method lengthX509IssuerSerial.void
setID(java.lang.String id)
set the id.void
setKeyIdentifier(java.security.cert.X509Certificate cert)
Sets the KeyIdentifer Element as a X509 certificate.void
setKeyIdentifierSKI(java.security.cert.X509Certificate cert, Crypto crypto)
Sets the KeyIdentifer Element as a X509 Subject-Key-Identifier (SKI).void
setKeyIdentifierThumb(java.security.cert.X509Certificate cert)
Sets the KeyIdentifer Element as a Thumbprint.void
setReference(Reference ref)
set the reference.void
setSAMLKeyIdentifier(java.lang.String keyIdVal)
void
setX509IssuerSerial(org.apache.xml.security.keys.content.X509Data ref)
Sets the X509 IssuerSerial data.java.lang.String
toString()
return the string representation.
-
-
-
Field Detail
-
SECURITY_TOKEN_REFERENCE
public static final java.lang.String SECURITY_TOKEN_REFERENCE
- See Also:
- Constant Field Values
-
KEY_NAME
public static final java.lang.String KEY_NAME
- See Also:
- Constant Field Values
-
SKI_URI
public static final java.lang.String SKI_URI
- See Also:
- Constant Field Values
-
THUMB_URI
public static final java.lang.String THUMB_URI
- See Also:
- Constant Field Values
-
SAML_ID_URI
public static final java.lang.String SAML_ID_URI
- See Also:
- Constant Field Values
-
element
protected org.w3c.dom.Element element
-
-
Constructor Detail
-
SecurityTokenReference
public SecurityTokenReference(org.w3c.dom.Element elem) throws WSSecurityException
Constructor.- Parameters:
elem
- TODO- Throws:
WSSecurityException
-
SecurityTokenReference
public SecurityTokenReference(org.w3c.dom.Document doc)
Constructor.- Parameters:
doc
- TODO
-
-
Method Detail
-
setReference
public void setReference(Reference ref)
set the reference.- Parameters:
ref
-
-
getReference
public Reference getReference() throws WSSecurityException
Gets the Reference.- Returns:
- the
Reference
element contained in this SecurityTokeneReference - Throws:
WSSecurityException
-
getTokenElement
public org.w3c.dom.Element getTokenElement(org.w3c.dom.Document doc, WSDocInfo docInfo) throws WSSecurityException
Gets the signing token element, which maybe aBinarySecurityToken
or a SAML token. The method gets the URI attribute of theReference
contained in theSecurityTokenReference
and tries to find the referenced Element in the document.- Parameters:
doc
- the document that contains the binary security token element. This could be different from the document that contains the SecurityTokenReference (STR). See STRTransform.derefenceBST() method- Returns:
- Element containing the signing token, must be a BinarySecurityToken
- Throws:
WSSecurityException
- When either noReference
element, or the found reference contains no URI, or the referenced signing not found.
-
setKeyIdentifier
public void setKeyIdentifier(java.security.cert.X509Certificate cert) throws WSSecurityException
Sets the KeyIdentifer Element as a X509 certificate. Takes a X509 certificate, converts its data into base 64 and inserts it into awsse:KeyIdentifier
element, which is placed in thewsse:SecurityTokenReference
element.- Parameters:
cert
- is the X509 certficate to be inserted as key identifier- Throws:
WSSecurityException
-
setKeyIdentifierSKI
public void setKeyIdentifierSKI(java.security.cert.X509Certificate cert, Crypto crypto) throws WSSecurityException
Sets the KeyIdentifer Element as a X509 Subject-Key-Identifier (SKI). Takes a X509 certificate, gets it SKI data, converts into base 64 and inserts it into awsse:KeyIdentifier
element, which is placed in thewsse:SecurityTokenReference
element.- Parameters:
cert
- is the X509 certficate to get the SKIcrypto
- is the Crypto implementation. Used to read SKI info bytes from certificate- Throws:
WSSecurityException
-
setKeyIdentifierThumb
public void setKeyIdentifierThumb(java.security.cert.X509Certificate cert) throws WSSecurityException
Sets the KeyIdentifer Element as a Thumbprint. Takes a X509 certificate, computes its thumbprint using SHA-1, converts into base 64 and inserts it into awsse:KeyIdentifier
element, which is placed in thewsse:SecurityTokenReference
element.- Parameters:
cert
- is the X509 certficate to get the thumbprint- Throws:
WSSecurityException
-
setSAMLKeyIdentifier
public void setSAMLKeyIdentifier(java.lang.String keyIdVal) throws WSSecurityException
- Throws:
WSSecurityException
-
getKeyIdentifier
public java.security.cert.X509Certificate[] getKeyIdentifier(Crypto crypto) throws WSSecurityException
Gets the KeyIdentifer.- Returns:
- the the X509 certficate or zero if a unknown key identifier type was detected.
- Throws:
WSSecurityException
-
getX509SKIAlias
public java.lang.String getX509SKIAlias(Crypto crypto) throws WSSecurityException
- Throws:
WSSecurityException
-
getSKIBytes
public byte[] getSKIBytes()
-
setX509IssuerSerial
public void setX509IssuerSerial(org.apache.xml.security.keys.content.X509Data ref)
Sets the X509 IssuerSerial data.- Parameters:
ref
- theXMLX509IssuerSerial
to put into this SecurityTokenReference
-
getX509IssuerSerial
public java.security.cert.X509Certificate[] getX509IssuerSerial(Crypto crypto) throws WSSecurityException
Gets the certificate identified with X509 issuerSerial data. This method first tries to get the embedded certificate. If this fails it checks if the certificate is in the keystore.- Returns:
- a certificate array or null if nothing found
- Throws:
WSSecurityException
-
getX509IssuerSerialAlias
public java.lang.String getX509IssuerSerialAlias(Crypto crypto) throws WSSecurityException
Gets the alias name of the certificate identified with X509 issuerSerial data. The keystore identifies the certificate and the key with this alias name.- Returns:
- the alias name for the certificate or null if nothing found
- Throws:
WSSecurityException
-
getFirstElement
public org.w3c.dom.Element getFirstElement()
get the first child element.- Returns:
- the first
Element
child node
-
containsReference
public boolean containsReference()
Method containsReference- Returns:
- true if the
SecurtityTokenReference
contains awsse:Reference
element
-
lengthReference
public int lengthReference()
Method lengthReference.- Returns:
- number of
wsse:Reference
elements in theSecurtityTokenReference
-
containsX509IssuerSerial
public boolean containsX509IssuerSerial()
Method containsX509IssuerSerial- Returns:
- true if the
SecurtityTokenReference
contains ads:IssuerSerial
element
-
containsX509Data
public boolean containsX509Data()
Method containsX509Data- Returns:
- true if the
SecurtityTokenReference
contains ads:X509Data
element
-
lengthX509IssuerSerial
public int lengthX509IssuerSerial()
Method lengthX509IssuerSerial.- Returns:
- number of
ds:IssuerSerial
elements in theSecurtityTokenReference
-
lengthX509Data
public int lengthX509Data()
Method lengthX509Data.- Returns:
- number of
ds:IssuerSerial
elements in theSecurtityTokenReference
-
containsKeyIdentifier
public boolean containsKeyIdentifier()
Method containsKeyIdentifier.- Returns:
- true if the
SecurtityTokenReference
contains awsse:KeyIdentifier
element
-
lengthKeyIdentifier
public int lengthKeyIdentifier()
Method lengthKeyIdentifier.- Returns:
- number of
wsse:KeyIdentifier
elements in theSecurtityTokenReference
-
length
public int length(java.lang.String namespace, java.lang.String localname)
Method length.- Parameters:
namespace
-localname
-- Returns:
- number of elements with matching localname and namespace
-
getElement
public org.w3c.dom.Element getElement()
get the dom element.- Returns:
- TODO
-
setID
public void setID(java.lang.String id)
set the id.- Parameters:
id
-
-
toString
public java.lang.String toString()
return the string representation.- Overrides:
toString
in classjava.lang.Object
- Returns:
- TODO
-
-