Class SecurityTokenReference

java.lang.Object
org.apache.ws.security.message.token.SecurityTokenReference

public class SecurityTokenReference extends Object
Security Token Reference.

Author:
Davanum Srinivas (dims@yahoo.com).
  • Field Details

  • Constructor Details

    • SecurityTokenReference

      public SecurityTokenReference(Element elem) throws WSSecurityException
      Constructor.

      Parameters:
      elem - TODO
      Throws:
      WSSecurityException
    • SecurityTokenReference

      public SecurityTokenReference(Document doc)
      Constructor.

      Parameters:
      doc - TODO
  • Method Details

    • setReference

      public void setReference(Reference ref)
      set the reference.

      Parameters:
      ref -
    • getReference

      public Reference getReference() throws WSSecurityException
      Gets the Reference.
      Returns:
      the Reference element contained in this SecurityTokeneReference
      Throws:
      WSSecurityException
    • getTokenElement

      public Element getTokenElement(Document doc, WSDocInfo docInfo) throws WSSecurityException
      Gets the signing token element, which maybe a BinarySecurityToken or a SAML token. The method gets the URI attribute of the Reference contained in the SecurityTokenReference and tries to find the referenced Element in the document.
      Parameters:
      doc - the document that contains the binary security token element. This could be different from the document that contains the SecurityTokenReference (STR). See STRTransform.derefenceBST() method
      Returns:
      Element containing the signing token, must be a BinarySecurityToken
      Throws:
      WSSecurityException - When either no Reference element, or the found reference contains no URI, or the referenced signing not found.
    • setKeyIdentifier

      public void setKeyIdentifier(X509Certificate cert) throws WSSecurityException
      Sets the KeyIdentifer Element as a X509 certificate. Takes a X509 certificate, converts its data into base 64 and inserts it into a wsse:KeyIdentifier element, which is placed in the wsse:SecurityTokenReference element.
      Parameters:
      cert - is the X509 certficate to be inserted as key identifier
      Throws:
      WSSecurityException
    • setKeyIdentifierSKI

      public void setKeyIdentifierSKI(X509Certificate cert, Crypto crypto) throws WSSecurityException
      Sets the KeyIdentifer Element as a X509 Subject-Key-Identifier (SKI). Takes a X509 certificate, gets it SKI data, converts into base 64 and inserts it into a wsse:KeyIdentifier element, which is placed in the wsse:SecurityTokenReference element.
      Parameters:
      cert - is the X509 certficate to get the SKI
      crypto - is the Crypto implementation. Used to read SKI info bytes from certificate
      Throws:
      WSSecurityException
    • setKeyIdentifierThumb

      public void setKeyIdentifierThumb(X509Certificate cert) throws WSSecurityException
      Sets the KeyIdentifer Element as a Thumbprint. Takes a X509 certificate, computes its thumbprint using SHA-1, converts into base 64 and inserts it into a wsse:KeyIdentifier element, which is placed in the wsse:SecurityTokenReference element.
      Parameters:
      cert - is the X509 certficate to get the thumbprint
      Throws:
      WSSecurityException
    • setSAMLKeyIdentifier

      public void setSAMLKeyIdentifier(String keyIdVal) throws WSSecurityException
      Throws:
      WSSecurityException
    • getKeyIdentifier

      public X509Certificate[] getKeyIdentifier(Crypto crypto) throws WSSecurityException
      Gets the KeyIdentifer.
      Returns:
      the the X509 certficate or zero if a unknown key identifier type was detected.
      Throws:
      WSSecurityException
    • getX509SKIAlias

      public String getX509SKIAlias(Crypto crypto) throws WSSecurityException
      Throws:
      WSSecurityException
    • getSKIBytes

      public byte[] getSKIBytes()
    • setX509IssuerSerial

      public void setX509IssuerSerial(org.apache.xml.security.keys.content.X509Data ref)
      Sets the X509 IssuerSerial data.
      Parameters:
      ref - the XMLX509IssuerSerial to put into this SecurityTokenReference
    • getX509IssuerSerial

      public X509Certificate[] getX509IssuerSerial(Crypto crypto) throws WSSecurityException
      Gets the certificate identified with X509 issuerSerial data. This method first tries to get the embedded certificate. If this fails it checks if the certificate is in the keystore.
      Returns:
      a certificate array or null if nothing found
      Throws:
      WSSecurityException
    • getX509IssuerSerialAlias

      public String getX509IssuerSerialAlias(Crypto crypto) throws WSSecurityException
      Gets the alias name of the certificate identified with X509 issuerSerial data. The keystore identifies the certificate and the key with this alias name.
      Returns:
      the alias name for the certificate or null if nothing found
      Throws:
      WSSecurityException
    • getFirstElement

      public Element getFirstElement()
      get the first child element.
      Returns:
      the first Element child node
    • containsReference

      public boolean containsReference()
      Method containsReference
      Returns:
      true if the SecurtityTokenReference contains a wsse:Reference element
    • lengthReference

      public int lengthReference()
      Method lengthReference.
      Returns:
      number of wsse:Reference elements in the SecurtityTokenReference
    • containsX509IssuerSerial

      public boolean containsX509IssuerSerial()
      Method containsX509IssuerSerial
      Returns:
      true if the SecurtityTokenReference contains a ds:IssuerSerial element
    • containsX509Data

      public boolean containsX509Data()
      Method containsX509Data
      Returns:
      true if the SecurtityTokenReference contains a ds:X509Data element
    • lengthX509IssuerSerial

      public int lengthX509IssuerSerial()
      Method lengthX509IssuerSerial.
      Returns:
      number of ds:IssuerSerial elements in the SecurtityTokenReference
    • lengthX509Data

      public int lengthX509Data()
      Method lengthX509Data.
      Returns:
      number of ds:IssuerSerial elements in the SecurtityTokenReference
    • containsKeyIdentifier

      public boolean containsKeyIdentifier()
      Method containsKeyIdentifier.
      Returns:
      true if the SecurtityTokenReference contains a wsse:KeyIdentifier element
    • lengthKeyIdentifier

      public int lengthKeyIdentifier()
      Method lengthKeyIdentifier.
      Returns:
      number of wsse:KeyIdentifier elements in the SecurtityTokenReference
    • length

      public int length(String namespace, String localname)
      Method length.
      Parameters:
      namespace -
      localname -
      Returns:
      number of elements with matching localname and namespace
    • getElement

      public Element getElement()
      get the dom element.

      Returns:
      TODO
    • setID

      public void setID(String id)
      set the id.

      Parameters:
      id -
    • toString

      public String toString()
      return the string representation.

      Overrides:
      toString in class Object
      Returns:
      TODO