Class WSSConfig

java.lang.Object
org.apache.ws.security.WSSConfig

public class WSSConfig extends Object
WSSConfig

Carries configuration data so the WSS4J spec compliance can be modified in runtime. Configure an instance of this object only if you need WSS4J to emulate certain industry clients or previous OASIS specifications for WS-Security interoperability testing purposes.

The default settings follow the latest OASIS and changing anything might violate the OASIS specs.

WARNING: changing the default settings will break the compliance with the latest specs. Do this only if you know what you are doing.

Author:
Rami Jaamour (rjaamour@parasoft.com), Werner Dittmann (werner@apache.org)
  • Field Details

    • defaultConfig

      protected static WSSConfig defaultConfig
    • wsiBSPCompliant

      protected boolean wsiBSPCompliant
    • precisionInMilliSeconds

      protected boolean precisionInMilliSeconds
      Set the timestamp precision mode. If set to true then use timestamps with milliseconds, otherwise omit the millisconds. As per XML Date/Time specification the default is to include the milliseconds.
    • enableSignatureConfirmation

      protected boolean enableSignatureConfirmation
    • timeStampStrict

      protected boolean timeStampStrict
      If set to true then the timestamp handling will throw an expcetion if the timestamp contains an expires element and the semantics are expired. If set to false, not expetion will be thrown, even if the semantics are expired.
    • jceProvider

      protected HashMap jceProvider
  • Constructor Details

    • WSSConfig

      protected WSSConfig()
  • Method Details

    • getNewInstance

      public static WSSConfig getNewInstance()
      Returns:
      a new WSSConfig instance configured with the default values (values identical to getDefaultWSConfig())
    • getDefaultWSConfig

      public static WSSConfig getDefaultWSConfig()
      returns a static WSConfig instance that is configured with the latest OASIS WS-Seurity settings.
    • isWsiBSPCompliant

      public boolean isWsiBSPCompliant()
      Checks if we are in WS-I Basic Security Profile compliance mode
      Returns:
      TODO
    • setWsiBSPCompliant

      public void setWsiBSPCompliant(boolean wsiBSPCompliant)
      Set the WS-I Basic Security Profile compliance mode. The default is false (dues to .Net interop problems).
      Parameters:
      wsiBSPCompliant -
    • isPrecisionInMilliSeconds

      public boolean isPrecisionInMilliSeconds()
      Checks if we need to use milliseconds in timestamps
      Returns:
      TODO
    • setPrecisionInMilliSeconds

      public void setPrecisionInMilliSeconds(boolean precisionInMilliSeconds)
      Set the precision in milliseconds
      Parameters:
      precisionInMilliSeconds - TODO
    • isEnableSignatureConfirmation

      public boolean isEnableSignatureConfirmation()
      Returns:
      Returns the enableSignatureConfirmation.
    • setEnableSignatureConfirmation

      public void setEnableSignatureConfirmation(boolean enableSignatureConfirmation)
      Parameters:
      enableSignatureConfirmation - The enableSignatureConfirmation to set.
    • isTimeStampStrict

      public boolean isTimeStampStrict()
      Returns:
      Returns if we shall throw an exception on expired request semantic
    • setTimeStampStrict

      public void setTimeStampStrict(boolean timeStampStrict)
      Parameters:
      timeStampStrict - If true throw an exception on expired request semantic
    • getAction

      public org.apache.ws.security.action.Action getAction(int action) throws WSSecurityException
      Lookup action
      Parameters:
      action -
      Returns:
      An action class to create a security token
      Throws:
      WSSecurityException
    • getProcessor

      public org.apache.ws.security.processor.Processor getProcessor(QName el) throws WSSecurityException
      Throws:
      WSSecurityException
    • addJceProvider

      public boolean addJceProvider(String id, String className)
      Add a new JCE security provider to use for WSS4J. If the provider is not already known the method loads a security provider class and adds the provider to the java security service.
      Parameters:
      id - The id string of the provider
      className - Name of the class the implements the provider. This class must be a subclass of java.security.Provider
      Returns:
      Returns true if the provider was successfully added, false otherwise.