Package org.apache.cxf.rs.security.httpsignature

Class HTTPSignatureConstants

java.lang.Object
org.apache.cxf.rt.security.rs.RSSecurityConstants
org.apache.cxf.rs.security.httpsignature.HTTPSignatureConstants
public final class HTTPSignatureConstants extends org.apache.cxf.rt.security.rs.RSSecurityConstants
Some security constants to be used with HTTP Signature.

  • Field Details

    • REQUEST_TARGET

      public static final String REQUEST_TARGET
      See Also:

    • RSSEC_HTTP_SIGNATURE_KEY_ID

      public static final String RSSEC_HTTP_SIGNATURE_KEY_ID
      The signature key id. This is a required configuration option on the outbound side.
      See Also:

    • RSSEC_HTTP_SIGNATURE_OUT_HEADERS

      public static final String RSSEC_HTTP_SIGNATURE_OUT_HEADERS
      This is a list of String values which correspond to the list of HTTP headers that will be signed in the outbound request. The default is to sign all message headers. In addition, by default a client will include "(request-target)" in the signed headers list.
      See Also:

    • RSSEC_HTTP_SIGNATURE_IN_HEADERS

      public static final String RSSEC_HTTP_SIGNATURE_IN_HEADERS
      This is a list of String values which correspond to the list of HTTP headers that must be signed in the inbound request. By default, a client request must sign "(request-target)". In addition, both a client request and service response must sign "digest", unless it is a GET request.
      See Also:

    • RSSEC_HTTP_SIGNATURE_DIGEST_ALGORITHM

      public static final String RSSEC_HTTP_SIGNATURE_DIGEST_ALGORITHM
      The digest algorithm to use when digesting the payload. The default algorithm if not specified is "SHA-256".
      See Also: