Package org.apache.wss4j.stax.ext

Class WSSSecurityProperties

java.lang.Object
org.apache.xml.security.stax.ext.XMLSecurityProperties
org.apache.wss4j.stax.ext.WSSSecurityProperties
public class WSSSecurityProperties extends org.apache.xml.security.stax.ext.XMLSecurityProperties
Main configuration class to supply keys etc. This class is subject to change in the future. Probably we will allow to configure the framework per WSDL

  • Constructor Details

    • WSSSecurityProperties

      public WSSSecurityProperties()

    • WSSSecurityProperties

      public WSSSecurityProperties(WSSSecurityProperties wssSecurityProperties)

  • Method Details

    • getCallbackHandler

      public CallbackHandler getCallbackHandler()
      returns the password callback handler
      Returns:
      the password callback handler

    • setCallbackHandler

      public void setCallbackHandler(CallbackHandler callbackHandler)
      sets the password callback handler
      Parameters:
      callbackHandler - the password callback handler

    • getTimestampTTL

      public Integer getTimestampTTL()

    • setTimestampTTL

      public void setTimestampTTL(Integer timestampTTL)

    • isStrictTimestampCheck

      public boolean isStrictTimestampCheck()

    • setStrictTimestampCheck

      public void setStrictTimestampCheck(boolean strictTimestampCheck)

    • setHandleCustomPasswordTypes

      public void setHandleCustomPasswordTypes(boolean handleCustomTypes)
      Parameters:
      handleCustomTypes - whether to handle custom UsernameToken password types or not

    • getHandleCustomPasswordTypes

      public boolean getHandleCustomPasswordTypes()
      Returns:
      whether custom UsernameToken password types are allowed or not

    • getTokenUser

      public String getTokenUser()

    • setTokenUser

      public void setTokenUser(String tokenUser)

    • getUsernameTokenPasswordType

      public WSSConstants.UsernameTokenPasswordType getUsernameTokenPasswordType()

    • setUsernameTokenPasswordType

      public void setUsernameTokenPasswordType(WSSConstants.UsernameTokenPasswordType usernameTokenPasswordType)

    • isEnableSignatureConfirmationVerification

      public boolean isEnableSignatureConfirmationVerification()

    • setEnableSignatureConfirmationVerification

      public void setEnableSignatureConfirmationVerification(boolean enableSignatureConfirmationVerification)

    • isUseReqSigCertForEncryption

      public boolean isUseReqSigCertForEncryption()

    • setUseReqSigCertForEncryption

      public void setUseReqSigCertForEncryption(boolean useReqSigCertForEncryption)

    • getActor

      public String getActor()

    • setActor

      public void setActor(String actor)

    • getDerivedKeyKeyIdentifier

      public org.apache.xml.security.stax.securityToken.SecurityTokenConstants.KeyIdentifier getDerivedKeyKeyIdentifier()

    • setDerivedKeyKeyIdentifier

      public void setDerivedKeyKeyIdentifier(org.apache.xml.security.stax.securityToken.SecurityTokenConstants.KeyIdentifier derivedKeyKeyIdentifier)

    • getDerivedKeyTokenReference

      public WSSConstants.DerivedKeyTokenReference getDerivedKeyTokenReference()

    • setDerivedKeyTokenReference

      public void setDerivedKeyTokenReference(WSSConstants.DerivedKeyTokenReference derivedKeyTokenReference)

    • addIgnoreBSPRule

      public void addIgnoreBSPRule(BSPRule bspRule)

    • getIgnoredBSPRules

      public List<BSPRule> getIgnoredBSPRules()

    • addValidator

      public void addValidator(QName qName, Validator validator)

    • getValidator

      public <T extends Validator> T getValidator(QName qName)

    • setSignatureUser

      public void setSignatureUser(String signatureUser)

    • getSignatureUser

      public String getSignatureUser()

    • getSignatureKeyStore

      public KeyStore getSignatureKeyStore()

    • loadSignatureKeyStore

      public void loadSignatureKeyStore(URL url, char[] keyStorePassword) throws Exception
      Throws:
      Exception

    • getSignatureCryptoProperties

      public Properties getSignatureCryptoProperties()

    • setSignatureCryptoProperties

      public void setSignatureCryptoProperties(Properties cryptoProperties)

    • setSignatureCryptoProperties

      public void setSignatureCryptoProperties(Properties cryptoProperties, PasswordEncryptor passwordEncryptor)

    • getSignatureCryptoClass

      public Class<? extends Merlin> getSignatureCryptoClass()

    • setSignatureCryptoClass

      public void setSignatureCryptoClass(Class<? extends Merlin> signatureCryptoClass)

    • getSignatureCrypto

      public Crypto getSignatureCrypto() throws WSSConfigurationException
      Throws:
      WSSConfigurationException

    • setSignatureCrypto

      public void setSignatureCrypto(Crypto sigCrypto)

    • getSignatureVerificationKeyStore

      public KeyStore getSignatureVerificationKeyStore()

    • loadSignatureVerificationKeystore

      public void loadSignatureVerificationKeystore(URL url, char[] keyStorePassword) throws Exception
      Throws:
      Exception

    • loadCRLCertStore

      public void loadCRLCertStore(URL url) throws Exception
      Throws:
      Exception

    • getSignatureVerificationCryptoProperties

      public Properties getSignatureVerificationCryptoProperties()

    • setSignatureVerificationCryptoProperties

      public void setSignatureVerificationCryptoProperties(Properties cryptoProperties)

    • setSignatureVerificationCryptoProperties

      public void setSignatureVerificationCryptoProperties(Properties cryptoProperties, PasswordEncryptor passwordEncryptor)

    • getSignatureVerificationCryptoClass

      public Class<? extends Merlin> getSignatureVerificationCryptoClass()

    • setSignatureVerificationCryptoClass

      public void setSignatureVerificationCryptoClass(Class<? extends Merlin> signatureVerificationCryptoClass)

    • getSignatureVerificationCrypto

      public Crypto getSignatureVerificationCrypto() throws WSSConfigurationException
      Throws:
      WSSConfigurationException

    • setSignatureVerificationCrypto

      public void setSignatureVerificationCrypto(Crypto sigVerCrypto)

    • getDecryptionKeyStore

      public KeyStore getDecryptionKeyStore()
      Returns the decryption keystore
      Returns:
      A keystore for decryption operation

    • loadDecryptionKeystore

      public void loadDecryptionKeystore(URL url, char[] keyStorePassword) throws Exception
      loads a java keystore from the given url for decrypt operations
      Parameters:
      url - The URL to the keystore
      keyStorePassword - The keyStorePassword
      Throws:
      Exception - thrown if something goes wrong while loading the keystore

    • getDecryptionCryptoProperties

      public Properties getDecryptionCryptoProperties()

    • setDecryptionCryptoProperties

      public void setDecryptionCryptoProperties(Properties cryptoProperties)

    • setDecryptionCryptoProperties

      public void setDecryptionCryptoProperties(Properties cryptoProperties, PasswordEncryptor passwordEncryptor)

    • getDecryptionCryptoClass

      public Class<? extends Merlin> getDecryptionCryptoClass()
      Returns the decryption crypto class
      Returns:
      the decryption crypto class

    • setDecryptionCryptoClass

      public void setDecryptionCryptoClass(Class<? extends Merlin> decryptionCryptoClass)
      Sets a custom decryption class
      Parameters:
      decryptionCryptoClass -

    • getDecryptionCrypto

      public Crypto getDecryptionCrypto() throws WSSConfigurationException
      returns the decryptionCrypto for the key-management
      Returns:
      A Crypto instance
      Throws:
      WSSConfigurationException - thrown if something goes wrong

    • setDecryptionCrypto

      public void setDecryptionCrypto(Crypto decCrypto)

    • getEncryptionKeyStore

      public KeyStore getEncryptionKeyStore()
      Returns the encryption keystore
      Returns:
      A keystore for encryption operation

    • loadEncryptionKeystore

      public void loadEncryptionKeystore(URL url, char[] keyStorePassword) throws Exception
      loads a java keystore from the given url for encrypt operations
      Parameters:
      url - The URL to the keystore
      keyStorePassword - The keyStorePassword
      Throws:
      Exception - thrown if something goes wrong while loading the keystore

    • getEncryptionCryptoProperties

      public Properties getEncryptionCryptoProperties()

    • setEncryptionCryptoProperties

      public void setEncryptionCryptoProperties(Properties cryptoProperties)

    • setEncryptionCryptoProperties

      public void setEncryptionCryptoProperties(Properties cryptoProperties, PasswordEncryptor passwordEncryptor)

    • getEncryptionCryptoClass

      public Class<? extends Merlin> getEncryptionCryptoClass()
      Returns the encryption crypto class
      Returns:
      the encryption crypto class

    • setEncryptionCryptoClass

      public void setEncryptionCryptoClass(Class<? extends Merlin> encryptionCryptoClass)
      Sets a custom encryption class
      Parameters:
      encryptionCryptoClass -

    • getEncryptionCrypto

      public Crypto getEncryptionCrypto() throws WSSConfigurationException
      returns the encryptionCrypto for the key-management
      Returns:
      A Crypto instance
      Throws:
      WSSConfigurationException - thrown if something goes wrong

    • setEncryptionCrypto

      public void setEncryptionCrypto(Crypto encCrypto)

    • getEncryptionUser

      public String getEncryptionUser()
      Returns the alias for the encryption key in the keystore
      Returns:
      the alias for the encryption key in the keystore as string

    • setEncryptionUser

      public void setEncryptionUser(String encryptionUser)
      Specifies the the alias for the encryption key in the keystore
      Parameters:
      encryptionUser - the the alias for the encryption key in the keystore as string

    • getEncryptionCompressionAlgorithm

      public String getEncryptionCompressionAlgorithm()

    • setEncryptionCompressionAlgorithm

      public void setEncryptionCompressionAlgorithm(String encryptionCompressionAlgorithm)

    • isAllowUsernameTokenNoPassword

      public boolean isAllowUsernameTokenNoPassword()

    • setAllowUsernameTokenNoPassword

      public void setAllowUsernameTokenNoPassword(boolean allowUsernameTokenNoPassword)

    • isEnableRevocation

      public boolean isEnableRevocation()

    • setEnableRevocation

      public void setEnableRevocation(boolean enableRevocation)

    • getCrlCertStore

      public CertStore getCrlCertStore()

    • setCrlCertStore

      public void setCrlCertStore(CertStore crlCertStore)

    • getTimeStampFutureTTL

      public Integer getTimeStampFutureTTL()

    • setTimeStampFutureTTL

      public void setTimeStampFutureTTL(Integer timeStampFutureTTL)

    • getUtTTL

      public Integer getUtTTL()

    • setUtTTL

      public void setUtTTL(Integer utTTL)

    • getUtFutureTTL

      public Integer getUtFutureTTL()

    • setUtFutureTTL

      public void setUtFutureTTL(Integer utFutureTTL)

    • setTimestampReplayCache

      public void setTimestampReplayCache(ReplayCache newCache)
      Set the replay cache for Timestamps

    • getTimestampReplayCache

      public ReplayCache getTimestampReplayCache() throws WSSecurityException
      Get the replay cache for Timestamps
      Throws:
      WSSecurityException

    • setNonceReplayCache

      public void setNonceReplayCache(ReplayCache newCache)
      Set the replay cache for Nonces

    • getNonceReplayCache

      public ReplayCache getNonceReplayCache() throws WSSecurityException
      Get the replay cache for Nonces
      Throws:
      WSSecurityException

    • setSamlOneTimeUseReplayCache

      public void setSamlOneTimeUseReplayCache(ReplayCache newCache)
      Set the replay cache for SAML2 OneTimeUse Assertions

    • getSamlOneTimeUseReplayCache

      public ReplayCache getSamlOneTimeUseReplayCache() throws WSSecurityException
      Get the replay cache for SAML2 OneTimeUse Assertions
      Throws:
      WSSecurityException

    • isDisableBSPEnforcement

      public boolean isDisableBSPEnforcement()

    • setDisableBSPEnforcement

      public void setDisableBSPEnforcement(boolean disableBSPEnforcement)

    • isAllowRSA15KeyTransportAlgorithm

      public boolean isAllowRSA15KeyTransportAlgorithm()

    • setAllowRSA15KeyTransportAlgorithm

      public void setAllowRSA15KeyTransportAlgorithm(boolean allowRSA15KeyTransportAlgorithm)

    • getDerivedKeyIterations

      public Integer getDerivedKeyIterations()

    • setDerivedKeyIterations

      public void setDerivedKeyIterations(Integer derivedKeyIterations)

    • isUseDerivedKeyForMAC

      public boolean isUseDerivedKeyForMAC()

    • setUseDerivedKeyForMAC

      public void setUseDerivedKeyForMAC(boolean useDerivedKeyForMAC)

    • isAddUsernameTokenNonce

      public boolean isAddUsernameTokenNonce()

    • setAddUsernameTokenNonce

      public void setAddUsernameTokenNonce(boolean addUsernameTokenNonce)

    • isAddUsernameTokenCreated

      public boolean isAddUsernameTokenCreated()

    • setAddUsernameTokenCreated

      public void setAddUsernameTokenCreated(boolean addUsernameTokenCreated)

    • getSamlCallbackHandler

      public CallbackHandler getSamlCallbackHandler()

    • setSamlCallbackHandler

      public void setSamlCallbackHandler(CallbackHandler samlCallbackHandler)

    • isValidateSamlSubjectConfirmation

      public boolean isValidateSamlSubjectConfirmation()

    • setValidateSamlSubjectConfirmation

      public void setValidateSamlSubjectConfirmation(boolean validateSamlSubjectConfirmation)

    • isMustUnderstand

      public boolean isMustUnderstand()

    • setMustUnderstand

      public void setMustUnderstand(boolean mustUnderstand)

    • isIncludeSignatureToken

      public boolean isIncludeSignatureToken()

    • setIncludeSignatureToken

      public void setIncludeSignatureToken(boolean includeSignatureToken)

    • isIncludeEncryptionToken

      public boolean isIncludeEncryptionToken()

    • setIncludeEncryptionToken

      public void setIncludeEncryptionToken(boolean includeEncryptionToken)

    • isEncryptSymmetricEncryptionKey

      public boolean isEncryptSymmetricEncryptionKey()

    • setEncryptSymmetricEncryptionKey

      public void setEncryptSymmetricEncryptionKey(boolean encryptSymmetricEncrytionKey)

    • setSubjectCertConstraints

      public void setSubjectCertConstraints(Collection<Pattern> subjectCertConstraints)
      Set the Signature Subject Cert Constraints

    • getSubjectCertConstraints

      public Collection<Pattern> getSubjectCertConstraints()
      Get the Signature Subject Cert Constraints

    • setIssuerDNConstraints

      public void setIssuerDNConstraints(Collection<Pattern> issuerDNPatterns)
      Set the Signature Issuer Cert Constraints

    • getIssuerDNConstraints

      public Collection<Pattern> getIssuerDNConstraints()
      Get the Signature Issuer Cert Constraints

    • setAudienceRestrictions

      public void setAudienceRestrictions(List<String> audienceRestrictions)
      Set the Audience Restrictions

    • getAudienceRestrictions

      public List<String> getAudienceRestrictions()
      Get the Audience Restrictions

    • getDerivedSignatureKeyLength

      public int getDerivedSignatureKeyLength()

    • setDerivedSignatureKeyLength

      public void setDerivedSignatureKeyLength(int derivedSignatureKeyLength)

    • getDerivedEncryptionKeyLength

      public int getDerivedEncryptionKeyLength()

    • setDerivedEncryptionKeyLength

      public void setDerivedEncryptionKeyLength(int derivedEncryptionKeyLength)

    • isUse200512Namespace

      public boolean isUse200512Namespace()

    • setUse200512Namespace

      public void setUse200512Namespace(boolean use200512Namespace)

    • getAttachmentCallbackHandler

      public CallbackHandler getAttachmentCallbackHandler()

    • setAttachmentCallbackHandler

      public void setAttachmentCallbackHandler(CallbackHandler attachmentCallbackHandler)

    • getMsgContext

      public Object getMsgContext()

    • setMsgContext

      public void setMsgContext(Object msgContext)

    • isRequireTimestampExpires

      public boolean isRequireTimestampExpires()

    • setRequireTimestampExpires

      public void setRequireTimestampExpires(boolean requireTimestampExpires)

    • isSoap12

      public boolean isSoap12()

    • setSoap12

      public void setSoap12(boolean soap12)

    • getDocumentCreator

      public DocumentCreator getDocumentCreator()

    • setDocumentCreator

      public void setDocumentCreator(DocumentCreator documentCreator)