public class WSSecSignature extends WSSecBase
WSSignEnvelope
. This new class allows better control of
the process to create a Signature and to add it to the Security header.
The flexibility and fine granular control is required to implement a handler
that uses WSSecurityPolicy files to control the setup of a Security header.Modifier and Type | Field and Description |
---|---|
protected BinarySecurity |
bstToken |
protected String |
canonAlgo |
protected String |
certUri |
protected org.w3c.dom.Document |
document |
protected org.apache.xml.security.keys.KeyInfo |
keyInfo |
protected String |
keyInfoUri |
protected SecurityTokenReference |
secRef |
protected org.apache.xml.security.signature.XMLSignature |
sig |
protected String |
sigAlgo |
protected byte[] |
signatureValue |
protected String |
strUri |
protected WSSecUsernameToken |
usernameToken |
protected boolean |
useSingleCert |
protected WSDocInfo |
wsDocInfo |
Constructor and Description |
---|
WSSecSignature()
Constructor.
|
Modifier and Type | Method and Description |
---|---|
void |
addReferencesToSign(Vector references,
WSSecHeader secHeader)
This method adds references to the Signature.
|
void |
appendBSTElementToHeader(WSSecHeader secHeader) |
void |
appendToHeader(WSSecHeader secHeader)
Appends the Signature element to the elements already in the Security
header.
|
org.w3c.dom.Document |
build(org.w3c.dom.Document doc,
Crypto cr,
WSSecHeader secHeader)
Builds a signed soap envelope.
|
void |
computeSignature()
Compute the Signature over the references.
|
protected org.w3c.dom.Element |
createSTRParameter(org.w3c.dom.Document doc) |
org.w3c.dom.Element |
getBinarySecurityTokenElement()
Returns the BST Token element.
|
String |
getBSTTokenId()
Get the id of the BSt generated during
prepare() . |
String |
getDigestAlgo() |
String |
getId()
Get the id generated during
prepare() . |
protected Set |
getInclusivePrefixes(org.w3c.dom.Element target) |
protected Set |
getInclusivePrefixes(org.w3c.dom.Element target,
boolean excludeVisible) |
String |
getSigCanonicalization()
Get the canonicalization method.
|
String |
getSignatureAlgorithm()
Get the name of the signature algorithm that is being used.
|
org.w3c.dom.Element |
getSignatureElement()
Returns the SignatureElement.
|
byte[] |
getSignatureValue()
Returns the computed Signature value.
|
boolean |
isUseSingleCertificate()
Get the single cert flag.
|
void |
prepare(org.w3c.dom.Document doc,
Crypto cr,
WSSecHeader secHeader)
Initialize a WSSec Signature.
|
void |
prependBSTElementToHeader(WSSecHeader secHeader)
Prepend the BinarySecurityToken to the elements already in the Security
header.
|
void |
prependToHeader(WSSecHeader secHeader)
Prepends the Signature element to the elements already in the Security
header.
|
void |
setCustomTokenId(String customTokenId) |
void |
setCustomTokenValueType(String customTokenValueType) |
void |
setDigestAlgo(String digestAlgo)
Set the string that defines which digest algorithm to use
|
void |
setEncrKeySha1value(String encrKeySha1value) |
void |
setSecretKey(byte[] secretKey) |
void |
setSigCanonicalization(String algo)
Set the canonicalization method to use.
|
void |
setSignatureAlgorithm(String algo)
Set the name of the signature encryption algorithm to use.
|
void |
setUsernameToken(WSSecUsernameToken usernameToken) |
void |
setUseSingleCertificate(boolean useSingleCert)
set the single cert flag.
|
void |
setX509Certificate(X509Certificate cer) |
getKeyIdentifierType, setBodyID, setKeyIdentifierType, setParts, setUserInfo, setWsConfig, setWsuId
protected boolean useSingleCert
protected String sigAlgo
protected String canonAlgo
protected WSSecUsernameToken usernameToken
protected byte[] signatureValue
protected org.w3c.dom.Document document
protected WSDocInfo wsDocInfo
protected String certUri
protected org.apache.xml.security.signature.XMLSignature sig
protected org.apache.xml.security.keys.KeyInfo keyInfo
protected String keyInfoUri
protected SecurityTokenReference secRef
protected String strUri
protected BinarySecurity bstToken
public void setUseSingleCertificate(boolean useSingleCert)
useSingleCert
- public boolean isUseSingleCertificate()
public void setSignatureAlgorithm(String algo)
prepare()
method. Refer to WSConstants which algorithms are supported.algo
- Is the name of the signature algorithmWSConstants.RSA
,
WSConstants.DSA
public String getSignatureAlgorithm()
prepare
to get the information
which signature algorithm was automatically detected if no signature
algorithm was preset.public void setSigCanonicalization(String algo)
algo
- Is the name of the signature algorithmWSConstants.C14N_OMIT_COMMENTS
,
WSConstants.C14N_WITH_COMMENTS
,
WSConstants.C14N_EXCL_OMIT_COMMENTS
,
WSConstants.C14N_EXCL_WITH_COMMENTS
public String getSigCanonicalization()
public String getDigestAlgo()
public void setDigestAlgo(String digestAlgo)
digestAlgo
- the digestAlgo to setpublic void setUsernameToken(WSSecUsernameToken usernameToken)
usernameToken
- The usernameToken to set.public byte[] getSignatureValue()
computeSignature()
or build()
methods were called.public String getId()
prepare()
.
Returns the the value of wsu:Id attribute of the Signature element.prepare()
was not called before.public String getBSTTokenId()
prepare()
.public void prepare(org.w3c.dom.Document doc, Crypto cr, WSSecHeader secHeader) throws WSSecurityException
prependSignatureElementToHeader()
method.doc
- The SOAP envelope as Document
cr
- An instance of the Crypto API to handle keystore and certificatessecHeader
- The security header that will hold the Signature. This is used
to construct namespace prefixes for Signature. This methodWSSecurityException
public void addReferencesToSign(Vector references, WSSecHeader secHeader) throws WSSecurityException
computeSignature()
. This method can be called several
times to add references as required. addReferencesToSign()
can be called any time after prepare
.references
- A vector containing WSEncryptionPart
objects
that define the parts to sign.secHeader
- Used to compute namespaces to be inserted by
InclusiveNamespaces to be WSI compliant.WSSecurityException
public void prependToHeader(WSSecHeader secHeader)
prepare()
.
This allows to insert the Signature element at any position in the
Security header.secHeader
- The secHeader that holds the Signature element.public void appendToHeader(WSSecHeader secHeader)
prepare()
.
This allows to insert the Signature element at any position in the
Security header.secHeader
- The secHeader that holds the Signature element.public void prependBSTElementToHeader(WSSecHeader secHeader)
prepare()
.
This allows to insert the BST element at any position in the Security
header.secHeader
- The security header that holds the BST element.public org.w3c.dom.Element getSignatureElement()
prepare()
.public org.w3c.dom.Element getBinarySecurityTokenElement()
prepare()
.public void appendBSTElementToHeader(WSSecHeader secHeader)
public void computeSignature() throws WSSecurityException
addReferencesToSign()
.WSSecurityException
public org.w3c.dom.Document build(org.w3c.dom.Document doc, Crypto cr, WSSecHeader secHeader) throws WSSecurityException
doc
- The unsigned SOAP envelope as Document
cr
- An instance of the Crypto API to handle keystore and certificatessecHeader
- the security header element to hold the encrypted key element.Document
WSSecurityException
protected org.w3c.dom.Element createSTRParameter(org.w3c.dom.Document doc)
protected Set getInclusivePrefixes(org.w3c.dom.Element target)
protected Set getInclusivePrefixes(org.w3c.dom.Element target, boolean excludeVisible)
public void setSecretKey(byte[] secretKey)
public void setCustomTokenValueType(String customTokenValueType)
public void setCustomTokenId(String customTokenId)
public void setEncrKeySha1value(String encrKeySha1value)
public void setX509Certificate(X509Certificate cer)
Copyright © 2004-2012 The Apache Software Foundation. All Rights Reserved.