|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.apache.ws.security.handler.WSHandlerConstants
public class WSHandlerConstants
This class defines the names, actions, and other string for the deployment data of the WS handler.
Field Summary | |
---|---|
static java.lang.String |
ACTION
The action parameter. |
static java.lang.String |
ACTOR
The actor or role name of the wsse:Security header. |
static java.lang.String |
ADD_UT_ELEMENTS
Parameter to generate additional elements (nonce and created) in a UsernameToken . |
static java.lang.String |
ALLOW_NAMESPACE_QUALIFIED_PASSWORD_TYPES
This variable controls whether (wsse) namespace qualified password types are accepted when processing UsernameTokens. |
static java.lang.String |
DEC_PROP_FILE
The path of the crypto property file to use for Decryption. |
static java.lang.String |
DEC_PROP_REF_ID
The key that hold the reference of the java.util.Properties
object holding complete information about the decryption Crypto implementation. |
static java.lang.String |
DERIVED_KEY_ITERATIONS
This parameter sets the number of iterations to use when deriving a key from a Username Token. |
static java.lang.String |
ENABLE_SIGNATURE_CONFIRMATION
Whether to enable signatureConfirmation or not. |
static java.lang.String |
ENC_CALLBACK_CLASS
This tag refers to the CallbackHandler implementation class used to get the key associated with a key name. |
static java.lang.String |
ENC_CALLBACK_REF
This tag refers to the CallbackHandler implementation object used to get the key associated with a key name. |
static java.lang.String |
ENC_KEY_ID
Defines which key identifier type to use for encryption. |
static java.lang.String |
ENC_KEY_NAME
Text of the embedded key name to be sent in the KeyInfo for encryption. |
static java.lang.String |
ENC_KEY_TRANSPORT
Defines which algorithm to use to encrypt the generated symmetric key. |
static java.lang.String |
ENC_PROP_FILE
The path of the crypto property file to use for Encryption. |
static java.lang.String |
ENC_PROP_REF_ID
The key that hold the reference of the java.util.Properties
object holding complete information about the encryption Crypto implementation. |
static java.lang.String |
ENC_SYM_ALGO
Defines which symmetric encryption algorithm to use. |
static java.lang.String |
ENC_SYM_ENC_KEY
Defines whether to encrypt the symmetric encryption key or not. |
static java.lang.String |
ENCRYPT
Perform an Encryption action. |
static java.lang.String |
ENCRYPTION_PARTS
Parameter to define which parts of the request shall be encrypted. |
static java.lang.String |
ENCRYPTION_USER
The user's name for encryption. |
static java.lang.String |
HANDLE_CUSTOM_PASSWORD_TYPES
This variable controls whether types other than PasswordDigest or PasswordText are allowed when processing UsernameTokens. |
static java.lang.String |
IS_BSP_COMPLIANT
Whether to ensure compliance with the Basic Security Profile (BSP) 1.1 or not. |
static java.lang.String |
MUST_UNDERSTAND
Whether to set the mustUnderstand flag on an outbound message or not. |
static java.lang.String |
NO_SECURITY
Perform no action. |
static java.lang.String |
PASSWORD_TYPE
Specific parameter for UsernameToken action to define the encoding of the password. |
static java.lang.String |
PASSWORD_TYPE_STRICT
Set the value of this parameter to true to enable strict Username Token password type handling. |
static java.lang.String |
PW_CALLBACK_CLASS
This tag refers to the CallbackHandler implementation class used to obtain passwords. |
static java.lang.String |
PW_CALLBACK_REF
This tag refers to the CallbackHandler implementation object used to obtain passwords. |
static java.lang.String |
RECV_RESULTS
The WSHandler stores a result List in this property. |
static java.lang.String |
SAML_CALLBACK_CLASS
This tag refers to the SAML CallbackHandler implementation class used to construct SAML Assertions. |
static java.lang.String |
SAML_CALLBACK_REF
This tag refers to the SAML CallbackHandler implementation object used to construct SAML Assertions. |
static java.lang.String |
SAML_PROP_FILE
The name of the SAML Issuer factory property file. |
static java.lang.String |
SAML_TOKEN_SIGNED
Perform a signed SAML Token action. |
static java.lang.String |
SAML_TOKEN_UNSIGNED
Perform an unsigned SAML Token action. |
static java.lang.String |
SEND_SIGV
internally used property names to store values inside the message context that must have the same lifetime as a message (request/response model). |
static java.lang.String |
SIG_ALGO
Defines which signature algorithm to use. |
static java.lang.String |
SIG_CONF_DONE
|
static java.lang.String |
SIG_DIGEST_ALGO
Defines which signature digest algorithm to use. |
static java.lang.String |
SIG_KEY_ID
Defines which key identifier type to use for signature. |
static java.lang.String |
SIG_PROP_FILE
The path of the crypto property file to use for Signature. |
static java.lang.String |
SIG_PROP_REF_ID
The key that holds the reference of the java.util.Properties
object holding complete information about the signature Crypto implementation. |
static java.lang.String |
SIGN_WITH_UT_KEY
Use this to use a specific signature mechanism for .Net. |
static java.lang.String |
SIGNATURE
Perform a Signature action. |
static java.lang.String |
SIGNATURE_PARTS
Parameter to define which parts of the request shall be signed. |
static java.lang.String |
SIGNATURE_USER
The user's name for signature. |
static java.lang.String |
TIMESTAMP
Add a timestamp to the security header. |
static java.lang.String |
TIMESTAMP_PRECISION
Set whether Timestamps have precision in milliseconds. |
static java.lang.String |
TIMESTAMP_STRICT
Set the value of this parameter to true to enable strict timestamp handling. |
static java.lang.String |
TTL_FUTURE_TIMESTAMP
This configuration tag specifies the time in seconds in the future within which the Created time of an incoming Timestamp is valid. |
static java.lang.String |
TTL_TIMESTAMP
Time-To-Live is the time difference between creation and expiry time in seconds in the WSS Timestamp. |
static java.lang.String |
USE_DERIVED_KEY
This parameter sets whether to use UsernameToken Key Derivation, as defined in the UsernameTokenProfile 1.1 specification. |
static java.lang.String |
USE_DERIVED_KEY_FOR_MAC
This parameter sets whether to use the Username Token derived key for a MAC or not. |
static java.lang.String |
USE_ENCODED_PASSWORDS
Set the value of this parameter to true to treat passwords as binary values for Username Tokens. |
static java.lang.String |
USE_REQ_SIG_CERT
Specifying this name as ENCRYPTION_USER
triggers a special action to get the public key to use for encryption. |
static java.lang.String |
USE_SINGLE_CERTIFICATE
This parameter sets whether to use a single certificate or a whole certificate chain when constructing a BinarySecurityToken used for direct reference in signature. |
static java.lang.String |
USER
The user's name. |
static java.lang.String |
USERNAME_TOKEN
Perform a UsernameToken action. |
static java.lang.String |
WSE_SECRET_KEY_LENGTH
This parameter sets the length of the secret (derived) key to use for the WSE UT_SIGN functionality. |
Constructor Summary | |
---|---|
WSHandlerConstants()
|
Method Summary | |
---|---|
static java.lang.Integer |
getKeyIdentifier(java.lang.String parameter)
Get the key identifier type corresponding to the parameter |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
public static final java.lang.String ACTION
call.setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
public static final java.lang.String NO_SECURITY
public static final java.lang.String USERNAME_TOKEN
public static final java.lang.String SAML_TOKEN_UNSIGNED
public static final java.lang.String SAML_TOKEN_SIGNED
public static final java.lang.String SIGNATURE
public static final java.lang.String ENCRYPT
public static final java.lang.String TIMESTAMP
public static final java.lang.String SIGN_WITH_UT_KEY
public static final java.lang.String ACTOR
wsse:Security
header. If this parameter
is omitted, the actor name is not set.
The value of the actor or role has to match the receiver's setting
or may contain standard values.
The application may set this parameter using the following method:
call.setProperty(WSHandlerConstants.ACTOR, "ActorName");
public static final java.lang.String USER
UsernameToken
.
SIGNATURE_USER
is not used.
ENCRYPTION_USER
is not used.
public static final java.lang.String ENCRYPTION_USER
USER
parameter to get the
certificate.
If only encryption of the SOAP body data is requested,
it is recommended to use this parameter to define the username.
The application may set this parameter using the following method:
call.setProperty(WSHandlerConstants.ENCRYPTION_USER, "encryptionUser");
public static final java.lang.String SIGNATURE_USER
USER
parameter.
The application may set this parameter using the following method:
call.setProperty(WSHandlerConstants.SIGNATURE_USER, "signatureUser");
public static final java.lang.String USE_REQ_SIG_CERT
ENCRYPTION_USER
triggers a special action to get the public key to use for encryption.
The handler uses the public key of the sender's certificate. Using this
way to define an encryption key simplifies certificate management to
a large extend.
public static final java.lang.String PW_CALLBACK_CLASS
CallbackHandler
instance.
The callback function
CallbackHandler.handle(
javax.security.auth.callback.Callback[])
gets an array of
WSPasswordCallback
objects. Only the first entry of the
array is used. This object contains the username/keyname as identifier. The callback
handler must set the password or key associated with this identifier before it returns.
The application may set this parameter using the following method:
call.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS, "PWCallbackClass");
public static final java.lang.String PW_CALLBACK_REF
CallbackHandler
instance.
Refer to PW_CALLBACK_CLASS
for further information about password callback
handling.
public static final java.lang.String SAML_CALLBACK_CLASS
CallbackHandler
instance.
public static final java.lang.String SAML_CALLBACK_REF
CallbackHandler
instance.
public static final java.lang.String ENC_CALLBACK_CLASS
CallbackHandler
instance.
public static final java.lang.String ENC_CALLBACK_REF
CallbackHandler
instance.
public static final java.lang.String SIG_PROP_FILE
Crypto
interface implementation the property file must contain the property
org.apache.ws.security.crypto.provider
. The value of
this property is the classname of the implementation class.
The following line defines the standard implementation:
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.MerlinThe other contents of the property file depend on the implementation of the
Crypto
interface. Please see the WSS4J website for more information on the Merlin property
tags and values.
The application may set this parameter using the following method:
call.setProperty(WSHandlerConstants.SIG_PROP_FILE, "myCrypto.properties");
public static final java.lang.String SIG_PROP_REF_ID
java.util.Properties
object holding complete information about the signature Crypto implementation.
This should contain all information that would contain in an equivalent
properties file which includes the Crypto implementation class name.
Refer to documentation of SIG_PROP_FILE
.
public static final java.lang.String DEC_PROP_FILE
SIG_PROP_FILE
for more information about the contents of the Properties file.
The application may set this parameter using the following method:
call.setProperty(WSHandlerConstants.DEC_PROP_FILE, "myCrypto.properties");
public static final java.lang.String DEC_PROP_REF_ID
java.util.Properties
object holding complete information about the decryption Crypto implementation.
This should contain all information that would contain in an equivalent
properties file which includes the Crypto implementation class name.
Refer to documentation of DEC_PROP_FILE
.
public static final java.lang.String ENC_PROP_FILE
SIG_PROP_FILE
for more information about the contents of the Properties file.
The application may set this parameter using the following method:
call.setProperty(WSHandlerConstants.ENC_PROP_FILE, "myCrypto.properties");
public static final java.lang.String ENC_PROP_REF_ID
java.util.Properties
object holding complete information about the encryption Crypto implementation.
This should contain all information that would contain in an equivalent
properties file which includes the Crypto implementation class name.
Refer to documentation of ENC_PROP_FILE
.
public static final java.lang.String SAML_PROP_FILE
public static final java.lang.String ENABLE_SIGNATURE_CONFIRMATION
public static final java.lang.String MUST_UNDERSTAND
call.setProperty(WSHandlerConstants.MUST_UNDERSTAND, "false");
public static final java.lang.String IS_BSP_COMPLIANT
call.setProperty(WSHandlerConstants.IS_BSP_COMPLIANT, "false");
public static final java.lang.String HANDLE_CUSTOM_PASSWORD_TYPES
public static final java.lang.String PASSWORD_TYPE_STRICT
public static final java.lang.String ALLOW_NAMESPACE_QUALIFIED_PASSWORD_TYPES
public static final java.lang.String USE_ENCODED_PASSWORDS
public static final java.lang.String USE_SINGLE_CERTIFICATE
public static final java.lang.String USE_DERIVED_KEY
public static final java.lang.String USE_DERIVED_KEY_FOR_MAC
public static final java.lang.String TIMESTAMP_PRECISION
public static final java.lang.String TIMESTAMP_STRICT
Expires
element and the semantics of the request are
expired, i.e. the current time at the receiver is past the expires time.
public static final java.lang.String ENC_SYM_ENC_KEY
call.setProperty(WSHandlerConstants.ENC_SYM_ENC_KEY, "false");
public static final java.lang.String ENC_KEY_NAME
public static final java.lang.String PASSWORD_TYPE
WSConstants.PW_DIGEST
or to WSConstants.PW_TEXT
.
The application may set this parameter using the following method:
call.setProperty(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_DIGEST);The default setting is PW_DIGEST.
public static final java.lang.String ADD_UT_ELEMENTS
UsernameToken
.
The value of this parameter is a list of element names that are added
to the UsernameToken. The names of the list a separated by spaces.
The list may contain the names nonce
and
created
only. Use this option if the password type is
passwordText
and the handler shall add the Nonce
and/or Created
elements.
public static final java.lang.String SIG_KEY_ID
IssuerSerial
. For possible signature
key identifier types refer to keyIdentifier
.
For signature IssuerSerial
and DirectReference
are valid only.
The default is IssuerSerial
.
The application may set this parameter using the following method:
call.setProperty(WSHandlerConstants.SIG_KEY_ID, "DirectReference");
public static final java.lang.String SIG_ALGO
call.setProperty( WSHandlerConstants.SIG_ALGO, "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" );
public static final java.lang.String SIG_DIGEST_ALGO
call.setProperty( WSHandlerConstants.SIG_DIGEST_ALGO, "http://www.w3.org/2001/04/xmlenc#sha256" );
public static final java.lang.String SIGNATURE_PARTS
ENCRYPTION_PARTS
for a detailed description of
the format of the value string.
If this parameter is not specified the handler signs the SOAP Body
by default, i.e.:
<parameter name="signatureParts" value="{}{http://schemas.xmlsoap.org/soap/envelope/}Body;" />To specify an element without a namespace use the string
Null
as the namespace name (this is a case sensitive
string)
If there is no other element in the request with a local name of
Body
then the SOAP namespace identifier can be empty
({}
).
public static final java.lang.String WSE_SECRET_KEY_LENGTH
public static final java.lang.String DERIVED_KEY_ITERATIONS
public static final java.lang.String ENC_KEY_ID
IssuerSerial
. For
possible encryption key identifier types refer to
keyIdentifier
. For encryption IssuerSerial
,
X509KeyIdentifier
, DirectReference
,
Thumbprint
, SKIKeyIdentifier
, and
EmbeddedKeyName
are valid only.
The application may set this parameter using the following method:
call.setProperty(WSHandlerConstants.ENC_KEY_ID, "X509KeyIdentifier");
public static final java.lang.String ENC_SYM_ALGO
WSConstants.TRIPLE_DES
,
WSConstants.AES_128
, WSConstants.AES_256
,
and WSConstants.AES_192
. Except for AES 192 all of these
algorithms are required by the XML Encryption specification.
The application may set this parameter using the following method:
call.setProperty(WSHandlerConstants.ENC_SYM_ALGO, WSConstants.AES_256);
public static final java.lang.String ENC_KEY_TRANSPORT
WSConstants.KEYTRANSPORT_RSA15
only.
The application may set this parameter using the following method:
call.setProperty(WSHandlerConstants.ENC_KEY_TRANSPORT, "RSA15");
public static final java.lang.String ENCRYPTION_PARTS
{Content}
or
{Element}
. Please refer to the W3C XML Encryption
specification about the differences between Element and Content
encryption. The encryption mode defaults to Content
if it is omitted. Example of a list:
<parameter name="encryptionParts" value="{Content}{http://example.org/paymentv2}CreditCard; {Element}{}UserName" />The the first entry of the list identifies the element
CreditCard
in the namespace
http://example.org/paymentv2
, and will encrypt its content.
Be aware that the element name, the namespace identifier, and the
encryption modifier are case sensitive.
The encryption modifier and the namespace identifier can be ommited.
In this case the encryption mode defaults to Content
and
the namespace is set to the SOAP namespace.
An empty encryption mode defaults to Content
, an empty
namespace identifier defaults to the SOAP namespace.
The second line of the example defines Element
as
encryption mode for an UserName
element in the SOAP
namespace.
To specify an element without a namespace use the string
Null
as the namespace name (this is a case sensitive
string)
If no list is specified, the handler encrypts the SOAP Body in
Content
mode by default.
public static final java.lang.String TTL_TIMESTAMP
public static final java.lang.String TTL_FUTURE_TIMESTAMP
public static final java.lang.String RECV_RESULTS
List
in this property.
public static final java.lang.String SEND_SIGV
public static final java.lang.String SIG_CONF_DONE
Constructor Detail |
---|
public WSHandlerConstants()
Method Detail |
---|
public static java.lang.Integer getKeyIdentifier(java.lang.String parameter)
parameter
-
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |