org.apache.ws.security.str
Interface STRParser

All Known Implementing Classes:

DerivedKeyTokenSTRParser, EncryptedKeySTRParser, SecurityTokenRefSTRParser, SignatureSTRParser

public interface STRParser

This interface describes a pluggable way of extracting credentials from SecurityTokenReference elements. The implementations are used by various processors.

Nested Class Summary

static class

STRParser.REFERENCE_TYPE ISSUER_SERIAL - A certificate (chain) is located by the issuer name and serial number of the (root) cert THUMBPRINT_SHA1 - A certificate (chain) is located by the SHA1 thumbprint of the (root) cert KEY_IDENTIFIER - A certificate (chain) is located via a Key Identifier Element DIRECT_REF - A certificate (chain) is located directly via an Id to another security token Note that a Thumbprint reference is also a KeyIdentifier, but takes precedence over it.

Method Summary

java.security.cert.X509Certificate[]	getCertificates() Get the X509Certificates associated with this SecurityTokenReference
STRParser.REFERENCE_TYPE	getCertificatesReferenceType() Get how the certificates were referenced
java.security.Principal	getPrincipal() Get the Principal associated with this SecurityTokenReference
java.security.PublicKey	getPublicKey() Get the PublicKey associated with this SecurityTokenReference
byte[]	getSecretKey() Get the Secret Key associated with this SecurityTokenReference
boolean	isTrustedCredential() Get whether the returned credential is already trusted or not.
void	parseSecurityTokenReference(org.w3c.dom.Element strElement, RequestData data, WSDocInfo wsDocInfo, java.util.Map<java.lang.String,java.lang.Object> parameters) Parse a SecurityTokenReference element and extract credentials.

Method Detail

parseSecurityTokenReference

void parseSecurityTokenReference(org.w3c.dom.Element strElement,
                                 RequestData data,
                                 WSDocInfo wsDocInfo,
                                 java.util.Map<java.lang.String,java.lang.Object> parameters)
                                 throws WSSecurityException

Parse a SecurityTokenReference element and extract credentials.

Parameters:

strElement - The SecurityTokenReference element

data - the RequestData associated with the request

wsDocInfo - The WSDocInfo object to access previous processing results

parameters - A set of implementation-specific parameters

Throws:

WSSecurityException

getCertificates

java.security.cert.X509Certificate[] getCertificates()

Get the X509Certificates associated with this SecurityTokenReference

Returns:

the X509Certificates associated with this SecurityTokenReference

getPrincipal

java.security.Principal getPrincipal()

Get the Principal associated with this SecurityTokenReference

Returns:

the Principal associated with this SecurityTokenReference

getPublicKey

java.security.PublicKey getPublicKey()

Get the PublicKey associated with this SecurityTokenReference

Returns:

the PublicKey associated with this SecurityTokenReference

getSecretKey

byte[] getSecretKey()

Get the Secret Key associated with this SecurityTokenReference

Returns:

the Secret Key associated with this SecurityTokenReference

isTrustedCredential

boolean isTrustedCredential()

Get whether the returned credential is already trusted or not. This is currently applicable in the case of a credential extracted from a trusted HOK SAML Assertion, and a BinarySecurityToken that has been processed by a Validator. In these cases, the SignatureProcessor does not need to verify trust on the credential.

Returns:

true if trust has already been verified on the returned Credential

getCertificatesReferenceType

STRParser.REFERENCE_TYPE getCertificatesReferenceType()

Get how the certificates were referenced

Returns:

how the certificates were referenced