1 /** 2 * Licensed to the Apache Software Foundation (ASF) under one 3 * or more contributor license agreements. See the NOTICE file 4 * distributed with this work for additional information 5 * regarding copyright ownership. The ASF licenses this file 6 * to you under the Apache License, Version 2.0 (the 7 * "License"); you may not use this file except in compliance 8 * with the License. You may obtain a copy of the License at 9 * 10 * http://www.apache.org/licenses/LICENSE-2.0 11 * 12 * Unless required by applicable law or agreed to in writing, 13 * software distributed under the License is distributed on an 14 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 15 * KIND, either express or implied. See the License for the 16 * specific language governing permissions and limitations 17 * under the License. 18 */ 19 20 package org.apache.wss4j.dom.handler; 21 22 import org.apache.wss4j.common.ConfigurationConstants; 23 import org.apache.wss4j.dom.WSConstants; 24 25 import java.util.HashMap; 26 import java.util.Map; 27 28 /** 29 * This class defines the names, actions, and other string for the deployment 30 * data of the WS handler. 31 */ 32 public final class WSHandlerConstants extends ConfigurationConstants { 33 34 private WSHandlerConstants() { 35 super(); 36 } 37 38 /** 39 * Perform no action. 40 */ 41 public static final String NO_SECURITY = "NoSecurity"; 42 43 /** 44 * This is an alternative to specifying an "action" String. This Object should be a 45 * list of HandlerAction objects, which associate an "action" Integer with a corresponding 46 * SecurityActionToken object. This allows for more control over keys etc. used for 47 * different actions. 48 */ 49 public static final String HANDLER_ACTIONS = "handlerActions"; 50 51 /** 52 * Set the value of this parameter to true to treat passwords as binary values 53 * for Username Tokens. The default value is "false". 54 * 55 * This is needed to properly handle password equivalence for UsernameToken 56 * passwords. Binary passwords are Base64 encoded so they can be treated as 57 * strings in most places, but when the password digest is calculated or a key 58 * is derived from the password, the password will be Base64 decoded before 59 * being used. This is most useful for hashed passwords as password equivalents. 60 */ 61 public static final String USE_ENCODED_PASSWORDS = "useEncodedPasswords"; 62 63 // 64 // Internal storage constants 65 // 66 67 /** 68 * The WSHandler stores a result <code>List</code> in this property. 69 */ 70 public static final String RECV_RESULTS = "RECV_RESULTS"; 71 72 /** 73 * internally used property names to store values inside the message context 74 * that must have the same lifetime as a message (request/response model). 75 */ 76 public static final String SEND_SIGV = "_sendSignatureValues_"; 77 78 /** 79 * 80 */ 81 public static final String SIG_CONF_DONE = "_sigConfDone_"; 82 83 /** 84 * Define the parameter values to set the key identifier types. These are: 85 * <ul> 86 * <li><code>DirectReference</code> for {@link WSConstants#BST_DIRECT_REFERENCE} 87 * </li> 88 * <li><code>IssuerSerial</code> for {@link WSConstants#ISSUER_SERIAL} 89 * </li> 90 * <li><code>IssuerSerialQuoteFormat</code> for {@link WSConstants#ISSUER_SERIAL_QUOTE_FORMAT} 91 * </li> 92 * <li><code>X509KeyIdentifier</code> for {@link WSConstants#X509_KEY_IDENTIFIER} 93 * </li> 94 * <li><code>SKIKeyIdentifier</code> for {@link WSConstants#SKI_KEY_IDENTIFIER} 95 * </li> 96 * <li><code>Thumbprint</code> for {@link WSConstants#THUMBPRINT} 97 * </li> 98 * <li><code>EncryptedKeySHA1</code> for {@link WSConstants#ENCRYPTED_KEY_SHA1_IDENTIFIER} 99 * </li> 100 * </ul> 101 * See {@link #SIG_KEY_ID} {@link #ENC_KEY_ID}. 102 */ 103 private static Map<String, Integer> keyIdentifier = new HashMap<>(); 104 105 static { 106 keyIdentifier.put("DirectReference", WSConstants.BST_DIRECT_REFERENCE); 107 keyIdentifier.put("IssuerSerial", WSConstants.ISSUER_SERIAL); 108 keyIdentifier.put("IssuerSerialQuoteFormat", WSConstants.ISSUER_SERIAL_QUOTE_FORMAT); 109 keyIdentifier.put("X509KeyIdentifier", WSConstants.X509_KEY_IDENTIFIER); 110 keyIdentifier.put("SKIKeyIdentifier", WSConstants.SKI_KEY_IDENTIFIER); 111 keyIdentifier.put("Thumbprint", WSConstants.THUMBPRINT_IDENTIFIER); 112 keyIdentifier.put("EncryptedKeySHA1", WSConstants.ENCRYPTED_KEY_SHA1_IDENTIFIER); 113 keyIdentifier.put("KeyValue", WSConstants.KEY_VALUE); 114 } 115 116 /** 117 * Get the key identifier type corresponding to the parameter. This is intended for internal 118 * use only. Valid values for "parameter" are: 119 * - "IssuerSerial" 120 * - "IssuerSerialQuoteFormat" 121 * - "DirectReference" 122 * - "X509KeyIdentifier" 123 * - "Thumbprint" 124 * - "SKIKeyIdentifier" 125 * - "KeyValue" 126 * - "EmbeddedKeyName" 127 * - "EncryptedKeySHA1" 128 * 129 * @param parameter 130 * @return the key identifier type corresponding to the parameter 131 */ 132 public static Integer getKeyIdentifier(String parameter) { 133 return keyIdentifier.get(parameter); 134 } 135 } 136