Uses of Class
org.apache.wss4j.common.ext.WSSecurityException
-
-
Uses of WSSecurityException in org.apache.wss4j.common
Methods in org.apache.wss4j.common that throw WSSecurityException Modifier and Type Method Description Crypto
SecurityActionToken. getCrypto()
Crypto
SignatureEncryptionActionToken. getCrypto()
-
Uses of WSSecurityException in org.apache.wss4j.common.bsp
Methods in org.apache.wss4j.common.bsp that throw WSSecurityException Modifier and Type Method Description void
BSPEnforcer. handleBSPRule(BSPRule bspRule)
-
Uses of WSSecurityException in org.apache.wss4j.common.cache
Constructors in org.apache.wss4j.common.cache that throw WSSecurityException Constructor Description EHCacheReplayCache(String key)
EHCacheReplayCache(String key, Path diskstorePath)
EHCacheReplayCache(String key, Path diskstorePath, long diskSize, long heapEntries, boolean persistent)
-
Uses of WSSecurityException in org.apache.wss4j.common.crypto
Methods in org.apache.wss4j.common.crypto that throw WSSecurityException Modifier and Type Method Description protected void
Merlin. addTrustAnchors(Set<TrustAnchor> set, KeyStore keyStore)
AddsTrustAnchor
s found in the provided key store to the set.void
AlgorithmSuiteValidator. checkAsymmetricKeyLength(X509Certificate x509Certificate)
Check the asymmetric key lengthvoid
AlgorithmSuiteValidator. checkAsymmetricKeyLength(X509Certificate[] x509Certificates)
Check the asymmetric key lengthvoid
AlgorithmSuiteValidator. checkAsymmetricKeyLength(PublicKey publicKey)
Check the asymmetric key lengthvoid
AlgorithmSuiteValidator. checkC14nAlgorithm(String c14nAlgorithm)
Check the C14n Algorithmvoid
AlgorithmSuiteValidator. checkDerivedKeyAlgorithm(String algorithm)
Check Derived Key algorithmvoid
AlgorithmSuiteValidator. checkEncryptionDerivedKeyLength(int derivedKeyLength)
Check Encryption Derived Key length (in bytes)void
AlgorithmSuiteValidator. checkEncryptionKeyWrapAlgorithm(String keyWrapAlgorithm)
void
AlgorithmSuiteValidator. checkSignatureAlgorithms(XMLSignature xmlSignature)
Check the Signature Algorithmsvoid
AlgorithmSuiteValidator. checkSignatureDerivedKeyLength(int derivedKeyLength)
Check Signature Derived Key length (in bytes)void
AlgorithmSuiteValidator. checkSignatureMethod(String signatureMethod)
Check the Signature Methodvoid
AlgorithmSuiteValidator. checkSymmetricEncryptionAlgorithm(String symmetricAlgorithm)
void
AlgorithmSuiteValidator. checkSymmetricKeyLength(int secretKeyLength)
Check the symmetric key lengthvoid
DERDecoder. expect(byte val)
Confirm that the byte at the current position matches the given value.void
DERDecoder. expect(int val)
Confirm that the byte at the current position matches the given value.byte[]
DERDecoder. getBytes(int length)
Return an array of bytes from the current position.byte[]
Crypto. getBytesFromCertificates(X509Certificate[] certs)
Get a byte array given an array of X509 certificates.byte[]
CryptoBase. getBytesFromCertificates(X509Certificate[] certs)
Get a byte array given an array of X509 certificates.CertificateFactory
Crypto. getCertificateFactory()
Get the CertificateFactory instance on this Crypto instanceCertificateFactory
CryptoBase. getCertificateFactory()
Get the CertificateFactory instance on this Crypto instanceCertificateFactory
Merlin. getCertificateFactory()
Singleton certificate factory for this Crypto instance.X509Certificate[]
Crypto. getCertificatesFromBytes(byte[] data)
Construct an array of X509Certificate's from the byte array.X509Certificate[]
CryptoBase. getCertificatesFromBytes(byte[] data)
Construct an array of X509Certificate's from the byte array.String
Crypto. getDefaultX509Identifier()
Retrieves the identifier name of the default certificate.String
CryptoBase. getDefaultX509Identifier()
Retrieves the identifier name of the default certificate.String
Merlin. getDefaultX509Identifier()
Retrieves the identifier name of the default certificate.static Crypto
CryptoFactory. getInstance()
getInstancestatic Crypto
CryptoFactory. getInstance(Class<? extends Crypto> cryptoClass, Map<Object,Object> map)
getInstancestatic Crypto
CryptoFactory. getInstance(String propFilename)
getInstancestatic Crypto
CryptoFactory. getInstance(String propFilename, ClassLoader customClassLoader)
static Crypto
CryptoFactory. getInstance(Properties properties)
getInstancestatic Crypto
CryptoFactory. getInstance(Properties properties, ClassLoader classLoader, PasswordEncryptor passwordEncryptor)
getInstanceint
DERDecoder. getLength()
Get the DER length at the current position.protected byte[]
CryptoBase. getNameConstraints(X509Certificate cert)
Extracts the NameConstraints sequence from the certificate.PrivateKey
CertificateStore. getPrivateKey(String identifier, String password)
Gets the private key corresponding to the identifier.PrivateKey
CertificateStore. getPrivateKey(X509Certificate certificate, CallbackHandler callbackHandler)
Gets the private key corresponding to the certificate.PrivateKey
CertificateStore. getPrivateKey(PublicKey publicKey, CallbackHandler callbackHandler)
Gets the private key corresponding to the given PublicKey.PrivateKey
Crypto. getPrivateKey(String identifier, String password)
Gets the private key corresponding to the identifier.PrivateKey
Crypto. getPrivateKey(X509Certificate certificate, CallbackHandler callbackHandler)
Gets the private key corresponding to the certificate.PrivateKey
Crypto. getPrivateKey(PublicKey publicKey, CallbackHandler callbackHandler)
Gets the private key corresponding to the given PublicKey.PrivateKey
Merlin. getPrivateKey(String identifier, String password)
Gets the private key corresponding to the identifier.PrivateKey
Merlin. getPrivateKey(X509Certificate certificate, CallbackHandler callbackHandler)
Gets the private key corresponding to the certificate.PrivateKey
Merlin. getPrivateKey(PublicKey publicKey, CallbackHandler callbackHandler)
Gets the private key corresponding to the given PublicKey.static Properties
CryptoFactory. getProperties(String propFilename, ClassLoader loader)
This allows loading the resources with a custom class loaderbyte[]
Crypto. getSKIBytesFromCert(X509Certificate cert)
Reads the SubjectKeyIdentifier information from the certificate.byte[]
CryptoBase. getSKIBytesFromCert(X509Certificate cert)
Reads the SubjectKeyIdentifier information from the certificate.byte[]
X509SubjectPublicKeyInfo. getSubjectPublicKey()
Get the subjectPublicKey element of the SubjectPublicKeyInfo.X509Certificate[]
CertificateStore. getX509Certificates(CryptoType cryptoType)
Get an X509Certificate (chain) corresponding to the CryptoType argument.X509Certificate[]
Crypto. getX509Certificates(CryptoType cryptoType)
Get an X509Certificate (chain) corresponding to the CryptoType argument.X509Certificate[]
Merlin. getX509Certificates(CryptoType cryptoType)
Get an X509Certificate (chain) corresponding to the CryptoType argument.String
CertificateStore. getX509Identifier(X509Certificate cert)
Get the implementation-specific identifier corresponding to the cert parameter.String
Crypto. getX509Identifier(X509Certificate cert)
Get the implementation-specific identifier corresponding to the cert parameter, e.g.String
Merlin. getX509Identifier(X509Certificate cert)
Get the implementation-specific identifier corresponding to the cert parameter.protected KeyStore
Merlin. load(InputStream input, String storepass, String provider, String type)
Loads the keystore from anInputStream
.X509Certificate
Crypto. loadCertificate(InputStream in)
Load a X509Certificate from the input stream.X509Certificate
CryptoBase. loadCertificate(InputStream in)
Load a X509Certificate from the input stream.static InputStream
Merlin. loadInputStream(ClassLoader loader, String location)
Load a KeyStore object as an InputStream, using the ClassLoader and location argumentsvoid
Merlin. loadProperties(Properties properties, ClassLoader loader, PasswordEncryptor passwordEncryptor)
void
MerlinDevice. loadProperties(Properties properties, ClassLoader loader, PasswordEncryptor passwordEncryptor)
void
DERDecoder. skip(int length)
Advance the current position by the given number of bytes.boolean
DERDecoder. test(byte val)
Test if the byte at the current position matches the given value.protected void
CertificateStore. verifyTrust(X509Certificate[] certs, boolean enableRevocation, Collection<Pattern> subjectCertConstraints)
Evaluate whether a given certificate chain should be trusted.void
CertificateStore. verifyTrust(X509Certificate[] certs, boolean enableRevocation, Collection<Pattern> subjectCertConstraints, Collection<Pattern> issuerCertConstraints)
void
CertificateStore. verifyTrust(PublicKey publicKey)
Evaluate whether a given public key should be trusted.void
Crypto. verifyTrust(X509Certificate[] certs, boolean enableRevocation, Collection<Pattern> subjectCertConstraints, Collection<Pattern> issuerCertConstraints)
Evaluate whether a given certificate chain should be trusted.void
Crypto. verifyTrust(PublicKey publicKey)
Evaluate whether a given public key should be trusted.protected void
Merlin. verifyTrust(X509Certificate[] certs, boolean enableRevocation, Collection<Pattern> subjectCertConstraints)
Evaluate whether a given certificate chain should be trusted.void
Merlin. verifyTrust(X509Certificate[] certs, boolean enableRevocation, Collection<Pattern> subjectCertConstraints, Collection<Pattern> issuerCertConstraints)
void
Merlin. verifyTrust(PublicKey publicKey)
Evaluate whether a given public key should be trusted.protected void
MerlinAKI. verifyTrust(X509Certificate[] certs, boolean enableRevocation, Collection<Pattern> subjectCertConstraints)
Evaluate whether a given certificate chain should be trusted.Constructors in org.apache.wss4j.common.crypto that throw WSSecurityException Constructor Description DERDecoder(byte[] derEncoded)
Construct a DERDecoder for the given byte array.Merlin(Properties properties, ClassLoader loader, PasswordEncryptor passwordEncryptor)
MerlinAKI(Properties properties, ClassLoader loader, PasswordEncryptor passwordEncryptor)
MerlinDevice(Properties properties, ClassLoader loader, PasswordEncryptor passwordEncryptor)
X509SubjectPublicKeyInfo(byte[] x509EncodedPublicKey)
Construct a SubjectPublicKeyInfo for the given X.509-encoded public key.X509SubjectPublicKeyInfo(PublicKey key)
Construct a SubjectPublicKeyInfo for the given public key. -
Uses of WSSecurityException in org.apache.wss4j.common.derivedKey
Methods in org.apache.wss4j.common.derivedKey that throw WSSecurityException Modifier and Type Method Description byte[]
ConversationConstants.DerivationAlgorithm. createKey(byte[] secret, byte[] seed, int offset, long length)
byte[]
DerivationAlgorithm. createKey(byte[] secret, byte[] seed, int offset, long length)
byte[]
P_SHA1. createKey(byte[] secret, byte[] seed, int offset, long length)
static byte[]
DerivedKeyUtils. deriveKey(String algorithm, String label, int length, byte[] secret, byte[] nonce, int offset)
Derive a key from this DerivedKeyToken instancestatic DerivationAlgorithm
AlgoFactory. getInstance(String algorithm)
This gives a DerivationAlgorithm instance from the default set of algorithms provided -
Uses of WSSecurityException in org.apache.wss4j.common.kerberos
Methods in org.apache.wss4j.common.kerberos that throw WSSecurityException Modifier and Type Method Description KerberosContext
KerberosClientExceptionAction. run()
KerberosServiceContext
KerberosServiceExceptionAction. run()
-
Uses of WSSecurityException in org.apache.wss4j.common.saml
Methods in org.apache.wss4j.common.saml that throw WSSecurityException Modifier and Type Method Description String
SamlAssertionWrapper. assertionToString()
Method assertionToString ...void
SamlAssertionWrapper. checkAudienceRestrictions(List<String> audienceRestrictions)
Check the AudienceRestrictions of the Assertionvoid
SamlAssertionWrapper. checkAuthnStatements(int futureTTL)
Check the various attributes of the AuthnStatements of the assertion (if any)void
SamlAssertionWrapper. checkConditions(int futureTTL)
Check the Conditions of the Assertion.void
SamlAssertionWrapper. checkIssueInstant(int futureTTL, int ttl)
Check the IssueInstant value of the Assertion.static org.opensaml.core.xml.XMLObject
OpenSAMLUtil. fromDom(Element root)
Convert a SAML Assertion from a DOM Element to an XMLObjectstatic SAMLKeyInfo
SAMLUtil. getCredentialFromKeyInfo(Element keyInfoElement, SAMLKeyInfoProcessor keyInfoProcessor, Crypto sigCrypto)
This method returns a SAMLKeyInfo corresponding to the credential found in the KeyInfo (DOM Element) argument.static SAMLKeyInfo
SAMLUtil. getCredentialFromSubject(SamlAssertionWrapper samlAssertion, SAMLKeyInfoProcessor keyInfoProcessor, Crypto sigCrypto, CallbackHandler callbackHandler)
Parse a SAML Assertion to obtain a SAMLKeyInfo object from the Subject of the assertionstatic SAMLKeyInfo
SAMLUtil. getCredentialFromSubject(org.opensaml.saml.saml1.core.Assertion assertion, SAMLKeyInfoProcessor keyInfoProcessor, Crypto sigCrypto, CallbackHandler callbackHandler)
Get the SAMLKeyInfo object corresponding to the credential stored in the Subject of a SAML 1.1 assertionstatic SAMLKeyInfo
SAMLUtil. getCredentialFromSubject(org.opensaml.saml.saml2.core.Assertion assertion, SAMLKeyInfoProcessor keyInfoProcessor, Crypto sigCrypto, CallbackHandler callbackHandler)
Get the SAMLKeyInfo object corresponding to the credential stored in the Subject of a SAML 2 assertionorg.opensaml.xmlsec.signature.Signature
SamlAssertionWrapper. getSignature()
byte[]
SamlAssertionWrapper. getSignatureValue()
Get the SignatureValue bytes of the signed SAML Assertionvoid
SamlAssertionWrapper. parseSubject(SAMLKeyInfoProcessor keyInfoProcessor, Crypto sigCrypto, CallbackHandler callbackHandler)
This method parses the KeyInfo of the Subject.SAMLKeyInfo
SAMLKeyInfoProcessor. processSAMLKeyInfo(Element keyInfoElement)
void
SamlAssertionWrapper. signAssertion(String issuerKeyName, String issuerKeyPassword, Crypto issuerCrypto, boolean sendKeyValue)
Create an enveloped signature on the assertion that has been created.void
SamlAssertionWrapper. signAssertion(String issuerKeyName, String issuerKeyPassword, Crypto issuerCrypto, boolean sendKeyValue, String canonicalizationAlgorithm, String signatureAlgorithm)
Create an enveloped signature on the assertion that has been created.void
SamlAssertionWrapper. signAssertion(String issuerKeyName, String issuerKeyPassword, Crypto issuerCrypto, boolean sendKeyValue, String canonicalizationAlgorithm, String signatureAlgorithm, String signatureDigestAlgorithm)
Create an enveloped signature on the assertion that has been created.static Element
OpenSAMLUtil. toDom(org.opensaml.core.xml.XMLObject xmlObject, Document doc)
Convert a SAML Assertion from a XMLObject to a DOM Elementstatic Element
OpenSAMLUtil. toDom(org.opensaml.core.xml.XMLObject xmlObject, Document doc, boolean signObject)
Convert a SAML Assertion from a XMLObject to a DOM ElementElement
SamlAssertionWrapper. toDOM(Document doc)
Create a DOM from the current XMLObject content.void
SamlAssertionWrapper. validateSignatureAgainstProfile()
Validate the signature of the Assertion against the Profile.void
SamlAssertionWrapper. verifySignature(SAMLKeyInfo samlKeyInfo)
Verify the signature of this assertionvoid
SamlAssertionWrapper. verifySignature(SAMLKeyInfoProcessor keyInfoProcessor, Crypto sigCrypto)
Verify the signature of this assertionConstructors in org.apache.wss4j.common.saml that throw WSSecurityException Constructor Description SamlAssertionWrapper(SAMLCallback samlCallback)
Constructor SamlAssertionWrapper creates a new SamlAssertionWrapper instance.SamlAssertionWrapper(org.opensaml.saml.common.SAMLObject samlObject)
Constructor SamlAssertionWrapper creates a new SamlAssertionWrapper instance.SamlAssertionWrapper(Element element)
Constructor SamlAssertionWrapper creates a new SamlAssertionWrapper instance. -
Uses of WSSecurityException in org.apache.wss4j.common.saml.builder
Methods in org.apache.wss4j.common.saml.builder that throw WSSecurityException Modifier and Type Method Description static org.opensaml.saml.saml1.core.Advice
SAML1ComponentBuilder. createAdvice(AdviceBean adviceBean)
Create a Advice objectstatic org.opensaml.saml.saml2.core.Advice
SAML2ComponentBuilder. createAdvice(AdviceBean adviceBean)
Create a Advice objectstatic org.opensaml.xmlsec.signature.KeyInfo
SAML1ComponentBuilder. createKeyInfo(KeyInfoBean keyInfo)
Create an Opensaml KeyInfo object from the parametersstatic org.opensaml.saml.saml1.core.Subject
SAML1ComponentBuilder. createSaml1v1Subject(SubjectBean subjectBean)
Create a SAML Subject from a SubjectBean instancestatic org.opensaml.saml.saml2.core.Subject
SAML2ComponentBuilder. createSaml2Subject(SubjectBean subjectBean)
Create a Subject.static List<org.opensaml.saml.saml1.core.AttributeStatement>
SAML1ComponentBuilder. createSamlv1AttributeStatement(List<AttributeStatementBean> attributeData)
Create SAML 1.1 attribute statement(s)static List<org.opensaml.saml.saml1.core.AuthenticationStatement>
SAML1ComponentBuilder. createSamlv1AuthenticationStatement(List<AuthenticationStatementBean> authBeans)
Create SAML 1.1 authentication statement(s)static List<org.opensaml.saml.saml1.core.AuthorizationDecisionStatement>
SAML1ComponentBuilder. createSamlv1AuthorizationDecisionStatement(List<AuthDecisionStatementBean> decisionData)
Create SAML 1.1 Authorization Decision Statement(s)static org.opensaml.saml.saml2.core.SubjectConfirmationData
SAML2ComponentBuilder. createSubjectConfirmationData(SubjectConfirmationDataBean subjectConfirmationDataBean, KeyInfoBean keyInfoBean)
Create a SubjectConfirmationData object -
Uses of WSSecurityException in org.apache.wss4j.common.spnego
Methods in org.apache.wss4j.common.spnego that throw WSSecurityException Modifier and Type Method Description void
SpnegoTokenContext. retrieveServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName)
Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this BinarySecurityToken.void
SpnegoTokenContext. retrieveServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName, boolean isUsernameServiceNameForm)
Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this BinarySecurityToken.void
SpnegoTokenContext. retrieveServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName, boolean isUsernameServiceNameForm, boolean requestCredDeleg, GSSCredential delegationCredential)
Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this BinarySecurityToken.byte[]
SpnegoTokenContext. unwrapKey(byte[] secret)
Unwrap a keyvoid
SpnegoTokenContext. validateServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName, boolean isUsernameServiceNameForm, byte[] ticket)
Validate a service ticket.void
SpnegoTokenContext. validateServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName, byte[] ticket)
Validate a service ticket.byte[]
SpnegoTokenContext. wrapKey(byte[] secret)
Wrap a key -
Uses of WSSecurityException in org.apache.wss4j.common.token
Methods in org.apache.wss4j.common.token that throw WSSecurityException Modifier and Type Method Description X509Certificate[]
SecurityTokenReference. getKeyIdentifier(Crypto crypto)
Gets the KeyIdentifier.Reference
SecurityTokenReference. getReference()
Gets the Reference.X509Certificate
X509Security. getX509Certificate(Crypto crypto)
Gets the X509Certificate certificate.X509Certificate[]
PKIPathSecurity. getX509Certificates(Crypto crypto)
get the X509Certificate array.X509Certificate[]
SecurityTokenReference. getX509IssuerSerial(Crypto crypto)
Gets the certificate identified with X509 issuerSerial data.X509Certificate
SecurityTokenReference. getX509SKIAlias(Crypto crypto)
void
SecurityTokenReference. setKeyIdentifier(String valueType, String keyIdVal)
void
SecurityTokenReference. setKeyIdentifier(String valueType, String keyIdVal, boolean base64)
void
SecurityTokenReference. setKeyIdentifier(X509Certificate cert)
Sets the KeyIdentifier Element as a X509 certificate.void
SecurityTokenReference. setKeyIdentifierEncKeySHA1(String value)
void
SecurityTokenReference. setKeyIdentifierSKI(X509Certificate cert, Crypto crypto)
Sets the KeyIdentifier Element as a X509 Subject-Key-Identifier (SKI).void
SecurityTokenReference. setKeyIdentifierThumb(X509Certificate cert)
Sets the KeyIdentifier Element as a Thumbprint.void
BinarySecurity. setToken(byte[] data)
set the token information.void
X509Security. setX509Certificate(X509Certificate cert)
Sets the X509Certificate.void
PKIPathSecurity. setX509Certificates(X509Certificate[] certs, Crypto crypto)
set the X509Certificate array.Constructors in org.apache.wss4j.common.token that throw WSSecurityException Constructor Description BinarySecurity(CallbackHandler callbackHandler)
Create a BinarySecurityToken via a CallbackHandlerBinarySecurity(Element elem, BSPEnforcer bspEnforcer)
Constructor.DOMX509Data(Element x509DataElement)
Constructor.PKIPathSecurity(Element elem, BSPEnforcer bspEnforcer)
Constructor.Reference(Element elem)
Constructor.SecurityTokenReference(Element elem, BSPEnforcer bspEnforcer)
Constructor.X509Security(Element elem, BSPEnforcer bspEnforcer)
This constructor creates a new X509 certificate object and initializes it from the data contained in the element. -
Uses of WSSecurityException in org.apache.wss4j.common.util
Methods in org.apache.wss4j.common.util that throw WSSecurityException Modifier and Type Method Description static String
UsernameTokenUtil. doPasswordDigest(byte[] nonce, String created, byte[] password)
static String
UsernameTokenUtil. doPasswordDigest(byte[] nonce, String created, String password)
static byte[]
UsernameTokenUtil. doRawPasswordDigest(byte[] nonce, String created, byte[] password)
static byte[]
UsernameTokenUtil. generateDerivedKey(byte[] password, byte[] salt, int iteration)
This static method generates a derived key as defined in WSS Username Token Profile.static byte[]
UsernameTokenUtil. generateDerivedKey(String password, byte[] salt, int iteration)
This static method generates a derived key as defined in WSS Username Token Profile.static byte[]
KeyUtils. generateDigest(byte[] inputBytes)
Generate a (SHA1) digest of the input bytes.static String
AttachmentUtils. getAttachmentId(String xopUri)
static byte[]
AttachmentUtils. getBytesFromAttachment(String xopUri, CallbackHandler attachmentCallbackHandler, boolean removeAttachments)
static Cipher
KeyUtils. getCipherInstance(String cipherAlgo)
Translate the "cipherAlgo" URI to a JCE ID, and return a javax.crypto.Cipher instance of this type.static Cipher
KeyUtils. getCipherInstance(String cipherAlgo, String provider)
Translate the "cipherAlgo" URI to a JCE ID, and request a javax.crypto.Cipher instance of this type from the given provider.static KeyGenerator
KeyUtils. getKeyGenerator(String algorithm)
static int
KeyUtils. getKeyLength(String algorithm)
Returns the length of the key in # of bytes.static String
UsernameTokenUtil. getRawPassword(CallbackHandler callbackHandler, String username, String password, String passwordType)
Get the raw (plain text) password used to compute secret key.static InputStream
Loader. loadInputStream(ClassLoader loader, String resource)
static void
AttachmentUtils. readAndReplaceEncryptedAttachmentHeaders(Map<String,String> headers, InputStream attachmentInputStream)
static InputStream
AttachmentUtils. setupAttachmentDecryptionStream(String encAlgo, Cipher cipher, Key key, InputStream inputStream)
static InputStream
AttachmentUtils. setupAttachmentEncryptionStream(Cipher cipher, boolean complete, Attachment attachment, Map<String,String> headers)
static void
AttachmentUtils. storeBytesInAttachment(Element parentElement, Document doc, String attachmentId, byte[] bytes, CallbackHandler attachmentCallbackHandler)
-
Uses of WSSecurityException in org.apache.wss4j.dom
Methods in org.apache.wss4j.dom that throw WSSecurityException Modifier and Type Method Description void
WSDocInfo. addTokenElement(Element element)
Store a token element for later retrieval.void
WSDocInfo. addTokenElement(Element element, boolean checkMultipleElements)
Store a token element for later retrieval. -
Uses of WSSecurityException in org.apache.wss4j.dom.action
Methods in org.apache.wss4j.dom.action that throw WSSecurityException Modifier and Type Method Description void
Action. execute(WSHandler handler, SecurityActionToken actionToken, RequestData reqData)
void
CustomTokenAction. execute(WSHandler handler, SecurityActionToken actionToken, RequestData reqData)
void
EncryptionAction. execute(WSHandler handler, SecurityActionToken actionToken, RequestData reqData)
void
EncryptionDerivedAction. execute(WSHandler handler, SecurityActionToken actionToken, RequestData reqData)
void
SAMLTokenSignedAction. execute(WSHandler handler, SecurityActionToken actionToken, RequestData reqData)
void
SAMLTokenUnsignedAction. execute(WSHandler handler, SecurityActionToken actionToken, RequestData reqData)
void
SignatureAction. execute(WSHandler handler, SecurityActionToken actionToken, RequestData reqData)
void
SignatureConfirmationAction. execute(WSHandler handler, SecurityActionToken actionToken, RequestData reqData)
void
SignatureDerivedAction. execute(WSHandler handler, SecurityActionToken actionToken, RequestData reqData)
void
TimestampAction. execute(WSHandler handler, SecurityActionToken actionToken, RequestData reqData)
void
UsernameTokenAction. execute(WSHandler handler, SecurityActionToken actionToken, RequestData reqData)
void
UsernameTokenSignedAction. execute(WSHandler handler, SecurityActionToken actionToken, RequestData reqData)
protected void
AbstractDerivedAction. setupEKReference(WSSecDerivedKeyBase derivedKeyBase, SignatureEncryptionActionToken previousActionToken)
protected Element
AbstractDerivedAction. setupEKReference(WSSecDerivedKeyBase derivedKeyBase, WSSecHeader securityHeader, WSPasswordCallback passwordCallback, SignatureEncryptionActionToken actionToken, boolean use200512Namespace, Document doc, String keyTransportAlgorithm, String mgfAlgorithm, SecretKey symmetricKey)
protected Element
AbstractDerivedAction. setupSCTReference(WSSecDerivedKeyBase derivedKeyBase, WSPasswordCallback passwordCallback, SignatureEncryptionActionToken actionToken, boolean use200512Namespace, Document doc)
protected void
AbstractDerivedAction. setupSCTReference(WSSecDerivedKeyBase derivedKeyBase, SignatureEncryptionActionToken previousActionToken, boolean use200512Namespace)
-
Uses of WSSecurityException in org.apache.wss4j.dom.callback
Methods in org.apache.wss4j.dom.callback that throw WSSecurityException Modifier and Type Method Description Element
CallbackLookup. getAndRegisterElement(String id, String valueType, boolean checkMultipleElements, DOMCryptoContext context)
Get the DOM element that corresponds to the given id and ValueType reference.Element
DOMCallbackLookup. getAndRegisterElement(String id, String valueType, boolean checkMultipleElements, DOMCryptoContext context)
Get the DOM element that corresponds to the given id and ValueType reference.Element
CallbackLookup. getElement(String id, String valueType, boolean checkMultipleElements)
Get the DOM element that corresponds to the given id and ValueType reference.Element
DOMCallbackLookup. getElement(String id, String valueType, boolean checkMultipleElements)
Get the DOM element that corresponds to the given id and ValueType reference.List<Element>
CallbackLookup. getElements(String localname, String namespace)
Get the DOM element(s) that correspond to the given localname/namespace.List<Element>
DOMCallbackLookup. getElements(String localname, String namespace)
Get the DOM element(s) that correspond to the given localname/namespace. -
Uses of WSSecurityException in org.apache.wss4j.dom.engine
Methods in org.apache.wss4j.dom.engine that throw WSSecurityException Modifier and Type Method Description Action
WSSConfig. getAction(int action)
Lookup actionProcessor
WSSConfig. getProcessor(QName el)
Validator
WSSConfig. getValidator(QName el)
WSHandlerResult
WSSecurityEngine. processSecurityHeader(Document doc, String actor, CallbackHandler cb, Crypto crypto)
Process the security header given the soap envelope as W3C document.WSHandlerResult
WSSecurityEngine. processSecurityHeader(Document doc, String actor, CallbackHandler cb, Crypto sigVerCrypto, Crypto decCrypto)
Process the security header given the soap envelope as W3C document.WSHandlerResult
WSSecurityEngine. processSecurityHeader(Document doc, RequestData requestData)
Process the security header given the soap envelope as W3C document.WSHandlerResult
WSSecurityEngine. processSecurityHeader(Element securityHeader, String actor, CallbackHandler cb, Crypto sigVerCrypto, Crypto decCrypto)
Process the security header given thewsse:Security
DOM Element.WSHandlerResult
WSSecurityEngine. processSecurityHeader(Element securityHeader, RequestData requestData)
Process the security header given thewsse:Security
DOM Element. -
Uses of WSSecurityException in org.apache.wss4j.dom.handler
Methods in org.apache.wss4j.dom.handler that throw WSSecurityException Modifier and Type Method Description protected void
WSHandler. checkSignatureConfirmation(RequestData reqData, WSHandlerResult handlerResults)
protected void
WSHandler. decodeAlgorithmSuite(RequestData reqData)
protected boolean
WSHandler. decodeBooleanConfigValue(Object messageContext, String configTag, boolean defaultToTrue)
protected void
WSHandler. decodeDecryptionParameter(RequestData reqData)
protected void
WSHandler. decodeEncryptionParameter(RequestData reqData)
protected String
WSHandler. decodePasswordType(RequestData reqData)
protected void
WSHandler. decodeSignatureParameter(RequestData reqData)
protected void
WSHandler. decodeSignatureParameter2(RequestData reqData)
protected void
WSHandler. decodeUTParameter(RequestData reqData)
protected void
WSHandler. doReceiverAction(List<Integer> actions, RequestData reqData)
protected void
WSHandler. doSenderAction(Document doc, RequestData reqData, List<HandlerAction> actions, boolean isRequest)
Performs all defined security actions to set-up the SOAP request.CallbackHandler
WSHandler. getCallbackHandler(String callbackHandlerClass, String callbackHandlerRef, RequestData requestData)
Get a CallbackHandler instance.ReplayCache
RequestData. getNonceReplayCache()
Get the replay cache for NoncesCallbackHandler
WSHandler. getPasswordCallbackHandler(RequestData reqData)
Get a CallbackHandler instance to obtain passwords.WSPasswordCallback
WSHandler. getPasswordCB(String username, int doAction, CallbackHandler callbackHandler, RequestData requestData)
Get a password callback (WSPasswordCallback object) from a CallbackHandler instanceReplayCache
RequestData. getSamlOneTimeUseReplayCache()
Get the replay cache for SAML2 OneTimeUse AssertionsReplayCache
RequestData. getTimestampReplayCache()
Get the replay cache for TimestampsValidator
RequestData. getValidator(QName qName)
Get the Validator instance corresponding to the QNameprotected Crypto
WSHandler. loadCrypto(String cryptoPropertyFile, String cryptoPropertyRefId, RequestData requestData)
Load a Crypto instance.protected Crypto
WSHandler. loadCryptoFromPropertiesFile(String propFilename, RequestData reqData)
A hook to allow subclass to load Crypto instances from property files in a different way.protected Crypto
WSHandler. loadDecryptionCrypto(RequestData requestData)
Hook to allow subclasses to load their Decryption Crypto however they see fit.protected Crypto
WSHandler. loadEncryptionCrypto(RequestData requestData)
Hook to allow subclasses to load their Encryption Crypto however they see fit.Crypto
WSHandler. loadSignatureCrypto(RequestData requestData)
Hook to allow subclasses to load their Signature creation Crypto however they see fit.Crypto
WSHandler. loadSignatureVerificationCrypto(RequestData requestData)
Hook to allow subclasses to load their Signature verification Crypto however they see fit. -
Uses of WSSecurityException in org.apache.wss4j.dom.message
Methods in org.apache.wss4j.dom.message that throw WSSecurityException Modifier and Type Method Description protected void
WSSecEncryptedKey. addCipherValueElement(byte[] encryptedEphemeralKey)
Create and add the CipherValue Element to the EncryptedKey Element.List<Reference>
WSSecDKSign. addReferencesToSign(List<WSEncryptionPart> references)
This method adds references to the Signature.List<Reference>
WSSecSignature. addReferencesToSign(List<WSEncryptionPart> references)
This method adds references to the Signature.List<Reference>
WSSecSignatureBase. addReferencesToSign(Document doc, List<WSEncryptionPart> references, WSDocInfo wsDocInfo, XMLSignatureFactory signatureFactory, boolean addInclusivePrefixes, String digestAlgo)
This method adds references to the Signature.Document
WSSecDKEncrypt. build(byte[] ephemeralKey)
Document
WSSecDKSign. build(byte[] ephemeralKey)
Document
WSSecEncrypt. build(Crypto crypto, SecretKey symmetricKey)
Builds the SOAP envelope with encrypted Body and adds encrypted key.Document
WSSecSignature. build(Crypto cr)
Builds a signed soap envelope.void
WSSecDKSign. computeSignature(List<Reference> referenceList)
Compute the Signature over the references.void
WSSecDKSign. computeSignature(List<Reference> referenceList, boolean prepend, Element siblingElement)
Compute the Signature over the references.void
WSSecSignature. computeSignature(List<Reference> referenceList)
Compute the Signature over the references.void
WSSecSignature. computeSignature(List<Reference> referenceList, boolean prepend, Element siblingElement)
Compute the Signature over the references.protected void
WSSecEncryptedKey. createEncryptedKeyElement(X509Certificate remoteCert, Crypto crypto)
Now we need to setup the EncryptedKey header block: 1) create a EncryptedKey element and set a wsu:Id for it 2) Generate ds:KeyInfo element, this wraps the wsse:SecurityTokenReference 3) Create and set up the SecurityTokenReference according to the keyIdentifier parameter 4) Create the CipherValue element structure and insert the encrypted session keyprotected void
WSSecEncryptedKey. createEncryptedKeyElement(Key key)
Now we need to setup the EncryptedKey header block: 1) create a EncryptedKey element and set a wsu:Id for it 2) Generate ds:KeyInfo element, this wraps the wsse:SecurityTokenReference 3) Create and set up the SecurityTokenReference according to the keyIdentifier parameter 4) Create the CipherValue element structure and insert the encrypted session keyList<String>
Encryptor. doEncryption(org.apache.xml.security.keys.KeyInfo keyInfo, SecretKey secretKey, String encryptionAlgorithm, List<WSEncryptionPart> references, List<Element> attachmentEncryptedDataElements)
Element
WSSecDKEncrypt. encrypt()
Element
WSSecEncrypt. encrypt(SecretKey symmetricKey)
Perform encryption using the given symmetric keyElement
WSSecDKEncrypt. encryptForExternalRef(Element dataRef, List<WSEncryptionPart> references)
Encrypt one or more parts or elements of the message (external).Element
WSSecEncrypt. encryptForRef(Element dataRef, List<WSEncryptionPart> references, SecretKey symmetricKey)
Encrypt one or more parts or elements of the message.protected byte[]
WSSecEncryptedKey. encryptSymmetricKey(PublicKey encryptingKey, SecretKey keyToBeEncrypted)
byte[]
WSSecUsernameToken. getDerivedKey(byte[] saltValue)
Get the derived key.protected abstract int
WSSecDerivedKeyBase. getDerivedKeyLength()
The derived key will change depending on the sig/encr algorithm.protected int
WSSecDKEncrypt. getDerivedKeyLength()
protected int
WSSecDKSign. getDerivedKeyLength()
Element
WSSecSAMLToken. getElement()
Element
WSSecHeader. insertSecurityHeader()
Creates a security header and inserts it as child into the SOAP Envelope.boolean
WSSecHeader. isEmpty()
Returns whether the security header is emptyprotected void
WSSecSignature. marshalKeyInfo(WSDocInfo wsDocInfo)
void
WSSecDerivedKeyBase. prepare(byte[] ephemeralKey)
Initialize a WSSec Derived key.void
WSSecDKEncrypt. prepare(byte[] ephemeralKey)
void
WSSecDKSign. prepare(byte[] ephemeralKey)
void
WSSecEncrypt. prepare(Crypto crypto, SecretKey symmetricKey)
Initialize a WSSec Encrypt.void
WSSecEncryptedKey. prepare(Crypto crypto, SecretKey symmetricKey)
Create the EncryptedKey Element for inclusion in the security header, by encrypting the symmetricKey parameter using either a public key or certificate that is set on the class, and adding the encrypted bytes as the CipherValue of the EncryptedKey element.void
WSSecSecurityContextToken. prepare(Crypto crypto)
void
WSSecSignature. prepare(Crypto cr)
Initialize a WSSec Signature.void
WSSecSecurityContextToken. prependSCTElementToHeader()
void
WSSecHeader. removeSecurityHeader()
protected void
WSSecEncryptedKey. setEncryptedKeySHA1(byte[] encryptedEphemeralKey)
-
Uses of WSSecurityException in org.apache.wss4j.dom.message.token
Methods in org.apache.wss4j.dom.message.token that throw WSSecurityException Modifier and Type Method Description Principal
DerivedKeyToken. createPrincipal()
Create a WSDerivedKeyTokenPrincipal from this DerivedKeyToken objectPrincipal
UsernameToken. createPrincipal()
Create a WSUsernameTokenPrincipal from this UsernameToken objectbyte[]
DerivedKeyToken. deriveKey(int length, byte[] secret)
Derive a key from this DerivedKeyToken instancebyte[]
UsernameToken. getDerivedKey(BSPEnforcer bspEnforcer, String rawPassword)
This method gets a derived key as defined in WSS Username Token Profile.byte[]
UsernameToken. getSalt()
Get the Salt value of this UsernameToken.SecurityTokenReference
DerivedKeyToken. getSecurityTokenReference()
Returns the SecurityTokenReference of the derived key tokenboolean
UsernameToken. isDerivedKey()
Return whether the UsernameToken represented by this class is to be used for key derivation as per the UsernameToken Profile 1.1.void
KerberosSecurity. retrieveServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName)
Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this BinarySecurityToken.void
KerberosSecurity. retrieveServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName, boolean isUsernameServiceNameForm)
void
KerberosSecurity. retrieveServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName, boolean isUsernameServiceNameForm, boolean requestCredDeleg)
void
KerberosSecurity. retrieveServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName, boolean isUsernameServiceNameForm, boolean requestCredDeleg, GSSCredential delegatedCredential)
void
KerberosSecurity. retrieveServiceTicket(CallbackHandler callbackHandler)
Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this BinarySecurityToken.void
DerivedKeyToken. setGeneration(int generation)
Sets the generation of the derived keyvoid
DerivedKeyToken. setOffset(int offset)
Sets the offsetConstructors in org.apache.wss4j.dom.message.token that throw WSSecurityException Constructor Description DerivedKeyToken(int version, Document doc)
This will create an empty DerivedKeyTokenDerivedKeyToken(Document doc)
This will create an empty DerivedKeyTokenDerivedKeyToken(Element elem, BSPEnforcer bspEnforcer)
This will create a DerivedKeyToken object with the given DerivedKeyToken elementKerberosSecurity(Element elem, BSPEnforcer bspEnforcer)
This constructor creates a new Kerberos token object and initializes it from the data contained in the element.SecurityContextToken(int version, Document doc)
Constructor to create the SCTSecurityContextToken(int version, Document doc, String uuid)
Constructor to create the SCT with a given uuidSecurityContextToken(int version, Document doc, String uuid, String instance)
Constructor to create the SCT with a given uuid and instanceSecurityContextToken(Document doc)
Constructor to create the SCTSecurityContextToken(Document doc, String uuid)
Constructor to create the SCT with a given uuidSecurityContextToken(Element elem)
This is used to create a SecurityContextToken using a DOM ElementSignatureConfirmation(Element elem, BSPEnforcer bspEnforcer)
Constructs aSignatureConfirmation
object and parses thewsse11:SignatureConfirmation
element to initialize it.Timestamp(Element timestampElement, BSPEnforcer bspEnforcer)
Constructs aTimestamp
object and parses thewsu:Timestamp
element to initialize it.UsernameToken(Element elem, boolean allowNamespaceQualifiedPasswordTypes, BSPEnforcer bspEnforcer)
Constructs aUsernameToken
object and parses thewsse:UsernameToken
element to initialize it. -
Uses of WSSecurityException in org.apache.wss4j.dom.processor
-
Uses of WSSecurityException in org.apache.wss4j.dom.saml
Methods in org.apache.wss4j.dom.saml that throw WSSecurityException Modifier and Type Method Description Document
WSSecSignatureSAML. build(Crypto uCrypto, SamlAssertionWrapper samlAssertion, Crypto iCrypto, String iKeyName, String iKeyPW)
Builds a signed soap envelope with SAML token.void
WSSecSignatureSAML. computeSignature(List<Reference> referenceList, Element siblingElement)
Compute the Signature over the references.void
WSSecSignatureSAML. prepare(Crypto uCrypto, SamlAssertionWrapper samlAssertion, Crypto iCrypto, String iKeyName, String iKeyPW)
Initialize a WSSec SAML Signature.SAMLKeyInfo
WSSSAMLKeyInfoProcessor. processSAMLKeyInfo(Element keyInfoElement)
static void
DOMSAMLUtil. validateSAMLResults(WSHandlerResult handlerResults, Certificate[] tlsCerts, Element body)
-
Uses of WSSecurityException in org.apache.wss4j.dom.str
Methods in org.apache.wss4j.dom.str that throw WSSecurityException Modifier and Type Method Description static void
STRParserUtil. checkBinarySecurityBSPCompliance(SecurityTokenReference secRef, BinarySecurity token, BSPEnforcer bspEnforcer)
Check that the BinarySecurityToken referenced by the SecurityTokenReference argument is BSP compliant.static void
STRParserUtil. checkEncryptedKeyBSPCompliance(SecurityTokenReference secRef, BSPEnforcer bspEnforcer)
Check that the EncryptedKey referenced by the SecurityTokenReference argument is BSP compliant.static void
STRParserUtil. checkSamlTokenBSPCompliance(SecurityTokenReference secRef, SamlAssertionWrapper samlAssertion, BSPEnforcer bspEnforcer)
Check that the SAML token referenced by the SecurityTokenReference argument is BSP compliant.static void
STRParserUtil. checkUsernameTokenBSPCompliance(SecurityTokenReference secRef, BSPEnforcer bspEnforcer)
Check that the Username token referenced by the SecurityTokenReference argument is BSP compliant.static Element
STRParserUtil. findProcessedTokenElement(Document doc, WSDocInfo docInfo, CallbackHandler cb, String uri, String type)
Find a token that has been processed already - in other words, it access previous results to find the element, rather than conducting a general searchstatic Element
STRParserUtil. findUnprocessedTokenElement(Document doc, WSDocInfo docInfo, CallbackHandler cb, String uri, String type)
Find a token that has not been processed already - in other words, it searches for the element, rather than trying to access previous results to find the elementstatic SamlAssertionWrapper
STRParserUtil. getAssertionFromKeyIdentifier(SecurityTokenReference secRef, Element strElement, RequestData request)
Get an SamlAssertionWrapper object from parsing a SecurityTokenReference that uses a KeyIdentifier that points to a SAML Assertion.static byte[]
STRParserUtil. getSecretKeyFromToken(String id, String type, int identifier, RequestData data)
Get the Secret Key from a CallbackHandlerstatic Element
STRParserUtil. getTokenElement(Document doc, WSDocInfo docInfo, CallbackHandler cb, String uri, String valueType)
STRParserResult
DerivedKeyTokenSTRParser. parseSecurityTokenReference(STRParserParameters parameters)
Parse a SecurityTokenReference element and extract credentials.STRParserResult
EncryptedKeySTRParser. parseSecurityTokenReference(STRParserParameters parameters)
Parse a SecurityTokenReference element and extract credentials.STRParserResult
SecurityTokenRefSTRParser. parseSecurityTokenReference(STRParserParameters parameters)
Parse a SecurityTokenReference element and extract credentials.STRParserResult
SignatureSTRParser. parseSecurityTokenReference(STRParserParameters parameters)
Parse a SecurityTokenReference element and extract credentials.STRParserResult
STRParser. parseSecurityTokenReference(STRParserParameters parameters)
Parse a SecurityTokenReference element and extract credentials. -
Uses of WSSecurityException in org.apache.wss4j.dom.transform
Methods in org.apache.wss4j.dom.transform that throw WSSecurityException Modifier and Type Method Description static Element
STRTransformUtil. createBSTX509(Document doc, X509Certificate cert, Element secRefE)
static Element
STRTransformUtil. createBSTX509(Document doc, X509Certificate cert, Element secRefE, String secRefEncType)
static Element
STRTransformUtil. dereferenceSTR(Document doc, SecurityTokenReference secRef, WSDocInfo wsDocInfo)
Retrieves the element representing the referenced content of a STR. -
Uses of WSSecurityException in org.apache.wss4j.dom.util
Methods in org.apache.wss4j.dom.util that throw WSSecurityException Modifier and Type Method Description static Element
WSSecurityUtil. cloneElement(Document doc, Element clonedElement)
Register the javax.xml.soap.Node with new Cloned Dom Node with java9static List<Integer>
WSSecurityUtil. decodeAction(String action)
static List<HandlerAction>
WSSecurityUtil. decodeHandlerAction(String action, WSSConfig wssConfig)
Decode an action String.static WSDataRef
EncryptionUtils. decryptEncryptedData(Document doc, String dataRefURI, Element encData, SecretKey symmetricKey, String symEncAlgo, CallbackHandler attachmentCallbackHandler)
Decrypt the EncryptedData argument using a SecretKey.static WSDataRef
EncryptionUtils. decryptEncryptedData(Document doc, String dataRefURI, Element encData, SecretKey symmetricKey, String symEncAlgo, CallbackHandler attachmentCallbackHandler, org.apache.xml.security.encryption.Serializer encryptionSerializer)
Decrypt the EncryptedData argument using a SecretKey.static List<Element>
WSSecurityUtil. findElements(WSEncryptionPart part, CallbackLookup callbackLookup, Document doc)
Find the DOM Element in the SOAP Envelope that is referenced by the WSEncryptionPart argument.static Element
EncryptionUtils. findEncryptedDataElement(Document doc, WSDocInfo wsDocInfo, String dataRefURI)
Look up the encrypted data.static Element
WSSecurityUtil. findWsseSecurityHeaderBlock(Document doc, Element envelope, boolean doCreate)
find the first ws-security header blockstatic Element
WSSecurityUtil. findWsseSecurityHeaderBlock(Document doc, Element envelope, String actor, boolean doCreate)
find a WS-Security header block for a given actorstatic byte[]
WSSecurityUtil. generateNonce(int length)
Generate a nonce of the given length using the SHA1PRNG algorithm.static String
WSSecurityUtil. getAttachmentId(String xopUri)
static byte[]
WSSecurityUtil. getBytesFromAttachment(String xopUri, CallbackHandler attachmentCallbackHandler)
static byte[]
WSSecurityUtil. getBytesFromAttachment(String xopUri, CallbackHandler attachmentCallbackHandler, boolean removeAttachments)
static byte[]
WSSecurityUtil. getBytesFromAttachment(String xopUri, RequestData data)
static byte[]
EncryptionUtils. getDecodedBase64EncodedData(Element element)
Method getDecodedBase64EncodedDatastatic String
EncryptionUtils. getDigestAlgorithm(Node encBodyData)
static String
X509Util. getEncAlgo(Node encBodyData)
static String
EncryptionUtils. getMGFAlgorithm(Node encBodyData)
static byte[]
EncryptionUtils. getPSource(Node encBodyData)
static byte[]
X509Util. getSecretKey(Element keyInfoElem, String algorithm, CallbackHandler cb)
static Element
WSSecurityUtil. getSecurityHeader(Document doc, String actor)
Returns the first WS-Security header element for a given actor.static Element
WSSecurityUtil. getSecurityHeader(Element soapHeader, String actor, boolean soap12)
Returns the first WS-Security header element for a given actor.static void
WSSecurityUtil. inlineAttachments(List<Element> includeElements, CallbackHandler attachmentCallbackHandler, boolean removeAttachments)
static PublicKey
X509Util. parseKeyValue(Element keyInfoElement, XMLSignatureFactory signatureFactory)
static void
SignatureUtils. verifySignedElement(Element elem, List<WSSecurityEngineResult> signedResults)
static void
SignatureUtils. verifySignedElement(Element elem, WSDocInfo wsDocInfo)
-
Uses of WSSecurityException in org.apache.wss4j.dom.validate
Methods in org.apache.wss4j.dom.validate that throw WSSecurityException Modifier and Type Method Description protected void
SamlAssertionValidator. checkAuthnStatements(SamlAssertionWrapper samlAssertion)
Check the AuthnStatements of the Assertion (if any)protected void
SamlAssertionValidator. checkConditions(SamlAssertionWrapper samlAssertion)
Check the Conditions of the Assertion.protected void
SamlAssertionValidator. checkConditions(SamlAssertionWrapper samlAssertion, List<String> audienceRestrictions)
Check the Conditions of the Assertion.protected void
SamlAssertionValidator. checkOneTimeUse(SamlAssertionWrapper samlAssertion, RequestData data)
Check the "OneTimeUse" Condition of the Assertion.Credential
JAASUsernameTokenValidator. validate(Credential credential, RequestData data)
Validate the credential argument.Credential
KerberosTokenValidator. validate(Credential credential, RequestData data)
Validate the credential argument.Credential
NoOpValidator. validate(Credential credential, RequestData data)
Validate the credential argument.Credential
SamlAssertionValidator. validate(Credential credential, RequestData data)
Validate the credential argument.Credential
SignatureTrustValidator. validate(Credential credential, RequestData data)
Validate the credential argument.Credential
TimestampValidator. validate(Credential credential, RequestData data)
Validate the credential argument.Credential
UsernameTokenValidator. validate(Credential credential, RequestData data)
Validate the credential argument.Credential
Validator. validate(Credential credential, RequestData data)
Validate the credential argument.protected void
SamlAssertionValidator. validateAssertion(SamlAssertionWrapper samlAssertion)
Validate the samlAssertion against schemas/profilesprotected void
SignatureTrustValidator. validateCertificates(X509Certificate[] certificates)
Validate the certificates by checking the validity of each certprotected void
SignatureTrustValidator. validatePublicKey(PublicKey publicKey, Crypto crypto)
Validate a public keyprotected void
UsernameTokenValidator. verifyCustomPassword(UsernameToken usernameToken, RequestData data)
Verify a UsernameToken containing a password of some unknown (but specified) password type.protected void
UsernameTokenValidator. verifyDigestPassword(UsernameToken usernameToken, RequestData data)
Verify a UsernameToken containing a password digest.protected void
UsernameTokenValidator. verifyPlaintextPassword(UsernameToken usernameToken, RequestData data)
Verify a UsernameToken containing a plaintext password.protected Credential
SamlAssertionValidator. verifySignedAssertion(SamlAssertionWrapper samlAssertion, RequestData data)
Verify trust in the signature of a signed Assertion.protected void
SamlAssertionValidator. verifySubjectConfirmationMethod(SamlAssertionWrapper samlAssertion)
Check the Subject Confirmation method requirementsprotected void
SignatureTrustValidator. verifyTrustInCerts(X509Certificate[] certificates, Crypto crypto, RequestData data, boolean enableRevocation)
Evaluate whether the given certificate chain should be trusted.protected void
UsernameTokenValidator. verifyUnknownPassword(UsernameToken usernameToken, RequestData data)
Verify a UsernameToken containing no password. -
Uses of WSSecurityException in org.apache.wss4j.policy.stax.assertionStates
Methods in org.apache.wss4j.policy.stax.assertionStates that throw WSSecurityException Modifier and Type Method Description protected String
IssuedTokenAssertionState. validateClaims(Element claimsPolicy, SamlTokenSecurityEvent samlTokenSecurityEvent)
-
Uses of WSSecurityException in org.apache.wss4j.policy.stax.enforcer
Methods in org.apache.wss4j.policy.stax.enforcer that throw WSSecurityException Modifier and Type Method Description void
PolicyEnforcer. registerSecurityEvent(org.apache.xml.security.stax.securityEvent.SecurityEvent securityEvent)
-
Uses of WSSecurityException in org.apache.wss4j.stax.ext
Subclasses of WSSecurityException in org.apache.wss4j.stax.ext Modifier and Type Class Description class
WSSConfigurationException
Exception when configuration errors are detectedMethods in org.apache.wss4j.stax.ext that throw WSSecurityException Modifier and Type Method Description ReplayCache
WSSSecurityProperties. getNonceReplayCache()
Get the replay cache for NoncesReplayCache
WSSSecurityProperties. getSamlOneTimeUseReplayCache()
Get the replay cache for SAML2 OneTimeUse AssertionsReplayCache
WSSSecurityProperties. getTimestampReplayCache()
Get the replay cache for Timestampsvoid
WSInboundSecurityContext. handleBSPRule(BSPRule bspRule)
-
Uses of WSSecurityException in org.apache.wss4j.stax.impl
Methods in org.apache.wss4j.stax.impl that throw WSSecurityException Modifier and Type Method Description void
InboundWSSecurityContextImpl. handleBSPRule(BSPRule bspRule)
-
Uses of WSSecurityException in org.apache.wss4j.stax.impl.processor.input
Methods in org.apache.wss4j.stax.impl.processor.input that throw WSSecurityException Modifier and Type Method Description Node
SAMLTokenInputHandler. parseXMLEvent(org.apache.xml.security.stax.ext.stax.XMLSecEvent xmlSecEvent, Node currentNode, Document document)
-
Uses of WSSecurityException in org.apache.wss4j.stax.impl.securityToken
Methods in org.apache.wss4j.stax.impl.securityToken that throw WSSecurityException Modifier and Type Method Description byte[]
UsernameSecurityTokenImpl. generateDerivedKey()
This method generates a derived key as defined in WSS Username Token Profile.protected byte[]
UsernameSecurityTokenImpl. generateDerivedKey(WSInboundSecurityContext wsInboundSecurityContext)
This method generates a derived key as defined in WSS Username Token Profile.Principal
DsaKeyValueSecurityTokenImpl. getPrincipal()
Principal
ECKeyValueSecurityTokenImpl. getPrincipal()
Principal
HttpsSecurityTokenImpl. getPrincipal()
Principal
KerberosServiceSecurityTokenImpl. getPrincipal()
Principal
RsaKeyValueSecurityTokenImpl. getPrincipal()
Principal
SamlSecurityTokenImpl. getPrincipal()
Principal
UsernameSecurityTokenImpl. getPrincipal()
Principal
X509SecurityTokenImpl. getPrincipal()
Subject
DsaKeyValueSecurityTokenImpl. getSubject()
Subject
ECKeyValueSecurityTokenImpl. getSubject()
Subject
HttpsSecurityTokenImpl. getSubject()
Subject
KerberosServiceSecurityTokenImpl. getSubject()
Subject
RsaKeyValueSecurityTokenImpl. getSubject()
Subject
SamlSecurityTokenImpl. getSubject()
Subject
UsernameSecurityTokenImpl. getSubject()
Subject
X509SecurityTokenImpl. getSubject()
protected byte[]
KerberosServiceSecurityTokenImpl. getTGTSessionKey()
Constructors in org.apache.wss4j.stax.impl.securityToken that throw WSSecurityException Constructor Description ExternalSecurityTokenImpl(WSInboundSecurityContext wsInboundSecurityContext, String id, org.apache.xml.security.stax.securityToken.SecurityTokenConstants.KeyIdentifier keyIdentifier, WSSSecurityProperties securityProperties, boolean included)
SamlSecurityTokenImpl(WSInboundSecurityContext wsInboundSecurityContext, String id, org.apache.xml.security.stax.securityToken.SecurityTokenConstants.KeyIdentifier keyIdentifier, WSSSecurityProperties securityProperties)
-
Uses of WSSecurityException in org.apache.wss4j.stax.securityEvent
Methods in org.apache.wss4j.stax.securityEvent that throw WSSecurityException Modifier and Type Method Description abstract String
IssuedTokenSecurityEvent. getIssuerName()
String
SamlTokenSecurityEvent. getIssuerName()
SamlAssertionWrapper
SamlTokenSecurityEvent. getSamlAssertionWrapper()
-
Uses of WSSecurityException in org.apache.wss4j.stax.securityToken
Methods in org.apache.wss4j.stax.securityToken that throw WSSecurityException Modifier and Type Method Description byte[]
UsernameSecurityToken. generateDerivedKey()
Principal
SubjectAndPrincipalSecurityToken. getPrincipal()
Subject
SubjectAndPrincipalSecurityToken. getSubject()
-
Uses of WSSecurityException in org.apache.wss4j.stax.setup
Methods in org.apache.wss4j.stax.setup that throw WSSecurityException Modifier and Type Method Description static InboundWSSec
WSSec. getInboundWSSec(WSSSecurityProperties securityProperties)
Creates and configures an inbound streaming security enginestatic InboundWSSec
WSSec. getInboundWSSec(WSSSecurityProperties securityProperties, boolean initiator)
Creates and configures an inbound streaming security enginestatic InboundWSSec
WSSec. getInboundWSSec(WSSSecurityProperties securityProperties, boolean initiator, boolean returnSecurityError)
Creates and configures an inbound streaming security enginestatic OutboundWSSec
WSSec. getOutboundWSSec(WSSSecurityProperties securityProperties)
Creates and configures an outbound streaming security enginestatic CallbackHandler
ConfigurationConverter. loadCallbackHandler(String callbackHandlerClass)
Load a CallbackHandler instance.XMLStreamReader
InboundWSSec. processInMessage(XMLStreamReader xmlStreamReader)
Warning: configure your xmlStreamReader correctly.XMLStreamReader
InboundWSSec. processInMessage(XMLStreamReader xmlStreamReader, List<org.apache.xml.security.stax.securityEvent.SecurityEvent> requestSecurityEvents)
Warning: configure your xmlStreamReader correctly.XMLStreamReader
InboundWSSec. processInMessage(XMLStreamReader xmlStreamReader, List<org.apache.xml.security.stax.securityEvent.SecurityEvent> requestSecurityEvents, List<org.apache.xml.security.stax.securityEvent.SecurityEventListener> securityEventListeners)
Warning: configure your xmlStreamReader correctly.XMLStreamReader
InboundWSSec. processInMessage(XMLStreamReader xmlStreamReader, List<org.apache.xml.security.stax.securityEvent.SecurityEvent> requestSecurityEvents, org.apache.xml.security.stax.securityEvent.SecurityEventListener securityEventListener)
Warning: configure your xmlStreamReader correctly.XMLStreamWriter
OutboundWSSec. processOutMessage(OutputStream outputStream, String encoding, List<org.apache.xml.security.stax.securityEvent.SecurityEvent> requestSecurityEvents)
This method is the entry point for the incoming security-engine.XMLStreamWriter
OutboundWSSec. processOutMessage(OutputStream outputStream, String encoding, List<org.apache.xml.security.stax.securityEvent.SecurityEvent> requestSecurityEvents, org.apache.xml.security.stax.securityEvent.SecurityEventListener securityEventListener)
This method is the entry point for the incoming security-engine.XMLStreamWriter
OutboundWSSec. processOutMessage(Object output, String encoding, org.apache.xml.security.stax.ext.OutboundSecurityContext outboundSecurityContext)
XMLStreamWriter
OutboundWSSec. processOutMessage(XMLStreamWriter xmlStreamWriter, String encoding, List<org.apache.xml.security.stax.securityEvent.SecurityEvent> requestSecurityEvents)
This method is the entry point for the incoming security-engine.XMLStreamWriter
OutboundWSSec. processOutMessage(XMLStreamWriter xmlStreamWriter, String encoding, List<org.apache.xml.security.stax.securityEvent.SecurityEvent> requestSecurityEvents, org.apache.xml.security.stax.securityEvent.SecurityEventListener securityEventListener)
This method is the entry point for the incoming security-engine.XMLStreamWriter
OutboundWSSec. processOutMessage(XMLStreamWriter xmlStreamWriter, String encoding, org.apache.xml.security.stax.ext.OutboundSecurityContext outbounSecurityContext)
This method is the entry point for the incoming security-engine. -
Uses of WSSecurityException in org.apache.wss4j.stax.utils
Methods in org.apache.wss4j.stax.utils that throw WSSecurityException Modifier and Type Method Description static org.apache.xml.security.stax.securityEvent.TokenSecurityEvent<? extends org.apache.xml.security.stax.securityToken.InboundSecurityToken>
WSSUtils. createTokenSecurityEvent(org.apache.xml.security.stax.securityToken.InboundSecurityToken inboundSecurityToken, String correlationID)
static void
WSSUtils. doPasswordCallback(CallbackHandler callbackHandler, Callback callback)
Executes the Callback handling.static void
WSSUtils. doSecretKeyCallback(CallbackHandler callbackHandler, Callback callback, String id)
Try to get the secret key from a CallbackHandler implementation -
Uses of WSSecurityException in org.apache.wss4j.stax.validate
Methods in org.apache.wss4j.stax.validate that throw WSSecurityException Modifier and Type Method Description protected void
SamlTokenValidatorImpl. checkAuthnStatements(SamlAssertionWrapper samlAssertion)
Check the AuthnStatements of the Assertion (if any)protected void
SamlTokenValidatorImpl. checkConditions(SamlAssertionWrapper samlAssertion)
Check the Conditions of the Assertion.protected void
SamlTokenValidatorImpl. checkConditions(SamlAssertionWrapper samlAssertion, List<String> audienceRestrictions)
Check the Conditions of the Assertion.protected void
SamlTokenValidatorImpl. checkOneTimeUse(SamlAssertionWrapper samlAssertion, ReplayCache replayCache)
Check the "OneTimeUse" Condition of the Assertion.org.apache.xml.security.stax.securityToken.InboundSecurityToken
BinarySecurityTokenValidator. validate(BinarySecurityTokenType binarySecurityTokenType, TokenContext tokenContext)
org.apache.xml.security.stax.securityToken.InboundSecurityToken
BinarySecurityTokenValidatorImpl. validate(BinarySecurityTokenType binarySecurityTokenType, TokenContext tokenContext)
<T extends UsernameSecurityToken & org.apache.xml.security.stax.securityToken.InboundSecurityToken>
TJAASUsernameTokenValidatorImpl. validate(UsernameTokenType usernameTokenType, TokenContext tokenContext)
<T extends SamlSecurityToken & org.apache.xml.security.stax.securityToken.InboundSecurityToken>
TSamlTokenValidator. validate(SamlAssertionWrapper samlAssertionWrapper, org.apache.xml.security.stax.securityToken.InboundSecurityToken subjectSecurityToken, TokenContext tokenContext)
<T extends SamlSecurityToken & org.apache.xml.security.stax.securityToken.InboundSecurityToken>
TSamlTokenValidatorImpl. validate(SamlAssertionWrapper samlAssertionWrapper, org.apache.xml.security.stax.securityToken.InboundSecurityToken subjectSecurityToken, TokenContext tokenContext)
org.apache.xml.security.stax.securityToken.InboundSecurityToken
SecurityContextTokenValidator. validate(AbstractSecurityContextTokenType securityContextTokenType, String identifier, TokenContext tokenContext)
org.apache.xml.security.stax.securityToken.InboundSecurityToken
SecurityContextTokenValidatorImpl. validate(AbstractSecurityContextTokenType securityContextTokenType, String identifier, TokenContext tokenContext)
void
SignatureTokenValidator. validate(org.apache.xml.security.stax.securityToken.InboundSecurityToken inboundSecurityToken, WSSSecurityProperties wssSecurityProperties)
void
SignatureTokenValidatorImpl. validate(org.apache.xml.security.stax.securityToken.InboundSecurityToken inboundSecurityToken, WSSSecurityProperties wssSecurityProperties)
void
TimestampValidator. validate(TimestampType timestampType, TokenContext tokenContext)
void
TimestampValidatorImpl. validate(TimestampType timestampType, TokenContext tokenContext)
<T extends UsernameSecurityToken & org.apache.xml.security.stax.securityToken.InboundSecurityToken>
TUsernameTokenValidator. validate(UsernameTokenType usernameTokenType, TokenContext tokenContext)
<T extends UsernameSecurityToken & org.apache.xml.security.stax.securityToken.InboundSecurityToken>
TUsernameTokenValidatorImpl. validate(UsernameTokenType usernameTokenType, TokenContext tokenContext)
protected void
SamlTokenValidatorImpl. validateAssertion(SamlAssertionWrapper samlAssertion)
Validate the samlAssertion against schemas/profilesprotected void
UsernameTokenValidatorImpl. verifyCustomPassword(String username, PasswordString passwordType, TokenContext tokenContext)
Verify a UsernameToken containing a password of some unknown (but specified) password type.protected void
UsernameTokenValidatorImpl. verifyDigestPassword(String username, PasswordString passwordType, byte[] nonceVal, String created, TokenContext tokenContext)
Verify a UsernameToken containing a password digest.protected void
UsernameTokenValidatorImpl. verifyPlaintextPassword(String username, PasswordString passwordType, TokenContext tokenContext)
Verify a UsernameToken containing a plaintext password.protected void
SamlTokenValidatorImpl. verifySubjectConfirmationMethod(SamlAssertionWrapper samlAssertion)
Check the Subject Confirmation method requirements
-