Class WSSSecurityProperties


  • public class WSSSecurityProperties
    extends org.apache.xml.security.stax.ext.XMLSecurityProperties
    Main configuration class to supply keys etc. This class is subject to change in the future. Probably we will allow to configure the framework per WSDL
    • Constructor Detail

      • WSSSecurityProperties

        public WSSSecurityProperties()
    • Method Detail

      • getCallbackHandler

        public CallbackHandler getCallbackHandler()
        returns the password callback handler
        Returns:
        the password callback handler
      • setCallbackHandler

        public void setCallbackHandler​(CallbackHandler callbackHandler)
        sets the password callback handler
        Parameters:
        callbackHandler - the password callback handler
      • getTimestampTTL

        public Integer getTimestampTTL()
      • setTimestampTTL

        public void setTimestampTTL​(Integer timestampTTL)
      • isStrictTimestampCheck

        public boolean isStrictTimestampCheck()
      • setStrictTimestampCheck

        public void setStrictTimestampCheck​(boolean strictTimestampCheck)
      • setHandleCustomPasswordTypes

        public void setHandleCustomPasswordTypes​(boolean handleCustomTypes)
        Parameters:
        handleCustomTypes - whether to handle custom UsernameToken password types or not
      • getHandleCustomPasswordTypes

        public boolean getHandleCustomPasswordTypes()
        Returns:
        whether custom UsernameToken password types are allowed or not
      • getTokenUser

        public String getTokenUser()
      • setTokenUser

        public void setTokenUser​(String tokenUser)
      • isEnableSignatureConfirmationVerification

        public boolean isEnableSignatureConfirmationVerification()
      • setEnableSignatureConfirmationVerification

        public void setEnableSignatureConfirmationVerification​(boolean enableSignatureConfirmationVerification)
      • isUseReqSigCertForEncryption

        public boolean isUseReqSigCertForEncryption()
      • setUseReqSigCertForEncryption

        public void setUseReqSigCertForEncryption​(boolean useReqSigCertForEncryption)
      • getActor

        public String getActor()
      • setActor

        public void setActor​(String actor)
      • getDerivedKeyKeyIdentifier

        public org.apache.xml.security.stax.securityToken.SecurityTokenConstants.KeyIdentifier getDerivedKeyKeyIdentifier()
      • setDerivedKeyKeyIdentifier

        public void setDerivedKeyKeyIdentifier​(org.apache.xml.security.stax.securityToken.SecurityTokenConstants.KeyIdentifier derivedKeyKeyIdentifier)
      • addIgnoreBSPRule

        public void addIgnoreBSPRule​(BSPRule bspRule)
      • getIgnoredBSPRules

        public List<BSPRule> getIgnoredBSPRules()
      • addValidator

        public void addValidator​(QName qName,
                                 Validator validator)
      • getValidator

        public <T extends Validator> T getValidator​(QName qName)
      • setSignatureUser

        public void setSignatureUser​(String signatureUser)
      • getSignatureUser

        public String getSignatureUser()
      • getSignatureKeyStore

        public KeyStore getSignatureKeyStore()
      • loadSignatureKeyStore

        public void loadSignatureKeyStore​(URL url,
                                          char[] keyStorePassword)
                                   throws Exception
        Throws:
        Exception
      • getSignatureCryptoProperties

        public Properties getSignatureCryptoProperties()
      • setSignatureCryptoProperties

        public void setSignatureCryptoProperties​(Properties cryptoProperties)
      • setSignatureCryptoProperties

        public void setSignatureCryptoProperties​(Properties cryptoProperties,
                                                 PasswordEncryptor passwordEncryptor)
      • getSignatureCryptoClass

        public Class<? extends Merlin> getSignatureCryptoClass()
      • setSignatureCryptoClass

        public void setSignatureCryptoClass​(Class<? extends Merlin> signatureCryptoClass)
      • setSignatureCrypto

        public void setSignatureCrypto​(Crypto sigCrypto)
      • getSignatureVerificationKeyStore

        public KeyStore getSignatureVerificationKeyStore()
      • loadSignatureVerificationKeystore

        public void loadSignatureVerificationKeystore​(URL url,
                                                      char[] keyStorePassword)
                                               throws Exception
        Throws:
        Exception
      • getSignatureVerificationCryptoProperties

        public Properties getSignatureVerificationCryptoProperties()
      • setSignatureVerificationCryptoProperties

        public void setSignatureVerificationCryptoProperties​(Properties cryptoProperties)
      • setSignatureVerificationCryptoProperties

        public void setSignatureVerificationCryptoProperties​(Properties cryptoProperties,
                                                             PasswordEncryptor passwordEncryptor)
      • getSignatureVerificationCryptoClass

        public Class<? extends Merlin> getSignatureVerificationCryptoClass()
      • setSignatureVerificationCryptoClass

        public void setSignatureVerificationCryptoClass​(Class<? extends Merlin> signatureVerificationCryptoClass)
      • setSignatureVerificationCrypto

        public void setSignatureVerificationCrypto​(Crypto sigVerCrypto)
      • getDecryptionKeyStore

        public KeyStore getDecryptionKeyStore()
        Returns the decryption keystore
        Returns:
        A keystore for decryption operation
      • loadDecryptionKeystore

        public void loadDecryptionKeystore​(URL url,
                                           char[] keyStorePassword)
                                    throws Exception
        loads a java keystore from the given url for decrypt operations
        Parameters:
        url - The URL to the keystore
        keyStorePassword - The keyStorePassword
        Throws:
        Exception - thrown if something goes wrong while loading the keystore
      • getDecryptionCryptoProperties

        public Properties getDecryptionCryptoProperties()
      • setDecryptionCryptoProperties

        public void setDecryptionCryptoProperties​(Properties cryptoProperties)
      • setDecryptionCryptoProperties

        public void setDecryptionCryptoProperties​(Properties cryptoProperties,
                                                  PasswordEncryptor passwordEncryptor)
      • getDecryptionCryptoClass

        public Class<? extends Merlin> getDecryptionCryptoClass()
        Returns the decryption crypto class
        Returns:
        the decryption crypto class
      • setDecryptionCryptoClass

        public void setDecryptionCryptoClass​(Class<? extends Merlin> decryptionCryptoClass)
        Sets a custom decryption class
        Parameters:
        decryptionCryptoClass -
      • setDecryptionCrypto

        public void setDecryptionCrypto​(Crypto decCrypto)
      • getEncryptionKeyStore

        public KeyStore getEncryptionKeyStore()
        Returns the encryption keystore
        Returns:
        A keystore for encryption operation
      • loadEncryptionKeystore

        public void loadEncryptionKeystore​(URL url,
                                           char[] keyStorePassword)
                                    throws Exception
        loads a java keystore from the given url for encrypt operations
        Parameters:
        url - The URL to the keystore
        keyStorePassword - The keyStorePassword
        Throws:
        Exception - thrown if something goes wrong while loading the keystore
      • getEncryptionCryptoProperties

        public Properties getEncryptionCryptoProperties()
      • setEncryptionCryptoProperties

        public void setEncryptionCryptoProperties​(Properties cryptoProperties)
      • setEncryptionCryptoProperties

        public void setEncryptionCryptoProperties​(Properties cryptoProperties,
                                                  PasswordEncryptor passwordEncryptor)
      • getEncryptionCryptoClass

        public Class<? extends Merlin> getEncryptionCryptoClass()
        Returns the encryption crypto class
        Returns:
        the encryption crypto class
      • setEncryptionCryptoClass

        public void setEncryptionCryptoClass​(Class<? extends Merlin> encryptionCryptoClass)
        Sets a custom encryption class
        Parameters:
        encryptionCryptoClass -
      • setEncryptionCrypto

        public void setEncryptionCrypto​(Crypto encCrypto)
      • getEncryptionUser

        public String getEncryptionUser()
        Returns the alias for the encryption key in the keystore
        Returns:
        the alias for the encryption key in the keystore as string
      • setEncryptionUser

        public void setEncryptionUser​(String encryptionUser)
        Specifies the the alias for the encryption key in the keystore
        Parameters:
        encryptionUser - the the alias for the encryption key in the keystore as string
      • getEncryptionCompressionAlgorithm

        public String getEncryptionCompressionAlgorithm()
      • setEncryptionCompressionAlgorithm

        public void setEncryptionCompressionAlgorithm​(String encryptionCompressionAlgorithm)
      • isAllowUsernameTokenNoPassword

        public boolean isAllowUsernameTokenNoPassword()
      • setAllowUsernameTokenNoPassword

        public void setAllowUsernameTokenNoPassword​(boolean allowUsernameTokenNoPassword)
      • isEnableRevocation

        public boolean isEnableRevocation()
      • setEnableRevocation

        public void setEnableRevocation​(boolean enableRevocation)
      • getCrlCertStore

        public CertStore getCrlCertStore()
      • setCrlCertStore

        public void setCrlCertStore​(CertStore crlCertStore)
      • getTimeStampFutureTTL

        public Integer getTimeStampFutureTTL()
      • setTimeStampFutureTTL

        public void setTimeStampFutureTTL​(Integer timeStampFutureTTL)
      • getUtTTL

        public Integer getUtTTL()
      • setUtTTL

        public void setUtTTL​(Integer utTTL)
      • getUtFutureTTL

        public Integer getUtFutureTTL()
      • setUtFutureTTL

        public void setUtFutureTTL​(Integer utFutureTTL)
      • setTimestampReplayCache

        public void setTimestampReplayCache​(ReplayCache newCache)
        Set the replay cache for Timestamps
      • setNonceReplayCache

        public void setNonceReplayCache​(ReplayCache newCache)
        Set the replay cache for Nonces
      • setSamlOneTimeUseReplayCache

        public void setSamlOneTimeUseReplayCache​(ReplayCache newCache)
        Set the replay cache for SAML2 OneTimeUse Assertions
      • isDisableBSPEnforcement

        public boolean isDisableBSPEnforcement()
      • setDisableBSPEnforcement

        public void setDisableBSPEnforcement​(boolean disableBSPEnforcement)
      • isAllowRSA15KeyTransportAlgorithm

        public boolean isAllowRSA15KeyTransportAlgorithm()
      • setAllowRSA15KeyTransportAlgorithm

        public void setAllowRSA15KeyTransportAlgorithm​(boolean allowRSA15KeyTransportAlgorithm)
      • getDerivedKeyIterations

        public Integer getDerivedKeyIterations()
      • setDerivedKeyIterations

        public void setDerivedKeyIterations​(Integer derivedKeyIterations)
      • isUseDerivedKeyForMAC

        public boolean isUseDerivedKeyForMAC()
      • setUseDerivedKeyForMAC

        public void setUseDerivedKeyForMAC​(boolean useDerivedKeyForMAC)
      • isAddUsernameTokenNonce

        public boolean isAddUsernameTokenNonce()
      • setAddUsernameTokenNonce

        public void setAddUsernameTokenNonce​(boolean addUsernameTokenNonce)
      • isAddUsernameTokenCreated

        public boolean isAddUsernameTokenCreated()
      • setAddUsernameTokenCreated

        public void setAddUsernameTokenCreated​(boolean addUsernameTokenCreated)
      • setSamlCallbackHandler

        public void setSamlCallbackHandler​(CallbackHandler samlCallbackHandler)
      • isValidateSamlSubjectConfirmation

        public boolean isValidateSamlSubjectConfirmation()
      • setValidateSamlSubjectConfirmation

        public void setValidateSamlSubjectConfirmation​(boolean validateSamlSubjectConfirmation)
      • isMustUnderstand

        public boolean isMustUnderstand()
      • setMustUnderstand

        public void setMustUnderstand​(boolean mustUnderstand)
      • isIncludeSignatureToken

        public boolean isIncludeSignatureToken()
      • setIncludeSignatureToken

        public void setIncludeSignatureToken​(boolean includeSignatureToken)
      • isIncludeEncryptionToken

        public boolean isIncludeEncryptionToken()
      • setIncludeEncryptionToken

        public void setIncludeEncryptionToken​(boolean includeEncryptionToken)
      • isEncryptSymmetricEncryptionKey

        public boolean isEncryptSymmetricEncryptionKey()
      • setEncryptSymmetricEncryptionKey

        public void setEncryptSymmetricEncryptionKey​(boolean encryptSymmetricEncrytionKey)
      • setSubjectCertConstraints

        public void setSubjectCertConstraints​(Collection<Pattern> subjectCertConstraints)
        Set the Signature Subject Cert Constraints
      • getSubjectCertConstraints

        public Collection<Pattern> getSubjectCertConstraints()
        Get the Signature Subject Cert Constraints
      • setIssuerDNConstraints

        public void setIssuerDNConstraints​(Collection<Pattern> issuerDNPatterns)
        Set the Signature Issuer Cert Constraints
      • getIssuerDNConstraints

        public Collection<Pattern> getIssuerDNConstraints()
        Get the Signature Issuer Cert Constraints
      • setAudienceRestrictions

        public void setAudienceRestrictions​(List<String> audienceRestrictions)
        Set the Audience Restrictions
      • getAudienceRestrictions

        public List<String> getAudienceRestrictions()
        Get the Audience Restrictions
      • getDerivedSignatureKeyLength

        public int getDerivedSignatureKeyLength()
      • setDerivedSignatureKeyLength

        public void setDerivedSignatureKeyLength​(int derivedSignatureKeyLength)
      • getDerivedEncryptionKeyLength

        public int getDerivedEncryptionKeyLength()
      • setDerivedEncryptionKeyLength

        public void setDerivedEncryptionKeyLength​(int derivedEncryptionKeyLength)
      • isUse200512Namespace

        public boolean isUse200512Namespace()
      • setUse200512Namespace

        public void setUse200512Namespace​(boolean use200512Namespace)
      • getAttachmentCallbackHandler

        public CallbackHandler getAttachmentCallbackHandler()
      • setAttachmentCallbackHandler

        public void setAttachmentCallbackHandler​(CallbackHandler attachmentCallbackHandler)
      • getMsgContext

        public Object getMsgContext()
      • setMsgContext

        public void setMsgContext​(Object msgContext)
      • isRequireTimestampExpires

        public boolean isRequireTimestampExpires()
      • setRequireTimestampExpires

        public void setRequireTimestampExpires​(boolean requireTimestampExpires)
      • isSoap12

        public boolean isSoap12()
      • setSoap12

        public void setSoap12​(boolean soap12)
      • setDocumentCreator

        public void setDocumentCreator​(DocumentCreator documentCreator)