electric.soap.security.signature
Class WSSSignatureProcessor

java.lang.Object
  electric.soap.security.signature.WSSSignatureProcessor

All Implemented Interfaces:

ISOAPConstants, IWSSConstants, IXMLConstants, IXMLSignatureConstants

public class WSSSignatureProcessor

extends java.lang.Object

implements IWSSConstants, IXMLSignatureConstants, IXMLConstants, ISOAPConstants

WSSSignatureProcessor is responsible for adding signatures to an outgoing message, and verifying signatures on incoming messages, based on the WS-Security configuration information in a WSSContext.

Author:

webMethods

Field Summary

Fields inherited from interface electric.soap.security.IWSSConstants

PASSWORD_DIGEST, PASSWORD_TEXT, SECURITY, SECURITY_TOKEN_REFERENCE, URI_ATTRIBUTE, WSSE_NAMESPACE, WSSE_PREFIX, WSU_NAMESPACE, WSU_PREFIX, X509_ENCODING_TYPE

Fields inherited from interface electric.soap.security.signature.xml.IXMLSignatureConstants

C14N_METHOD, DIGEST_METHOD, DIGEST_VALUE, DS, DS_NAMESPACE, DS_PREFIX, KEY_INFO, REFERENCE, RSA_SHA1, SIGNATURE, SIGNATURE_ALGORITHM_ATTRIBUTE, SIGNATURE_METHOD, SIGNATURE_VALUE, SIGNED_INFO, TRANSFORM, TRANSFORMS, XML_EXC_C14N, XMLDSIG_SHA1

Fields inherited from interface electric.xml.IXMLConstants

ATTLIST_START, ATTLIST_STOP, CDATA, CDATA_START, CDATA_STOP, CLOSE_TAG, COLON, COMMENT_START, COMMENT_STOP, DOCTYPE_START, DOCTYPE_STOP, ELEMENTDECL_START, ELEMENTDECL_STOP, ENCODING, ENTITYDECL_START, ENTITYDECL_STOP, ID, ID_CASE, INSTRUCTION_START, INSTRUCTION_STOP, NEGATIVE_INFINITY, NOT_A_NUMBER, NOTATIONDECL_START, NOTATIONDECL_STOP, NULL, OPEN_TAG, POSITIVE_INFINITY, PUBLIC, SPECIALS, STANDALONE, SUBSTITUTES, SYSTEM, UNDEFINED, VERSION, XML, XML_NAMESPACE, XMLDECL_START, XMLDECL_STOP, XMLNS, XMLNS_NAMESPACE

Fields inherited from interface electric.soap.ISOAPConstants

ACTOR, ASYNC, BODY, DETAIL, ENCODING_STYLE, ENVELOPE, EXCEPTION, FAULT, FAULT_ACTOR, FAULT_CODE, FAULT_STRING, GET_SOAP_ACTOR, GET_SOAP_CODE, HEADER, MUST_UNDERSTAND, NEXT_ACTOR, OPTIMIZED_HEADER, SET_SOAP_ACTOR, SET_SOAP_CODE, SET_SOAP_DETAIL, SOAP_ACTION_HEADER, SOAP_BINDING, SOAP_ENCODING, SOAP_ENCODING_PREFIX, SOAP_ENVELOPE, SOAP_HTTP_TRANSPORT, SOAP_PREFIX, SOAP11_BINDING, SOAP11_ENCODING, SOAP11_ENVELOPE, SOAP12, SOAP12_BINDING, SOAP12_ENCODING, SOAP12_ENVELOPE, SOAP12_HTTP_CONTENT_TYPE, STACKTRACE, TME_PREFIX, UNDERSTOOD, XSD_PREFIX, XSI_PREFIX, XSI_SUFFIX

Constructor Summary

WSSSignatureProcessor(SecurityTokenProcessor tokenProcessor)
Create a new signature processor associated with a particular token processor.

Method Summary

void	addSignatures(SOAPMessage message, WSSContext wss, Element securityElement)
void	addTokens(SOAPMessage message, WSSContext wss, Element securityElement, java.util.Hashtable tokenToId) Signatures can contain certificates that may need to be added to the SOAP message as certificate security tokens.
boolean	validateSignatures(SOAPMessage message, WSSContext wss, java.util.Vector signatures, java.util.Vector securityTokens) Given a list of signatures, add the ones we can verify to the given list.
boolean	validateSOAPSignature(SecurityTokenFactory factory, SOAPMessage msg, java.util.Vector signatures, java.util.Vector securityTokens) return true if every signature has self-consistent security info.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

WSSSignatureProcessor

public WSSSignatureProcessor(SecurityTokenProcessor tokenProcessor)

Create a new signature processor associated with a particular token processor.

Parameters:

tokenProcessor -

Method Detail

addTokens

public void addTokens(SOAPMessage message,
                      WSSContext wss,
                      Element securityElement,
                      java.util.Hashtable tokenToId)

Signatures can contain certificates that may need to be added to the SOAP message as certificate security tokens. Currently, we require the certificates be sent along with the message, but the spec allows the certificates to be sent out-of-band.

Parameters:

message -

wss -

securityElement -

tokenToId -

addSignatures

public void addSignatures(SOAPMessage message,
                          WSSContext wss,
                          Element securityElement)
                   throws SOAPSecurityException

Parameters:

message -

wss -

securityElement -

Throws:

SOAPSecurityException

validateSignatures

public boolean validateSignatures(SOAPMessage message,
                                  WSSContext wss,
                                  java.util.Vector signatures,
                                  java.util.Vector securityTokens)

Given a list of signatures, add the ones we can verify to the given list.

Parameters:

message -

wss -

signatures -

securityTokens -

validateSOAPSignature

public boolean validateSOAPSignature(SecurityTokenFactory factory,
                                     SOAPMessage msg,
                                     java.util.Vector signatures,
                                     java.util.Vector securityTokens)
                              throws java.lang.Exception

return true if every signature has self-consistent security info. (ie, decrypt succeeds, signature validates correctly, etc). also return true if there's no security info at all (degenerate case: there was no security processing "problem", since there was nothing to do.) return false only if there was security info included with the message but there was some problem processing it.

Parameters:

factory -

msg -

signatures -

securityTokens -

Returns:

true if the signature validates, false otherwise.

Throws:

java.lang.Exception