A pluggable way to create a CXF SecurityContext Object from a set of WSS4J processing results
An abstract interceptor that can be used to form the basis of an interceptor to add and process a specific type of security token.
Base class providing an extensibility point for populating javax.security.auth.Subject from a current UsernameToken.
Translate any AlgorithmSuite policy that may be operative into a WSS4J AlgorithmSuite object to enforce what algorithms are allowed in a request.
A CallbackHandler to be used to sign/encrypt SOAP Attachments.
An interceptor to add a BinarySecurityToken token to the security header of an outbound request, and to process a BinarySecurityToken on an inbound request.
Utility to enable the checking of WS-Security signature/encryption coverage based on the results of the WSS4J processors.
A simple wrapper for an XPath expression and coverage type / scope indicating how the XPath expression should be enforced as a cryptographic coverage requirement.
Utility to enable the checking of WS-Security signature / WS-Security encryption coverage based on the results of the WSS4J signature/encryption processor.
This class uses a DOM-based approach to locate Elements that are referenced via an Id.
This utility extends the CryptoCoverageChecker to provide an easy way to check to see if the SOAP (1.1 + 1.2) Body was signed and/or encrypted, if the Timestamp was signed, if the WS-Addressing ReplyTo and FaultTo headers were signed, and if the UsernameToken was encrypted.
The default implementation to create a SecurityContext from a set of WSS4J processing results.
An interceptor to add a Kerberos token to the security header of an outbound request, and to process a Kerberos Token on an inbound request.
An interceptor to create and add a SAML token to the security header of an outbound request, and to process a SAML Token on an inbound request.
This interceptor handles parsing the StaX WS-Security results (events) + checks to see whether the required Actions were fulfilled.
This interceptor handles parsing the StaX WS-Security results (events) + checks that the specified crypto coverage events actually occurred.
This interceptor handles parsing the StaX WS-Security results (events) + sets up the security context appropriately.
Performs WS-Security inbound actions.
Assert policies in CXF that are asserted in the WSS4J policy stax module
Some common functionality that can be shared between the WSS4JInInterceptor and the UsernameTokenInterceptor.
Differentiates which part of an element to check for cryptographic coverage.
Differentiates which type of cryptographic coverage to check for.