|
Apache CXF API | |||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.apache.cxf.phase.AbstractPhaseInterceptor<SoapMessage> org.apache.cxf.binding.soap.interceptor.AbstractSoapInterceptor org.apache.cxf.ws.security.wss4j.CryptoCoverageChecker
public class CryptoCoverageChecker
Utility to enable the checking of WS-Security signature/encryption coverage based on the results of the WSS4J processors. This interceptor provides an alternative to using WS-Policy based configuration for crypto coverage enforcement.
Note that the processor must properly address the Security Token Reference Dereference transform in the case of a signed security token such as a SAML assertion. Consequently, a version of WSS4J that properly addresses this transform must be used with this utility if you wish to check coverage over a message part referenced through the Security Token Reference Dereference transform. See WSS-222 for more details.
Nested Class Summary | |
---|---|
static class |
CryptoCoverageChecker.XPathExpression
A simple wrapper for an XPath expression and coverage type / scope indicating how the XPath expression should be enforced as a cryptographic coverage requirement. |
Field Summary | |
---|---|
protected Map<String,String> |
prefixMap
Mapping of namespace prefixes to namespace URIs. |
protected List<CryptoCoverageChecker.XPathExpression> |
xPaths
The XPath expressions for locating elements in SOAP messages that must be covered. |
Constructor Summary | |
---|---|
CryptoCoverageChecker()
Creates a new instance. |
|
CryptoCoverageChecker(Map<String,String> prefixes,
List<CryptoCoverageChecker.XPathExpression> xPaths)
Creates a new instance that checks for signature coverage over matches to the provided XPath expressions making defensive copies of provided arguments. |
Method Summary | |
---|---|
void |
addPrefixes(Map<String,String> prefixes)
Adds the mapping of namespace prefixes to namespace URIs, adding to any previously set mappings. |
void |
addXPaths(List<CryptoCoverageChecker.XPathExpression> xpaths)
Adds the XPath expressions to check for, adding to any previously set expressions. |
void |
handleMessage(SoapMessage message)
Checks that the WSS4J results refer to the required signed/encrypted elements as defined by the XPath expressions in xPaths . |
void |
setPrefixes(Map<String,String> prefixes)
Sets the mapping of namespace prefixes to namespace URIs, clearing all previously set mappings. |
void |
setXPaths(List<CryptoCoverageChecker.XPathExpression> xpaths)
Sets the XPath expressions to check for, clearing all previously set expressions. |
Methods inherited from class org.apache.cxf.binding.soap.interceptor.AbstractSoapInterceptor |
---|
getFaultCodePrefix, getRoles, getUnderstoodHeaders, prepareStackTrace |
Methods inherited from class org.apache.cxf.phase.AbstractPhaseInterceptor |
---|
addAfter, addAfter, addBefore, addBefore, getAdditionalInterceptors, getAfter, getBefore, getId, getPhase, handleFault, isGET, isRequestor, setAfter, setBefore |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Methods inherited from interface org.apache.cxf.interceptor.Interceptor |
---|
handleFault |
Field Detail |
---|
protected List<CryptoCoverageChecker.XPathExpression> xPaths
prefixMap
for namespace prefixes available.
protected Map<String,String> prefixMap
Constructor Detail |
---|
public CryptoCoverageChecker()
#setPrefixes()
and #setXpaths()
for providing configuration options.
public CryptoCoverageChecker(Map<String,String> prefixes, List<CryptoCoverageChecker.XPathExpression> xPaths)
prefixes
- mapping of namespace prefixes to namespace URIsxPaths
- a list of XPath expressionsMethod Detail |
---|
public void handleMessage(SoapMessage message) throws Fault
xPaths
.
message
- the SOAP message containing the signature
SoapFault
- if there is an error evaluating an XPath or an element is not
covered by the required cryptographic operation
Fault
public final void setXPaths(List<CryptoCoverageChecker.XPathExpression> xpaths)
xPaths
- the XPath expressions to check forpublic final void addXPaths(List<CryptoCoverageChecker.XPathExpression> xpaths)
xPaths
- the XPath expressions to check forpublic final void setPrefixes(Map<String,String> prefixes)
prefixes
- the mapping of namespace prefixes to namespace URIspublic final void addPrefixes(Map<String,String> prefixes)
prefixes
- the mapping of namespace prefixes to namespace URIs
|
Apache CXF API | |||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |