|
Apache CXF API | |||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.apache.cxf.ws.security.wss4j.CryptoCoverageUtil
public final class CryptoCoverageUtil
Utility to enable the checking of WS-Security signature / WS-Security encryption coverage based on the results of the WSS4J signature/encryption processor.
Nested Class Summary | |
---|---|
static class |
CryptoCoverageUtil.CoverageScope
Differentiates which part of an element to check for cryptographic coverage. |
static class |
CryptoCoverageUtil.CoverageType
Differentiates which type of cryptographic coverage to check for. |
Method Summary | |
---|---|
static void |
checkBodyCoverage(Element soapBody,
Collection<org.apache.ws.security.WSDataRef> refs,
CryptoCoverageUtil.CoverageType type,
CryptoCoverageUtil.CoverageScope scope)
Checks that the references provided refer to the signed/encrypted SOAP body element. |
static void |
checkCoverage(Element soapEnvelope,
Collection<org.apache.ws.security.WSDataRef> refs,
Map<String,String> namespaces,
Collection<String> xPaths,
CryptoCoverageUtil.CoverageType type,
CryptoCoverageUtil.CoverageScope scope)
Checks that the references provided refer to the required signed/encrypted elements as defined by the XPath expressions in xPaths . |
static void |
checkCoverage(Element soapEnvelope,
Collection<org.apache.ws.security.WSDataRef> refs,
Map<String,String> namespaces,
String xPath,
CryptoCoverageUtil.CoverageType type,
CryptoCoverageUtil.CoverageScope scope)
Checks that the references provided refer to the required signed/encrypted elements as defined by the XPath expression in xPath . |
static void |
checkHeaderCoverage(Element soapHeader,
Collection<org.apache.ws.security.WSDataRef> refs,
String namespace,
String name,
CryptoCoverageUtil.CoverageType type,
CryptoCoverageUtil.CoverageScope scope)
Checks that the references provided refer to the required signed/encrypted SOAP header element(s) matching the provided name and namespace. |
static void |
reconcileEncryptedSignedRefs(Collection<org.apache.ws.security.WSDataRef> signedRefs,
Collection<org.apache.ws.security.WSDataRef> encryptedRefs)
Inspects the signed and encrypted content in the message and accurately resolves encrypted and then signed elements in signedRefs . |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Method Detail |
---|
public static void reconcileEncryptedSignedRefs(Collection<org.apache.ws.security.WSDataRef> signedRefs, Collection<org.apache.ws.security.WSDataRef> encryptedRefs)
signedRefs
.
Entries in signedRefs
that correspond to an encrypted element
are resolved to the decrypted element and added to signedRefs
.
The original reference to the encrypted content remains unaltered in the
list to allow for matching against a requirement that xenc:EncryptedData
and xenc:EncryptedKey elements be signed.
signedRefs
- references to the signed content in the messageencryptedRefs
- references to the encrypted content in the messagepublic static void checkBodyCoverage(Element soapBody, Collection<org.apache.ws.security.WSDataRef> refs, CryptoCoverageUtil.CoverageType type, CryptoCoverageUtil.CoverageScope scope) throws org.apache.ws.security.WSSecurityException
soapBody
- the SOAP body elementrefs
- the refs to the data extracted from the signature/encryptiontype
- the type of cryptographic coverage to check forscope
- the scope of the cryptographic coverage to check for, defaults
to element
org.apache.ws.security.WSSecurityException
- if there is an error evaluating the coverage or the body is not
covered by the signature/encryption.public static void checkHeaderCoverage(Element soapHeader, Collection<org.apache.ws.security.WSDataRef> refs, String namespace, String name, CryptoCoverageUtil.CoverageType type, CryptoCoverageUtil.CoverageScope scope) throws org.apache.ws.security.WSSecurityException
name
is null, all headers from namespace
are inspected for coverage.
soapHeader
- the SOAP header elementrefs
- the refs to the data extracted from the signature/encryptionnamespaces
- the namespace of the header(s) to check for coveragename
- the local part of the header name to check for coverage, may be nulltype
- the type of cryptographic coverage to check forscope
- the scope of the cryptographic coverage to check for, defaults
to element
org.apache.ws.security.WSSecurityException
- if there is an error evaluating the coverage or a header is not
covered by the signature/encryption.public static void checkCoverage(Element soapEnvelope, Collection<org.apache.ws.security.WSDataRef> refs, Map<String,String> namespaces, String xPath, CryptoCoverageUtil.CoverageType type, CryptoCoverageUtil.CoverageScope scope) throws org.apache.ws.security.WSSecurityException
xPath
.
soapEnvelope
- the SOAP Envelope elementrefs
- the refs to the data extracted from the signature/encryptionnamespaces
- the prefix to namespace mapping, may be null
xPath
- the XPath expressiontype
- the type of cryptographic coverage to check forscope
- the scope of the cryptographic coverage to check for, defaults
to element
org.apache.ws.security.WSSecurityException
- if there is an error evaluating an XPath or an element is not
covered by the signature/encryption.public static void checkCoverage(Element soapEnvelope, Collection<org.apache.ws.security.WSDataRef> refs, Map<String,String> namespaces, Collection<String> xPaths, CryptoCoverageUtil.CoverageType type, CryptoCoverageUtil.CoverageScope scope) throws org.apache.ws.security.WSSecurityException
xPaths
.
soapEnvelope
- the SOAP Envelope elementrefs
- the refs to the data extracted from the signature/encryptionnamespaces
- the prefix to namespace mapping, may be null
xPaths
- the collection of XPath expressionstype
- the type of cryptographic coverage to check forscope
- the scope of the cryptographic coverage to check for, defaults
to element
org.apache.ws.security.WSSecurityException
- if there is an error evaluating an XPath or an element is not
covered by the signature/encryption.
|
Apache CXF API | |||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |