com.ibm.websphere.wssecurity.wssapi.verification

Interface WSSVerification


  • public interface WSSVerification
    This interface is responsible for the verifcation component. There are the values to set as default.
    • target of verification
      • BODY, ADDRESSING_HEADERS, TIMESTAMP
    • signature method
      • RSA_SHA1
    • canonicalization method
      • EXC_C14N
    Following is the sample code. The sample code of generating the callbackhandler is shown in the X509Token. 
        WSSFactory factory = WSSFactory.getInstance();
    WSSConsumingContext concont = factory.newWSSConsumingContext();

    X509ConsumeCallbackHandler callbackhandler =  generateCallbackHandler(); 
                        // see X509ConsumeCallbackHandler
    WSSVerification ver = factory.newWSSVerification(X509Token.class, callbackhandler);

    concont.add(ver);
    See Also:
    WSSVerifyPart

    • Field Summary

      Fields 
      Modifier and Type Field and Description
      static int ADDRESSING_HEADERS
      The keyword for the WS-Addressing headers.
      static int BODY
      The keyword for the SOAP message body.
      static java.lang.String C14N
      The URI for the inclusive canonicalization algorithm, C14n: http://www.w3.org/2001/10/xml-c14n#.
      static java.lang.String EXC_C14N
      The URI for the exclusive canonicalization algorithm, Exc-C14n: http://www.w3.org/2001/10/xml-exc-c14n#.
      static java.lang.String HMAC_SHA1
      The URI for the signature algorithm, HMAC_SHA1: http://www.w3.org/2000/09/xmldsig#hmac-sha1.
      static java.lang.String RSA_SHA1
      The URI for the signature algorithm, RSA_SHA1: http://www.w3.org/2000/09/xmldsig#rsa-sha1.
      static int TIMESTAMP
      The keyword for the creation and expiration time stamp information.

    • Field Detail

      • ADDRESSING_HEADERS

        static final int ADDRESSING_HEADERS
        The keyword for the WS-Addressing headers.
        See Also:
        Constant Field Values

      • TIMESTAMP

        static final int TIMESTAMP
        The keyword for the creation and expiration time stamp information.
        See Also:
        Constant Field Values

      • RSA_SHA1

        static final java.lang.String RSA_SHA1
        The URI for the signature algorithm, RSA_SHA1: http://www.w3.org/2000/09/xmldsig#rsa-sha1.
        See Also:
        Constant Field Values

      • HMAC_SHA1

        static final java.lang.String HMAC_SHA1
        The URI for the signature algorithm, HMAC_SHA1: http://www.w3.org/2000/09/xmldsig#hmac-sha1.
        See Also:
        Constant Field Values

      • EXC_C14N

        static final java.lang.String EXC_C14N
        The URI for the exclusive canonicalization algorithm, Exc-C14n: http://www.w3.org/2001/10/xml-exc-c14n#.
        See Also:
        Constant Field Values

      • C14N

        static final java.lang.String C14N
        The URI for the inclusive canonicalization algorithm, C14n: http://www.w3.org/2001/10/xml-c14n#.
        See Also:
        Constant Field Values

    • Method Detail

      • addRequiredVerifyPart

        void addRequiredVerifyPart(WSSVerifyPart header)
        Adds the header in the SOAP Header, specified by QName, as a verification part.
        Parameters:
        header - verification part

      • addRequiredVerifyPartByXPath

        void addRequiredVerifyPartByXPath(java.lang.String xpath)
        Adds the XPath expression as a verification part.
        Parameters:
        xpath - verification part

      • addRequiredVerifyHeader

        void addRequiredVerifyHeader(javax.xml.namespace.QName header)
        Adds the header in the SOAP Header, specified by QName, as a verification part.
        Parameters:
        header - verification part

      • addAllowedCanonicalizationMethod

        void addAllowedCanonicalizationMethod(java.lang.String algorithm)
                                      throws WSSException
        Adds the canonicalization method to allow for the signature verification.
        Parameters:
        algorithm - canonicalization algorithm
        Throws:
        WSSException - the algorithm is not supported

      • addAllowedSignatureMethod

        void addAllowedSignatureMethod(java.lang.String algorithm)
                               throws WSSException
        Adds the signature method to allow for the signature verification.
        Parameters:
        algorithm -
        Throws:
        WSSException - the algorithm is not supported

      • addToken

        void addToken(java.lang.Class tokenClass,
            javax.security.auth.callback.CallbackHandler callbackHandler,
            java.lang.String loginConfigName)
              throws WSSException
        Adds the information of the candidate security token that is used for the signature verification.
        Parameters:
        tokenClass - class of the security token
        callbackHandler - callback handler
        loginConfigName - name of the JAAS login configuration
        Throws:
        WSSException - if the arguments are not valid.

      • addToken

        void addToken(java.lang.Class tokenClass,
            javax.security.auth.callback.CallbackHandler callbackHandler)
              throws WSSException
        Adds the information of the candidate security token that is used for the signature verification.
        Parameters:
        tokenClass - class of the security token
        callbackHandler - callback handler
        Throws:
        WSSException - if the arguments are not valid.

      • requireSignatureConfirmation

        void requireSignatureConfirmation()
        Requires the signature confirmation. Caches the signature value in the request message for the purpose of attaching it to the response message as a signature confirmation. This method is for the response side. The signature confirmation is defined in the OASIS WS-Security Version 1.1 specification.
IBM WebSphere Application ServerTM
Release 8.5