org.apache.ws.security
Class WSSConfig

java.lang.Object
  extended byorg.apache.ws.security.WSSConfig

public class WSSConfig
extends java.lang.Object

WSSConfig

Carries configuration data so the WSS4J spec compliance can be modified in runtime. Configure an instance of this object only if you need WSS4J to emulate certain industry clients or previous OASIS specifications for WS-Security interoperability testing purposes.

The default settings follow the latest OASIS and changing anything might violate the OASIS specs.

WARNING: changing the default settings will break the compliance with the latest specs. Do this only if you know what you are doing.

Author:
Rami Jaamour (rjaamour@parasoft.com), Werner Dittmann (werner@apache.org)

Field Summary
protected static WSSConfig defaultConfig
           
protected  boolean enableSignatureConfirmation
           
protected  boolean handleCustomPasswordTypes
          This variable controls whether types other than PasswordDigest or PasswordText are allowed when processing UsernameTokens.
protected  java.util.HashMap jceProvider
           
protected  boolean precisionInMilliSeconds
          Set the timestamp precision mode.
protected  boolean timeStampStrict
          If set to true then the timestamp handling will throw an exception if the timestamp contains an expires element and the semantics are expired.
protected  boolean wsiBSPCompliant
           
 
Constructor Summary
protected WSSConfig()
           
 
Method Summary
 boolean addJceProvider(java.lang.String id, java.lang.String className)
          Add a new JCE security provider to use for WSS4J.
 Action getAction(int action)
          Lookup action
static WSSConfig getDefaultWSConfig()
          returns a static WSConfig instance that is configured with the latest OASIS WS-Security settings.
 boolean getHandleCustomPasswordTypes()
           
static WSSConfig getNewInstance()
           
 Processor getProcessor(javax.xml.namespace.QName el)
           
 boolean isEnableSignatureConfirmation()
           
 boolean isPrecisionInMilliSeconds()
          Checks if we need to use milliseconds in timestamps
 boolean isTimeStampStrict()
           
 boolean isWsiBSPCompliant()
          Checks if we are in WS-I Basic Security Profile compliance mode
 java.lang.String setAction(int code, java.lang.String action)
          Associate an action with a specific action code.
static void setAddJceProviders(boolean value)
          Set the value of the internal addJceProviders flag.
 void setEnableSignatureConfirmation(boolean enableSignatureConfirmation)
           
 void setHandleCustomPasswordTypes(boolean handleCustomTypes)
           
 void setPrecisionInMilliSeconds(boolean precisionInMilliSeconds)
          Set the precision in milliseconds
 java.lang.String setProcessor(javax.xml.namespace.QName el, java.lang.String name)
          Associate a SOAP processor name with a specified SOAP Security header element QName.
 void setTimeStampStrict(boolean timeStampStrict)
           
 void setWsiBSPCompliant(boolean wsiBSPCompliant)
          Set the WS-I Basic Security Profile compliance mode.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

defaultConfig

protected static WSSConfig defaultConfig

wsiBSPCompliant

protected boolean wsiBSPCompliant

precisionInMilliSeconds

protected boolean precisionInMilliSeconds
Set the timestamp precision mode. If set to true then use timestamps with milliseconds, otherwise omit the millisconds. As per XML Date/Time specification the default is to include the milliseconds.


enableSignatureConfirmation

protected boolean enableSignatureConfirmation

timeStampStrict

protected boolean timeStampStrict
If set to true then the timestamp handling will throw an exception if the timestamp contains an expires element and the semantics are expired. If set to false, no exception will be thrown, even if the semantics are expired.


handleCustomPasswordTypes

protected boolean handleCustomPasswordTypes
This variable controls whether types other than PasswordDigest or PasswordText are allowed when processing UsernameTokens. By default this is set to false so that the user doesn't have to explicitly reject custom token types in the callback handler.


jceProvider

protected java.util.HashMap jceProvider
Constructor Detail

WSSConfig

protected WSSConfig()
Method Detail

setAddJceProviders

public static void setAddJceProviders(boolean value)
Set the value of the internal addJceProviders flag. This flag turns on (or off) automatic registration of known JCE providers that provide necessary cryptographic algorithms for use with WSS4J. By default, this flag is true, for backwards compatibility. You may wish (or need) to initialize the JCE manually, e.g., in some JVMs.


getNewInstance

public static WSSConfig getNewInstance()
Returns:
a new WSSConfig instance configured with the default values (values identical to getDefaultWSConfig())

getDefaultWSConfig

public static WSSConfig getDefaultWSConfig()
returns a static WSConfig instance that is configured with the latest OASIS WS-Security settings.


isWsiBSPCompliant

public boolean isWsiBSPCompliant()
Checks if we are in WS-I Basic Security Profile compliance mode

Returns:
TODO

setWsiBSPCompliant

public void setWsiBSPCompliant(boolean wsiBSPCompliant)
Set the WS-I Basic Security Profile compliance mode. The default is false (dues to .Net interop problems).

Parameters:
wsiBSPCompliant -

isPrecisionInMilliSeconds

public boolean isPrecisionInMilliSeconds()
Checks if we need to use milliseconds in timestamps

Returns:
TODO

setPrecisionInMilliSeconds

public void setPrecisionInMilliSeconds(boolean precisionInMilliSeconds)
Set the precision in milliseconds

Parameters:
precisionInMilliSeconds - TODO

isEnableSignatureConfirmation

public boolean isEnableSignatureConfirmation()
Returns:
Returns the enableSignatureConfirmation.

setEnableSignatureConfirmation

public void setEnableSignatureConfirmation(boolean enableSignatureConfirmation)
Parameters:
enableSignatureConfirmation - The enableSignatureConfirmation to set.

setHandleCustomPasswordTypes

public void setHandleCustomPasswordTypes(boolean handleCustomTypes)
Parameters:
handleCustomTypes - whether to handle custom UsernameToken password types or not

getHandleCustomPasswordTypes

public boolean getHandleCustomPasswordTypes()
Returns:
whether custom UsernameToken password types are allowed or not

isTimeStampStrict

public boolean isTimeStampStrict()
Returns:
Returns if we shall throw an exception on expired request semantic

setTimeStampStrict

public void setTimeStampStrict(boolean timeStampStrict)
Parameters:
timeStampStrict - If true throw an exception on expired request semantic

setAction

public java.lang.String setAction(int code,
                                  java.lang.String action)
Associate an action with a specific action code. This operation allows applications to supply their own actions for well-known operations.


getAction

public Action getAction(int action)
                 throws WSSecurityException
Lookup action

Parameters:
action -
Returns:
An action class to create a security token
Throws:
WSSecurityException

setProcessor

public java.lang.String setProcessor(javax.xml.namespace.QName el,
                                     java.lang.String name)
Associate a SOAP processor name with a specified SOAP Security header element QName. Processors registered under this QName will be called when processing header elements with the specified type.


getProcessor

public Processor getProcessor(javax.xml.namespace.QName el)
                       throws WSSecurityException
Returns:
the SOAP processor associated with the specified QName. The QName is intended to refer to an element in a SOAP security header. This operation returns null if there is no processor associated with the specified QName.
Throws:
WSSecurityException

addJceProvider

public boolean addJceProvider(java.lang.String id,
                              java.lang.String className)
Add a new JCE security provider to use for WSS4J. If the provider is not already known the method loads a security provider class and adds the provider to the java security service.

Parameters:
id - The id string of the provider
className - Name of the class the implements the provider. This class must be a subclass of java.security.Provider
Returns:
Returns true if the provider was successfully added, false otherwise.


Copyright © 2004-2008 The Apache Software Foundation. All Rights Reserved.