com.ibm.websphere.wssecurity.callbackhandler
Class X509ConsumeCallbackHandler
- java.lang.Object
com.ibm.websphere.wssecurity.callbackhandler.X509ConsumeCallbackHandler
All implemented interfaces:
java.io.Serializable, javax.security.auth.callback.CallbackHandler
- public class X509ConsumeCallbackHandler
- extends java.lang.Object
- implements javax.security.auth.callback.CallbackHandler, java.io.Serializable
Following are the sample code to configure the X509 token for verification and decryption.
- Sample code of verification
-
// generate certStore String certpath = "intca2.cer";// The location of the X509 certificate file X509Certificate x509cert = null; try { InputStream is = new FileInputStream(certpath); CertificateFactory cf = CertificateFactory.getInstance("X.509"); x509cert = (X509Certificate)cf.generateCertificate(is); } catch(FileNotFoundException e1){ e1.printStackTrace(); } catch (CertificateException e2) { e2.printStackTrace(); } Set<Object> eeCerts = new HashSet<Object>(); eeCerts.add(x509cert); // generate certStore java.util.List<CertStore> certList = new java.util.ArrayList<CertStore>(); CollectionCertStoreParameters certparam = new CollectionCertStoreParameters(eeCerts); CertStore cert = null; try { cert = CertStore.getInstance("Collection", certparam, "IBMCertPath"); } catch (NoSuchProviderException e1) { e1.printStackTrace(); } catch (InvalidAlgorithmParameterException e2) { e2.printStackTrace(); } catch (NoSuchAlgorithmException e3) { e3.printStackTrace(); } if(certList != null ){ certList.add(cert); } // generate the callback handler object X509ConsumeCallbackHandler callbackhandler = new X509ConsumeCallbackHandler( "dsig-receiver.ks", // keystore "jks", // keystore type "server".toCharArray(), // keystore password certList, // certificate list java.security.Security.getProvider("IBMCertPath") //provider );
- Sample code of decryption
-
X509ConsumeCallbackHandler callbackhandler = new X509ConsumeCallbackHandler( "", // cert list "enc-sender.jceks", // keystore "jceks", // keystore type "storepass".toCharArray(), // store password "alice", // alias "keypass".toCharArray(), // key password "CN=Alice, O=IBM, C=US" // subject name );
See Also:
Constructor Summary
Constructor and Description X509ConsumeCallbackHandler()
Class constructor.X509ConsumeCallbackHandler(java.util.Map<java.lang.Object,java.lang.Object> properties)
Class constructor.X509ConsumeCallbackHandler(java.lang.String trustAnchorPath,java.lang.String trustAnchorType,char[] trustAnchorPassword,java.util.List certStores,java.security.Provider provider)
Class constructor.X509ConsumeCallbackHandler(java.lang.String keyStoreRef,java.lang.String keyStorePath,java.lang.String keyStoreType,char[] keyStorePassword,java.lang.String alias,char[] keyPassword,java.lang.String keyName)
Class constructor.X509ConsumeCallbackHandler(java.lang.String keyStoreRef,java.lang.String keyStorePath,java.lang.String keyStoreType,char[] keyStorePassword,java.lang.String alias,char[] keyPassword,java.lang.String keyName,java.lang.String trustAnchorPath,java.lang.String trustAnchorType,char[] trustAnchorPassword,java.util.List certStores,java.security.Provider provider)
Class constructor.Method Summary
Modifier and Type Method and Description - void
handle(javax.security.auth.callback.Callback[] callbacks)
Sets necessary information to aX509ConsumeCallback
object.Methods inherited from class java.lang.Object clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Constructor Detail
X509ConsumeCallbackHandler
- public X509ConsumeCallbackHandler( java.util.Map<java.lang.Object,java.lang.Object> properties)
Class constructor.Parameters:properties
- map including key-value pairs
X509ConsumeCallbackHandler
- public X509ConsumeCallbackHandler( java.lang.String keyStoreRef,
- java.lang.String keyStorePath,
- java.lang.String keyStoreType,
- char[] keyStorePassword,
- java.lang.String alias,
- char[] keyPassword,
- java.lang.String keyName,
- java.lang.String trustAnchorPath,
- java.lang.String trustAnchorType,
- char[] trustAnchorPassword,
- java.util.List certStores,
- java.security.Provider provider)
Class constructor.Parameters:keyStoreRef
- reference name of the keystore used for key locatorkeyStorePath
- file path from which the keystore used for key locator is loadedkeyStorePassword
- password used to check the integrity of the keystore used for key locator or the password used to unlock the keystorekeyStoreType
- type of the keystore used for key locatoralias
- alias namekeyPassword
- password for recovering the keykeyName
- name of the keytrustAnchorPath
- file path from which the trust anchor is loadedtrustAnchorType
- type of the trust anchortrustAnchorPassword
- password used to check the integrity of the trust anchor or the password used to unlock the keystorecertStores
- list of certificate storesprovider
- ecurity provider
X509ConsumeCallbackHandler
- public X509ConsumeCallbackHandler( java.lang.String keyStoreRef,
- java.lang.String keyStorePath,
- java.lang.String keyStoreType,
- char[] keyStorePassword,
- java.lang.String alias,
- char[] keyPassword,
- java.lang.String keyName)
Class constructor.Parameters:keyStoreRef
- reference name of the keystore used for key locatorkeyStorePath
- file path from which the keystore used for key locator is loadedkeyStorePassword
- password used to check the integrity of the keystore used for key locator or the password used to unlock the keystorekeyStoreType
- type of the keystore used for key locatoralias
- alias namekeyPassword
- password for recovering the keykeyName
- name of the key
X509ConsumeCallbackHandler
- public X509ConsumeCallbackHandler( java.lang.String trustAnchorPath,
- java.lang.String trustAnchorType,
- char[] trustAnchorPassword,
- java.util.List certStores,
- java.security.Provider provider)
Class constructor.Parameters:trustAnchorPath
- file path from which the trust anchor is loadedtrustAnchorPassword
- password used to check the integrity of the trust anchor or the password used to unlock the keystoretrustAnchorType
- type of the trust anchor
X509ConsumeCallbackHandler
- public X509ConsumeCallbackHandler( )
Class constructor.Method Detail
handle
- public void handle(javax.security.auth.callback.Callback[] callbacks)
- throws java.io.IOException
- javax.security.auth.callback.UnsupportedCallbackException
Sets necessary information to aX509ConsumeCallback
object.Specified by:handle
in interfacejavax.security.auth.callback.CallbackHandler
Parameters:callbacks
- array ofCallback
objects provided by the underlying security service which contains the information requested to be retrieved or displayed.Throws:java.io.IOException
- if an input or output error occurs.javax.security.auth.callback.UnsupportedCallbackException
- if the implementation of this method does not support one or more of theCallback
s specified in the callbacks parameter.See Also:CallbackHandler.handle(javax.security.auth.callback.Callback[])