com.ibm.websphere.wssecurity.wssapi.token
Interface X509Token
All Superinterfaces:
All known subinterfaces:
- public interface X509Token
- extends BinarySecurityToken
Following are the sample code to configure the X509 token.
- Sample code of generating X509Token for signature
-
X509GenerateCallbackHandler callbackhandler = new X509GenerateCallbackHandler( "", // reference of key store "dsig-sender.ks", // keystore "jks", // keystore type "client".toCharArray(), // store password "soaprequester", // alias "client".toCharArray(), // key password "CN=soapRequester, O=IBM, C=US",// subject name null // cert list ); SecurityToken st = factory.newSecurityToken(callbackhandler,X509Token.class);
- Sample code of generating X509Token for encryption
-
X509GenerateCallbackHandler callbackhandler = new X509GenerateCallbackHandler( "", // reference of key store "enc-sender.jceks", // keystore name "jceks", // store type "storepass".toCharArray(), // store password "bob", // alias null, // key password "CN=Bob, O=IBM, C=US", // subject name null // cert list ); SecurityToken st = factory.newSecurityToken(callbackhandler, X509Token.class);
- Sample code of verification
-
// generate certStore String certpath = "intca2.cer";// The location of the X509 certificate file X509Certificate x509cert = null; try { InputStream is = new FileInputStream(certpath); CertificateFactory cf = CertificateFactory.getInstance("X.509"); x509cert = (X509Certificate)cf.generateCertificate(is); } catch(FileNotFoundException e1){ e1.printStackTrace(); } catch (CertificateException e2) { e2.printStackTrace(); } Set<Object> eeCerts = new HashSet<Object>(); eeCerts.add(x509cert); // generate certStore java.util.List<CertStore> certList = new java.util.ArrayList<CertStore>(); CollectionCertStoreParameters certparam = new CollectionCertStoreParameters(eeCerts); CertStore cert = null; try { cert = CertStore.getInstance("Collection", certparam, "IBMCertPath"); } catch (NoSuchProviderException e1) { e1.printStackTrace(); } catch (InvalidAlgorithmParameterException e2) { e2.printStackTrace(); } catch (NoSuchAlgorithmException e3) { e3.printStackTrace(); } if(certList != null ){ certList.add(cert); } // generate the callback handler object X509ConsumeCallbackHandler callbackhandler = new X509ConsumeCallbackHandler( "dsig-receiver.ks", // keystore "jks", // keystore type "server".toCharArray(), // keystore password certList, // certificate list java.security.Security.getProvider("IBMCertPath") //provider );
- Sample code of decryption
-
X509ConsumeCallbackHandler callbackhandler = new X509ConsumeCallbackHandler( "", // cert list "enc-sender.jceks", // keystore "jceks", // keystore type "storepass".toCharArray(), // store password "alice", // alias "keypass".toCharArray(), // key password "CN=Alice, O=IBM, C=US" // subject name );
See Also:
Field Summary
Modifier and Type | Field and Description |
---|---|
|
REF_ISSUERSERIAL
Represents the issuer serial reference as a reference type of the security token.
|
|
ValueType
Represents the value type.
|
Fields inherited from interface com.ibm.websphere.wssecurity.wssapi.token.BinarySecurityToken |
---|
TokenQname |
Fields inherited from interface com.ibm.websphere.wssecurity.wssapi.token.SecurityToken |
---|
DECRYPTING_KEY, ENCRYPTING_KEY, REF_EMBEDDED, REF_KEYID, REF_STR, REF_THUMBPRINT, SIGNING_KEY, VERIFING_KEY |
Method Summary
Modifier and Type | Method and Description |
---|---|
|
getCertificate()
Returns the X.509 certificate.
|
|
getIssuerName()
Returns the distinguished name of issuer.
|
|
getIssuerSerial()
Returns the serial of issuer.
|
Methods inherited from interface com.ibm.websphere.wssecurity.wssapi.token.BinarySecurityToken |
---|
getBinary |
Methods inherited from interface com.ibm.websphere.wssecurity.wssapi.token.SecurityToken |
---|
getId, getKey, getKeyIdentifier, getKeyIdentifierEncodingType, getKeyIdentifierValueType, getKeyName, getPrincipal, getReferenceURI, getThumbprint, getThumbprintEncodingType, getThumbprintValueType, getTokenQname, getValueType, getXML |
Field Detail
REF_ISSUERSERIAL
- static final int REF_ISSUERSERIAL
Represents the issuer serial reference as a reference type of the security token.
See Also:
ValueType
- static final javax.xml.namespace.QName ValueType
Represents the value type.
- ValueType: "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
Method Detail
getCertificate
- java.security.cert.X509Certificate getCertificate( )
Returns the X.509 certificate.
Returns:
X.509 certificate
getIssuerName
- java.lang.String getIssuerName( )
Returns the distinguished name of issuer.
Returns:
issuer name
getIssuerSerial
- java.lang.String getIssuerSerial( )
Returns the serial of issuer.
Returns:
issuer serial