IBM WebSphere Application ServerTM
Release 8

com.ibm.wsspi.wssecurity
Interface Constants

All Known Implementing Classes:
IDAssertionLoginModule, SignatureLoginModule, WSSecurityMappingModule

public interface Constants

Generic Constants used by the WS-Security runtime.

Version:
5.02

Field Summary
static java.lang.String WSSECURITY_ADD_NONCE
           This is the key used when the nonce is inserted into a username token.
static java.lang.String WSSECURITY_ADD_TIMESTAMP
           This is the key used when the timestamp is inserted into a username token.
static java.lang.String WSSECURITY_BASIC_AUTH_TOKEN
           This is the key used to cache username token for basic authentication.
static java.lang.String WSSECURITY_CALLER_TOKEN_LN
           This is the key used to specify the local part of token consumer.
static java.lang.String WSSECURITY_CALLER_TOKEN_NS
           This is the key used to specify the namespace URI of token consumer.
static java.lang.String WSSECURITY_CBIND
           This is the key used when a CallbackHandler invokes other Web Services with Web Services Security.
static java.lang.String WSSECURITY_CDD
           This is the key used when a CallbackHandler invokes other Web Services with Web Services Security.
static java.lang.String WSSECURITY_CHECK_HMAC_OUTPUT_LENGTH
           When consuming the inbound request, if the HMACOutputLength mentioned in the request is less than the pre-defined value (80 bits), we throw exception.
static java.lang.String WSSECURITY_CRED
           This is the key used by pluggable token JAAS Login Module to look up the WSCredential created by the WSSecurityMappingModule JAAS Login Module in the shared state.
static java.lang.String WSSECURITY_DATA_ENCRYPTION_ALGORITHM
           This is the key used when an algorithmURI is for data encryption processing.
static java.lang.String WSSECURITY_DAYS_BEFORE_EXPIRE_WARNING_KEYS
           This is the key used to specify the days before key expiration to log warning.
static java.lang.String WSSECURITY_DECOUPLE_TOKEN
           This key is used decouple a WS-Security token element from its ancestor document.
static java.lang.String WSSECURITY_DIGEST_ALGORITHM
           This is the key used when an algorithmURI is for digest processing.
static java.lang.String WSSECURITY_DN
           This is the key used by pluggable token JAAS Login Module to put the DN in the shared state.
static java.lang.String WSSECURITY_GET_MUSTUNDERSTAND
           This key is used specify that the provider should always respond with a mustUnderstand="1" attribute in the ws-security header.
static java.lang.String WSSECURITY_INCLUSIVE_NAMESPACES
           This is the key used when the <ds:CanonicalizationMethod> element has the <ec:InclusiveNamespaces> element.
static java.lang.String WSSECURITY_INITIAL_SENDER_CERT
           This is the key used to store the certificate of initial sender.
static java.lang.String WSSECURITY_INITIAL_SENDER_ID
           This is the key used to store the identifier of initial sender.
static java.lang.String WSSECURITY_ISSUER_NAME
           This is the key used to specify the issure name of the runtime's own X509 certificate in the configuration.
static java.lang.String WSSECURITY_ISSUER_SERIAL
           This is the key used to specify the issure serial number of the runtime's own X509 certificate in the configuration.
static java.lang.String WSSECURITY_KEY_EMBID
           This is the key used when the identifier to be embedded is passed from a TokenGenerator object to a KeyInfoContentGenerator object or from a KeyInfoCotent{Generator/Consumer} object to a KeyLocator object.
static java.lang.String WSSECURITY_KEY_EMIT_ENCODING_TYPE
           This is the key used when the encoding type should be included in the KeyInfo element.
static java.lang.String WSSECURITY_KEY_ENCODING
           This is the key used when the encoding of key identifier is passed to a KeyLocator object.
static java.lang.String WSSECURITY_KEY_ENCODING_LN
           This is the key used to specify the local part of the encoding of key identifier.
static java.lang.String WSSECURITY_KEY_ENCODING_NS
           This is the key used to specify the namespace URI of the encoding of key identifier.
static java.lang.String WSSECURITY_KEY_ENCRYPTION_ALGORITHM
           This is the key used when an algorithmURI is for key encryption processing.
static java.lang.String WSSECURITY_KEY_ID
           This is the key used when key identifier is passed from a TokenGenerator object to a KeyInfoContentGenerator object or from a KeyInfoCotent{Generator/Consumer} object to a KeyLocator object.
static java.lang.String WSSECURITY_KEY_IDTYPE
           This is the key used when the calculation method of key identifier is passed to a KeyLocator object.
static java.lang.String WSSECURITY_KEY_IDTYPE_LN
           This is the key used to specify the local part of the calculation method of key identifier, if necessary.
static java.lang.String WSSECURITY_KEY_IDTYPE_NS
           This is the key used to specify the namespace URI of the calculation method of key identifier, if necessary.
static java.lang.String WSSECURITY_KEY_ISSUERNAME
           This is the key used when the issuer name of X509 certificate is passed from a TokenGenerator object to a KeyInfoContentGenerator object or from a KeyInfoCotent{Generator/Consumer} object to a KeyLocator object.
static java.lang.String WSSECURITY_KEY_ISSUERSERIAL
           This is the key used when the issuer serial of X509 certificate is passed from a TokenGenerator object to a KeyInfoContentGenerator object or from a KeyInfoCotent{Generator/Consumer} object to a KeyLocator object.
static java.lang.String WSSECURITY_KEY_NAME
           This is the key used when the key name or the subject name of X509 certificate is passed from a TokenGenerator object to a KeyInfoContentGenerator object or from a KeyInfoCotent{Generator/Consumer} object to a KeyLocator object.
static java.lang.String WSSECURITY_KEY_NAMEREF
           This is the key used when key name is passed to a KeyLocator object.
static java.lang.String WSSECURITY_KEY_REFERENCE
           This is the key used when reference URI is passed from a TokenGenerator object to a KeyInfoContentGenerator object or from a KeyInfoCotent{Generator/Consumer} object to a KeyLocator object.
static java.lang.String WSSECURITY_KEY_TYPE
           This is the key used when key type is passed to a KeyLocator object.
static java.lang.String WSSECURITY_KEY_VALUETYPE
           This is the key used when the value type of the referenced token is passed to a KeyLocator object.
static java.lang.String WSSECURITY_KEY_VALUETYPE_LN
           This is the key used to specify the local part of the value type of key identifier.
static java.lang.String WSSECURITY_KEY_VALUETYPE_NS
           This is the key used to specify the namespace URI of the value type of key identifier.
static java.lang.String WSSECURITY_KEYINFO_TOKEN_REFERENCE
           This is the key used to specify the days before key expiration to log warning.
static java.lang.String WSSECURITY_KEYINFO_TYPE
           This is the key used when the type of key information is passed from a TokenGenerator object to a KeyInfoContentGenerator object or from a KeyInfoCotent{Generator/Consumer} object to a KeyLocator object.
static java.lang.String WSSECURITY_MESSAGE_CONTEXT
           This is the key used to get the message context from the context in the WS-Security handler.
static java.lang.String WSSECURITY_NONCE_CACHE_TIMEOUT
           This is the key used to specify the timeout of nonce cache.
static java.lang.String WSSECURITY_NONCE_CLOCK_SKEW
           This is the key used to specify the clock skew of nonce.
static java.lang.String WSSECURITY_NONCE_MAX_AGE
           This is the key used to specify the max age of nonce.
static java.lang.String WSSECURITY_RSAOAEP_DIGEST_METHOD
           This is the key used to specify the digest method algorithm URI to be used with RSA-OAEP encryption on the generator side.
static java.lang.String WSSECURITY_RSAOAEP_PARAMS
           This is the key used to specify the bytes of the optional OAEPparams element to be used with RSA-OAEP encryption on the generator side.
static java.lang.String WSSECURITY_SET_MUSTUNDERSTAND
           This key is used specify the mustUnderstand setting in the ws-security header.
static java.lang.String WSSECURITY_SIGNATURE_ALGORITHM
           This is the key used when an algorithmURI is for signature processing.
static java.lang.String WSSECURITY_SUBJECT
           This is the key used to get the subject from the context in the WS-Security handler.
static java.lang.String WSSECURITY_TIMESTAMP_CLOCK_SKEW
           This is the key used to specify the clock skew of timestamp.
static java.lang.String WSSECURITY_TIMESTAMP_DIALECT
           This is the key used when the timestamp header is inserted at the specified position in the message.
static java.lang.String WSSECURITY_TIMESTAMP_KEYWORD
           This is the key used when the timestamp header is inserted at the specified position in the message.
static java.lang.String WSSECURITY_TIMESTAMP_MAX_AGE
           This is the key used to specify the max age of timestamp.
static java.lang.String WSSECURITY_TIMESTAMP_SOAPHEADER
           This is the key used when the timestamp header requires a soapenv:mustUnderstand attribute.
static java.lang.String WSSECURITY_TIMESTAMP_TIMEOUT
           This is the key used to specify the timeout of timestamp.
static java.lang.String WSSECURITY_TOKEN_LOGININFO
           This is the key used when necessary information are passed between a LoginModule object and a TokenConsumer object.
static java.lang.String WSSECURITY_TOKEN_PROPERGATION
          Deprecated. 

static java.lang.String WSSECURITY_TOKEN_WSSSUBJECT
           This is the key used to retrieve tokens from the message context.
static java.lang.String WSSECURITY_USE_IDASSERTION
           This is the key used to indicate identity assertion.
static java.lang.String WSSECURITY_USE_RUNASIDENTITY
           This is the key used when the identity in the WAS invocation subject instead of the original caller in the WAS caller subject.
static java.lang.String WSSECURITY_VERIFY_NONCE
           This is the key used when the nonce in a username token need to be verified.
static java.lang.String WSSECURITY_VERIFY_TIMESTAMP
           This is the key used when the timestamp in a username token need to be verified.
static java.lang.String WSSECURITY_WSSCONSUMER_CONFIG_KEY
           This is the key used to specify the WSSConsumerConfig object.
static java.lang.String WSSECURITY_WSSGENERATOR_CONFIG_KEY
           This is the key used to specify the WSSGeneratorConfig object.
static java.lang.String WSSECURITY_XPATH_EXPRESSION
           This is the key used to specify the XPath expression for XPath transform.
static java.lang.String WSSECURITY_XPATH2_EXPRESSION
           This is the key used to specify the XPath expression for XPath filter 2 transform.
static java.lang.String WSSECURITY_XPATH2_FILTER
           This is the key used to specify the filter attribute for XPath filter 2.
static java.lang.String WSSECURITY_XPATH2_ORDER
           This is the key used to specify the order for XPath filter 2.
 

Field Detail

WSSECURITY_DN

static final java.lang.String WSSECURITY_DN

This is the key used by pluggable token JAAS Login Module to put the DN in the shared state. The WSSecurityMappingModule JAAS Login Module looks up the DN by using the key.

See Also:
WSSecurityMappingModule, Constant Field Values

WSSECURITY_CRED

static final java.lang.String WSSECURITY_CRED

This is the key used by pluggable token JAAS Login Module to look up the WSCredential created by the WSSecurityMappingModule JAAS Login Module in the shared state. The WSCredential only available after the login phase.

See Also:
WSCredential, WSSecurityMappingModule, Constant Field Values

WSSECURITY_CDD

static final java.lang.String WSSECURITY_CDD

This is the key used when a CallbackHandler invokes other Web Services with Web Services Security. This key specifies the client's deployment descriptor.


WSSECURITY_CBIND

static final java.lang.String WSSECURITY_CBIND

This is the key used when a CallbackHandler invokes other Web Services with Web Services Security. This key specifies the client's binding.


WSSECURITY_TOKEN_PROPERGATION

static final java.lang.String WSSECURITY_TOKEN_PROPERGATION
Deprecated. 

This is the key used when a application sets a set of TokenID objects and gets a map of Token objects. This key is deprecated. See the WSSECURITY_TOKEN_WSSSUBJECT key instead.


WSSECURITY_TOKEN_WSSSUBJECT

static final java.lang.String WSSECURITY_TOKEN_WSSSUBJECT

This is the key used to retrieve tokens from the message context. To retrieve the tokens, use this key to retrieve a javax.security.auth.Subject instance from the message context. Then retrieve the tokens by using the getPrivateCredentials() (and possibly getPublicCredentials()) methods on the Subject instance.


WSSECURITY_USE_IDASSERTION

static final java.lang.String WSSECURITY_USE_IDASSERTION

This is the key used to indicate identity assertion.


WSSECURITY_USE_RUNASIDENTITY

static final java.lang.String WSSECURITY_USE_RUNASIDENTITY

This is the key used when the identity in the WAS invocation subject instead of the original caller in the WAS caller subject.


WSSECURITY_ADD_TIMESTAMP

static final java.lang.String WSSECURITY_ADD_TIMESTAMP

This is the key used when the timestamp is inserted into a username token.


WSSECURITY_ADD_NONCE

static final java.lang.String WSSECURITY_ADD_NONCE

This is the key used when the nonce is inserted into a username token.


WSSECURITY_VERIFY_TIMESTAMP

static final java.lang.String WSSECURITY_VERIFY_TIMESTAMP

This is the key used when the timestamp in a username token need to be verified.


WSSECURITY_VERIFY_NONCE

static final java.lang.String WSSECURITY_VERIFY_NONCE

This is the key used when the nonce in a username token need to be verified.


WSSECURITY_BASIC_AUTH_TOKEN

static final java.lang.String WSSECURITY_BASIC_AUTH_TOKEN

This is the key used to cache username token for basic authentication.

See Also:
Constant Field Values

WSSECURITY_INITIAL_SENDER_ID

static final java.lang.String WSSECURITY_INITIAL_SENDER_ID

This is the key used to store the identifier of initial sender.

See Also:
Constant Field Values

WSSECURITY_INITIAL_SENDER_CERT

static final java.lang.String WSSECURITY_INITIAL_SENDER_CERT

This is the key used to store the certificate of initial sender.

See Also:
Constant Field Values

WSSECURITY_TIMESTAMP_SOAPHEADER

static final java.lang.String WSSECURITY_TIMESTAMP_SOAPHEADER

This is the key used when the timestamp header requires a soapenv:mustUnderstand attribute.


WSSECURITY_TIMESTAMP_DIALECT

static final java.lang.String WSSECURITY_TIMESTAMP_DIALECT

This is the key used when the timestamp header is inserted at the specified position in the message. The value of this key MUST be one of the following.

1. WAS special keywords (http://www.ibm.com/websphere/webservices/wssecurity/dialect-was)
2. XPath (http://www.w3.org/TR/1999/REC-xpath-19991116)
3. WS-Policy function (http://schemas.xmlsoap.org/2002/12/wsse#part)


WSSECURITY_TIMESTAMP_KEYWORD

static final java.lang.String WSSECURITY_TIMESTAMP_KEYWORD

This is the key used when the timestamp header is inserted at the specified position in the message. The value of this key MUST be one of the following.

1. SOAPHeaderFirst, SOAPHeaderLast, SecurityFrist, or SecurityLast (default) in case com.ibm.wsspi.wssecurity.timestamp.dialect is WAS special keywrods
2. XPath expression in case com.ibm.wsspi.wssecurity.timestamp.dialect is XPath
3. wsp:Body() or wsp:Header(***) in case com.ibm.wsspi.wssecurity.timestamp.dialect is WS-Policy function


WSSECURITY_ISSUER_NAME

static final java.lang.String WSSECURITY_ISSUER_NAME

This is the key used to specify the issure name of the runtime's own X509 certificate in the configuration.


WSSECURITY_ISSUER_SERIAL

static final java.lang.String WSSECURITY_ISSUER_SERIAL

This is the key used to specify the issure serial number of the runtime's own X509 certificate in the configuration.


WSSECURITY_SUBJECT

static final java.lang.String WSSECURITY_SUBJECT

This is the key used to get the subject from the context in the WS-Security handler.

See Also:
Constant Field Values

WSSECURITY_MESSAGE_CONTEXT

static final java.lang.String WSSECURITY_MESSAGE_CONTEXT

This is the key used to get the message context from the context in the WS-Security handler.

See Also:
Constant Field Values

WSSECURITY_SIGNATURE_ALGORITHM

static final java.lang.String WSSECURITY_SIGNATURE_ALGORITHM

This is the key used when an algorithmURI is for signature processing.


WSSECURITY_DIGEST_ALGORITHM

static final java.lang.String WSSECURITY_DIGEST_ALGORITHM

This is the key used when an algorithmURI is for digest processing.


WSSECURITY_DATA_ENCRYPTION_ALGORITHM

static final java.lang.String WSSECURITY_DATA_ENCRYPTION_ALGORITHM

This is the key used when an algorithmURI is for data encryption processing.


WSSECURITY_KEY_ENCRYPTION_ALGORITHM

static final java.lang.String WSSECURITY_KEY_ENCRYPTION_ALGORITHM

This is the key used when an algorithmURI is for key encryption processing.


WSSECURITY_XPATH_EXPRESSION

static final java.lang.String WSSECURITY_XPATH_EXPRESSION

This is the key used to specify the XPath expression for XPath transform.


WSSECURITY_XPATH2_EXPRESSION

static final java.lang.String WSSECURITY_XPATH2_EXPRESSION

This is the key used to specify the XPath expression for XPath filter 2 transform.


WSSECURITY_XPATH2_FILTER

static final java.lang.String WSSECURITY_XPATH2_FILTER

This is the key used to specify the filter attribute for XPath filter 2.


WSSECURITY_XPATH2_ORDER

static final java.lang.String WSSECURITY_XPATH2_ORDER

This is the key used to specify the order for XPath filter 2.


WSSECURITY_INCLUSIVE_NAMESPACES

static final java.lang.String WSSECURITY_INCLUSIVE_NAMESPACES

This is the key used when the <ds:CanonicalizationMethod> element has the <ec:InclusiveNamespaces> element.


WSSECURITY_CALLER_TOKEN_NS

static final java.lang.String WSSECURITY_CALLER_TOKEN_NS

This is the key used to specify the namespace URI of token consumer.


WSSECURITY_CALLER_TOKEN_LN

static final java.lang.String WSSECURITY_CALLER_TOKEN_LN

This is the key used to specify the local part of token consumer.


WSSECURITY_KEY_REFERENCE

static final java.lang.String WSSECURITY_KEY_REFERENCE

This is the key used when reference URI is passed from a TokenGenerator object to a KeyInfoContentGenerator object or from a KeyInfoCotent{Generator/Consumer} object to a KeyLocator object. The value of this key MUST be reference URI included in the secure SOAP message.


WSSECURITY_KEY_ID

static final java.lang.String WSSECURITY_KEY_ID

This is the key used when key identifier is passed from a TokenGenerator object to a KeyInfoContentGenerator object or from a KeyInfoCotent{Generator/Consumer} object to a KeyLocator object.


WSSECURITY_KEY_NAME

static final java.lang.String WSSECURITY_KEY_NAME

This is the key used when the key name or the subject name of X509 certificate is passed from a TokenGenerator object to a KeyInfoContentGenerator object or from a KeyInfoCotent{Generator/Consumer} object to a KeyLocator object.


WSSECURITY_KEY_EMBID

static final java.lang.String WSSECURITY_KEY_EMBID

This is the key used when the identifier to be embedded is passed from a TokenGenerator object to a KeyInfoContentGenerator object or from a KeyInfoCotent{Generator/Consumer} object to a KeyLocator object.


WSSECURITY_KEY_ISSUERNAME

static final java.lang.String WSSECURITY_KEY_ISSUERNAME

This is the key used when the issuer name of X509 certificate is passed from a TokenGenerator object to a KeyInfoContentGenerator object or from a KeyInfoCotent{Generator/Consumer} object to a KeyLocator object.


WSSECURITY_KEY_ISSUERSERIAL

static final java.lang.String WSSECURITY_KEY_ISSUERSERIAL

This is the key used when the issuer serial of X509 certificate is passed from a TokenGenerator object to a KeyInfoContentGenerator object or from a KeyInfoCotent{Generator/Consumer} object to a KeyLocator object.


WSSECURITY_KEY_NAMEREF

static final java.lang.String WSSECURITY_KEY_NAMEREF

This is the key used when key name is passed to a KeyLocator object. The value of this key MUST be specified as the name attribute of <Key> in the WS-Security configuration.


WSSECURITY_KEY_TYPE

static final java.lang.String WSSECURITY_KEY_TYPE

This is the key used when key type is passed to a KeyLocator object. The value of this key MUST be one of the following.

1. SigningKey: when getting a key for signature
2. VerifyingKey: when getting a key for verification
3. EncryptingKey: when getting a key for encryption
4. DecryptingKey: when getting a key for decryption


WSSECURITY_KEYINFO_TYPE

static final java.lang.String WSSECURITY_KEYINFO_TYPE

This is the key used when the type of key information is passed from a TokenGenerator object to a KeyInfoContentGenerator object or from a KeyInfoCotent{Generator/Consumer} object to a KeyLocator object. The value of this key MUST be one of the following.

1. STRREF: when ds:KeyInfo/wsse:STRReference/wsse:Reference is used
2. KEYID: when ds:KeyInfo/wsse:STRReference/wsse:KeyIdentifier is used
3. EMB: when ds:KeyInfo/wsse:STRReference/wsse:Embedded is used
4. KEYNAME: when ds:KeyInfo/ds:KeyName is used
5. X509ISSUER: when ds:KeyInfo/wsse:STRReference/ds:X509Data is used


WSSECURITY_KEY_VALUETYPE

static final java.lang.String WSSECURITY_KEY_VALUETYPE

This is the key used when the value type of the referenced token is passed to a KeyLocator object.


WSSECURITY_KEY_EMIT_ENCODING_TYPE

static final java.lang.String WSSECURITY_KEY_EMIT_ENCODING_TYPE

This is the key used when the encoding type should be included in the KeyInfo element. This is required for BSP 1.0 compliance.


WSSECURITY_KEY_ENCODING

static final java.lang.String WSSECURITY_KEY_ENCODING

This is the key used when the encoding of key identifier is passed to a KeyLocator object.


WSSECURITY_KEY_IDTYPE

static final java.lang.String WSSECURITY_KEY_IDTYPE

This is the key used when the calculation method of key identifier is passed to a KeyLocator object.


WSSECURITY_KEY_VALUETYPE_NS

static final java.lang.String WSSECURITY_KEY_VALUETYPE_NS

This is the key used to specify the namespace URI of the value type of key identifier.


WSSECURITY_KEY_VALUETYPE_LN

static final java.lang.String WSSECURITY_KEY_VALUETYPE_LN

This is the key used to specify the local part of the value type of key identifier.


WSSECURITY_KEY_ENCODING_NS

static final java.lang.String WSSECURITY_KEY_ENCODING_NS

This is the key used to specify the namespace URI of the encoding of key identifier.


WSSECURITY_KEY_ENCODING_LN

static final java.lang.String WSSECURITY_KEY_ENCODING_LN

This is the key used to specify the local part of the encoding of key identifier.


WSSECURITY_KEY_IDTYPE_NS

static final java.lang.String WSSECURITY_KEY_IDTYPE_NS

This is the key used to specify the namespace URI of the calculation method of key identifier, if necessary.


WSSECURITY_KEY_IDTYPE_LN

static final java.lang.String WSSECURITY_KEY_IDTYPE_LN

This is the key used to specify the local part of the calculation method of key identifier, if necessary.


WSSECURITY_DAYS_BEFORE_EXPIRE_WARNING_KEYS

static final java.lang.String WSSECURITY_DAYS_BEFORE_EXPIRE_WARNING_KEYS

This is the key used to specify the days before key expiration to log warning.


WSSECURITY_KEYINFO_TOKEN_REFERENCE

static final java.lang.String WSSECURITY_KEYINFO_TOKEN_REFERENCE

This is the key used to specify the days before key expiration to log warning.


WSSECURITY_TOKEN_LOGININFO

static final java.lang.String WSSECURITY_TOKEN_LOGININFO

This is the key used when necessary information are passed between a LoginModule object and a TokenConsumer object.


WSSECURITY_NONCE_CACHE_TIMEOUT

static final java.lang.String WSSECURITY_NONCE_CACHE_TIMEOUT

This is the key used to specify the timeout of nonce cache.


WSSECURITY_NONCE_MAX_AGE

static final java.lang.String WSSECURITY_NONCE_MAX_AGE

This is the key used to specify the max age of nonce.


WSSECURITY_NONCE_CLOCK_SKEW

static final java.lang.String WSSECURITY_NONCE_CLOCK_SKEW

This is the key used to specify the clock skew of nonce.


WSSECURITY_TIMESTAMP_TIMEOUT

static final java.lang.String WSSECURITY_TIMESTAMP_TIMEOUT

This is the key used to specify the timeout of timestamp.


WSSECURITY_TIMESTAMP_MAX_AGE

static final java.lang.String WSSECURITY_TIMESTAMP_MAX_AGE

This is the key used to specify the max age of timestamp.


WSSECURITY_TIMESTAMP_CLOCK_SKEW

static final java.lang.String WSSECURITY_TIMESTAMP_CLOCK_SKEW

This is the key used to specify the clock skew of timestamp.


WSSECURITY_WSSCONSUMER_CONFIG_KEY

static final java.lang.String WSSECURITY_WSSCONSUMER_CONFIG_KEY

This is the key used to specify the WSSConsumerConfig object.

See Also:
Constant Field Values

WSSECURITY_WSSGENERATOR_CONFIG_KEY

static final java.lang.String WSSECURITY_WSSGENERATOR_CONFIG_KEY

This is the key used to specify the WSSGeneratorConfig object.

See Also:
Constant Field Values

WSSECURITY_RSAOAEP_DIGEST_METHOD

static final java.lang.String WSSECURITY_RSAOAEP_DIGEST_METHOD

This is the key used to specify the digest method algorithm URI to be used with RSA-OAEP encryption on the generator side. If not specified, the default is "http://www.w3.org/2000/09/xmldsig#sha1"


WSSECURITY_RSAOAEP_PARAMS

static final java.lang.String WSSECURITY_RSAOAEP_PARAMS

This is the key used to specify the bytes of the optional OAEPparams element to be used with RSA-OAEP encryption on the generator side. The value is the base64 encoding of the octets to be used. If not specified, the default is a null string.


WSSECURITY_DECOUPLE_TOKEN

static final java.lang.String WSSECURITY_DECOUPLE_TOKEN

This key is used decouple a WS-Security token element from its ancestor document.

See Also:
Constant Field Values

WSSECURITY_SET_MUSTUNDERSTAND

static final java.lang.String WSSECURITY_SET_MUSTUNDERSTAND

This key is used specify the mustUnderstand setting in the ws-security header. If the value is set to "0", "no", or "false", no mustUnderstand attribute will be set in the ws-security header in outbound consumer requests. The default value is true. In SOAP messages, the default value for the mustUnderstand attribute is "0". According to the SOAP specification, if the intended value for this attribute is "0", it must not be present in the message.


WSSECURITY_GET_MUSTUNDERSTAND

static final java.lang.String WSSECURITY_GET_MUSTUNDERSTAND

This key is used specify that the provider should always respond with a mustUnderstand="1" attribute in the ws-security header. By default, the response will contain the same mustUnderstand attribute as the request. For instance, if the inbound request has mustUnderstand="1", the response would have mustUnderstand="1". If the request did not have a mustUnderstand attribute, the response would also not have a mustUnderstand attribute. If the value is set to "1", "yes", or "true", the provider will always respond with with mustUnderstand="1" in the ws-security header. The default value is false.


WSSECURITY_CHECK_HMAC_OUTPUT_LENGTH

static final java.lang.String WSSECURITY_CHECK_HMAC_OUTPUT_LENGTH

When consuming the inbound request, if the HMACOutputLength mentioned in the request is less than the pre-defined value (80 bits), we throw exception. This functionality was added in 7003, so this property is being added so that the functionality can be turned off if necessary. This property will default ON to prevent security exposures. If the value is set to "0", "no", or "false", wssecurity consumer processing will not check HMACOutputLength value.


IBM WebSphere Application ServerTM
Release 8