IBM WebSphere Application ServerTM
Release 8

com.ibm.websphere.wssecurity.wssapi.verification
Interface WSSVerification


public interface WSSVerification

This interface is responsible for the verifcation component. There are the values to set as default.

Following is the sample code. The sample code of generating the callbackhandler is shown in the X509Token.
    WSSFactory factory = WSSFactory.getInstance();
    WSSConsumingContext concont = factory.newWSSConsumingContext();

    X509ConsumeCallbackHandler callbackhandler =  generateCallbackHandler(); 
                        // see X509ConsumeCallbackHandler
    WSSVerification ver = factory.newWSSVerification(X509Token.class, callbackhandler);

    concont.add(ver);

   

See Also:
WSSVerifyPart

Field Summary
static int ADDRESSING_HEADERS
          The keyword for the WS-Addressing headers.
static int BODY
          The keyword for the SOAP message body.
static java.lang.String C14N
          The URI for the inclusive canonicalization algorithm, C14n: http://www.w3.org/2001/10/xml-c14n#.
static java.lang.String EXC_C14N
          The URI for the exclusive canonicalization algorithm, Exc-C14n: http://www.w3.org/2001/10/xml-exc-c14n#.
static java.lang.String HMAC_SHA1
          The URI for the signature algorithm, HMAC_SHA1: http://www.w3.org/2000/09/xmldsig#hmac-sha1.
static java.lang.String RSA_SHA1
          The URI for the signature algorithm, RSA_SHA1: http://www.w3.org/2000/09/xmldsig#rsa-sha1.
static int TIMESTAMP
          The keyword for the creation and expiration time stamp information.
 
Method Summary
 void addAllowedCanonicalizationMethod(java.lang.String algorithm)
          Adds the canonicalization method to allow for the signature verification.
 void addAllowedSignatureMethod(java.lang.String algorithm)
          Adds the signature method to allow for the signature verification.
 void addRequiredVerifyHeader(javax.xml.namespace.QName header)
          Adds the header in the SOAP Header, specified by QName, as a verification part.
 void addRequiredVerifyPart(int keyword)
          Adds the keyword of the verification part such as WSSVerification.BODY WSSVerification.ADDRESSING_HEADERS, or WSSVerification.TIMESTAMP.
 void addRequiredVerifyPart(WSSVerifyPart header)
          Adds the header in the SOAP Header, specified by QName, as a verification part.
 void addRequiredVerifyPartByXPath(java.lang.String xpath)
          Adds the XPath expression as a verification part.
 void addToken(java.lang.Class tokenClass, javax.security.auth.callback.CallbackHandler callbackHandler)
          Adds the information of the candidate security token that is used for the signature verification.
 void addToken(java.lang.Class tokenClass, javax.security.auth.callback.CallbackHandler callbackHandler, java.lang.String loginConfigName)
          Adds the information of the candidate security token that is used for the signature verification.
 void requireSignatureConfirmation()
          Requires the signature confirmation.
 

Field Detail

BODY

static final int BODY
The keyword for the SOAP message body.

See Also:
Constant Field Values

ADDRESSING_HEADERS

static final int ADDRESSING_HEADERS
The keyword for the WS-Addressing headers.

See Also:
Constant Field Values

TIMESTAMP

static final int TIMESTAMP
The keyword for the creation and expiration time stamp information.

See Also:
Constant Field Values

RSA_SHA1

static final java.lang.String RSA_SHA1
The URI for the signature algorithm, RSA_SHA1: http://www.w3.org/2000/09/xmldsig#rsa-sha1.

See Also:
Constant Field Values

HMAC_SHA1

static final java.lang.String HMAC_SHA1
The URI for the signature algorithm, HMAC_SHA1: http://www.w3.org/2000/09/xmldsig#hmac-sha1.

See Also:
Constant Field Values

EXC_C14N

static final java.lang.String EXC_C14N
The URI for the exclusive canonicalization algorithm, Exc-C14n: http://www.w3.org/2001/10/xml-exc-c14n#.

See Also:
Constant Field Values

C14N

static final java.lang.String C14N
The URI for the inclusive canonicalization algorithm, C14n: http://www.w3.org/2001/10/xml-c14n#.

See Also:
Constant Field Values
Method Detail

addRequiredVerifyPart

void addRequiredVerifyPart(int keyword)
                           throws WSSException
Adds the keyword of the verification part such as WSSVerification.BODY WSSVerification.ADDRESSING_HEADERS, or WSSVerification.TIMESTAMP.

Parameters:
keyword - verification part
Throws:
WSSException - if the keyword is not valid.

addRequiredVerifyPart

void addRequiredVerifyPart(WSSVerifyPart header)
Adds the header in the SOAP Header, specified by QName, as a verification part.

Parameters:
header - verification part

addRequiredVerifyPartByXPath

void addRequiredVerifyPartByXPath(java.lang.String xpath)
Adds the XPath expression as a verification part.

Parameters:
xpath - verification part

addRequiredVerifyHeader

void addRequiredVerifyHeader(javax.xml.namespace.QName header)
Adds the header in the SOAP Header, specified by QName, as a verification part.

Parameters:
header - verification part

addAllowedCanonicalizationMethod

void addAllowedCanonicalizationMethod(java.lang.String algorithm)
                                      throws WSSException
Adds the canonicalization method to allow for the signature verification.

Parameters:
algorithm - canonicalization algorithm
Throws:
WSSException - the algorithm is not supported

addAllowedSignatureMethod

void addAllowedSignatureMethod(java.lang.String algorithm)
                               throws WSSException
Adds the signature method to allow for the signature verification.

Parameters:
algorithm -
Throws:
WSSException - the algorithm is not supported

addToken

void addToken(java.lang.Class tokenClass,
              javax.security.auth.callback.CallbackHandler callbackHandler,
              java.lang.String loginConfigName)
              throws WSSException
Adds the information of the candidate security token that is used for the signature verification.

Parameters:
tokenClass - class of the security token
callbackHandler - callback handler
loginConfigName - name of the JAAS login configuration
Throws:
WSSException - if the arguments are not valid.

addToken

void addToken(java.lang.Class tokenClass,
              javax.security.auth.callback.CallbackHandler callbackHandler)
              throws WSSException
Adds the information of the candidate security token that is used for the signature verification.

Parameters:
tokenClass - class of the security token
callbackHandler - callback handler
Throws:
WSSException - if the arguments are not valid.

requireSignatureConfirmation

void requireSignatureConfirmation()
Requires the signature confirmation. Caches the signature value in the request message for the purpose of attaching it to the response message as a signature confirmation. This method is for the response side. The signature confirmation is defined in the OASIS WS-Security Version 1.1 specification.


IBM WebSphere Application ServerTM
Release 8