Package org.apache.cxf.ws.security.wss4j

Class WSS4JUtils

  • public final class WSS4JUtils
extends Object
    Some common functionality that can be shared between the WSS4JInInterceptor and the UsernameTokenInterceptor.

    • Method Detail

      • getSecurityTokenLifetime

        public static long getSecurityTokenLifetime​(Message message)
        Get the security token lifetime value (in milliseconds). The default is "300000" (5 minutes).
        Returns:
        the security token lifetime value in milliseconds

      • getReplayCache

        public static org.apache.wss4j.common.cache.ReplayCache getReplayCache​(SoapMessage message,
                                                                       String booleanKey,
                                                                       String instanceKey)
                                                                throws org.apache.wss4j.common.ext.WSSecurityException
        Get a ReplayCache instance. It first checks to see whether caching has been explicitly enabled or disabled via the booleanKey argument. If it has been set to false then no replay caching is done (for this booleanKey). If it has not been specified, then caching is enabled only if we are not the initiator of the exchange. If it has been specified, then caching is enabled. It tries to get an instance of ReplayCache via the instanceKey argument from a contextual property, and failing that the message exchange. If it can't find any, then it defaults to using an EH-Cache instance and stores that on the message exchange.
        Throws:
        org.apache.wss4j.common.ext.WSSecurityException

      • parseAndStoreStreamingSecurityToken

        public static String parseAndStoreStreamingSecurityToken​(org.apache.xml.security.stax.securityToken.SecurityToken securityToken,
                                                         Message message)
                                                  throws org.apache.xml.security.exceptions.XMLSecurityException,
                                                         TokenStoreException
        Throws:
        org.apache.xml.security.exceptions.XMLSecurityException
        TokenStoreException

      • createSoapFault

        public static SoapFault createSoapFault​(SoapMessage message,
                                        SoapVersion version,
                                        org.apache.wss4j.common.ext.WSSecurityException e)
        Create a SoapFault from a WSSecurityException, following the SOAP Message Security 1.1 specification, chapter 12 "Error Handling". When the Soap version is 1.1 then set the Fault/Code/Value from the fault code specified in the WSSecurityException (if it exists). Otherwise set the Fault/Code/Value to env:Sender and the Fault/Code/Subcode/Value as the fault code from the WSSecurityException.

      • getPasswordEncryptor

        public static org.apache.wss4j.common.crypto.PasswordEncryptor getPasswordEncryptor​(Message message)

      • loadCryptoFromPropertiesFile

        public static org.apache.wss4j.common.crypto.Crypto loadCryptoFromPropertiesFile​(Message message,
                                                                                 String propFilename,
                                                                                 ClassLoader classLoader,
                                                                                 org.apache.wss4j.common.crypto.PasswordEncryptor passwordEncryptor)
                                                                          throws org.apache.wss4j.common.ext.WSSecurityException
        Throws:
        org.apache.wss4j.common.ext.WSSecurityException

      • getEncryptionCrypto

        public static org.apache.wss4j.common.crypto.Crypto getEncryptionCrypto​(Object e,
                                                                        SoapMessage message,
                                                                        org.apache.wss4j.common.crypto.PasswordEncryptor passwordEncryptor)
                                                                 throws org.apache.wss4j.common.ext.WSSecurityException
        Throws:
        org.apache.wss4j.common.ext.WSSecurityException

      • getSignatureCrypto

        public static org.apache.wss4j.common.crypto.Crypto getSignatureCrypto​(Object s,
                                                                       SoapMessage message,
                                                                       org.apache.wss4j.common.crypto.PasswordEncryptor passwordEncryptor)
                                                                throws org.apache.wss4j.common.ext.WSSecurityException
        Throws:
        org.apache.wss4j.common.ext.WSSecurityException

      • getReqSigCert

        public static X509Certificate getReqSigCert​(List<org.apache.wss4j.dom.handler.WSHandlerResult> results)
        Get the certificate that was used to sign the request