WSSecurityManager

Overview

Package

Class

Tree

Deprecated

Index

Help

AdroitLogic UltraESB v1.7.0

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.adroitlogic.soapbox
Class WSSecurityManager

java.lang.Object
  org.adroitlogic.soapbox.WSSecurityManager

All Implemented Interfaces:: WSSecurityManager, org.springframework.context.ApplicationContextAware

public class WSSecurityManager
extends java.lang.Object
implements org.springframework.context.ApplicationContextAware, WSSecurityManager
extends java.lang.Object
implements org.springframework.context.ApplicationContextAware, WSSecurityManager

Defines WS-Security parameters to the UltraESB configuration, and serves as the central point of control for securing and verifying of messages

See sample # 204

Constructor Summary
`WSSecurityManager(java.lang.String keystorePath, java.lang.String keystorePassword, java.util.Map passwordMap)` Constructor to use when identity and trust credentials are on the same keystore
`WSSecurityManager(java.lang.String identityStorePath, java.lang.String identityStorePassword, java.lang.String trustStorePath, java.lang.String trustStorePassword, java.util.Map passwordMap)` Standard constructor that uses separate keystores for identity and trust credentials

Method Summary
`void`	`addDigestUsernameTokenAuthentication(Message msg, java.lang.String username, java.lang.String password)` Add a WS-Security Username Token authentication element to the request, with a nonce, created and hashed password
`void`	`addDigestUsernameTokenAuthenticationWithTimestamp(Message msg, java.lang.String username, java.lang.String password)` Add a WS-Security Username Token authentication element and a Timestamp element to the request, with a nonce, created and hashed password
`void`	`addPlainUsernameTokenAuthenticationWithTimestamp(Message msg, java.lang.String username, java.lang.String password)` Add a WS-Security Username Token authentication element and a Timestamp elemtn to the request, with a nonce, created and hashed password
`void`	`addUsernameTokenAuthentication(Message msg, java.lang.String username, java.lang.String password, boolean hashed, boolean addNonceAndCreated, boolean includeTimestamp)` Add a WS-Security Username Token authentication element to the request
`void`	`removeSecurityHeader(Message msg)` Remove the WS-Security header from a message
`void`	`setNonceCacheSize(int nonceCacheSize)` Set cache size for detection of replay attacks when using UT authentication (default 1000)
`void`	`setRequireNonceAndCreated(boolean requireNonceAndCreated)` Require or disable nonce and created values for UT authentication (default required)
`void`	`setTimeStampFreshness(int timeStampFreshness)` Set timestamp freshness in ms for UT authentication (default 5 minutes)
`void`	`setUserDetailsService(UserDetailsService userDetailsService)` Reference to UserDetailsService to resolve user information
`void`	`timestampAndEncryptMessage(Message msg, java.lang.String encryptionAlias)` Secure message with a timestamp and encrypt - using default timestamp TTL of 5 minutes and key size of 256
`void`	`timestampAndEncryptMessage(Message msg, java.lang.String encryptionAlias, long millis, java.lang.String algo)` Secure message with a timestamp and encrypt - using specified timestamp TTL
`void`	`timestampAndSignMessage(Message msg, java.lang.String signatureAlias)` Secure message with a timestamp and signature - using default timestamp TTL of 5 minutes
`void`	`timestampAndSignMessage(Message msg, java.lang.String signatureAlias, long millis)` Secure message with a timestamp and signature - using specified timestamp TTL
`void`	`timestampMessage(Message msg)` Secure message with a timestamp - using default timestamp TTL of 5 minutes
`void`	`timestampMessage(Message msg, long millis)` Secure message with a timestamp - using specified timestamp TTL
`void`	`timestampSignAndEncryptMessage(Message msg, java.lang.String encryptionAlias, java.lang.String signatureAlias)` Secure message with a timestamp, signature and encrypt body - using default timestamp TTL of 5 minutes and keysize of 256
`void`	`timestampSignAndEncryptMessage(Message msg, java.lang.String encryptionAlias, java.lang.String signatureAlias, long millis, java.lang.String algo)` Secure message with a timestamp, signature and encrypt body - using specified timestamp TTL
`void`	`verifyTimestampedAndEncryptedMessage(Message msg, boolean remove)` Verify that the message is timestamped and encrypted
`void`	`verifyTimestampedAndSignedMessage(Message msg, boolean remove)` Verify that the message is timestamped and signed
`void`	`verifyTimestampedEncryptedAndSignedMessage(Message msg, boolean remove)` Verify that the message is timestamped, encrypted and signed
`void`	`verifyTimestampedMessage(Message msg, boolean remove)` Verify that the message is timestamped and the timestamp valid
`void`	`verifyUsernameTokenAuthentication(Message msg)` Verify that the message contains UsernameToken authentication information, and that its valid
`void`	`verifyUsernameTokenAuthentication(Message msg, boolean remove)` Verify that the message contains UsernameToken authentication information, and that its valid

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Methods inherited from interface org.springframework.context.ApplicationContextAware
`setApplicationContext`

Constructor Detail

WSSecurityManager

public WSSecurityManager(java.lang.String keystorePath,
                         java.lang.String keystorePassword,
                         java.util.Map passwordMap)

Constructor to use when identity and trust credentials are on the same keystore

Parameters:: keystorePath - path to the keystore; keystorePassword - keystore password; passwordMap - A Map of alias and password for credentials for the keystore

WSSecurityManager

public WSSecurityManager(java.lang.String identityStorePath,
                         java.lang.String identityStorePassword,
                         java.lang.String trustStorePath,
                         java.lang.String trustStorePassword,
                         java.util.Map passwordMap)

Standard constructor that uses separate keystores for identity and trust credentials

Parameters:: identityStorePath - path to the identity credential keystore; identityStorePassword - password to the identity credential keystore; trustStorePath - path to the trust credential keystore; trustStorePassword - password to the trust credential keystore; passwordMap - A Map of alias and password for credentials in the keystore

Method Detail

removeSecurityHeader

public void removeSecurityHeader(Message msg)

Remove the WS-Security header from a message

Specified by:: removeSecurityHeader in interface WSSecurityManager

Parameters:: msg - the message from which the WS-Security header should be removed

setRequireNonceAndCreated

public void setRequireNonceAndCreated(boolean requireNonceAndCreated)

Require or disable nonce and created values for UT authentication (default required)

Parameters:: requireNonceAndCreated - require nonce and created values for UT authentication if true

setNonceCacheSize

public void setNonceCacheSize(int nonceCacheSize)

Set cache size for detection of replay attacks when using UT authentication (default 1000)

Parameters:: nonceCacheSize - size of cache

setTimeStampFreshness

public void setTimeStampFreshness(int timeStampFreshness)

Set timestamp freshness in ms for UT authentication (default 5 minutes)

Parameters:: timeStampFreshness - delay in milliseconds

setUserDetailsService

public void setUserDetailsService(UserDetailsService userDetailsService)

Reference to UserDetailsService to resolve user information

Parameters:: userDetailsService - reference to the UserDetailsService

timestampMessage

public void timestampMessage(Message msg,
                             long millis)

Secure message with a timestamp - using specified timestamp TTL

Specified by:: timestampMessage in interface WSSecurityManager

Parameters:: msg - message to timestamp; millis - timestamp TTL

timestampMessage

public void timestampMessage(Message msg)

Secure message with a timestamp - using default timestamp TTL of 5 minutes

Specified by:: timestampMessage in interface WSSecurityManager

Parameters:: msg - message to timestamp

timestampAndSignMessage

public void timestampAndSignMessage(Message msg,
                                    java.lang.String signatureAlias,
                                    long millis)

Secure message with a timestamp and signature - using specified timestamp TTL

Specified by:: timestampAndSignMessage in interface WSSecurityManager

Parameters:: msg - message to secure; signatureAlias - alias of credentials for signature; millis - timestamp TTL

timestampAndSignMessage

public void timestampAndSignMessage(Message msg,
                                    java.lang.String signatureAlias)

Secure message with a timestamp and signature - using default timestamp TTL of 5 minutes

Specified by:: timestampAndSignMessage in interface WSSecurityManager

Parameters:: msg - message to secure; signatureAlias - alias of credentials for signature

timestampAndEncryptMessage

public void timestampAndEncryptMessage(Message msg,
                                       java.lang.String encryptionAlias,
                                       long millis,
                                       java.lang.String algo)

Secure message with a timestamp and encrypt - using specified timestamp TTL

Specified by:: timestampAndEncryptMessage in interface WSSecurityManager

Parameters:: msg - message to secure; encryptionAlias - alias of credentials for encryption; algo - encryption algorithm URI or prefix

timestampAndEncryptMessage

public void timestampAndEncryptMessage(Message msg,
                                       java.lang.String encryptionAlias)

Secure message with a timestamp and encrypt - using default timestamp TTL of 5 minutes and key size of 256

Specified by:: timestampAndEncryptMessage in interface WSSecurityManager

Parameters:: msg - message to secure; encryptionAlias - alias of credentials for encryption

timestampSignAndEncryptMessage

public void timestampSignAndEncryptMessage(Message msg,
                                           java.lang.String encryptionAlias,
                                           java.lang.String signatureAlias,
                                           long millis,
                                           java.lang.String algo)

Secure message with a timestamp, signature and encrypt body - using specified timestamp TTL

Specified by:: timestampSignAndEncryptMessage in interface WSSecurityManager

Parameters:: msg - message to secure; encryptionAlias - alias of credentials for encryption; signatureAlias - alias of credentials for signature; millis - timestamp TTL; algo - encryption algorithm

timestampSignAndEncryptMessage

public void timestampSignAndEncryptMessage(Message msg,
                                           java.lang.String encryptionAlias,
                                           java.lang.String signatureAlias)

Secure message with a timestamp, signature and encrypt body - using default timestamp TTL of 5 minutes and keysize of 256

Specified by:: timestampSignAndEncryptMessage in interface WSSecurityManager

Parameters:: msg - message to secure; encryptionAlias - alias of credentials for encryption; signatureAlias - alias of credentials for signature

addUsernameTokenAuthentication

public void addUsernameTokenAuthentication(Message msg,
                                           java.lang.String username,
                                           java.lang.String password,
                                           boolean hashed,
                                           boolean addNonceAndCreated,
                                           boolean includeTimestamp)

Add a WS-Security Username Token authentication element to the request

Specified by:: addUsernameTokenAuthentication in interface WSSecurityManager

Parameters:: msg - message to secure; username - username to add; password - password to add; hashed - true if password is a digest; addNonceAndCreated - true if a nonce and digest should be added (true of hashed); includeTimestamp - should a Timestamp element be included?

addDigestUsernameTokenAuthentication

public void addDigestUsernameTokenAuthentication(Message msg,
                                                 java.lang.String username,
                                                 java.lang.String password)

Add a WS-Security Username Token authentication element to the request, with a nonce, created and hashed password

Specified by:: addDigestUsernameTokenAuthentication in interface WSSecurityManager

Parameters:: msg - message to secure; username - username to add; password - password to add

addDigestUsernameTokenAuthenticationWithTimestamp

public void addDigestUsernameTokenAuthenticationWithTimestamp(Message msg,
                                                              java.lang.String username,
                                                              java.lang.String password)

Add a WS-Security Username Token authentication element and a Timestamp element to the request, with a nonce, created and hashed password

Specified by:: addDigestUsernameTokenAuthenticationWithTimestamp in interface WSSecurityManager

Parameters:: msg - message to secure; username - username to add; password - password to add

addPlainUsernameTokenAuthenticationWithTimestamp

public void addPlainUsernameTokenAuthenticationWithTimestamp(Message msg,
                                                             java.lang.String username,
                                                             java.lang.String password)

Add a WS-Security Username Token authentication element and a Timestamp elemtn to the request, with a nonce, created and hashed password

Specified by:: addPlainUsernameTokenAuthenticationWithTimestamp in interface WSSecurityManager

Parameters:: msg - message to secure; username - username to add; password - password to add

verifyTimestampedMessage

public void verifyTimestampedMessage(Message msg,
                                     boolean remove)

Verify that the message is timestamped and the timestamp valid

Specified by:: verifyTimestampedMessage in interface WSSecurityManager

Parameters:: msg - message to validate; remove - remove security header after processing

verifyTimestampedAndSignedMessage

public void verifyTimestampedAndSignedMessage(Message msg,
                                              boolean remove)

Verify that the message is timestamped and signed

Specified by:: verifyTimestampedAndSignedMessage in interface WSSecurityManager

Parameters:: msg - message to validate; remove - remove security header after processing

verifyTimestampedAndEncryptedMessage

public void verifyTimestampedAndEncryptedMessage(Message msg,
                                                 boolean remove)

Verify that the message is timestamped and encrypted

Specified by:: verifyTimestampedAndEncryptedMessage in interface WSSecurityManager

Parameters:: msg - message to validate; remove - remove security header after processing

verifyTimestampedEncryptedAndSignedMessage

public void verifyTimestampedEncryptedAndSignedMessage(Message msg,
                                                       boolean remove)

Verify that the message is timestamped, encrypted and signed

Specified by:: verifyTimestampedEncryptedAndSignedMessage in interface WSSecurityManager

Parameters:: msg - message to validate; remove - remove security header after processing

verifyUsernameTokenAuthentication

public void verifyUsernameTokenAuthentication(Message msg,
                                              boolean remove)

Verify that the message contains UsernameToken authentication information, and that its valid

Specified by:: verifyUsernameTokenAuthentication in interface WSSecurityManager

Parameters:: msg - message to validate; remove - remove security header after processing

verifyUsernameTokenAuthentication

public void verifyUsernameTokenAuthentication(Message msg)

Verify that the message contains UsernameToken authentication information, and that its valid

Specified by:: verifyUsernameTokenAuthentication in interface WSSecurityManager

Parameters:: msg - message to validate

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.adroitlogic.soapbox Class WSSecurityManager

WSSecurityManager

WSSecurityManager

removeSecurityHeader

setRequireNonceAndCreated

setNonceCacheSize

setTimeStampFreshness

setUserDetailsService

timestampMessage

timestampMessage

timestampAndSignMessage

timestampAndSignMessage

timestampAndEncryptMessage

timestampAndEncryptMessage

timestampSignAndEncryptMessage

timestampSignAndEncryptMessage

addUsernameTokenAuthentication

addDigestUsernameTokenAuthentication

addDigestUsernameTokenAuthenticationWithTimestamp

addPlainUsernameTokenAuthenticationWithTimestamp

verifyTimestampedMessage

verifyTimestampedAndSignedMessage

verifyTimestampedAndEncryptedMessage

verifyTimestampedEncryptedAndSignedMessage

verifyUsernameTokenAuthentication

verifyUsernameTokenAuthentication

org.adroitlogic.soapbox
Class WSSecurityManager