org.apache.ws.security.handler.RequestData Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of wss4j Show documentation
Show all versions of wss4j Show documentation
The Apache WSS4J project provides a Java implementation of the primary security standards
for Web Services, namely the OASIS Web Services Security (WS-Security) specifications
from the OASIS Web Services Security TC.
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.ws.security.handler;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import java.util.regex.Pattern;
import javax.security.auth.callback.CallbackHandler;
import javax.xml.namespace.QName;
import org.apache.ws.security.SOAPConstants;
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.WSEncryptionPart;
import org.apache.ws.security.WSSConfig;
import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.cache.ReplayCache;
import org.apache.ws.security.components.crypto.AlgorithmSuite;
import org.apache.ws.security.components.crypto.Crypto;
import org.apache.ws.security.message.WSSecHeader;
import org.apache.ws.security.message.token.UsernameToken;
import org.apache.ws.security.validate.Validator;
/**
* This class holds per request data.
*
* @author Werner Dittmann ([email protected])
*/
public class RequestData {
private Object msgContext = null;
private boolean noSerialization = false;
private SOAPConstants soapConstants = null;
private String actor = null;
private String username = null;
private String pwType = WSConstants.PASSWORD_DIGEST; // Make this the default when no password type is given.
private String[] utElements = null;
private Crypto sigCrypto = null;
private Crypto decCrypto = null;
private int sigKeyId = 0;
private String sigAlgorithm = null;
private String signatureDigestAlgorithm = null;
private String encryptionDigestAlgorithm = null;
private List signatureParts = new ArrayList();
private Crypto encCrypto = null;
private int encKeyId = 0;
private String encSymmAlgo = null;
private String encKeyTransport = null;
private String encUser = null;
private String signatureUser = null;
private List encryptParts = new ArrayList();
private X509Certificate encCert = null;
private int timeToLive = 300; // Timestamp: time in seconds between creation and expiry
private WSSConfig wssConfig = null;
private List signatureValues = new ArrayList();
private WSSecHeader secHeader = null;
private boolean encSymmetricEncryptionKey = true;
private int secretKeyLength = WSConstants.WSE_DERIVED_KEY_LEN;
private boolean useDerivedKey = true;
private int derivedKeyIterations = UsernameToken.DEFAULT_ITERATION;
private boolean useDerivedKeyForMAC = true;
private boolean useSingleCert = true;
private CallbackHandler callback = null;
private boolean enableRevocation = false;
protected boolean requireSignedEncryptedDataElements = false;
private ReplayCache timestampReplayCache;
private ReplayCache nonceReplayCache;
private Collection subjectDNPatterns = new ArrayList();
private boolean appendSignatureAfterTimestamp;
private int originalSignatureActionPosition;
private AlgorithmSuite algorithmSuite;
private AlgorithmSuite samlAlgorithmSuite;
public void clear() {
soapConstants = null;
actor = username = pwType = sigAlgorithm = encSymmAlgo = encKeyTransport = encUser = null;
sigCrypto = decCrypto = encCrypto = null;
signatureParts.clear();
encryptParts.clear();
encCert = null;
utElements = null;
wssConfig = null;
signatureValues.clear();
signatureDigestAlgorithm = null;
encryptionDigestAlgorithm = null;
encSymmetricEncryptionKey = true;
secretKeyLength = WSConstants.WSE_DERIVED_KEY_LEN;
signatureUser = null;
useDerivedKey = true;
derivedKeyIterations = UsernameToken.DEFAULT_ITERATION;
useDerivedKeyForMAC = true;
useSingleCert = true;
callback = null;
enableRevocation = false;
timestampReplayCache = null;
nonceReplayCache = null;
subjectDNPatterns.clear();
appendSignatureAfterTimestamp = false;
algorithmSuite = null;
samlAlgorithmSuite = null;
setOriginalSignatureActionPosition(0);
}
public Object getMsgContext() {
return msgContext;
}
public void setMsgContext(Object msgContext) {
this.msgContext = msgContext;
}
public boolean isNoSerialization() {
return noSerialization;
}
public void setNoSerialization(boolean noSerialization) {
this.noSerialization = noSerialization;
}
public SOAPConstants getSoapConstants() {
return soapConstants;
}
public void setSoapConstants(SOAPConstants soapConstants) {
this.soapConstants = soapConstants;
}
public String getActor() {
return actor;
}
public void setActor(String actor) {
this.actor = actor;
}
public void setSecretKeyLength(int length) {
secretKeyLength = length;
}
public int getSecretKeyLength() {
return secretKeyLength;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public void setEncryptSymmetricEncryptionKey(boolean encrypt) {
encSymmetricEncryptionKey = encrypt;
}
public boolean getEncryptSymmetricEncryptionKey() {
return encSymmetricEncryptionKey;
}
public String getPwType() {
return pwType;
}
public void setPwType(String pwType) {
this.pwType = pwType;
}
public String[] getUtElements() {
return utElements;
}
public void setUtElements(String[] utElements) {
this.utElements = utElements;
}
public Crypto getSigCrypto() {
return sigCrypto;
}
public void setSigCrypto(Crypto sigCrypto) {
this.sigCrypto = sigCrypto;
}
public Crypto getDecCrypto() {
return decCrypto;
}
public void setDecCrypto(Crypto decCrypto) {
this.decCrypto = decCrypto;
}
public int getSigKeyId() {
return sigKeyId;
}
public void setSigKeyId(int sigKeyId) {
this.sigKeyId = sigKeyId;
}
public String getSigAlgorithm() {
return sigAlgorithm;
}
public void setSigAlgorithm(String sigAlgorithm) {
this.sigAlgorithm = sigAlgorithm;
}
public String getSigDigestAlgorithm() {
return signatureDigestAlgorithm;
}
public void setSigDigestAlgorithm(String sigDigestAlgorithm) {
this.signatureDigestAlgorithm = sigDigestAlgorithm;
}
public String getEncDigestAlgorithm() {
return encryptionDigestAlgorithm;
}
public void setEncDigestAlgorithm(String encDigestAlgorithm) {
this.encryptionDigestAlgorithm = encDigestAlgorithm;
}
public List getSignatureParts() {
return signatureParts;
}
public String getSignatureUser() {
return signatureUser;
}
public void setSignatureUser(String signatureUser) {
this.signatureUser = signatureUser;
}
public Crypto getEncCrypto() {
return encCrypto;
}
public void setEncCrypto(Crypto encCrypto) {
this.encCrypto = encCrypto;
}
public int getEncKeyId() {
return encKeyId;
}
public void setEncKeyId(int encKeyId) {
this.encKeyId = encKeyId;
}
public String getEncSymmAlgo() {
return encSymmAlgo;
}
public void setEncSymmAlgo(String encSymmAlgo) {
this.encSymmAlgo = encSymmAlgo;
}
public String getEncKeyTransport() {
return encKeyTransport;
}
public void setEncKeyTransport(String encKeyTransport) {
this.encKeyTransport = encKeyTransport;
}
public String getEncUser() {
return encUser;
}
public void setEncUser(String encUser) {
this.encUser = encUser;
}
public List getEncryptParts() {
return encryptParts;
}
public X509Certificate getEncCert() {
return encCert;
}
public void setEncCert(X509Certificate encCert) {
this.encCert = encCert;
}
public int getTimeToLive() {
return timeToLive;
}
public void setTimeToLive(int timeToLive) {
this.timeToLive = timeToLive;
}
/**
* @return Returns the wssConfig.
*/
public WSSConfig getWssConfig() {
return wssConfig;
}
/**
* @param wssConfig The wssConfig to set.
*/
public void setWssConfig(WSSConfig wssConfig) {
this.wssConfig = wssConfig;
}
/**
* @return Returns the list of stored signature values.
*/
public List getSignatureValues() {
return signatureValues;
}
/**
* @return Returns the secHeader.
*/
public WSSecHeader getSecHeader() {
return secHeader;
}
/**
* @param secHeader The secHeader to set.
*/
public void setSecHeader(WSSecHeader secHeader) {
this.secHeader = secHeader;
}
/**
* @param derivedKey Set whether to derive keys as per the
* UsernameTokenProfile 1.1 spec. Default is true.
*/
public void setUseDerivedKey(boolean derivedKey) {
useDerivedKey = derivedKey;
}
/**
* Return whether to derive keys as per the UsernameTokenProfile
* 1.1 spec. Default is true.
*/
public boolean isUseDerivedKey() {
return useDerivedKey;
}
/**
* Set the derived key iterations. Default is 1000.
* @param iterations The number of iterations to use when deriving a key
*/
public void setDerivedKeyIterations(int iterations) {
derivedKeyIterations = iterations;
}
/**
* Get the derived key iterations.
* @return The number of iterations to use when deriving a key
*/
public int getDerivedKeyIterations() {
return derivedKeyIterations;
}
/**
* Whether to use the derived key for a MAC.
* @param useMac Whether to use the derived key for a MAC.
*/
public void setUseDerivedKeyForMAC(boolean useMac) {
useDerivedKeyForMAC = useMac;
}
/**
* Whether to use the derived key for a MAC.
* @return Whether to use the derived key for a MAC.
*/
public boolean isUseDerivedKeyForMAC() {
return useDerivedKeyForMAC;
}
/**
* Whether to use a single certificate or a whole certificate chain when
* constructing a BinarySecurityToken used for direct reference in Signature.
* @param useSingleCert true if only to use a single certificate
*/
public void setUseSingleCert(boolean useSingleCert) {
this.useSingleCert = useSingleCert;
}
/**
* Whether to use a single certificate or a whole certificate chain when
* constructing a BinarySecurityToken used for direct reference in Signature.
* @return whether to use a single certificate
*/
public boolean isUseSingleCert() {
return useSingleCert;
}
/**
* Set whether to enable CRL checking or not when verifying trust in a certificate.
* @param enableRevocation whether to enable CRL checking
*/
public void setEnableRevocation(boolean enableRevocation) {
this.enableRevocation = enableRevocation;
}
/**
* Get whether to enable CRL checking or not when verifying trust in a certificate.
* @return whether to enable CRL checking
*/
public boolean isRevocationEnabled() {
return enableRevocation;
}
/**
* @return whether EncryptedData elements are required to be signed
*/
public boolean isRequireSignedEncryptedDataElements() {
return requireSignedEncryptedDataElements;
}
/**
* Configure the engine to verify that EncryptedData elements
* are in a signed subtree of the document. This can be used to
* prevent some wrapping based attacks when encrypt-before-sign
* token protection is selected.
*
* @param requireSignedEncryptedDataElements
*/
public void setRequireSignedEncryptedDataElements(boolean requireSignedEncryptedDataElements) {
this.requireSignedEncryptedDataElements = requireSignedEncryptedDataElements;
}
/**
* Sets the CallbackHandler used for this request
* @param cb
*/
public void setCallbackHandler(CallbackHandler cb) {
callback = cb;
}
/**
* Returns the CallbackHandler used for this request.
* @return the CallbackHandler used for this request.
*/
public CallbackHandler getCallbackHandler() {
return callback;
}
/**
* Get the Validator instance corresponding to the QName
* @param qName the QName with which to find a Validator instance
* @return the Validator instance corresponding to the QName
* @throws WSSecurityException
*/
public Validator getValidator(QName qName) throws WSSecurityException {
if (wssConfig != null) {
return wssConfig.getValidator(qName);
}
return null;
}
/**
* Set the replay cache for Timestamps
*/
public void setTimestampReplayCache(ReplayCache newCache) {
timestampReplayCache = newCache;
}
/**
* Get the replay cache for Timestamps
*/
public ReplayCache getTimestampReplayCache() {
return timestampReplayCache;
}
/**
* Set the replay cache for Nonces
*/
public void setNonceReplayCache(ReplayCache newCache) {
nonceReplayCache = newCache;
}
/**
* Get the replay cache for Nonces
*/
public ReplayCache getNonceReplayCache() {
return nonceReplayCache;
}
/**
* Set the Signature Subject Cert Constraints
*/
public void setSubjectCertConstraints(Collection subjectCertConstraints) {
if (subjectCertConstraints != null) {
subjectDNPatterns.addAll(subjectCertConstraints);
}
}
/**
* Get the Signature Subject Cert Constraints
*/
public Collection getSubjectCertConstraints() {
return subjectDNPatterns;
}
public boolean isAppendSignatureAfterTimestamp() {
return appendSignatureAfterTimestamp;
}
public void setAppendSignatureAfterTimestamp(boolean appendSignatureAfterTimestamp) {
this.appendSignatureAfterTimestamp = appendSignatureAfterTimestamp;
}
public AlgorithmSuite getAlgorithmSuite() {
return algorithmSuite;
}
public void setAlgorithmSuite(AlgorithmSuite algorithmSuite) {
this.algorithmSuite = algorithmSuite;
}
public AlgorithmSuite getSamlAlgorithmSuite() {
return samlAlgorithmSuite;
}
public void setSamlAlgorithmSuite(AlgorithmSuite samlAlgorithmSuite) {
this.samlAlgorithmSuite = samlAlgorithmSuite;
}
public int getOriginalSignatureActionPosition() {
return originalSignatureActionPosition;
}
public void setOriginalSignatureActionPosition(int originalSignatureActionPosition) {
this.originalSignatureActionPosition = originalSignatureActionPosition;
}
}