com.ibm.wsspi.wssecurity.keyinfo
Interface KeyLocator
All Superinterfaces:
Initializable, com.ibm.ws.webservices.wssecurity.WSSComponent
- public interface KeyLocator
- extends com.ibm.ws.webservices.wssecurity.WSSComponent
KeyLocator
interface for retrieving keys.
See Also:
KeyStoreKeyLocator
,
SignerCertKeyLocator
,
X509TokenKeyLocator
Method Summary
Modifier and Type | Method and Description |
---|---|
|
getKey(java.util.Map type,java.util.Map context)
Gets the
Key object.
|
Methods inherited from interface com.ibm.ws.webservices.wssecurity.WSSComponent |
---|
init |
Method Detail
getKey
- java.security.Key getKey(java.util.Map type,
- java.util.Map context)
- throws SoapSecurityException
Parameters:
type
- The Map object which specifies the type of key to get context
- A Map
object which contains
name-value pairs. The following list shows the only supported names (keys)
and their meaning. The keys shown are fields from the com.ibm.wsspi.wssecurity.Constants
,
com.ibm.wsspi.wssecurity.config.TokenConsumerConfig
and com.ibm.wsspi.wssecurity.config.TokenGeneratorConfig
classes.
-
com.ibm.wsspi.wssecurity.Constants.WSSECURITY_MESSAGE_CONTEXT
- This is used to get the message context from the context in the WS-Security handler. -
com.ibm.wsspi.wssecurity.Constants.WSSECURITY_SUBJECT
- This is used to get the Subject from the context in the WS-Security handler. -
com.ibm.wsspi.wssecurity.Constants.WSSECURITY_KEY_ENCODING
- This is used to get a key identifier encoding type. Supported values are:"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#HexBinary"
-
com.ibm.wsspi.wssecurity.Constants.WSSECURITY_KEY_VALUETYPE
- This is used to get the value type of the referenced token. The value types are specified in the OASIS token profile standards. -
com.ibm.wsspi.wssecurity.Constants.WSSECURITY_KEY_IDTYPE
- This is used to get the key identitier type. supported values are:"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#ITSHA1"
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#IT60SHA1"
-
com.ibm.wsspi.wssecurity.Constants.WSSECURITY_KEY_ID
- This is used to get the key corresponding to the specified key identifier. The format of the key identifier value is specified in the OASIS token profile standards. -
com.ibm.wsspi.wssecurity.Constants.WSSECURITY_KEY_ISSUERNAME
- This is used to get the key corresponding to the specified issuer name and serial number. It must be used together withWSSECURITY_KEY_ISSUERSERIAL
. -
com.ibm.wsspi.wssecurity.Constants.WSSECURITY_KEY_ISSUERSERIAL
- This is used to get the key corresponding to the specified issuer name and serial number. It must be used together withWSSECURITY_KEY_ISSUERNAME
. -
com.ibm.wsspi.wssecurity.Constants.WSSECURITY_KEY_TYPE
- This is used to indicate the type of operation. The value must be one of the following:"DecryptingKey"
- when getting a key for decryption"EncryptingKey"
- when getting a key for encryption"SigningKey"
- when getting a key for signing"VerifyingKey"
- when getting a key for signature verification
-
com.ibm.wsspi.wssecurity.Constants.WSSECURITY_KEY_NAME
- This is used to get the key corresponding to the specified name. It is used when the key name or the subject name of an X509 certificate is passed from aTokenGenerator
object to aKeyInfoContentGenerator
object or from aKeyInfoContentConsumer
orKeyInfoContentGenerator
object to aKeyLocator
object. -
com.ibm.wsspi.wssecurity.Constants.WSSECURITY_KEY_NAMEREF
- This is used to get a key name reference which is specified in the WS-Security binding configuration. It is used when key name is passed to aKeyLocator
object. The value of this key must be specified as the name attribute of<Key>
in the WS-Security configuration. -
com.ibm.wsspi.wssecurity.Constants.WSSECURITY_KEY_REFERENCE
- This is used to get the key referenced by a URI in the SOAP message. It is used when a reference URI is passed from aTokenGenerator
object to aKeyInfoContentGenerator
object or from aKeyInfoContentConsumer
orKeyInfoContentGenerator
object to aKeyLocator
object. The value of this key must be a reference URI included in the secure SOAP message. -
com.ibm.wsspi.wssecurity.Constants.WSSECURITY_KEYINFO_TYPE
- This is used to specify the type of key information. It is used when the type of key information is passed from aTokenGenerator
object to aKeyInfoContentGenerator
object or from aKeyInfoContentConsumer
orKeyInfoContentGenerator
object to aKeyLocator
object. The value of this key must be one of the following:"STRREF"
- whends:KeyInfo/wsse:STRReference/wsse:Reference
is used"KEYID"
- whends:KeyInfo/wsse:STRReference/wsse:KeyIdentifier
is used"EMB"
- whends:KeyInfo/wsse:STRReference/wsse:Embedded
is used"KEYNAME"
- whends:KeyInfo/ds:KeyName
is used"X509ISSUER"
- whends:KeyInfo/wsse:STRReference/ds:X509Data
is used
-
com.ibm.wsspi.wssecurity.config.TokenConsumerConfig.CONFIG_KEY
- This is used to store theTokenConsumerConfig
object. -
com.ibm.wsspi.wssecurity.config.TokenGeneratorConfig.CONFIG_KEY
- This is used to store theTokenGeneratorConfig
object. -
com.ibm.wsspi.wssecurity.Constants.WSSECURITY_WSSCONSUMER_CONFIG_KEY
- This is used to store theWSSConsumerConfig
object. -
com.ibm.wsspi.wssecurity.Constants.WSSECURITY_WSSGENERATOR_CONFIG_KEY
- This is used to store theWSSGeneratorConfig
object.
Returns:
The
Key
object Throws:
SoapSecurityException
- When there is a problem during getting the
Key
object See Also:
Key
object.