com.ibm.wsspi.wssecurity.token

Interface TokenGeneratorComponent

  • All Superinterfaces:
    Initializable, com.ibm.ws.webservices.wssecurity.WSSComponent, com.ibm.ws.webservices.wssecurity.WSSGeneratorComponent
    All Known Implementing Classes:
    LTPATokenGenerator, UsernameTokenGenerator, X509TokenGenerator


    public interface TokenGeneratorComponent
    extends com.ibm.ws.webservices.wssecurity.WSSGeneratorComponent
    This is the interface for generating a security token element into SOAP messages. Implementors must provide the init() and invoke() methods.

    The signature of the init() method is:

    public void init(java.util.Map map) throws SoapSecurityException

    This method initializes the generator with a TokenGeneratorConfig object which is passed in by the map parameter.

    The map parameter is a Map object which contains name-value pairs. These pairs include <Property> elements in the configuration XMI files and a TokenGeneratorConfig object. The TokenGeneratorConfig is stored with a key of TokenGeneratorConfig.CONFIG_KEY.

    The signature of the invoke() method is:

    public void invoke(org.w3c.dom.Document doc, org.w3c.dom.Element parent, java.util.Map context) throws SoapSecurityException

    The doc parameter is a Document object that contains the SOAP envelope.

    The parent parameter is an Element object that is the parent of the element to be generated.

    The context parameter is a Map object which contains name-value pairs. The following list shows the only supported names (keys) and their meaning. The keys shown are fields from the com.ibm.wsspi.wssecurity.Constants and com.ibm.wsspi.wssecurity.config.TokenGeneratorConfig classes.

    • com.ibm.wsspi.wssecurity.Constants.WSSECURITY_MESSAGE_CONTEXT - This is used to get the message context from the context in the WS-Security handler.
    • com.ibm.wsspi.wssecurity.Constants.WSSECURITY_SUBJECT - This is used to get the Subject from the context in the WS-Security handler.
    • com.ibm.wsspi.wssecurity.Constants.WSSECURITY_KEY_ENCODING - This is used to get a key identifier encoding type. Supported values are:
      • "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
      • "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#HexBinary"
    • com.ibm.wsspi.wssecurity.Constants.WSSECURITY_KEY_VALUETYPE - This is used to get the value type of the referenced token. The value types are specified in the OASIS token profile standards.
    • com.ibm.wsspi.wssecurity.Constants.WSSECURITY_KEY_IDTYPE - This is used to get the key identitier type. supported values are:
      • "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#ITSHA1"
      • "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#IT60SHA1"
    • com.ibm.wsspi.wssecurity.Constants.WSSECURITY_KEY_ID - This is used to get the key corresponding to the specified key identifier. The format of the key identifier value is specified in the OASIS token profile standards.
    • com.ibm.wsspi.wssecurity.Constants.WSSECURITY_KEY_ISSUERNAME - This is used to get the key corresponding to the specified issuer name and serial number. It must be used together with WSSECURITY_KEY_ISSUERSERIAL.
    • com.ibm.wsspi.wssecurity.Constants.WSSECURITY_KEY_ISSUERSERIAL - This is used to get the key corresponding to the specified issuer name and serial number. It must be used together with WSSECURITY_KEY_ISSUERNAME.
    • com.ibm.wsspi.wssecurity.Constants.WSSECURITY_KEY_TYPE - This is used to indicate the type of operation. The value must be one of the following:
      • "DecryptingKey" - when getting a key for decryption
      • "EncryptingKey" - when getting a key for encryption
      • "SigningKey" - when getting a key for signing
      • "VerifyingKey" - when getting a key for signature verification
    • com.ibm.wsspi.wssecurity.Constants.WSSECURITY_KEY_NAME - This is used to get the key corresponding to the specified name. It is used when the key name or the subject name of an X509 certificate is passed from a TokenGenerator object to a KeyInfoContentGenerator object or from a KeyInfoContentConsumer or KeyInfoContentGenerator object to a KeyLocator object.
    • com.ibm.wsspi.wssecurity.Constants.WSSECURITY_KEY_NAMEREF - This is used to get a key name reference which is specified in the WS-Security binding configuration. It is used when key name is passed to a KeyLocator object. The value of this key must be specified as the name attribute of <Key> in the WS-Security configuration.
    • com.ibm.wsspi.wssecurity.Constants.WSSECURITY_KEY_REFERENCE - This is used to get the key referenced by a URI in the SOAP message. It is used when a reference URI is passed from a TokenGenerator object to a KeyInfoContentGenerator object or from a KeyInfoContentConsumer or KeyInfoContentGenerator object to a KeyLocator object. The value of this key must be a reference URI included in the secure SOAP message.
    • com.ibm.wsspi.wssecurity.Constants.WSSECURITY_KEYINFO_TYPE - This is used to specify the type of key information. It is used when the type of key information is passed from a TokenGenerator object to a KeyInfoContentGenerator object or from a KeyInfoContentConsumer or KeyInfoContentGenerator object to a KeyLocator object. The value of this key must be one of the following:
      • "STRREF" - when ds:KeyInfo/wsse:STRReference/wsse:Reference is used
      • "KEYID" - when ds:KeyInfo/wsse:STRReference/wsse:KeyIdentifier is used
      • "EMB" - when ds:KeyInfo/wsse:STRReference/wsse:Embedded is used
      • "KEYNAME" - when ds:KeyInfo/ds:KeyName is used
      • "X509ISSUER" - when ds:KeyInfo/wsse:STRReference/ds:X509Data is used
    • com.ibm.wsspi.wssecurity.config.TokenGeneratorConfig.CONFIG_KEY - This is used to store the TokenGeneratorConfig object.
    • com.ibm.wsspi.wssecurity.Constants.WSSECURITY_WSSGENERATOR_CONFIG_KEY - This is used to store the WSSGeneratorConfig object.
    See Also:
    LTPATokenGenerator, UsernameTokenGenerator, X509TokenGenerator, Constants, TokenGeneratorConfig
    • Field Summary

      Fields 
      Modifier and Type Field and Description
      static java.lang.String STANDALONE 
    • Method Summary

      • Methods inherited from interface com.ibm.ws.webservices.wssecurity.WSSGeneratorComponent

        invoke
      • Methods inherited from interface com.ibm.ws.webservices.wssecurity.WSSComponent

        init
IBM WebSphere Application ServerTM
Release 8.5