public interface X509Token extends BinarySecurityToken
X509GenerateCallbackHandler callbackhandler = new X509GenerateCallbackHandler(
"", // reference of key store
"dsig-sender.ks", // keystore
"jks", // keystore type
"client".toCharArray(), // store password
"soaprequester", // alias
"client".toCharArray(), // key password
"CN=soapRequester, O=IBM, C=US",// subject name
null // cert list
);
SecurityToken st = factory.newSecurityToken(callbackhandler,X509Token.class);
X509GenerateCallbackHandler callbackhandler = new X509GenerateCallbackHandler(
"", // reference of key store
"enc-sender.jceks", // keystore name
"jceks", // store type
"storepass".toCharArray(), // store password
"bob", // alias
null, // key password
"CN=Bob, O=IBM, C=US", // subject name
null // cert list
);
SecurityToken st = factory.newSecurityToken(callbackhandler, X509Token.class);
// generate certStore
String certpath = "intca2.cer";// The location of the X509 certificate file
X509Certificate x509cert = null;
try {
InputStream is = new FileInputStream(certpath);
CertificateFactory cf = CertificateFactory.getInstance("X.509");
x509cert = (X509Certificate)cf.generateCertificate(is);
} catch(FileNotFoundException e1){
e1.printStackTrace();
} catch (CertificateException e2) {
e2.printStackTrace();
}
Set<Object> eeCerts = new HashSet<Object>();
eeCerts.add(x509cert);
// generate certStore
java.util.List<CertStore> certList = new java.util.ArrayList<CertStore>();
CollectionCertStoreParameters certparam = new CollectionCertStoreParameters(eeCerts);
CertStore cert = null;
try {
cert = CertStore.getInstance("Collection", certparam, "IBMCertPath");
} catch (NoSuchProviderException e1) {
e1.printStackTrace();
} catch (InvalidAlgorithmParameterException e2) {
e2.printStackTrace();
} catch (NoSuchAlgorithmException e3) {
e3.printStackTrace();
}
if(certList != null ){
certList.add(cert);
}
// generate the callback handler object
X509ConsumeCallbackHandler callbackhandler = new X509ConsumeCallbackHandler(
"dsig-receiver.ks", // keystore
"jks", // keystore type
"server".toCharArray(), // keystore password
certList, // certificate list
java.security.Security.getProvider("IBMCertPath") //provider
);
X509ConsumeCallbackHandler callbackhandler = new X509ConsumeCallbackHandler(
"", // cert list
"enc-sender.jceks", // keystore
"jceks", // keystore type
"storepass".toCharArray(), // store password
"alice", // alias
"keypass".toCharArray(), // key password
"CN=Alice, O=IBM, C=US" // subject name
);
See Also:
X509GenerateCallbackHandler
,
X509ConsumeCallbackHandler
Modifier and Type | Field and Description |
---|---|
static int |
REF_ISSUERSERIAL
Represents the issuer serial reference as a reference type of the security token.
|
static javax.xml.namespace.QName |
ValueType
Represents the value type.
|
TokenQname
DECRYPTING_KEY, ENCRYPTING_KEY, REF_EMBEDDED, REF_KEYID, REF_STR, REF_THUMBPRINT, SIGNING_KEY, VERIFING_KEY
Modifier and Type | Method and Description |
---|---|
java.security.cert.X509Certificate |
getCertificate()
Returns the X.509 certificate.
|
java.lang.String |
getIssuerName()
Returns the distinguished name of issuer.
|
java.lang.String |
getIssuerSerial()
Returns the serial of issuer.
|
getBinary
getId, getKey, getKeyIdentifier, getKeyIdentifierEncodingType, getKeyIdentifierValueType, getKeyName, getPrincipal, getReferenceURI, getThumbprint, getThumbprintEncodingType, getThumbprintValueType, getTokenQname, getValueType, getXML
static final int REF_ISSUERSERIAL
static final javax.xml.namespace.QName ValueType
ValueType:
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
java.security.cert.X509Certificate getCertificate()
java.lang.String getIssuerName()
java.lang.String getIssuerSerial()