com.ibm.wsspi.wssecurity.keyinfo

Interface KeyLocator

  • All Superinterfaces:
    Initializable, com.ibm.ws.webservices.wssecurity.WSSComponent


    public interface KeyLocator
    extends com.ibm.ws.webservices.wssecurity.WSSComponent
    A KeyLocator interface for retrieving keys.
    See Also:
    KeyStoreKeyLocator, SignerCertKeyLocator, X509TokenKeyLocator
    • Method Summary

      Methods 
      Modifier and Type Method and Description
      java.security.Key getKey(java.util.Map type, java.util.Map context)
      Gets the Key object.
      • Methods inherited from interface com.ibm.ws.webservices.wssecurity.WSSComponent

        init
    • Method Detail

      • getKey

        java.security.Key getKey(java.util.Map type,
                               java.util.Map context)
                                 throws SoapSecurityException
        Gets the Key object.
        Parameters:
        type - The Map object which specifies the type of key to get
        context - A Map object which contains name-value pairs. The following list shows the only supported names (keys) and their meaning. The keys shown are fields from the com.ibm.wsspi.wssecurity.Constants, com.ibm.wsspi.wssecurity.config.TokenConsumerConfig and com.ibm.wsspi.wssecurity.config.TokenGeneratorConfig classes.
        • com.ibm.wsspi.wssecurity.Constants.WSSECURITY_MESSAGE_CONTEXT - This is used to get the message context from the context in the WS-Security handler.
        • com.ibm.wsspi.wssecurity.Constants.WSSECURITY_SUBJECT - This is used to get the Subject from the context in the WS-Security handler.
        • com.ibm.wsspi.wssecurity.Constants.WSSECURITY_KEY_ENCODING - This is used to get a key identifier encoding type. Supported values are:
          • "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
          • "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#HexBinary"
        • com.ibm.wsspi.wssecurity.Constants.WSSECURITY_KEY_VALUETYPE - This is used to get the value type of the referenced token. The value types are specified in the OASIS token profile standards.
        • com.ibm.wsspi.wssecurity.Constants.WSSECURITY_KEY_IDTYPE - This is used to get the key identitier type. supported values are:
          • "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#ITSHA1"
          • "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#IT60SHA1"
        • com.ibm.wsspi.wssecurity.Constants.WSSECURITY_KEY_ID - This is used to get the key corresponding to the specified key identifier. The format of the key identifier value is specified in the OASIS token profile standards.
        • com.ibm.wsspi.wssecurity.Constants.WSSECURITY_KEY_ISSUERNAME - This is used to get the key corresponding to the specified issuer name and serial number. It must be used together with WSSECURITY_KEY_ISSUERSERIAL.
        • com.ibm.wsspi.wssecurity.Constants.WSSECURITY_KEY_ISSUERSERIAL - This is used to get the key corresponding to the specified issuer name and serial number. It must be used together with WSSECURITY_KEY_ISSUERNAME.
        • com.ibm.wsspi.wssecurity.Constants.WSSECURITY_KEY_TYPE - This is used to indicate the type of operation. The value must be one of the following:
          • "DecryptingKey" - when getting a key for decryption
          • "EncryptingKey" - when getting a key for encryption
          • "SigningKey" - when getting a key for signing
          • "VerifyingKey" - when getting a key for signature verification
        • com.ibm.wsspi.wssecurity.Constants.WSSECURITY_KEY_NAME - This is used to get the key corresponding to the specified name. It is used when the key name or the subject name of an X509 certificate is passed from a TokenGenerator object to a KeyInfoContentGenerator object or from a KeyInfoContentConsumer or KeyInfoContentGenerator object to a KeyLocator object.
        • com.ibm.wsspi.wssecurity.Constants.WSSECURITY_KEY_NAMEREF - This is used to get a key name reference which is specified in the WS-Security binding configuration. It is used when key name is passed to a KeyLocator object. The value of this key must be specified as the name attribute of <Key> in the WS-Security configuration.
        • com.ibm.wsspi.wssecurity.Constants.WSSECURITY_KEY_REFERENCE - This is used to get the key referenced by a URI in the SOAP message. It is used when a reference URI is passed from a TokenGenerator object to a KeyInfoContentGenerator object or from a KeyInfoContentConsumer or KeyInfoContentGenerator object to a KeyLocator object. The value of this key must be a reference URI included in the secure SOAP message.
        • com.ibm.wsspi.wssecurity.Constants.WSSECURITY_KEYINFO_TYPE - This is used to specify the type of key information. It is used when the type of key information is passed from a TokenGenerator object to a KeyInfoContentGenerator object or from a KeyInfoContentConsumer or KeyInfoContentGenerator object to a KeyLocator object. The value of this key must be one of the following:
          • "STRREF" - when ds:KeyInfo/wsse:STRReference/wsse:Reference is used
          • "KEYID" - when ds:KeyInfo/wsse:STRReference/wsse:KeyIdentifier is used
          • "EMB" - when ds:KeyInfo/wsse:STRReference/wsse:Embedded is used
          • "KEYNAME" - when ds:KeyInfo/ds:KeyName is used
          • "X509ISSUER" - when ds:KeyInfo/wsse:STRReference/ds:X509Data is used
        • com.ibm.wsspi.wssecurity.config.TokenConsumerConfig.CONFIG_KEY - This is used to store the TokenConsumerConfig object.
        • com.ibm.wsspi.wssecurity.config.TokenGeneratorConfig.CONFIG_KEY - This is used to store the TokenGeneratorConfig object.
        • com.ibm.wsspi.wssecurity.Constants.WSSECURITY_WSSCONSUMER_CONFIG_KEY - This is used to store the WSSConsumerConfig object.
        • com.ibm.wsspi.wssecurity.Constants.WSSECURITY_WSSGENERATOR_CONFIG_KEY - This is used to store the WSSGeneratorConfig object.
        Returns:
        The Key object
        Throws:
        SoapSecurityException - When there is a problem during getting the Key object
        See Also:
        Constants, TokenConsumerConfig, TokenGeneratorConfig
IBM WebSphere Application ServerTM
Release 9.0