public final class WSConstants extends Object
public static final String WSSE_NS
public static final String WSSE11_NS
public static final String WSU_NS
public static final String SOAPMESSAGE_NS
public static final String SOAPMESSAGE_NS11
public static final String USERNAMETOKEN_NS
public static final String X509TOKEN_NS
public static final String SAMLTOKEN_NS
public static final String SAMLTOKEN_NS11
public static final String KERBEROS_NS11
public static final String SIG_NS
public static final String ENC_NS
public static final String XMLNS_NS
public static final String XML_NS
public static final String SAML_NS
public static final String SAMLP_NS
public static final String SAML2_NS
public static final String SAMLP2_NS
public static final String URI_SOAP11_ENV
public static final String URI_SOAP12_ENV
public static final String URI_SOAP11_NEXT_ACTOR
public static final String URI_SOAP12_NEXT_ROLE
public static final String URI_SOAP12_NONE_ROLE
public static final String URI_SOAP12_ULTIMATE_ROLE
public static final String C14N_OMIT_COMMENTS
public static final String C14N_WITH_COMMENTS
public static final String C14N_EXCL_OMIT_COMMENTS
public static final String C14N_EXCL_WITH_COMMENTS
public static final String NS_XMLDSIG_FILTER2
public static final String NS_XMLDSIG_ENVELOPED_SIGNATURE
public static final String SWA_ATTACHMENT_CONTENT_SIG_TRANS
public static final String SWA_ATTACHMENT_COMPLETE_SIG_TRANS
public static final String KEYTRANSPORT_RSA15
public static final String KEYTRANSPORT_RSAOEP
public static final String TRIPLE_DES
public static final String AES_128
public static final String AES_256
public static final String AES_192
public static final String AES_128_GCM
public static final String AES_192_GCM
public static final String AES_256_GCM
public static final String DSA
public static final String RSA
public static final String RSA_SHA1
public static final String SHA1
public static final String SHA256
public static final String HMAC_SHA1
public static final String HMAC_SHA256
public static final String HMAC_SHA384
public static final String HMAC_SHA512
public static final String HMAC_MD5
public static final String WST_NS
public static final String WST_NS_05_12
public static final String WST_NS_08_02
public static final String WSC_SCT
public static final String WSC_SCT_05_12
public static final String WSSE_LN
public static final String THUMBPRINT
public static final String SAML_ASSERTION_ID
public static final String SAML2_ASSERTION_ID
public static final String ENC_KEY_VALUE_TYPE
public static final String ENC_KEY_SHA1_URI
public static final String SIG_LN
public static final String SIG_INFO_LN
public static final String ENC_KEY_LN
public static final String ENC_DATA_LN
public static final String REF_LIST_LN
public static final String REF_LN
public static final String USERNAME_TOKEN_LN
public static final String BINARY_TOKEN_LN
public static final String TIMESTAMP_TOKEN_LN
public static final String USERNAME_LN
public static final String PASSWORD_LN
public static final String PASSWORD_TYPE_ATTR
public static final String NONCE_LN
public static final String CREATED_LN
public static final String EXPIRES_LN
public static final String SIGNATURE_CONFIRMATION_LN
public static final String SALT_LN
public static final String ITERATION_LN
public static final String ASSERTION_LN
public static final String ENCRYPED_ASSERTION_LN
public static final String PW_DIGEST
public static final String PW_TEXT
public static final String PW_NONE
public static final String ENCRYPTED_HEADER
public static final String X509_ISSUER_SERIAL_LN
public static final String X509_ISSUER_NAME_LN
public static final String X509_SERIAL_NUMBER_LN
public static final String X509_DATA_LN
public static final String X509_CERT_LN
public static final String KEYINFO_LN
public static final String KEYVALUE_LN
public static final String TOKEN_TYPE
public static final String ELEM_ENVELOPE
public static final String ELEM_HEADER
public static final String ELEM_BODY
public static final String ATTR_MUST_UNDERSTAND
public static final String ATTR_ACTOR
public static final String ATTR_ROLE
public static final String NULL_NS
public static final String WSSE_PREFIX
public static final String WSSE11_PREFIX
public static final String WSU_PREFIX
public static final String DEFAULT_SOAP_PREFIX
public static final String SIG_PREFIX
public static final String ENC_PREFIX
public static final String C14N_EXCL_OMIT_COMMENTS_PREFIX
public static final QName UNSUPPORTED_SECURITY_TOKEN
public static final QName UNSUPPORTED_ALGORITHM
public static final QName INVALID_SECURITY
public static final QName INVALID_SECURITY_TOKEN
public static final QName FAILED_AUTHENTICATION
public static final QName FAILED_CHECK
public static final QName SECURITY_TOKEN_UNAVAILABLE
public static final QName MESSAGE_EXPIRED
public static final String WSS_KRB_V5_AP_REQ
public static final String WSS_GSS_KRB_V5_AP_REQ
public static final String WSS_KRB_V5_AP_REQ1510
public static final String WSS_GSS_KRB_V5_AP_REQ1510
public static final String WSS_KRB_V5_AP_REQ4120
public static final String WSS_GSS_KRB_V5_AP_REQ4120
public static final String WSS_KRB_KI_VALUE_TYPE
public static final String WSS_SAML_KI_VALUE_TYPE
public static final String WSS_SAML2_KI_VALUE_TYPE
public static final String WSS_SAML_TOKEN_TYPE
public static final String WSS_SAML2_TOKEN_TYPE
public static final String WSS_ENC_KEY_VALUE_TYPE
public static final String PASSWORD_DIGEST
public static final String PASSWORD_TEXT
public static final String WSS_USERNAME_TOKEN_VALUE_TYPE
public static final String[] URIS_SOAP_ENV
public static final int BST_DIRECT_REFERENCE
WSSecSignature.build(Document, Crypto, WSSecHeader)
method to send the signing certificate as a BinarySecurityToken
.
The signing method takes the signing certificate, converts it to a
BinarySecurityToken
, puts it in the security header,
and inserts a Reference
to the binary security token
into the wsse:SecurityReferenceToken
. Thus the whole
signing certificate is transfered to the receiver.
The X509 profile recommends to use ISSUER_SERIAL
instead
of sending the whole certificate.
Please refer to WS Security specification X509 1.1 profile, chapter 3.3.2
and to WS Security SOAP Message security 1.1 specification, chapter 7.2
Note: only local references to BinarySecurityToken are supportedpublic static final int ISSUER_SERIAL
WSSecSignature.build(Document, Crypto, WSSecHeader)
or the WSSecEncrypt.build(Document, Crypto, WSSecHeader)
method to send the issuer name and the serial number of a certificate to
the receiver.
In contrast to BST_DIRECT_REFERENCE
only the issuer name
and the serial number of the signing certificate are sent to the
receiver. This reduces the amount of data being sent. The encryption
method uses the public key associated with this certificate to encrypt
the symmetric key used to encrypt data.
Please refer to WS Security specification X509 1.1 profile, chapter 3.3.3public static final int X509_KEY_IDENTIFIER
WSSecSignature.build(Document, Crypto, WSSecHeader)
or the WSSecEncrypt.build(Document, Crypto, WSSecHeader)
method to send the certificate used to encrypt the symmetric key.
The encryption method uses the public key associated with this certificate
to encrypt the symmetric key used to encrypt data. The certificate is
converted into a KeyIdentifier
token and sent to the receiver.
Thus the complete certificate data is transfered to receiver.
The X509 profile recommends to use ISSUER_SERIAL
instead
of sending the whole certificate.
Please refer to WS Security SOAP Message security 1.1 specification,
chapter 7.3. Note that this is a NON-STANDARD method. The standard way to refer to
an X.509 Certificate via a KeyIdentifier is to use SKI_KEY_IDENTIFIER
public static final int SKI_KEY_IDENTIFIER
WSSecSignature.build(Document, Crypto, WSSecHeader)
method to send a SubjectKeyIdentifier
to identify
the signing certificate.
Refer to WS Security specification X509 1.1 profile, chapter 3.3.1public static final int EMBEDDED_KEYNAME
public static final int EMBED_SECURITY_TOKEN_REF
public static final int UT_SIGNING
UT_SIGNING
is used internally only to set a specific Signature
behavior.
The signing token is constructed from values in the UsernameToken according
to WS-Trust specification.public static final int THUMBPRINT_IDENTIFIER
THUMPRINT_IDENTIFIER
is used to set the specific key identifier
ThumbprintSHA1.
This identifier uses the SHA-1 digest of a security token to
identify the security token. Please refer to chapter 7.2 of the OASIS WSS 1.1
specification.public static final int CUSTOM_SYMM_SIGNING
CUSTOM_SYMM_SIGNING
is used internally only to set a
specific Signature behavior.
The signing key, reference id and value type are set externally.public static final int ENCRYPTED_KEY_SHA1_IDENTIFIER
ENCRYPTED_KEY_SHA1_IDENTIFIER
is used to set the specific key identifier
EncryptedKeySHA1.
This identifier uses the SHA-1 digest of a security token to
identify the security token. Please refer to chapter 7.3 of the OASIS WSS 1.1
specification.public static final int CUSTOM_SYMM_SIGNING_DIRECT
CUSTOM_SYMM_SIGNING_DIRECT
is used internally only to set a
specific Signature behavior.
The signing key, reference id and value type are set externally.public static final int CUSTOM_KEY_IDENTIFIER
CUSTOM_KEY_IDENTIFIER
is used to set a KeyIdentifier to
a particular ID
The reference id and value type are set externally.public static final int KEY_VALUE
KEY_VALUE
is used to set a ds:KeyInfo/ds:KeyValue element to refer to
either an RSA or DSA public key.public static final int NO_SECURITY
public static final int UT
public static final int SIGN
public static final int ENCR
public static final int ST_UNSIGNED
public static final int ST_SIGNED
public static final int TS
public static final int UT_SIGN
public static final int SC
public static final int NO_SERIALIZE
public static final int SERIALIZE
public static final int SCT
public static final int DKT
public static final int BST
public static final int UT_NOPASSWORD
public static final int WSE_DERIVED_KEY_LEN
public static final String LABEL_FOR_DERIVED_KEY
Copyright © 2004–2016 The Apache Software Foundation. All rights reserved.