org.apache.ws.security.message
Class WSSignEnvelope

java.lang.Object
  org.apache.ws.security.message.WSBaseMessage
      org.apache.ws.security.message.WSSignEnvelope

Direct Known Subclasses:

WSSignSAMLEnvelope

public class WSSignEnvelope

extends WSBaseMessage

Signs a SOAP envelope according to WS Specification, X509 profile, and adds the signature data.

Author:

Davanum Srinivas (dims@yahoo.com), Werner Dittmann (Werner.Dittman@siemens.com)

Field Summary

protected java.lang.String	canonAlgo
protected java.lang.String	sigAlgo
protected byte[]	signatureValue
protected WSSAddUsernameToken	usernameToken
protected boolean	useSingleCert

Fields inherited from class org.apache.ws.security.message.WSBaseMessage

actor, doDebug, keyIdentifierType, mustunderstand, parts, password, timeToLive, user, wssConfig

Constructor Summary

WSSignEnvelope()
Constructor.

WSSignEnvelope(java.lang.String actor)
Constructor.

WSSignEnvelope(java.lang.String actor, boolean mu)
Constructor.

Method Summary

org.w3c.dom.Document	build(org.w3c.dom.Document doc, Crypto crypto) Builds a signed soap envelope.
protected org.w3c.dom.Element	createSTRParameter(org.w3c.dom.Document doc)
protected java.util.Set	getInclusivePrefixes(org.w3c.dom.Element target)
protected java.util.Set	getInclusivePrefixes(org.w3c.dom.Element target, boolean excludeVisible)
java.lang.String	getSigCanonicalization() Get the canonicalization method.
java.lang.String	getSignatureAlgorithm() Get the name of the signature algorithm that is being used.
byte[]	getSignatureValue()
boolean	isUseSingleCertificate() Get the single cert flag.
void	setSigCanonicalization(java.lang.String algo) Set the canonicalization method to use.
void	setSignatureAlgorithm(java.lang.String algo) Set the name of the signature encryption algorithm to use.
void	setUsernameToken(WSSAddUsernameToken usernameToken)
void	setUseSingleCertificate(boolean useSingleCert) set the single cert flag.

Methods inherited from class org.apache.ws.security.message.WSBaseMessage

getKeyIdentifierType, insertSecurityHeader, setActor, setBodyID, setKeyIdentifierType, setMustUnderstand, setParts, setTimeToLive, setUserInfo, setWsConfig, setWsuId

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

useSingleCert

protected boolean useSingleCert

sigAlgo

protected java.lang.String sigAlgo

canonAlgo

protected java.lang.String canonAlgo

usernameToken

protected WSSAddUsernameToken usernameToken

signatureValue

protected byte[] signatureValue

Constructor Detail

WSSignEnvelope

public WSSignEnvelope()

Constructor.

WSSignEnvelope

public WSSignEnvelope(java.lang.String actor)

Constructor.

Parameters:

actor - The actor name of the wsse:Security header

WSSignEnvelope

public WSSignEnvelope(java.lang.String actor,
                      boolean mu)

Constructor.

Parameters:

actor - The actor name of the wsse:Security header

mu - Set mustUnderstand to true or false

Method Detail

setUseSingleCertificate

public void setUseSingleCertificate(boolean useSingleCert)

set the single cert flag.

Parameters:

useSingleCert -

isUseSingleCertificate

public boolean isUseSingleCertificate()

Get the single cert flag.

Returns:

TODO

setSignatureAlgorithm

public void setSignatureAlgorithm(java.lang.String algo)

Set the name of the signature encryption algorithm to use. If the algorithm is not set then Triple RSA is used. Refer to WSConstants which algorithms are supported.

Parameters:

algo - Is the name of the signature algorithm

See Also:

WSConstants.RSA, WSConstants.DSA

getSignatureAlgorithm

public java.lang.String getSignatureAlgorithm()

Get the name of the signature algorithm that is being used. If the algorithm is not set then RSA is default.

Returns:

the identifier URI of the signature algorithm

setSigCanonicalization

public void setSigCanonicalization(java.lang.String algo)

Set the canonicalization method to use. If the canonicalization method is not set then the recommended Exclusive XML Canonicalization is used by default Refer to WSConstants which algorithms are supported.

Parameters:

algo - Is the name of the signature algorithm

See Also:

WSConstants.C14N_OMIT_COMMENTS, WSConstants.C14N_WITH_COMMENTS, WSConstants.C14N_EXCL_OMIT_COMMENTS, WSConstants.C14N_EXCL_WITH_COMMENTS

getSigCanonicalization

public java.lang.String getSigCanonicalization()

Get the canonicalization method. If the canonicalization method was not set then Exclusive XML Canonicalization is used by default.

Returns:

TODO

setUsernameToken

public void setUsernameToken(WSSAddUsernameToken usernameToken)

Parameters:

usernameToken - The usernameToken to set.

getSignatureValue

public byte[] getSignatureValue()

Returns:

Returns the signatureValue.

build

public org.w3c.dom.Document build(org.w3c.dom.Document doc,
                                  Crypto crypto)
                           throws WSSecurityException

Builds a signed soap envelope. The method first gets an appropriate security header. According to the defined parameters for certificate handling the signature elements are constructed and inserted into the wsse:Signature

Parameters:

doc - The unsigned SOAP envelope as Document

crypto - An instance of the Crypto API to handle keystore and certificates

Returns:

A signed SOAP envelope as Document

Throws:

WSSecurityException

createSTRParameter

protected org.w3c.dom.Element createSTRParameter(org.w3c.dom.Document doc)

getInclusivePrefixes

protected java.util.Set getInclusivePrefixes(org.w3c.dom.Element target)

getInclusivePrefixes

protected java.util.Set getInclusivePrefixes(org.w3c.dom.Element target,
                                             boolean excludeVisible)