Uses of Class
org.apache.wss4j.common.ext.WSSecurityException
Packages that use WSSecurityException
Package
Description
-
Uses of WSSecurityException in org.apache.cxf.sts.operation
Methods in org.apache.cxf.sts.operation that throw WSSecurityExceptionModifier and TypeMethodDescriptionprotected RequestSecurityTokenResponseTypeTokenCancelOperation.createResponse(TokenRequirements tokenRequirements) protected RequestSecurityTokenResponseTypeTokenIssueOperation.createResponse(EncryptionProperties encryptionProperties, TokenProviderResponse tokenResponse, TokenRequirements tokenRequirements, KeyRequirements keyRequirements) protected RequestSecurityTokenResponseTypeTokenRenewOperation.createResponse(EncryptionProperties encryptionProperties, TokenRenewerResponse tokenRenewerResponse, TokenRequirements tokenRequirements, KeyRequirements keyRequirements) protected RequestSecurityTokenResponseTypeTokenValidateOperation.createResponse(TokenValidatorResponse tokenResponse, TokenProviderResponse tokenProviderResponse, TokenRequirements tokenRequirements) protected ElementAbstractOperation.encryptSecret(byte[] secret, EncryptionProperties encryptionProperties, KeyRequirements keyRequirements) Encrypt a secret using the given arguments producing a DOM EncryptedKey element -
Uses of WSSecurityException in org.apache.cxf.sts.token.provider
Methods in org.apache.cxf.sts.token.provider that throw WSSecurityExceptionModifier and TypeMethodDescriptionprotected static KeyInfoBeanDefaultSubjectProvider.createEncryptedKeyKeyInfo(X509Certificate certificate, byte[] secret, Document doc, EncryptionProperties encryptionProperties, Crypto encryptionCrypto) Create an EncryptedKey KeyInfo.static ElementTokenProviderUtils.encryptToken(Element element, String id, STSPropertiesMBean stsProperties, EncryptionProperties encryptionProperties, KeyRequirements keyRequirements, Map<String, Object> messageContext) Encrypt a Token element using the given arguments. -
Uses of WSSecurityException in org.apache.cxf.sts.token.validator
Methods in org.apache.cxf.sts.token.validator that throw WSSecurityExceptionModifier and TypeMethodDescriptionprotected voidSAMLTokenValidator.validateAssertion(SamlAssertionWrapper assertion) Validate the assertion against schemas/profiles -
Uses of WSSecurityException in org.apache.cxf.ws.security.cache
Constructors in org.apache.cxf.ws.security.cache that throw WSSecurityException -
Uses of WSSecurityException in org.apache.cxf.ws.security.kerberos
Methods in org.apache.cxf.ws.security.kerberos that throw WSSecurityException -
Uses of WSSecurityException in org.apache.cxf.ws.security.trust
Methods in org.apache.cxf.ws.security.trust that throw WSSecurityExceptionModifier and TypeMethodDescriptionprotected CryptoAbstractSTSClient.createCrypto(boolean decrypt) protected SecurityTokenAbstractSTSClient.createSecurityToken(Element el, byte[] requestorEntropy) protected byte[]AbstractSTSClient.decryptKey(Element child) protected booleanSTSTokenValidator.isValidatedLocally(Credential credential, RequestData data) org.apache.xml.security.stax.securityToken.InboundSecurityTokenSTSStaxTokenValidator.validate(BinarySecurityTokenType binarySecurityTokenType, TokenContext tokenContext) <T extends UsernameSecurityToken & org.apache.xml.security.stax.securityToken.InboundSecurityToken>
TSTSStaxTokenValidator.validate(UsernameTokenType usernameTokenType, TokenContext tokenContext) <T extends SamlSecurityToken & org.apache.xml.security.stax.securityToken.InboundSecurityToken>
TSTSStaxTokenValidator.validate(SamlAssertionWrapper samlAssertionWrapper, org.apache.xml.security.stax.securityToken.InboundSecurityToken subjectSecurityToken, TokenContext tokenContext) STSTokenValidator.validate(Credential credential, RequestData data) STSTokenValidator.validateWithSTS(Credential credential, Message message) protected CredentialSTSSamlAssertionValidator.verifySignedAssertion(SamlAssertionWrapper assertion, RequestData data) Try to verify trust on the assertion. -
Uses of WSSecurityException in org.apache.cxf.ws.security.wss4j
Methods in org.apache.cxf.ws.security.wss4j with parameters of type WSSecurityExceptionModifier and TypeMethodDescriptionstatic org.apache.cxf.binding.soap.SoapFaultWSS4JUtils.createSoapFault(org.apache.cxf.binding.soap.SoapMessage message, org.apache.cxf.binding.soap.SoapVersion version, WSSecurityException e) Create a SoapFault from a WSSecurityException, following the SOAP Message Security 1.1 specification, chapter 12 "Error Handling".Methods in org.apache.cxf.ws.security.wss4j that throw WSSecurityExceptionModifier and TypeMethodDescriptionprotected voidWSS4JInInterceptor.advanceBody(org.apache.cxf.binding.soap.SoapMessage msg, Node body) protected voidWSS4JInInterceptor.checkActions(org.apache.cxf.binding.soap.SoapMessage msg, List<WSSecurityEngineResult> wsResult, List<Integer> actions) static voidCryptoCoverageUtil.checkAttachmentsCoverage(Collection<Attachment> attachments, Collection<WSDataRef> refs, CryptoCoverageUtil.CoverageType type, CryptoCoverageUtil.CoverageScope scope) static voidCryptoCoverageUtil.checkBodyCoverage(Element soapBody, Collection<WSDataRef> refs, CryptoCoverageUtil.CoverageType type, CryptoCoverageUtil.CoverageScope scope) Checks that the references provided refer to the signed/encrypted SOAP body element.static voidCryptoCoverageUtil.checkCoverage(Element soapEnvelope, Collection<WSDataRef> refs, Map<String, String> namespaces, String xPath, CryptoCoverageUtil.CoverageType type, CryptoCoverageUtil.CoverageScope scope) Checks that the references provided refer to the required signed/encrypted elements as defined by the XPath expression inxPath.static voidCryptoCoverageUtil.checkCoverage(Element soapEnvelope, Collection<WSDataRef> refs, Map<String, String> namespaces, Collection<String> xPaths, CryptoCoverageUtil.CoverageType type, CryptoCoverageUtil.CoverageScope scope) Checks that the references provided refer to the required signed/encrypted elements as defined by the XPath expressions inxPaths.static voidCryptoCoverageUtil.checkCoverage(Element soapEnvelope, Collection<WSDataRef> refs, XPath xpath, Collection<String> xPaths, CryptoCoverageUtil.CoverageType type, CryptoCoverageUtil.CoverageScope scope) Checks that the references provided refer to the required signed/encrypted elements as defined by the XPath expressions inxPaths.static voidCryptoCoverageUtil.checkHeaderCoverage(Element soapHeader, Collection<WSDataRef> refs, String namespace, String name, CryptoCoverageUtil.CoverageType type, CryptoCoverageUtil.CoverageScope scope) Checks that the references provided refer to the required signed/encrypted SOAP header element(s) matching the provided name and namespace.protected voidPolicyBasedWSS4JInInterceptor.computeAction(org.apache.cxf.binding.soap.SoapMessage message, RequestData data) protected voidWSS4JInInterceptor.computeAction(org.apache.cxf.binding.soap.SoapMessage msg, RequestData reqData) Do whatever is necessary to determine the action for the incoming message and do whatever other setup work is necessary.protected voidAbstractWSS4JStaxInterceptor.configureCallbackHandler(org.apache.cxf.binding.soap.SoapMessage soapMessage, WSSSecurityProperties securityProperties) protected voidPolicyBasedWSS4JStaxOutInterceptor.configureProperties(org.apache.cxf.binding.soap.SoapMessage msg, org.apache.xml.security.stax.ext.OutboundSecurityContext outboundSecurityContext, WSSSecurityProperties securityProperties) protected voidWSS4JStaxOutInterceptor.configureProperties(org.apache.cxf.binding.soap.SoapMessage msg, org.apache.xml.security.stax.ext.OutboundSecurityContext outboundSecurityContext, WSSSecurityProperties securityProperties) protected voidWSS4JInInterceptor.configureReplayCaches(RequestData reqData, List<Integer> actions, org.apache.cxf.binding.soap.SoapMessage msg) protected voidAbstractUsernameTokenAuthenticatingInterceptor.doResults(org.apache.cxf.binding.soap.SoapMessage msg, String actor, Element soapHeader, Element soapBody, WSHandlerResult wsResult, boolean utWithCallbacks) protected voidPolicyBasedWSS4JInInterceptor.doResults(org.apache.cxf.binding.soap.SoapMessage msg, String actor, Element soapHeader, Element soapBody, WSHandlerResult results, boolean utWithCallbacks) protected voidWSS4JInInterceptor.doResults(org.apache.cxf.binding.soap.SoapMessage msg, String actor, Element soapHeader, Element soapBody, WSHandlerResult wsResult, boolean utWithCallbacks) protected CallbackHandlerWSS4JInInterceptor.getCallback(RequestData reqData) protected CallbackHandlerWSS4JInInterceptor.getCallback(RequestData reqData, boolean utWithCallbacks) protected CryptoAbstractWSS4JStaxInterceptor.getEncryptionCrypto(Object e, org.apache.cxf.binding.soap.SoapMessage message, WSSSecurityProperties securityProperties) static CryptoWSS4JUtils.getEncryptionCrypto(Object e, org.apache.cxf.binding.soap.SoapMessage message, PasswordEncryptor passwordEncryptor) protected ReplayCacheWSS4JInInterceptor.getReplayCache(org.apache.cxf.binding.soap.SoapMessage message, String booleanKey, String instanceKey) Get a ReplayCache instance.static ReplayCacheWSS4JUtils.getReplayCache(org.apache.cxf.binding.soap.SoapMessage message, String booleanKey, String instanceKey) Get a ReplayCache instance.protected CryptoAbstractWSS4JStaxInterceptor.getSignatureCrypto(Object s, org.apache.cxf.binding.soap.SoapMessage message, WSSSecurityProperties securityProperties) static CryptoWSS4JUtils.getSignatureCrypto(Object s, org.apache.cxf.binding.soap.SoapMessage message, PasswordEncryptor passwordEncryptor) CXFRequestData.getValidator(QName qName) protected CryptoAbstractWSS4JStaxInterceptor.loadCrypto(org.apache.cxf.binding.soap.SoapMessage soapMessage, String cryptoPropertyFile, String cryptoPropertyRefId, WSSSecurityProperties securityProperties) Load a Crypto instance.protected CryptoAbstractWSS4JInterceptor.loadCryptoFromPropertiesFile(String propFilename, RequestData reqData) protected CryptoAbstractWSS4JStaxInterceptor.loadCryptoFromPropertiesFile(org.apache.cxf.binding.soap.SoapMessage soapMessage, String propFilename, WSSSecurityProperties securityProperties) static CryptoWSS4JUtils.loadCryptoFromPropertiesFile(Message message, String propFilename, ClassLoader classLoader, PasswordEncryptor passwordEncryptor) protected UsernameTokenPrincipalUsernameTokenInterceptor.parseTokenAndCreatePrincipal(Element tokenElement, boolean bspCompliant, boolean allowNamespaceQualifiedPWDTypes) protected voidPolicyBasedWSS4JInInterceptor.setAlgorithmSuites(org.apache.cxf.binding.soap.SoapMessage message, RequestData data) Set a WSS4J AlgorithmSuite object on the RequestData context, to restrict the algorithms that are allowed for encryption, signature, etc.protected voidWSS4JInInterceptor.setAlgorithmSuites(org.apache.cxf.binding.soap.SoapMessage message, RequestData data) Set a WSS4J AlgorithmSuite object on the RequestData context, to restrict the algorithms that are allowed for encryption, signature, etc.protected voidAbstractUsernameTokenAuthenticatingInterceptor.setSubject(String name, String password, boolean isDigest, String nonce, String created) voidAlgorithmSuiteTranslater.translateAlgorithmSuites(org.apache.cxf.ws.policy.AssertionInfoMap aim, RequestData data) protected WSSecurityEngineResultUsernameTokenInterceptor.validateToken(Element tokenElement, org.apache.cxf.binding.soap.SoapMessage message) protected voidAbstractUsernameTokenAuthenticatingInterceptor.CustomValidator.verifyCustomPassword(UsernameToken usernameToken, RequestData data) protected voidAbstractUsernameTokenAuthenticatingInterceptor.CustomValidator.verifyDigestPassword(UsernameToken usernameToken, RequestData data) protected voidAbstractUsernameTokenAuthenticatingInterceptor.CustomValidator.verifyPlaintextPassword(UsernameToken usernameToken, RequestData data) protected voidAbstractUsernameTokenAuthenticatingInterceptor.CustomValidator.verifyUnknownPassword(UsernameToken usernameToken, RequestData data) -
Uses of WSSecurityException in org.apache.cxf.ws.security.wss4j.policyhandlers
Methods in org.apache.cxf.ws.security.wss4j.policyhandlers that throw WSSecurityExceptionModifier and TypeMethodDescriptionprotected org.apache.xml.security.stax.ext.SecurePartAbstractStaxBindingHandler.addKerberosToken(KerberosToken token, boolean signed, boolean endorsing, boolean encrypting) protected SamlAssertionWrapperAbstractBindingBuilder.addSamlToken(SamlToken token) protected org.apache.xml.security.stax.ext.SecurePartAbstractStaxBindingHandler.addSamlToken(SamlToken token, boolean signed, boolean endorsing) protected voidAbstractBindingBuilder.addSupportingTokens(List<WSEncryptionPart> sigs) protected voidAbstractStaxBindingHandler.configureSignature(AbstractToken token, boolean attached) protected Cryptoprotected WSSecEncryptedKeyAbstractBindingBuilder.getEncryptedKeyBuilder(AbstractToken token, SecretKey symmetricKey) AbstractBindingBuilder.getEncryptionCrypto()protected WSSecSignatureAbstractBindingBuilder.getSignatureBuilder(AbstractToken token, boolean attached, boolean endorse) AbstractBindingBuilder.getSignatureCrypto()protected List<org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.SupportingToken>AbstractBindingBuilder.handleSupportingTokens(SupportingTokens suppTokens, boolean endorse, List<org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.SupportingToken> ret) protected voidAbstractBindingBuilder.handleUsernameTokenSupportingToken(UsernameToken token, boolean endorse, boolean encryptedToken, List<org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.SupportingToken> ret) -
Uses of WSSecurityException in org.apache.wss4j.common
Methods in org.apache.wss4j.common that throw WSSecurityException -
Uses of WSSecurityException in org.apache.wss4j.common.bsp
Methods in org.apache.wss4j.common.bsp that throw WSSecurityException -
Uses of WSSecurityException in org.apache.wss4j.common.cache
Constructors in org.apache.wss4j.common.cache that throw WSSecurityExceptionModifierConstructorDescriptionEHCacheReplayCache(String key) EHCacheReplayCache(String key, Path diskstorePath) EHCacheReplayCache(String key, Path diskstorePath, long diskSize, long heapEntries, boolean persistent) -
Uses of WSSecurityException in org.apache.wss4j.common.crypto
Methods in org.apache.wss4j.common.crypto that throw WSSecurityExceptionModifier and TypeMethodDescriptionprotected voidMerlin.addTrustAnchors(Set<TrustAnchor> set, KeyStore keyStore) AddsTrustAnchors found in the provided key store to the set.voidAlgorithmSuiteValidator.checkAsymmetricKeyLength(X509Certificate x509Certificate) Check the asymmetric key lengthvoidAlgorithmSuiteValidator.checkAsymmetricKeyLength(X509Certificate[] x509Certificates) Check the asymmetric key lengthvoidAlgorithmSuiteValidator.checkAsymmetricKeyLength(PublicKey publicKey) Check the asymmetric key lengthvoidAlgorithmSuiteValidator.checkC14nAlgorithm(String c14nAlgorithm) Check the C14n AlgorithmvoidAlgorithmSuiteValidator.checkDerivedKeyAlgorithm(String algorithm) Check Derived Key algorithmvoidAlgorithmSuiteValidator.checkEncryptionDerivedKeyLength(int derivedKeyLength) Check Encryption Derived Key length (in bytes)voidAlgorithmSuiteValidator.checkEncryptionKeyWrapAlgorithm(String keyWrapAlgorithm) voidAlgorithmSuiteValidator.checkKeyAgreementMethodAlgorithm(String keyAgreementMethodAlgorithm) voidAlgorithmSuiteValidator.checkSignatureAlgorithms(XMLSignature xmlSignature) Check the Signature AlgorithmsvoidAlgorithmSuiteValidator.checkSignatureDerivedKeyLength(int derivedKeyLength) Check Signature Derived Key length (in bytes)voidAlgorithmSuiteValidator.checkSignatureMethod(String signatureMethod) Check the Signature MethodvoidAlgorithmSuiteValidator.checkSymmetricEncryptionAlgorithm(String symmetricAlgorithm) voidAlgorithmSuiteValidator.checkSymmetricKeyLength(int secretKeyLength) Check the symmetric key lengthvoidDERDecoder.expect(byte val) Confirm that the byte at the current position matches the given value.voidDERDecoder.expect(int val) Confirm that the byte at the current position matches the given value.byte[]DERDecoder.getBytes(int length) Return an array of bytes from the current position.byte[]Crypto.getBytesFromCertificates(X509Certificate[] certs) Get a byte array given an array of X509 certificates.byte[]CryptoBase.getBytesFromCertificates(X509Certificate[] certs) Get a byte array given an array of X509 certificates.Crypto.getCertificateFactory()Get the CertificateFactory instance on this Crypto instanceCryptoBase.getCertificateFactory()Get the CertificateFactory instance on this Crypto instanceMerlin.getCertificateFactory()Singleton certificate factory for this Crypto instance.Crypto.getCertificatesFromBytes(byte[] data) Construct an array of X509Certificate's from the byte array.CryptoBase.getCertificatesFromBytes(byte[] data) Construct an array of X509Certificate's from the byte array.Crypto.getDefaultX509Identifier()Retrieves the identifier name of the default certificate.CryptoBase.getDefaultX509Identifier()Retrieves the identifier name of the default certificate.Merlin.getDefaultX509Identifier()Retrieves the identifier name of the default certificate.static CryptoCryptoFactory.getInstance()getInstancestatic CryptogetInstancestatic CryptoCryptoFactory.getInstance(String propFilename) getInstancestatic CryptoCryptoFactory.getInstance(String propFilename, ClassLoader customClassLoader) static CryptoCryptoFactory.getInstance(Properties properties) getInstancestatic CryptoCryptoFactory.getInstance(Properties properties, ClassLoader classLoader, PasswordEncryptor passwordEncryptor) getInstanceintDERDecoder.getLength()Get the DER length at the current position.protected byte[]CryptoBase.getNameConstraints(X509Certificate cert) Extracts the NameConstraints sequence from the certificate.CertificateStore.getPrivateKey(String identifier, String password) Gets the private key corresponding to the identifier.CertificateStore.getPrivateKey(X509Certificate certificate, CallbackHandler callbackHandler) Gets the private key corresponding to the certificate.CertificateStore.getPrivateKey(PublicKey publicKey, CallbackHandler callbackHandler) Gets the private key corresponding to the given PublicKey.Crypto.getPrivateKey(String identifier, String password) Gets the private key corresponding to the identifier.Crypto.getPrivateKey(X509Certificate certificate, CallbackHandler callbackHandler) Gets the private key corresponding to the certificate.Crypto.getPrivateKey(PublicKey publicKey, CallbackHandler callbackHandler) Gets the private key corresponding to the given PublicKey.Merlin.getPrivateKey(String identifier, String password) Gets the private key corresponding to the identifier.Merlin.getPrivateKey(X509Certificate certificate, CallbackHandler callbackHandler) Gets the private key corresponding to the certificate.Merlin.getPrivateKey(PublicKey publicKey, CallbackHandler callbackHandler) Gets the private key corresponding to the given PublicKey.static PropertiesCryptoFactory.getProperties(String propFilename, ClassLoader loader) This allows loading the resources with a custom class loaderbyte[]Crypto.getSKIBytesFromCert(X509Certificate cert) Reads the SubjectKeyIdentifier information from the certificate.byte[]CryptoBase.getSKIBytesFromCert(X509Certificate cert) Reads the SubjectKeyIdentifier information from the certificate.byte[]X509SubjectPublicKeyInfo.getSubjectPublicKey()Get the subjectPublicKey element of the SubjectPublicKeyInfo.CertificateStore.getX509Certificates(CryptoType cryptoType) Get an X509Certificate (chain) corresponding to the CryptoType argument.Crypto.getX509Certificates(CryptoType cryptoType) Get an X509Certificate (chain) corresponding to the CryptoType argument.Merlin.getX509Certificates(CryptoType cryptoType) Get an X509Certificate (chain) corresponding to the CryptoType argument.CertificateStore.getX509Identifier(X509Certificate cert) Get the implementation-specific identifier corresponding to the cert parameter.Crypto.getX509Identifier(X509Certificate cert) Get the implementation-specific identifier corresponding to the cert parameter, e.g. the identifier could be a KeyStore alias.Merlin.getX509Identifier(X509Certificate cert) Get the implementation-specific identifier corresponding to the cert parameter.protected KeyStoreMerlin.load(InputStream input, String storepass, String provider, String type) Loads the keystore from anInputStream.Crypto.loadCertificate(InputStream in) Load a X509Certificate from the input stream.CryptoBase.loadCertificate(InputStream in) Load a X509Certificate from the input stream.static InputStreamMerlin.loadInputStream(ClassLoader loader, String location) Load a KeyStore object as an InputStream, using the ClassLoader and location argumentsvoidMerlin.loadProperties(Properties properties, ClassLoader loader, PasswordEncryptor passwordEncryptor) voidMerlinDevice.loadProperties(Properties properties, ClassLoader loader, PasswordEncryptor passwordEncryptor) voidDERDecoder.skip(int length) Advance the current position by the given number of bytes.booleanDERDecoder.test(byte val) Test if the byte at the current position matches the given value.protected voidCertificateStore.verifyTrust(X509Certificate[] certs, boolean enableRevocation, Collection<Pattern> subjectCertConstraints) Evaluate whether a given certificate chain should be trusted.voidCertificateStore.verifyTrust(X509Certificate[] certs, boolean enableRevocation, Collection<Pattern> subjectCertConstraints, Collection<Pattern> issuerCertConstraints) voidCertificateStore.verifyTrust(PublicKey publicKey) Evaluate whether a given public key should be trusted.voidCrypto.verifyTrust(X509Certificate[] certs, boolean enableRevocation, Collection<Pattern> subjectCertConstraints, Collection<Pattern> issuerCertConstraints) Evaluate whether a given certificate chain should be trusted.voidCrypto.verifyTrust(PublicKey publicKey) Evaluate whether a given public key should be trusted.protected voidMerlin.verifyTrust(X509Certificate[] certs, boolean enableRevocation, Collection<Pattern> subjectCertConstraints) Evaluate whether a given certificate chain should be trusted.voidMerlin.verifyTrust(X509Certificate[] certs, boolean enableRevocation, Collection<Pattern> subjectCertConstraints, Collection<Pattern> issuerCertConstraints) voidMerlin.verifyTrust(PublicKey publicKey) Evaluate whether a given public key should be trusted.protected voidMerlinAKI.verifyTrust(X509Certificate[] certs, boolean enableRevocation, Collection<Pattern> subjectCertConstraints) Evaluate whether a given certificate chain should be trusted.Constructors in org.apache.wss4j.common.crypto that throw WSSecurityExceptionModifierConstructorDescriptionDERDecoder(byte[] derEncoded) Construct a DERDecoder for the given byte array.Merlin(Properties properties, ClassLoader loader, PasswordEncryptor passwordEncryptor) MerlinAKI(Properties properties, ClassLoader loader, PasswordEncryptor passwordEncryptor) MerlinDevice(Properties properties, ClassLoader loader, PasswordEncryptor passwordEncryptor) X509SubjectPublicKeyInfo(byte[] x509EncodedPublicKey) Construct a SubjectPublicKeyInfo for the given X.509-encoded public key.Construct a SubjectPublicKeyInfo for the given public key. -
Uses of WSSecurityException in org.apache.wss4j.common.derivedKey
Methods in org.apache.wss4j.common.derivedKey that throw WSSecurityExceptionModifier and TypeMethodDescriptionbyte[]ConversationConstants.DerivationAlgorithm.createKey(byte[] secret, byte[] seed, int offset, long length) byte[]DerivationAlgorithm.createKey(byte[] secret, byte[] seed, int offset, long length) byte[]P_SHA1.createKey(byte[] secret, byte[] seed, int offset, long length) static byte[]DerivedKeyUtils.deriveKey(String algorithm, String label, int length, byte[] secret, byte[] nonce, int offset) Derive a key from this DerivedKeyToken instancestatic DerivationAlgorithmAlgoFactory.getInstance(String algorithm) This gives a DerivationAlgorithm instance from the default set of algorithms provided -
Uses of WSSecurityException in org.apache.wss4j.common.kerberos
Methods in org.apache.wss4j.common.kerberos that throw WSSecurityException -
Uses of WSSecurityException in org.apache.wss4j.common.saml
Methods in org.apache.wss4j.common.saml that throw WSSecurityExceptionModifier and TypeMethodDescriptionSamlAssertionWrapper.assertionToString()Method assertionToString ...voidSamlAssertionWrapper.checkAudienceRestrictions(List<String> audienceRestrictions) Check the AudienceRestrictions of the AssertionvoidSamlAssertionWrapper.checkAuthnStatements(int futureTTL) Check the various attributes of the AuthnStatements of the assertion (if any)voidSamlAssertionWrapper.checkConditions(int futureTTL) Check the Conditions of the Assertion.voidSamlAssertionWrapper.checkIssueInstant(int futureTTL, int ttl) Check the IssueInstant value of the Assertion.static org.opensaml.core.xml.XMLObjectConvert a SAML Assertion from a DOM Element to an XMLObjectstatic SAMLKeyInfoSAMLUtil.getCredentialFromKeyInfo(Element keyInfoElement, SAMLKeyInfoProcessor keyInfoProcessor, Crypto sigCrypto) This method returns a SAMLKeyInfo corresponding to the credential found in the KeyInfo (DOM Element) argument.static SAMLKeyInfoSAMLUtil.getCredentialFromSubject(SamlAssertionWrapper samlAssertion, SAMLKeyInfoProcessor keyInfoProcessor, Crypto sigCrypto) Parse a SAML Assertion to obtain a SAMLKeyInfo object from the Subject of the assertionstatic SAMLKeyInfoSAMLUtil.getCredentialFromSubject(org.opensaml.saml.saml1.core.Assertion assertion, SAMLKeyInfoProcessor keyInfoProcessor, Crypto sigCrypto) Get the SAMLKeyInfo object corresponding to the credential stored in the Subject of a SAML 1.1 assertionstatic SAMLKeyInfoSAMLUtil.getCredentialFromSubject(org.opensaml.saml.saml2.core.Assertion assertion, SAMLKeyInfoProcessor keyInfoProcessor, Crypto sigCrypto) Get the SAMLKeyInfo object corresponding to the credential stored in the Subject of a SAML 2 assertionorg.opensaml.xmlsec.signature.SignatureSamlAssertionWrapper.getSignature()byte[]SamlAssertionWrapper.getSignatureValue()Get the SignatureValue bytes of the signed SAML AssertionvoidSamlAssertionWrapper.parseSubject(SAMLKeyInfoProcessor keyInfoProcessor, Crypto sigCrypto) This method parses the KeyInfo of the Subject.SAMLKeyInfoProcessor.processSAMLKeyInfo(Element keyInfoElement) voidSamlAssertionWrapper.signAssertion(String issuerKeyName, String issuerKeyPassword, Crypto issuerCrypto, boolean sendKeyValue) Create an enveloped signature on the assertion that has been created.voidSamlAssertionWrapper.signAssertion(String issuerKeyName, String issuerKeyPassword, Crypto issuerCrypto, boolean sendKeyValue, String canonicalizationAlgorithm, String signatureAlgorithm) Create an enveloped signature on the assertion that has been created.voidSamlAssertionWrapper.signAssertion(String issuerKeyName, String issuerKeyPassword, Crypto issuerCrypto, boolean sendKeyValue, String canonicalizationAlgorithm, String signatureAlgorithm, String signatureDigestAlgorithm) Create an enveloped signature on the assertion that has been created.static ElementConvert a SAML Assertion from a XMLObject to a DOM Elementstatic ElementConvert a SAML Assertion from a XMLObject to a DOM ElementCreate a DOM from the current XMLObject content.voidSamlAssertionWrapper.validateSignatureAgainstProfile()Validate the signature of the Assertion against the Profile.voidSamlAssertionWrapper.verifySignature(SAMLKeyInfo samlKeyInfo) Verify the signature of this assertionvoidSamlAssertionWrapper.verifySignature(SAMLKeyInfoProcessor keyInfoProcessor, Crypto sigCrypto) Verify the signature of this assertionConstructors in org.apache.wss4j.common.saml that throw WSSecurityExceptionModifierConstructorDescriptionSamlAssertionWrapper(SAMLCallback samlCallback) Constructor SamlAssertionWrapper creates a new SamlAssertionWrapper instance.SamlAssertionWrapper(org.opensaml.saml.common.SAMLObject samlObject) Constructor SamlAssertionWrapper creates a new SamlAssertionWrapper instance.SamlAssertionWrapper(Element element) Constructor SamlAssertionWrapper creates a new SamlAssertionWrapper instance. -
Uses of WSSecurityException in org.apache.wss4j.common.saml.builder
Methods in org.apache.wss4j.common.saml.builder that throw WSSecurityExceptionModifier and TypeMethodDescriptionstatic org.opensaml.saml.saml1.core.AdviceSAML1ComponentBuilder.createAdvice(AdviceBean adviceBean) Create a Advice objectstatic org.opensaml.saml.saml2.core.AdviceSAML2ComponentBuilder.createAdvice(AdviceBean adviceBean) Create a Advice objectstatic org.opensaml.xmlsec.signature.KeyInfoSAML1ComponentBuilder.createKeyInfo(KeyInfoBean keyInfo) Create an Opensaml KeyInfo object from the parametersstatic org.opensaml.saml.saml1.core.SubjectSAML1ComponentBuilder.createSaml1v1Subject(SubjectBean subjectBean) Create a SAML Subject from a SubjectBean instancestatic org.opensaml.saml.saml2.core.SubjectSAML2ComponentBuilder.createSaml2Subject(SubjectBean subjectBean) Create a Subject.static List<org.opensaml.saml.saml1.core.AttributeStatement>SAML1ComponentBuilder.createSamlv1AttributeStatement(List<AttributeStatementBean> attributeData) Create SAML 1.1 attribute statement(s)static List<org.opensaml.saml.saml1.core.AuthenticationStatement>SAML1ComponentBuilder.createSamlv1AuthenticationStatement(List<AuthenticationStatementBean> authBeans) Create SAML 1.1 authentication statement(s)static List<org.opensaml.saml.saml1.core.AuthorizationDecisionStatement>SAML1ComponentBuilder.createSamlv1AuthorizationDecisionStatement(List<AuthDecisionStatementBean> decisionData) Create SAML 1.1 Authorization Decision Statement(s)static org.opensaml.saml.saml2.core.SubjectConfirmationDataSAML2ComponentBuilder.createSubjectConfirmationData(SubjectConfirmationDataBean subjectConfirmationDataBean, KeyInfoBean keyInfoBean) Create a SubjectConfirmationData object -
Uses of WSSecurityException in org.apache.wss4j.common.spnego
Methods in org.apache.wss4j.common.spnego that throw WSSecurityExceptionModifier and TypeMethodDescriptionvoidSpnegoTokenContext.retrieveServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName) Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this BinarySecurityToken.voidSpnegoTokenContext.retrieveServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName, boolean isUsernameServiceNameForm) Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this BinarySecurityToken.voidSpnegoTokenContext.retrieveServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName, boolean isUsernameServiceNameForm, boolean requestCredDeleg, GSSCredential delegationCredential) Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this BinarySecurityToken.byte[]SpnegoTokenContext.unwrapKey(byte[] secret) Unwrap a keyvoidSpnegoTokenContext.validateServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName, boolean isUsernameServiceNameForm, byte[] ticket) Validate a service ticket.voidSpnegoTokenContext.validateServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName, byte[] ticket) Validate a service ticket.byte[]SpnegoTokenContext.wrapKey(byte[] secret) Wrap a key -
Uses of WSSecurityException in org.apache.wss4j.common.token
Methods in org.apache.wss4j.common.token that throw WSSecurityExceptionModifier and TypeMethodDescriptionSecurityTokenReference.getKeyIdentifier(Crypto crypto) Gets the KeyIdentifier.SecurityTokenReference.getReference()Gets the Reference.X509Security.getX509Certificate(Crypto crypto) Gets the X509Certificate certificate.PKIPathSecurity.getX509Certificates(Crypto crypto) get the X509Certificate array.SecurityTokenReference.getX509IssuerSerial(Crypto crypto) Gets the certificate identified with X509 issuerSerial data.SecurityTokenReference.getX509SKIAlias(Crypto crypto) voidSecurityTokenReference.setKeyIdentifier(String valueType, String keyIdVal) voidSecurityTokenReference.setKeyIdentifier(String valueType, String keyIdVal, boolean base64) voidSecurityTokenReference.setKeyIdentifier(X509Certificate cert) Sets the KeyIdentifier Element as a X509 certificate.voidSecurityTokenReference.setKeyIdentifierEncKeySHA1(String value) voidSecurityTokenReference.setKeyIdentifierSKI(X509Certificate cert, Crypto crypto) Sets the KeyIdentifier Element as a X509 Subject-Key-Identifier (SKI).voidSecurityTokenReference.setKeyIdentifierThumb(X509Certificate cert) Sets the KeyIdentifier Element as a Thumbprint.voidBinarySecurity.setToken(byte[] data) set the token information.voidX509Security.setX509Certificate(X509Certificate cert) Sets the X509Certificate.voidPKIPathSecurity.setX509Certificates(X509Certificate[] certs, Crypto crypto) set the X509Certificate array.Constructors in org.apache.wss4j.common.token that throw WSSecurityExceptionModifierConstructorDescriptionBinarySecurity(CallbackHandler callbackHandler) Create a BinarySecurityToken via a CallbackHandlerBinarySecurity(Element elem, BSPEnforcer bspEnforcer) Constructor.DOMX509Data(Element x509DataElement) Constructor.PKIPathSecurity(Element elem, BSPEnforcer bspEnforcer) Constructor.Constructor.SecurityTokenReference(Element elem, BSPEnforcer bspEnforcer) Constructor.X509Security(Element elem, BSPEnforcer bspEnforcer) This constructor creates a new X509 certificate object and initializes it from the data contained in the element. -
Uses of WSSecurityException in org.apache.wss4j.common.util
Methods in org.apache.wss4j.common.util that throw WSSecurityExceptionModifier and TypeMethodDescriptionstatic StringUsernameTokenUtil.doPasswordDigest(byte[] nonce, String created, byte[] password) static StringUsernameTokenUtil.doPasswordDigest(byte[] nonce, String created, String password) static byte[]UsernameTokenUtil.doRawPasswordDigest(byte[] nonce, String created, byte[] password) static byte[]UsernameTokenUtil.generateDerivedKey(byte[] password, byte[] salt, int iteration) This static method generates a derived key as defined in WSS Username Token Profile.static byte[]UsernameTokenUtil.generateDerivedKey(String password, byte[] salt, int iteration) This static method generates a derived key as defined in WSS Username Token Profile.static byte[]KeyUtils.generateDigest(byte[] inputBytes) Generate a (SHA1) digest of the input bytes.static byte[]UsernameTokenUtil.generateNonce(int length) Generate a nonce of the given length using a secure random algorithm.static StringAttachmentUtils.getAttachmentId(String xopUri) static byte[]AttachmentUtils.getBytesFromAttachment(String xopUri, CallbackHandler attachmentCallbackHandler, boolean removeAttachments) static CipherKeyUtils.getCipherInstance(String cipherAlgo) Translate the "cipherAlgo" URI to a JCE ID, and return a javax.crypto.Cipher instance of this type.static CipherKeyUtils.getCipherInstance(String cipherAlgo, String provider) Translate the "cipherAlgo" URI to a JCE ID, and request a javax.crypto.Cipher instance of this type from the given provider.static KeyGeneratorKeyUtils.getKeyGenerator(String algorithm) static intKeyUtils.getKeyLength(String algorithm) Returns the length of the key in # of bytes.static StringUsernameTokenUtil.getRawPassword(CallbackHandler callbackHandler, String username, String password, String passwordType) Get the raw (plain text) password used to compute secret key.static InputStreamLoader.loadInputStream(ClassLoader loader, String resource) static voidAttachmentUtils.readAndReplaceEncryptedAttachmentHeaders(Map<String, String> headers, InputStream attachmentInputStream) static InputStreamAttachmentUtils.setupAttachmentDecryptionStream(String encAlgo, Cipher cipher, Key key, InputStream inputStream) static InputStreamAttachmentUtils.setupAttachmentEncryptionStream(Cipher cipher, boolean complete, Attachment attachment, Map<String, String> headers) static voidAttachmentUtils.storeBytesInAttachment(Element parentElement, Document doc, String attachmentId, byte[] bytes, CallbackHandler attachmentCallbackHandler) -
Uses of WSSecurityException in org.apache.wss4j.dom
Methods in org.apache.wss4j.dom that throw WSSecurityExceptionModifier and TypeMethodDescriptionvoidWSDocInfo.addTokenElement(Element element) Store a token element for later retrieval.voidWSDocInfo.addTokenElement(Element element, boolean checkMultipleElements) Store a token element for later retrieval. -
Uses of WSSecurityException in org.apache.wss4j.dom.action
Methods in org.apache.wss4j.dom.action that throw WSSecurityExceptionModifier and TypeMethodDescriptionvoidAction.execute(WSHandler handler, SecurityActionToken actionToken, RequestData reqData) voidCustomTokenAction.execute(WSHandler handler, SecurityActionToken actionToken, RequestData reqData) voidEncryptionAction.execute(WSHandler handler, SecurityActionToken actionToken, RequestData reqData) voidEncryptionDerivedAction.execute(WSHandler handler, SecurityActionToken actionToken, RequestData reqData) voidSAMLTokenSignedAction.execute(WSHandler handler, SecurityActionToken actionToken, RequestData reqData) voidSAMLTokenUnsignedAction.execute(WSHandler handler, SecurityActionToken actionToken, RequestData reqData) voidSignatureAction.execute(WSHandler handler, SecurityActionToken actionToken, RequestData reqData) voidSignatureConfirmationAction.execute(WSHandler handler, SecurityActionToken actionToken, RequestData reqData) voidSignatureDerivedAction.execute(WSHandler handler, SecurityActionToken actionToken, RequestData reqData) voidTimestampAction.execute(WSHandler handler, SecurityActionToken actionToken, RequestData reqData) voidUsernameTokenAction.execute(WSHandler handler, SecurityActionToken actionToken, RequestData reqData) voidUsernameTokenSignedAction.execute(WSHandler handler, SecurityActionToken actionToken, RequestData reqData) protected voidAbstractDerivedAction.setupEKReference(WSSecDerivedKeyBase derivedKeyBase, SignatureEncryptionActionToken previousActionToken) protected ElementAbstractDerivedAction.setupEKReference(WSSecDerivedKeyBase derivedKeyBase, WSSecHeader securityHeader, SignatureEncryptionActionToken actionToken, String keyTransportAlgorithm, String mgfAlgorithm, SecretKey symmetricKey) protected ElementAbstractDerivedAction.setupSCTReference(WSSecDerivedKeyBase derivedKeyBase, WSPasswordCallback passwordCallback, SignatureEncryptionActionToken actionToken, boolean use200512Namespace, Document doc) protected voidAbstractDerivedAction.setupSCTReference(WSSecDerivedKeyBase derivedKeyBase, SignatureEncryptionActionToken previousActionToken, boolean use200512Namespace) -
Uses of WSSecurityException in org.apache.wss4j.dom.callback
Methods in org.apache.wss4j.dom.callback that throw WSSecurityExceptionModifier and TypeMethodDescriptionCallbackLookup.getAndRegisterElement(String id, String valueType, boolean checkMultipleElements, DOMCryptoContext context) Get the DOM element that corresponds to the given id and ValueType reference.DOMCallbackLookup.getAndRegisterElement(String id, String valueType, boolean checkMultipleElements, DOMCryptoContext context) Get the DOM element that corresponds to the given id and ValueType reference.CallbackLookup.getElement(String id, String valueType, boolean checkMultipleElements) Get the DOM element that corresponds to the given id and ValueType reference.DOMCallbackLookup.getElement(String id, String valueType, boolean checkMultipleElements) Get the DOM element that corresponds to the given id and ValueType reference.CallbackLookup.getElements(String localname, String namespace) Get the DOM element(s) that correspond to the given localname/namespace.DOMCallbackLookup.getElements(String localname, String namespace) Get the DOM element(s) that correspond to the given localname/namespace. -
Uses of WSSecurityException in org.apache.wss4j.dom.engine
Methods in org.apache.wss4j.dom.engine that throw WSSecurityExceptionModifier and TypeMethodDescriptionWSSConfig.getAction(int action) Lookup actionWSSConfig.getProcessor(QName el) WSSConfig.getValidator(QName el) WSSecurityEngine.processSecurityHeader(Document doc, String actor, CallbackHandler cb, Crypto crypto) Process the security header given the soap envelope as W3C document.WSSecurityEngine.processSecurityHeader(Document doc, String actor, CallbackHandler cb, Crypto sigVerCrypto, Crypto decCrypto) Process the security header given the soap envelope as W3C document.WSSecurityEngine.processSecurityHeader(Document doc, RequestData requestData) Process the security header given the soap envelope as W3C document.WSSecurityEngine.processSecurityHeader(Element securityHeader, String actor, CallbackHandler cb, Crypto sigVerCrypto, Crypto decCrypto) Process the security header given thewsse:SecurityDOM Element.WSSecurityEngine.processSecurityHeader(Element securityHeader, RequestData requestData) Process the security header given thewsse:SecurityDOM Element. -
Uses of WSSecurityException in org.apache.wss4j.dom.handler
Methods in org.apache.wss4j.dom.handler that throw WSSecurityExceptionModifier and TypeMethodDescriptionprotected voidWSHandler.checkSignatureConfirmation(RequestData reqData, WSHandlerResult handlerResults) protected voidWSHandler.decodeAlgorithmSuite(RequestData reqData) protected booleanWSHandler.decodeBooleanConfigValue(Object messageContext, String configTag, boolean defaultToTrue) protected voidWSHandler.decodeDecryptionParameter(RequestData reqData) protected voidWSHandler.decodeEncryptionParameter(RequestData reqData) protected StringWSHandler.decodePasswordType(RequestData reqData) protected voidWSHandler.decodeSignatureParameter(RequestData reqData) protected voidWSHandler.decodeSignatureParameter2(RequestData reqData) protected voidWSHandler.decodeUTParameter(RequestData reqData) protected voidWSHandler.doReceiverAction(List<Integer> actions, RequestData reqData) protected voidWSHandler.doSenderAction(Document doc, RequestData reqData, List<HandlerAction> actions, boolean isRequest) Performs all defined security actions to set-up the SOAP request.WSHandler.getCallbackHandler(String callbackHandlerClass, String callbackHandlerRef, RequestData requestData) Get a CallbackHandler instance.RequestData.getNonceReplayCache()Get the replay cache for NoncesWSHandler.getPasswordCallbackHandler(RequestData reqData) Get a CallbackHandler instance to obtain passwords.WSHandler.getPasswordCB(String username, int doAction, CallbackHandler callbackHandler, RequestData requestData) Get a password callback (WSPasswordCallback object) from a CallbackHandler instanceRequestData.getSamlOneTimeUseReplayCache()Get the replay cache for SAML2 OneTimeUse AssertionsRequestData.getTimestampReplayCache()Get the replay cache for TimestampsRequestData.getValidator(QName qName) Get the Validator instance corresponding to the QNameprotected CryptoWSHandler.loadCrypto(String cryptoPropertyFile, String cryptoPropertyRefId, RequestData requestData) Load a Crypto instance.protected CryptoWSHandler.loadCryptoFromPropertiesFile(String propFilename, RequestData reqData) A hook to allow subclass to load Crypto instances from property files in a different way.protected CryptoWSHandler.loadDecryptionCrypto(RequestData requestData) Hook to allow subclasses to load their Decryption Crypto however they see fit.protected CryptoWSHandler.loadEncryptionCrypto(RequestData requestData) Hook to allow subclasses to load their Encryption Crypto however they see fit.WSHandler.loadSignatureCrypto(RequestData requestData) Hook to allow subclasses to load their Signature creation Crypto however they see fit.WSHandler.loadSignatureVerificationCrypto(RequestData requestData) Hook to allow subclasses to load their Signature verification Crypto however they see fit. -
Uses of WSSecurityException in org.apache.wss4j.dom.message
Methods in org.apache.wss4j.dom.message that throw WSSecurityExceptionModifier and TypeMethodDescriptionprotected voidWSSecEncryptedKey.addCipherValueElement(byte[] encryptedEphemeralKey) Create and add the CipherValue Element to the EncryptedKey Element.WSSecDKSign.addReferencesToSign(List<WSEncryptionPart> references) This method adds references to the Signature.WSSecSignature.addReferencesToSign(List<WSEncryptionPart> references) This method adds references to the Signature.WSSecSignatureBase.addReferencesToSign(Document doc, List<WSEncryptionPart> references, WSDocInfo wsDocInfo, XMLSignatureFactory signatureFactory, boolean addInclusivePrefixes, String digestAlgo) This method adds references to the Signature.WSSecDKEncrypt.build(byte[] ephemeralKey) WSSecDKSign.build(byte[] ephemeralKey) Builds the SOAP envelope with encrypted Body and adds encrypted key.Builds a signed soap envelope.voidWSSecDKSign.computeSignature(List<Reference> referenceList) Compute the Signature over the references.voidWSSecDKSign.computeSignature(List<Reference> referenceList, boolean prepend, Element siblingElement) Compute the Signature over the references.voidWSSecSignature.computeSignature(List<Reference> referenceList) Compute the Signature over the references.voidWSSecSignature.computeSignature(List<Reference> referenceList, boolean prepend, Element siblingElement) Compute the Signature over the references.protected voidWSSecEncryptedKey.createEncryptedKeyElement(X509Certificate remoteCert, Crypto crypto, org.apache.xml.security.encryption.params.KeyAgreementParameters dhSpec) Now we need to setup the EncryptedKey header block: 1) create a EncryptedKey element and set a wsu:Id for it 2) Generate ds:KeyInfo element, this wraps the wsse:SecurityTokenReference 3) Create and set up the SecurityTokenReference according to the keyIdentifier parameter 4) Create the CipherValue element structure and insert the encrypted session keyprotected voidWSSecEncryptedKey.createEncryptedKeyElement(Key key) Now we need to setup the EncryptedKey header block: 1) create a EncryptedKey element and set a wsu:Id for it 2) Generate ds:KeyInfo element, this wraps the wsse:SecurityTokenReference 3) Create and set up the SecurityTokenReference according to the keyIdentifier parameter 4) Create the CipherValue element structure and insert the encrypted session keyEncryptor.doEncryption(org.apache.xml.security.keys.KeyInfo keyInfo, SecretKey secretKey, String encryptionAlgorithm, List<WSEncryptionPart> references, List<Element> attachmentEncryptedDataElements) WSSecDKEncrypt.encrypt()Perform encryption using the given symmetric keyWSSecDKEncrypt.encryptForExternalRef(Element dataRef, List<WSEncryptionPart> references) Encrypt one or more parts or elements of the message (external).WSSecEncrypt.encryptForRef(Element dataRef, List<WSEncryptionPart> references, SecretKey symmetricKey) Encrypt one or more parts or elements of the message.byte[]WSSecUsernameToken.getDerivedKey(byte[] saltValue) Get the derived key.protected abstract intWSSecDerivedKeyBase.getDerivedKeyLength()The derived key will change depending on the sig/encr algorithm.protected intWSSecDKEncrypt.getDerivedKeyLength()protected intWSSecDKSign.getDerivedKeyLength()WSSecSAMLToken.getElement()WSSecHeader.insertSecurityHeader()Creates a security header and inserts it as child into the SOAP Envelope.booleanWSSecHeader.isEmpty()Returns whether the security header is emptyprotected voidWSSecSignature.marshalKeyInfo(WSDocInfo wsDocInfo) voidWSSecDerivedKeyBase.prepare(byte[] ephemeralKey) Initialize a WSSec Derived key.voidWSSecDKEncrypt.prepare(byte[] ephemeralKey) voidWSSecDKSign.prepare(byte[] ephemeralKey) voidInitialize a WSSec Encrypt.voidCreate the EncryptedKey Element for inclusion in the security header, by encrypting the symmetricKey parameter using either a public key or certificate that is set on the class, and adding the encrypted bytes as the CipherValue of the EncryptedKey element.voidvoidInitialize a WSSec Signature.voidWSSecSecurityContextToken.prependSCTElementToHeader()voidWSSecHeader.removeSecurityHeader()protected voidWSSecEncryptedKey.setEncryptedKeySHA1(byte[] encryptedEphemeralKey) -
Uses of WSSecurityException in org.apache.wss4j.dom.message.token
Methods in org.apache.wss4j.dom.message.token that throw WSSecurityExceptionModifier and TypeMethodDescriptionDerivedKeyToken.createPrincipal()Create a WSDerivedKeyTokenPrincipal from this DerivedKeyToken objectUsernameToken.createPrincipal()Create a WSUsernameTokenPrincipal from this UsernameToken objectbyte[]DerivedKeyToken.deriveKey(int length, byte[] secret) Derive a key from this DerivedKeyToken instancebyte[]UsernameToken.getDerivedKey(BSPEnforcer bspEnforcer, String rawPassword) This method gets a derived key as defined in WSS Username Token Profile.byte[]UsernameToken.getSalt()Get the Salt value of this UsernameToken.DerivedKeyToken.getSecurityTokenReference()Returns the SecurityTokenReference of the derived key tokenbooleanUsernameToken.isDerivedKey()Return whether the UsernameToken represented by this class is to be used for key derivation as per the UsernameToken Profile 1.1.voidKerberosSecurity.retrieveServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName) Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this BinarySecurityToken.voidKerberosSecurity.retrieveServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName, boolean isUsernameServiceNameForm) voidKerberosSecurity.retrieveServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName, boolean isUsernameServiceNameForm, boolean requestCredDeleg) voidKerberosSecurity.retrieveServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName, boolean isUsernameServiceNameForm, boolean requestCredDeleg, GSSCredential delegatedCredential) voidKerberosSecurity.retrieveServiceTicket(CallbackHandler callbackHandler) Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this BinarySecurityToken.voidDerivedKeyToken.setGeneration(int generation) Sets the generation of the derived keyvoidDerivedKeyToken.setOffset(int offset) Sets the offsetConstructors in org.apache.wss4j.dom.message.token that throw WSSecurityExceptionModifierConstructorDescriptionDerivedKeyToken(int version, Document doc) This will create an empty DerivedKeyTokenDerivedKeyToken(Document doc) This will create an empty DerivedKeyTokenDerivedKeyToken(Element elem, BSPEnforcer bspEnforcer) This will create a DerivedKeyToken object with the given DerivedKeyToken elementKerberosSecurity(Element elem, BSPEnforcer bspEnforcer) This constructor creates a new Kerberos token object and initializes it from the data contained in the element.SecurityContextToken(int version, Document doc) Constructor to create the SCTSecurityContextToken(int version, Document doc, String uuid) Constructor to create the SCT with a given uuidSecurityContextToken(int version, Document doc, String uuid, String instance) Constructor to create the SCT with a given uuid and instanceConstructor to create the SCTSecurityContextToken(Document doc, String uuid) Constructor to create the SCT with a given uuidSecurityContextToken(Element elem) This is used to create a SecurityContextToken using a DOM ElementSignatureConfirmation(Element elem, BSPEnforcer bspEnforcer) Constructs aSignatureConfirmationobject and parses thewsse11:SignatureConfirmationelement to initialize it.Timestamp(Element timestampElement, BSPEnforcer bspEnforcer) Constructs aTimestampobject and parses thewsu:Timestampelement to initialize it.UsernameToken(Element elem, boolean allowNamespaceQualifiedPasswordTypes, BSPEnforcer bspEnforcer) Constructs aUsernameTokenobject and parses thewsse:UsernameTokenelement to initialize it. -
Uses of WSSecurityException in org.apache.wss4j.dom.processor
Methods in org.apache.wss4j.dom.processor that throw WSSecurityExceptionModifier and TypeMethodDescriptionprotected WSDataRefEncryptedKeyProcessor.decryptDataRef(Document doc, String dataRefURI, WSDocInfo docInfo, byte[] decryptedData, RequestData data) Decrypt an EncryptedData element referenced by dataRefURIEncryptedKeyProcessor.decryptDataRefs(Element refList, WSDocInfo docInfo, byte[] decryptedBytes, RequestData data) Decrypt all data referencesSAMLTokenProcessor.handleSAMLToken(SamlAssertionWrapper samlAssertion, RequestData data, Validator validator) BinarySecurityTokenProcessor.handleToken(Element elem, RequestData data) DerivedKeyTokenProcessor.handleToken(Element elem, RequestData data) EncryptedAssertionProcessor.handleToken(Element elem, RequestData request) EncryptedDataProcessor.handleToken(Element elem, RequestData data) EncryptedKeyProcessor.handleToken(Element elem, RequestData data) EncryptedKeyProcessor.handleToken(Element elem, RequestData data, AlgorithmSuite algorithmSuite) Processor.handleToken(Element elem, RequestData request) ReferenceListProcessor.handleToken(Element elem, RequestData data) SAMLTokenProcessor.handleToken(Element elem, RequestData data) SecurityContextTokenProcessor.handleToken(Element elem, RequestData data) SignatureConfirmationProcessor.handleToken(Element elem, RequestData data) SignatureProcessor.handleToken(Element elem, RequestData data) TimestampProcessor.handleToken(Element elem, RequestData data) UsernameTokenProcessor.handleToken(Element elem, RequestData data) -
Uses of WSSecurityException in org.apache.wss4j.dom.saml
Methods in org.apache.wss4j.dom.saml that throw WSSecurityExceptionModifier and TypeMethodDescriptionWSSecSignatureSAML.build(Crypto uCrypto, SamlAssertionWrapper samlAssertion, Crypto iCrypto, String iKeyName, String iKeyPW) Builds a signed soap envelope with SAML token.voidWSSecSignatureSAML.computeSignature(List<Reference> referenceList, Element siblingElement) Compute the Signature over the references.voidWSSecSignatureSAML.prepare(Crypto uCrypto, SamlAssertionWrapper samlAssertion, Crypto iCrypto, String iKeyName, String iKeyPW) Initialize a WSSec SAML Signature.WSSSAMLKeyInfoProcessor.processSAMLKeyInfo(Element keyInfoElement) static voidDOMSAMLUtil.validateSAMLResults(WSHandlerResult handlerResults, Certificate[] tlsCerts, Element body) -
Uses of WSSecurityException in org.apache.wss4j.dom.str
Methods in org.apache.wss4j.dom.str that throw WSSecurityExceptionModifier and TypeMethodDescriptionstatic voidSTRParserUtil.checkBinarySecurityBSPCompliance(SecurityTokenReference secRef, BinarySecurity token, BSPEnforcer bspEnforcer) Check that the BinarySecurityToken referenced by the SecurityTokenReference argument is BSP compliant.static voidSTRParserUtil.checkEncryptedKeyBSPCompliance(SecurityTokenReference secRef, BSPEnforcer bspEnforcer) Check that the EncryptedKey referenced by the SecurityTokenReference argument is BSP compliant.static voidSTRParserUtil.checkSamlTokenBSPCompliance(SecurityTokenReference secRef, SamlAssertionWrapper samlAssertion, BSPEnforcer bspEnforcer) Check that the SAML token referenced by the SecurityTokenReference argument is BSP compliant.static voidSTRParserUtil.checkUsernameTokenBSPCompliance(SecurityTokenReference secRef, BSPEnforcer bspEnforcer) Check that the Username token referenced by the SecurityTokenReference argument is BSP compliant.static ElementSTRParserUtil.findProcessedTokenElement(Document doc, WSDocInfo docInfo, CallbackHandler cb, String uri, String type) Find a token that has been processed already - in other words, it access previous results to find the element, rather than conducting a general searchstatic ElementSTRParserUtil.findUnprocessedTokenElement(Document doc, WSDocInfo docInfo, String uri, String type) Find a token that has not been processed already - in other words, it searches for the element, rather than trying to access previous results to find the elementstatic SamlAssertionWrapperSTRParserUtil.getAssertionFromKeyIdentifier(SecurityTokenReference secRef, Element strElement, RequestData request) Get an SamlAssertionWrapper object from parsing a SecurityTokenReference that uses a KeyIdentifier that points to a SAML Assertion.static byte[]STRParserUtil.getSecretKeyFromToken(String id, String type, int identifier, RequestData data) Get the Secret Key from a CallbackHandlerstatic ElementSTRParserUtil.getTokenElement(Document doc, WSDocInfo docInfo, CallbackHandler cb, String uri, String valueType) DerivedKeyTokenSTRParser.parseSecurityTokenReference(STRParserParameters parameters) Parse a SecurityTokenReference element and extract credentials.EncryptedKeySTRParser.parseSecurityTokenReference(STRParserParameters parameters) Parse a SecurityTokenReference element and extract credentials.SecurityTokenRefSTRParser.parseSecurityTokenReference(STRParserParameters parameters) Parse a SecurityTokenReference element and extract credentials.SignatureSTRParser.parseSecurityTokenReference(STRParserParameters parameters) Parse a SecurityTokenReference element and extract credentials.STRParser.parseSecurityTokenReference(STRParserParameters parameters) Parse a SecurityTokenReference element and extract credentials. -
Uses of WSSecurityException in org.apache.wss4j.dom.transform
Methods in org.apache.wss4j.dom.transform that throw WSSecurityExceptionModifier and TypeMethodDescriptionstatic ElementSTRTransformUtil.createBSTX509(Document doc, X509Certificate cert, Element secRefE) static ElementSTRTransformUtil.createBSTX509(Document doc, X509Certificate cert, Element secRefE, String secRefEncType) static ElementSTRTransformUtil.dereferenceSTR(Document doc, SecurityTokenReference secRef, WSDocInfo wsDocInfo) Retrieves the element representing the referenced content of a STR. -
Uses of WSSecurityException in org.apache.wss4j.dom.util
Methods in org.apache.wss4j.dom.util that throw WSSecurityExceptionModifier and TypeMethodDescriptionstatic ElementWSSecurityUtil.cloneElement(Document doc, Element clonedElement) Register the jakarta.xml.soap.Node with new Cloned Dom Node with java9WSSecurityUtil.decodeAction(String action) static List<HandlerAction>WSSecurityUtil.decodeHandlerAction(String action, WSSConfig wssConfig) Decode an action String.static WSDataRefEncryptionUtils.decryptEncryptedData(Document doc, String dataRefURI, Element encData, SecretKey symmetricKey, String symEncAlgo, CallbackHandler attachmentCallbackHandler) Decrypt the EncryptedData argument using a SecretKey.static WSDataRefEncryptionUtils.decryptEncryptedData(Document doc, String dataRefURI, Element encData, SecretKey symmetricKey, String symEncAlgo, CallbackHandler attachmentCallbackHandler, org.apache.xml.security.encryption.Serializer encryptionSerializer) Decrypt the EncryptedData argument using a SecretKey.WSSecurityUtil.findElements(WSEncryptionPart part, CallbackLookup callbackLookup) Find the DOM Element in the SOAP Envelope that is referenced by the WSEncryptionPart argument.static ElementEncryptionUtils.findEncryptedDataElement(WSDocInfo wsDocInfo, String dataRefURI) Look up the encrypted data.static ElementWSSecurityUtil.findWsseSecurityHeaderBlock(Document doc, Element envelope, boolean doCreate) find the first ws-security header blockstatic ElementWSSecurityUtil.findWsseSecurityHeaderBlock(Document doc, Element envelope, String actor, boolean doCreate) find a WS-Security header block for a given actorstatic StringWSSecurityUtil.getAttachmentId(String xopUri) static byte[]WSSecurityUtil.getBytesFromAttachment(String xopUri, CallbackHandler attachmentCallbackHandler) static byte[]WSSecurityUtil.getBytesFromAttachment(String xopUri, CallbackHandler attachmentCallbackHandler, boolean removeAttachments) static byte[]WSSecurityUtil.getBytesFromAttachment(String xopUri, RequestData data) static byte[]EncryptionUtils.getDecodedBase64EncodedData(Element element) Method getDecodedBase64EncodedDatastatic StringEncryptionUtils.getDigestAlgorithm(Node encBodyData) static StringX509Util.getEncAlgo(Node encBodyData) static StringEncryptionUtils.getMGFAlgorithm(Node encBodyData) static byte[]EncryptionUtils.getPSource(Node encBodyData) static byte[]X509Util.getSecretKey(Element keyInfoElem, String algorithm, CallbackHandler cb) static ElementWSSecurityUtil.getSecurityHeader(Document doc, String actor) Returns the first WS-Security header element for a given actor.static ElementWSSecurityUtil.getSecurityHeader(Element soapHeader, String actor, boolean soap12) Returns the first WS-Security header element for a given actor.static voidWSSecurityUtil.inlineAttachments(List<Element> includeElements, CallbackHandler attachmentCallbackHandler, boolean removeAttachments) static PublicKeyX509Util.parseKeyValue(Element keyInfoElement, XMLSignatureFactory signatureFactory) static voidSignatureUtils.verifySignedElement(Element elem, List<WSSecurityEngineResult> signedResults) static voidSignatureUtils.verifySignedElement(Element elem, WSDocInfo wsDocInfo) -
Uses of WSSecurityException in org.apache.wss4j.dom.validate
Methods in org.apache.wss4j.dom.validate that throw WSSecurityExceptionModifier and TypeMethodDescriptionprotected voidSamlAssertionValidator.checkAuthnStatements(SamlAssertionWrapper samlAssertion) Check the AuthnStatements of the Assertion (if any)protected voidSamlAssertionValidator.checkConditions(SamlAssertionWrapper samlAssertion) Check the Conditions of the Assertion.protected voidSamlAssertionValidator.checkConditions(SamlAssertionWrapper samlAssertion, List<String> audienceRestrictions) Check the Conditions of the Assertion.protected voidSamlAssertionValidator.checkOneTimeUse(SamlAssertionWrapper samlAssertion, RequestData data) Check the "OneTimeUse" Condition of the Assertion.JAASUsernameTokenValidator.validate(Credential credential, RequestData data) Validate the credential argument.KerberosTokenValidator.validate(Credential credential, RequestData data) Validate the credential argument.NoOpValidator.validate(Credential credential, RequestData data) Validate the credential argument.SamlAssertionValidator.validate(Credential credential, RequestData data) Validate the credential argument.SignatureTrustValidator.validate(Credential credential, RequestData data) Validate the credential argument.TimestampValidator.validate(Credential credential, RequestData data) Validate the credential argument.UsernameTokenValidator.validate(Credential credential, RequestData data) Validate the credential argument.Validator.validate(Credential credential, RequestData data) Validate the credential argument.protected voidSamlAssertionValidator.validateAssertion(SamlAssertionWrapper samlAssertion) Validate the samlAssertion against schemas/profilesprotected voidSignatureTrustValidator.validateCertificates(X509Certificate[] certificates) Validate the certificates by checking the validity of each certprotected voidSignatureTrustValidator.validatePublicKey(PublicKey publicKey, Crypto crypto) Validate a public keyprotected voidUsernameTokenValidator.verifyCustomPassword(UsernameToken usernameToken, RequestData data) Verify a UsernameToken containing a password of some unknown (but specified) password type.protected voidUsernameTokenValidator.verifyDigestPassword(UsernameToken usernameToken, RequestData data) Verify a UsernameToken containing a password digest.protected voidUsernameTokenValidator.verifyPlaintextPassword(UsernameToken usernameToken, RequestData data) Verify a UsernameToken containing a plaintext password.protected CredentialSamlAssertionValidator.verifySignedAssertion(SamlAssertionWrapper samlAssertion, RequestData data) Verify trust in the signature of a signed Assertion.protected voidSamlAssertionValidator.verifySubjectConfirmationMethod(SamlAssertionWrapper samlAssertion) Check the Subject Confirmation method requirementsprotected voidSignatureTrustValidator.verifyTrustInCerts(X509Certificate[] certificates, Crypto crypto, RequestData data, boolean enableRevocation) Evaluate whether the given certificate chain should be trusted.protected voidUsernameTokenValidator.verifyUnknownPassword(UsernameToken usernameToken, RequestData data) Verify a UsernameToken containing no password. -
Uses of WSSecurityException in org.apache.wss4j.policy.stax.assertionStates
Methods in org.apache.wss4j.policy.stax.assertionStates that throw WSSecurityExceptionModifier and TypeMethodDescriptionprotected StringIssuedTokenAssertionState.validateClaims(Element claimsPolicy, SamlTokenSecurityEvent samlTokenSecurityEvent) -
Uses of WSSecurityException in org.apache.wss4j.policy.stax.enforcer
Methods in org.apache.wss4j.policy.stax.enforcer that throw WSSecurityExceptionModifier and TypeMethodDescriptionvoidPolicyEnforcer.registerSecurityEvent(org.apache.xml.security.stax.securityEvent.SecurityEvent securityEvent) -
Uses of WSSecurityException in org.apache.wss4j.stax.ext
Subclasses of WSSecurityException in org.apache.wss4j.stax.extModifier and TypeClassDescriptionclassException when configuration errors are detectedMethods in org.apache.wss4j.stax.ext that throw WSSecurityExceptionModifier and TypeMethodDescriptionWSSSecurityProperties.getNonceReplayCache()Get the replay cache for NoncesWSSSecurityProperties.getSamlOneTimeUseReplayCache()Get the replay cache for SAML2 OneTimeUse AssertionsWSSSecurityProperties.getTimestampReplayCache()Get the replay cache for TimestampsvoidWSInboundSecurityContext.handleBSPRule(BSPRule bspRule) -
Uses of WSSecurityException in org.apache.wss4j.stax.impl
Methods in org.apache.wss4j.stax.impl that throw WSSecurityExceptionModifier and TypeMethodDescriptionvoidInboundWSSecurityContextImpl.handleBSPRule(BSPRule bspRule) -
Uses of WSSecurityException in org.apache.wss4j.stax.impl.processor.input
Methods in org.apache.wss4j.stax.impl.processor.input that throw WSSecurityExceptionModifier and TypeMethodDescriptionSAMLTokenInputHandler.parseXMLEvent(org.apache.xml.security.stax.ext.stax.XMLSecEvent xmlSecEvent, Node currentNode, Document document) -
Uses of WSSecurityException in org.apache.wss4j.stax.impl.securityToken
Methods in org.apache.wss4j.stax.impl.securityToken that throw WSSecurityExceptionModifier and TypeMethodDescriptionbyte[]UsernameSecurityTokenImpl.generateDerivedKey()This method generates a derived key as defined in WSS Username Token Profile.protected byte[]UsernameSecurityTokenImpl.generateDerivedKey(WSInboundSecurityContext wsInboundSecurityContext) This method generates a derived key as defined in WSS Username Token Profile.DsaKeyValueSecurityTokenImpl.getPrincipal()ECKeyValueSecurityTokenImpl.getPrincipal()HttpsSecurityTokenImpl.getPrincipal()KerberosServiceSecurityTokenImpl.getPrincipal()RsaKeyValueSecurityTokenImpl.getPrincipal()SamlSecurityTokenImpl.getPrincipal()UsernameSecurityTokenImpl.getPrincipal()X509SecurityTokenImpl.getPrincipal()DsaKeyValueSecurityTokenImpl.getSubject()ECKeyValueSecurityTokenImpl.getSubject()HttpsSecurityTokenImpl.getSubject()KerberosServiceSecurityTokenImpl.getSubject()RsaKeyValueSecurityTokenImpl.getSubject()SamlSecurityTokenImpl.getSubject()UsernameSecurityTokenImpl.getSubject()X509SecurityTokenImpl.getSubject()protected byte[]KerberosServiceSecurityTokenImpl.getTGTSessionKey()Constructors in org.apache.wss4j.stax.impl.securityToken that throw WSSecurityExceptionModifierConstructorDescriptionExternalSecurityTokenImpl(WSInboundSecurityContext wsInboundSecurityContext, String id, org.apache.xml.security.stax.securityToken.SecurityTokenConstants.KeyIdentifier keyIdentifier, WSSSecurityProperties securityProperties, boolean included) SamlSecurityTokenImpl(WSInboundSecurityContext wsInboundSecurityContext, String id, org.apache.xml.security.stax.securityToken.SecurityTokenConstants.KeyIdentifier keyIdentifier, WSSSecurityProperties securityProperties) -
Uses of WSSecurityException in org.apache.wss4j.stax.securityEvent
Methods in org.apache.wss4j.stax.securityEvent that throw WSSecurityExceptionModifier and TypeMethodDescriptionabstract StringIssuedTokenSecurityEvent.getIssuerName()SamlTokenSecurityEvent.getIssuerName()SamlTokenSecurityEvent.getSamlAssertionWrapper() -
Uses of WSSecurityException in org.apache.wss4j.stax.securityToken
Methods in org.apache.wss4j.stax.securityToken that throw WSSecurityExceptionModifier and TypeMethodDescriptionbyte[]UsernameSecurityToken.generateDerivedKey()SubjectAndPrincipalSecurityToken.getPrincipal()SubjectAndPrincipalSecurityToken.getSubject() -
Uses of WSSecurityException in org.apache.wss4j.stax.setup
Methods in org.apache.wss4j.stax.setup that throw WSSecurityExceptionModifier and TypeMethodDescriptionstatic InboundWSSecWSSec.getInboundWSSec(WSSSecurityProperties securityProperties) Creates and configures an inbound streaming security enginestatic InboundWSSecWSSec.getInboundWSSec(WSSSecurityProperties securityProperties, boolean initiator) Creates and configures an inbound streaming security enginestatic InboundWSSecWSSec.getInboundWSSec(WSSSecurityProperties securityProperties, boolean initiator, boolean returnSecurityError) Creates and configures an inbound streaming security enginestatic OutboundWSSecWSSec.getOutboundWSSec(WSSSecurityProperties securityProperties) Creates and configures an outbound streaming security enginestatic CallbackHandlerConfigurationConverter.loadCallbackHandler(String callbackHandlerClass) Load a CallbackHandler instance.InboundWSSec.processInMessage(XMLStreamReader xmlStreamReader) Warning: configure your xmlStreamReader correctly.InboundWSSec.processInMessage(XMLStreamReader xmlStreamReader, List<org.apache.xml.security.stax.securityEvent.SecurityEvent> requestSecurityEvents) Warning: configure your xmlStreamReader correctly.InboundWSSec.processInMessage(XMLStreamReader xmlStreamReader, List<org.apache.xml.security.stax.securityEvent.SecurityEvent> requestSecurityEvents, List<org.apache.xml.security.stax.securityEvent.SecurityEventListener> securityEventListeners) Warning: configure your xmlStreamReader correctly.InboundWSSec.processInMessage(XMLStreamReader xmlStreamReader, List<org.apache.xml.security.stax.securityEvent.SecurityEvent> requestSecurityEvents, org.apache.xml.security.stax.securityEvent.SecurityEventListener securityEventListener) Warning: configure your xmlStreamReader correctly.OutboundWSSec.processOutMessage(OutputStream outputStream, String encoding, List<org.apache.xml.security.stax.securityEvent.SecurityEvent> requestSecurityEvents) This method is the entry point for the incoming security-engine.OutboundWSSec.processOutMessage(OutputStream outputStream, String encoding, List<org.apache.xml.security.stax.securityEvent.SecurityEvent> requestSecurityEvents, org.apache.xml.security.stax.securityEvent.SecurityEventListener securityEventListener) This method is the entry point for the incoming security-engine.OutboundWSSec.processOutMessage(Object output, String encoding, org.apache.xml.security.stax.ext.OutboundSecurityContext outboundSecurityContext) OutboundWSSec.processOutMessage(XMLStreamWriter xmlStreamWriter, String encoding, List<org.apache.xml.security.stax.securityEvent.SecurityEvent> requestSecurityEvents) This method is the entry point for the incoming security-engine.OutboundWSSec.processOutMessage(XMLStreamWriter xmlStreamWriter, String encoding, List<org.apache.xml.security.stax.securityEvent.SecurityEvent> requestSecurityEvents, org.apache.xml.security.stax.securityEvent.SecurityEventListener securityEventListener) This method is the entry point for the incoming security-engine.OutboundWSSec.processOutMessage(XMLStreamWriter xmlStreamWriter, String encoding, org.apache.xml.security.stax.ext.OutboundSecurityContext outbounSecurityContext) This method is the entry point for the incoming security-engine. -
Uses of WSSecurityException in org.apache.wss4j.stax.utils
Methods in org.apache.wss4j.stax.utils that throw WSSecurityExceptionModifier and TypeMethodDescriptionstatic org.apache.xml.security.stax.securityEvent.TokenSecurityEvent<? extends org.apache.xml.security.stax.securityToken.InboundSecurityToken>WSSUtils.createTokenSecurityEvent(org.apache.xml.security.stax.securityToken.InboundSecurityToken inboundSecurityToken, String correlationID) static voidWSSUtils.doPasswordCallback(CallbackHandler callbackHandler, Callback callback) Executes the Callback handling.static voidWSSUtils.doSecretKeyCallback(CallbackHandler callbackHandler, Callback callback) Try to get the secret key from a CallbackHandler implementation -
Uses of WSSecurityException in org.apache.wss4j.stax.validate
Methods in org.apache.wss4j.stax.validate that throw WSSecurityExceptionModifier and TypeMethodDescriptionprotected voidSamlTokenValidatorImpl.checkAuthnStatements(SamlAssertionWrapper samlAssertion) Check the AuthnStatements of the Assertion (if any)protected voidSamlTokenValidatorImpl.checkConditions(SamlAssertionWrapper samlAssertion) Check the Conditions of the Assertion.protected voidSamlTokenValidatorImpl.checkConditions(SamlAssertionWrapper samlAssertion, List<String> audienceRestrictions) Check the Conditions of the Assertion.protected voidSamlTokenValidatorImpl.checkOneTimeUse(SamlAssertionWrapper samlAssertion, ReplayCache replayCache) Check the "OneTimeUse" Condition of the Assertion.org.apache.xml.security.stax.securityToken.InboundSecurityTokenBinarySecurityTokenValidator.validate(BinarySecurityTokenType binarySecurityTokenType, TokenContext tokenContext) org.apache.xml.security.stax.securityToken.InboundSecurityTokenBinarySecurityTokenValidatorImpl.validate(BinarySecurityTokenType binarySecurityTokenType, TokenContext tokenContext) <T extends UsernameSecurityToken & org.apache.xml.security.stax.securityToken.InboundSecurityToken>
TJAASUsernameTokenValidatorImpl.validate(UsernameTokenType usernameTokenType, TokenContext tokenContext) <T extends SamlSecurityToken & org.apache.xml.security.stax.securityToken.InboundSecurityToken>
TSamlTokenValidator.validate(SamlAssertionWrapper samlAssertionWrapper, org.apache.xml.security.stax.securityToken.InboundSecurityToken subjectSecurityToken, TokenContext tokenContext) <T extends SamlSecurityToken & org.apache.xml.security.stax.securityToken.InboundSecurityToken>
TSamlTokenValidatorImpl.validate(SamlAssertionWrapper samlAssertionWrapper, org.apache.xml.security.stax.securityToken.InboundSecurityToken subjectSecurityToken, TokenContext tokenContext) org.apache.xml.security.stax.securityToken.InboundSecurityTokenSecurityContextTokenValidator.validate(AbstractSecurityContextTokenType securityContextTokenType, String identifier, TokenContext tokenContext) org.apache.xml.security.stax.securityToken.InboundSecurityTokenSecurityContextTokenValidatorImpl.validate(AbstractSecurityContextTokenType securityContextTokenType, String identifier, TokenContext tokenContext) voidSignatureTokenValidator.validate(org.apache.xml.security.stax.securityToken.InboundSecurityToken inboundSecurityToken, WSSSecurityProperties wssSecurityProperties) voidSignatureTokenValidatorImpl.validate(org.apache.xml.security.stax.securityToken.InboundSecurityToken inboundSecurityToken, WSSSecurityProperties wssSecurityProperties) voidTimestampValidator.validate(TimestampType timestampType, TokenContext tokenContext) voidTimestampValidatorImpl.validate(TimestampType timestampType, TokenContext tokenContext) <T extends UsernameSecurityToken & org.apache.xml.security.stax.securityToken.InboundSecurityToken>
TUsernameTokenValidator.validate(UsernameTokenType usernameTokenType, TokenContext tokenContext) <T extends UsernameSecurityToken & org.apache.xml.security.stax.securityToken.InboundSecurityToken>
TUsernameTokenValidatorImpl.validate(UsernameTokenType usernameTokenType, TokenContext tokenContext) protected voidSamlTokenValidatorImpl.validateAssertion(SamlAssertionWrapper samlAssertion) Validate the samlAssertion against schemas/profilesprotected voidUsernameTokenValidatorImpl.verifyCustomPassword(String username, PasswordString passwordType, TokenContext tokenContext) Verify a UsernameToken containing a password of some unknown (but specified) password type.protected voidUsernameTokenValidatorImpl.verifyDigestPassword(String username, PasswordString passwordType, byte[] nonceVal, String created, TokenContext tokenContext) Verify a UsernameToken containing a password digest.protected voidUsernameTokenValidatorImpl.verifyPlaintextPassword(String username, PasswordString passwordType, TokenContext tokenContext) Verify a UsernameToken containing a plaintext password.protected voidSamlTokenValidatorImpl.verifySubjectConfirmationMethod(SamlAssertionWrapper samlAssertion) Check the Subject Confirmation method requirements