org.systinet.wasp.security.ws.conf
Interface KeyInfoConf

All Superinterfaces:

ElementConf

public interface KeyInfoConf

extends ElementConf

Represents configuration of KeyInfo element that represents key used in encryption or signature algorithm. Because WS-Security preferes to represent keys using security tokens, WSO2 SOA Enablement Server WS-Security does not support direct usage of key in KeyInfo - key must be hold in security token.

Supported security tokens are described in SecurityTokenConf.

How the security token will be referenced in KeyInfo is defined by mode. Supported modes:

• STM_KEYIDENTIFIER
  This mode uses KeyIdentifier (value counted from key represented by security token). Currently it can be used for X509v3 only. This is prefered mode for referencing external X509v3 tokens.

   <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
     <wsse:SecurityTokenReference>
       <wsse:KeyIdentifier ValueType="wsse:X509v3">hT3YJo0+cP+P71lt+3POm4QzKJE=</wsse:KeyIdentifier>
     </wsse:SecurityTokenReference>
   </ds:KeyInfo>
   

• STM_REFERENCE
  This mode creates local URI to security token using token's ElementConf.getWsuId()id. This can be used for all security tokens. If it will be used for external tokens, then both sender and receiver must use the same id for the token.

   <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
     <wsse:SecurityTokenReference>
       <wsse:Reference URI="#Body-013bceb0-6371-11d7-92d7-0131205092d7">
     </wsse:SecurityTokenReference>
   </ds:KeyInfo>
   

• STM_KEYNAME
  This mode uses security token's ElementConf.getWsuId()id as KeyName. This can be used for all security tokens, but it is intended for symmetric key security tokens. if Both sender and receiver are WSO2 SOA Enablement Server, they must use the same id for the token. If receiver is not WSO2 SOA Enablement Server, it must be able to dereference KeyName to symmetric key using its own way. If sender is not WSO2 SOA Enablement Server and WSO2 SOA Enablement Server is receiver, then receiving WSO2 SOA Enablement Server must have configured external symmetric key token with the name of sender's symmetric key.

   <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
     <ds:KeyName>Key_123</ds:KeyName>
   </ds:KeyInfo>
   

Since:

4.6

Component:

Security-Providers

Method Summary

java.lang.String	getExternalSecurityTokenMode() Gets the mode of external security token reference.
java.lang.String	getSecurityTokenId() Gets identifier of referenced security token.
java.lang.String	getSecurityTokenMode() Gets the mode of security token reference.
java.lang.String	getStrWsuId() Gets wsu:Id of the SecurityTokenReference embedded in the KeyInfo described by the configuration.
void	setExternalSecurityTokenMode(java.lang.String mode) Sets the external security token reference mode.
void	setSecurityTokenId(java.lang.String securityTokenId) Sets id of referenced security token.
void	setSecurityTokenMode(java.lang.String mode) Sets the security token reference mode.
void	setStrWsuId(java.lang.String strWsuId) Sets wsu:Id of the SecurityTokenReference embedded in the KeyInfo described by the configuration.

Methods inherited from interface org.systinet.wasp.security.ws.conf.ElementConf

getWsuId, setWsuId

Method Detail

setSecurityTokenMode

public void setSecurityTokenMode(java.lang.String mode)

Sets the security token reference mode.

• STM_REFERENCE security token is referenced by KeyInfo/SecurityTokenReference/Reference element.
• STM_KEYIDENTIFIER security token is referenced by KeyInfo/SecurityTokenReference/KeyIdentifier element.
• STM_KEYNAME security token is referenced by its's id as a name in KeyInfo/KeyName element. This mode is intended for symmetric key security token.

Parameters:

mode - representation/reference mode

See Also:

getSecurityTokenMode()

getSecurityTokenMode

public java.lang.String getSecurityTokenMode()

Gets the mode of security token reference.

Returns:

reference mode

See Also:

Constants.STM_REFERENCE, Constants.STM_KEYIDENTIFIER, Constants.STM_KEYNAME, setSecurityTokenMode(java.lang.String)

setExternalSecurityTokenMode

public void setExternalSecurityTokenMode(java.lang.String mode)

Sets the external security token reference mode.

• STM_REFERENCE security token is referenced by KeyInfo/SecurityTokenReference/Reference element.
• STM_KEYIDENTIFIER security token is referenced by KeyInfo/SecurityTokenReference/KeyIdentifier element.
• STM_KEYNAME security token is referenced by its's id as a name in KeyInfo/KeyName element. This mode is intended for symmetric key security token.

Parameters:

mode - representation/reference mode

Since:

6.5

See Also:

getSecurityTokenMode()

getExternalSecurityTokenMode

public java.lang.String getExternalSecurityTokenMode()

Gets the mode of external security token reference.

Returns:

reference mode

Since:

6.5

See Also:

Constants.STM_REFERENCE, Constants.STM_KEYIDENTIFIER, Constants.STM_KEYNAME, setSecurityTokenMode(java.lang.String)

setSecurityTokenId

public void setSecurityTokenId(java.lang.String securityTokenId)

Sets id of referenced security token.

Parameters:

securityTokenId - security token identifier

See Also:

getSecurityTokenId(), setSecurityTokenMode(java.lang.String)

getSecurityTokenId

public java.lang.String getSecurityTokenId()

Gets identifier of referenced security token.

Returns:

security token identifier

See Also:

setSecurityTokenId(java.lang.String), setSecurityTokenMode(java.lang.String)

setStrWsuId

public void setStrWsuId(java.lang.String strWsuId)

Sets wsu:Id of the SecurityTokenReference embedded in the KeyInfo described by the configuration.

Parameters:

strWsuId - the wsu:Id value

See Also:

getStrWsuId()

getStrWsuId

public java.lang.String getStrWsuId()

Gets wsu:Id of the SecurityTokenReference embedded in the KeyInfo described by the configuration.

Returns:

the wsu:Id value

See Also:

setStrWsuId(java.lang.String)