Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.systinet.wasp.security.ws.conf
Interface OrderedElementConf

All Superinterfaces:
ElementConf
All Known Subinterfaces:
EncryptedDataConf, EncryptedKeyConf, EncryptedTypeConf, ReferenceListConf, SecurityTokenConf, SignatureConf
public interface OrderedElementConf
extends ElementConf

Represents processing ordering of WS-Security elements. The processing of the WS-Security configuration is driven by the order field obtained using this interface. Each top-level part of the Security header must have the order set. Top level parts of the header usually are security tokens, signatures, encrypted keys and reference lists. Also configurations of encrypted data is ordered, although the final location is anywhere within the message. These top level elements may depend each other. For example signature depends on the binary security token which contains a certificate, which can be used for its verification. Encrypted data may depend on encrypted key, which holds a symetric encryption key and the encrypted key depends on binary security token. Dependencies may be even more complicated and it's impossible to find a correct processing order in some deterministic way. The specification only says that forward dependencies are not recommended. It's because the consumption of the Security header should be straightforward beginning from the first element in the Security header (the element nearest to the opening tag of the Security element). There are no recommendations for the creation of the Security header. We decided for the following processing rules :

  1. Top level elements are ordered.
  2. Top level elements are processed in the order from the element with the lowest order to the greatest one.
  3. The creation of the Security header has two phases. In the first round, every top level element is processed and an object representation is created. In the second one, the object is serialized to the DOM representation. The created DOM elements are prepended to the existing childs in the security header.
  4. Dependencies between top level elements are resolved on the level of the object model.
  5. Top level elements are consumed in the order in which they are received. The only known exception may be resolving of the encryption transformation. The processing of the dependent part may be delayed, until the referenced encrypted data are processed.

    6. Since:
    4.6
    Component:
    Security-Providers

    Method Summary
     java.lang.Integer getOrder()
              Gets processing order of the action.
     void setOrder(java.lang.Integer order)
              Sets procesing order.
     
    Methods inherited from interface org.systinet.wasp.security.ws.conf.ElementConf
    getWsuId, setWsuId
     

    Method Detail

    setOrder

    public void setOrder(java.lang.Integer order)
    Sets procesing order. Element with lowest order is processed first and occurs at the end of Security header.

    Parameters:
    order - processing order
    See Also:
    getOrder()

    getOrder

    public java.lang.Integer getOrder()
    Gets processing order of the action.

    Returns:
    processing order
    See Also:
    setOrder(java.lang.Integer)
    Overview  Package   Class  Tree  Deprecated  Index  Help 
     PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
    SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD