org.apache.ws.security.message.token
Class SecurityTokenReference

java.lang.Object
  extended byorg.apache.ws.security.message.token.SecurityTokenReference

public class SecurityTokenReference
extends java.lang.Object

Security Token Reference.

Author:
Davanum Srinivas (dims@yahoo.com).

Field Summary
protected  org.w3c.dom.Element element
           
static java.lang.String KEY_NAME
           
static java.lang.String SECURITY_TOKEN_REFERENCE
           
static java.lang.String SKI_URI
           
protected  WSSConfig wssConfig
           
 
Constructor Summary
SecurityTokenReference(WSSConfig wssConfig, org.w3c.dom.Document doc)
          Constructor.
SecurityTokenReference(WSSConfig wssConfig, org.w3c.dom.Element elem)
          Constructor.
 
Method Summary
 boolean containsKeyIdentifier()
          Method containsKeyIdentifier.
 boolean containsKeyName()
          Method containsKeyName
 boolean containsReference()
          Method containsReference
 boolean containsX509IssuerSerial()
          Method containsX509IssuerSerial
 org.w3c.dom.Element getElement()
          get the dom element.
 org.w3c.dom.Element getFirstElement()
          get the first child element.
 java.security.cert.X509Certificate[] getKeyIdentifier(Crypto crypto)
          Gets the KeyIdentifer.
 java.lang.String getKeyNameValue()
           
 Reference getReference()
          Gets the Reference.
 byte[] getSKIBytes()
           
 org.w3c.dom.Element getTokenElement(org.w3c.dom.Document doc, WSDocInfo docInfo)
          Gets the signing token element, which maybe a BinarySecurityToken or a SAML token .
 java.security.cert.X509Certificate[] getX509IssuerSerial(Crypto crypto)
          Gets the certificate identified with X509 issuerSerial data.
 java.lang.String getX509IssuerSerialAlias(Crypto crypto)
          Gets the alias name of the certificate identified with X509 issuerSerial data.
 java.lang.String getX509SKIAlias(Crypto crypto)
           
 int length(java.lang.String namespace, java.lang.String localname)
          Method length.
 int lengthKeyIdentifier()
          Method lengthKeyIdentifier.
 int lengthReference()
          Method lengthReference.
 int lengthX509IssuerSerial()
          Method lengthX509IssuerSerial.
 void setID(java.lang.String id)
          set the id.
 void setKeyIdentifier(java.security.cert.X509Certificate cert)
          Sets the KeyIdentifer Element as a X509 certificate.
 void setKeyIdentifierSKI(java.security.cert.X509Certificate cert, Crypto crypto)
          Sets the KeyIdentifer Element as a X509 Subject-Key-Identifier (SKI).
 void setReference(Reference ref)
          set the reference.
 void setSAMLKeyIdentifier(java.lang.String keyIdVal)
           
 void setX509IssuerSerial(org.apache.xml.security.keys.content.x509.XMLX509IssuerSerial ref)
          Sets the X509 IssuerSerial data.
 java.lang.String toString()
          return the string representation.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Field Detail

SECURITY_TOKEN_REFERENCE

public static final java.lang.String SECURITY_TOKEN_REFERENCE
See Also:
Constant Field Values

KEY_NAME

public static final java.lang.String KEY_NAME
See Also:
Constant Field Values

SKI_URI

public static final java.lang.String SKI_URI
See Also:
Constant Field Values

element

protected org.w3c.dom.Element element

wssConfig

protected WSSConfig wssConfig
Constructor Detail

SecurityTokenReference

public SecurityTokenReference(WSSConfig wssConfig,
                              org.w3c.dom.Element elem)
                       throws WSSecurityException
Constructor.

Parameters:
wssConfig -
elem -
Throws:
WSSecurityException

SecurityTokenReference

public SecurityTokenReference(WSSConfig wssConfig,
                              org.w3c.dom.Document doc)
Constructor.

Parameters:
wssConfig -
doc -
Method Detail

setReference

public void setReference(Reference ref)
set the reference.

Parameters:
ref -

getReference

public Reference getReference()
                       throws WSSecurityException
Gets the Reference.

Returns:
the Reference element contained in this SecurityTokeneReference
Throws:
WSSecurityException

getTokenElement

public org.w3c.dom.Element getTokenElement(org.w3c.dom.Document doc,
                                           WSDocInfo docInfo)
                                    throws WSSecurityException
Gets the signing token element, which maybe a BinarySecurityToken or a SAML token . The method gets the URI attribute of the Reference contained in the SecurityTokenReference and tries to find the referenced Element in the document.

Parameters:
doc - the document that contains the binary security token element. This could be different from the document that contains the SecurityTokenReference (STR). See STRTransform.derefenceBST() method
Returns:
Element containing the signing token, must be a BinarySecurityToken
Throws:
WSSecurityException - When either no Reference element, or the found reference contains no URI, or the referenced signing not found.

setKeyIdentifier

public void setKeyIdentifier(java.security.cert.X509Certificate cert)
                      throws WSSecurityException
Sets the KeyIdentifer Element as a X509 certificate. Takes a X509 certificate, converts its data into base 64 and inserts it into a wsse:KeyIdentifier element, which is placed in the wsse:SecurityTokenReference element.

Parameters:
cert - is the X509 certficate to be inserted as key identifier
Throws:
WSSecurityException

setKeyIdentifierSKI

public void setKeyIdentifierSKI(java.security.cert.X509Certificate cert,
                                Crypto crypto)
                         throws WSSecurityException
Sets the KeyIdentifer Element as a X509 Subject-Key-Identifier (SKI). Takes a X509 certificate, gets it SKI data, converts into base 64 and inserts it into a wsse:KeyIdentifier element, which is placed in the wsse:SecurityTokenReference element.

Parameters:
cert - is the X509 certficate to get the SKI
crypto - is the Crypto implementation. Used to read SKI info bytes from certificate
Throws:
WSSecurityException

setSAMLKeyIdentifier

public void setSAMLKeyIdentifier(java.lang.String keyIdVal)
                          throws WSSecurityException
Throws:
WSSecurityException

getKeyIdentifier

public java.security.cert.X509Certificate[] getKeyIdentifier(Crypto crypto)
                                                      throws WSSecurityException
Gets the KeyIdentifer.

Returns:
the BinarySecurity containing the X509 certificate or zero if a unknown key identifier type was detected.
Throws:
WSSecurityException

getX509SKIAlias

public java.lang.String getX509SKIAlias(Crypto crypto)
                                 throws WSSecurityException
Throws:
WSSecurityException

getSKIBytes

public byte[] getSKIBytes()

setX509IssuerSerial

public void setX509IssuerSerial(org.apache.xml.security.keys.content.x509.XMLX509IssuerSerial ref)
Sets the X509 IssuerSerial data.

Parameters:
ref - the XMLX509IssuerSerial to put into this SecurityTokenReference

getX509IssuerSerial

public java.security.cert.X509Certificate[] getX509IssuerSerial(Crypto crypto)
                                                         throws WSSecurityException
Gets the certificate identified with X509 issuerSerial data. This method first tries to get the embedded certificate. If this fails it checks if the certificate is in the keystore.

Returns:
a certificate array or null if nothing found
Throws:
WSSecurityException

getX509IssuerSerialAlias

public java.lang.String getX509IssuerSerialAlias(Crypto crypto)
                                          throws WSSecurityException
Gets the alias name of the certificate identified with X509 issuerSerial data. The keystore identifies the certificate and the key with this alias name.

Returns:
the alias name for the certificate or null if nothing found
Throws:
WSSecurityException

getFirstElement

public org.w3c.dom.Element getFirstElement()
get the first child element.

Returns:
the first Element child node

containsKeyName

public boolean containsKeyName()
Method containsKeyName

Returns:
true if the SecurtityTokenReference contains a wsse:KeyName element

getKeyNameValue

public java.lang.String getKeyNameValue()

containsReference

public boolean containsReference()
Method containsReference

Returns:
true if the SecurtityTokenReference contains a wsse:Reference element

lengthReference

public int lengthReference()
Method lengthReference.

Returns:
number of wsse:Reference elements in the SecurtityTokenReference

containsX509IssuerSerial

public boolean containsX509IssuerSerial()
Method containsX509IssuerSerial

Returns:
true if the SecurtityTokenReference contains a ds:IssuerSerial element

lengthX509IssuerSerial

public int lengthX509IssuerSerial()
Method lengthX509IssuerSerial.

Returns:
number of ds:IssuerSerial elements in the SecurtityTokenReference

containsKeyIdentifier

public boolean containsKeyIdentifier()
Method containsKeyIdentifier.

Returns:
true if the SecurtityTokenReference contains a wsse:KeyIdentifier element

lengthKeyIdentifier

public int lengthKeyIdentifier()
Method lengthKeyIdentifier.

Returns:
number of wsse:KeyIdentifier elements in the SecurtityTokenReference

length

public int length(java.lang.String namespace,
                  java.lang.String localname)
Method length.

Parameters:
namespace -
localname -
Returns:
number of elements with matching localname and namespace

getElement

public org.w3c.dom.Element getElement()
get the dom element.

Returns:

setID

public void setID(java.lang.String id)
set the id.

Parameters:
id -

toString

public java.lang.String toString()
return the string representation.

Returns: