Package org.apache.ws.security

Class WSSConfig

  • public class WSSConfig
extends java.lang.Object
    WSSConfig

    Carries configuration data so the WSS4J spec compliance can be modified in runtime. Configure an instance of this object only if you need WSS4J to emulate certain industry clients or previous OASIS specifications for WS-Security interoperability testing purposes.

    The default settings follow the latest OASIS and changing anything might violate the OASIS specs.

    WARNING: changing the default settings will break the compliance with the latest specs. Do this only if you know what you are doing.

    Author:
    Rami Jaamour (rjaamour@parasoft.com), Werner Dittmann (werner@apache.org)

    • Field Detail

      • defaultConfig

        protected static WSSConfig defaultConfig

      • wsiBSPCompliant

        protected boolean wsiBSPCompliant

      • precisionInMilliSeconds

        protected boolean precisionInMilliSeconds
        Set the timestamp precision mode. If set to true then use timestamps with milliseconds, otherwise omit the millisconds. As per XML Date/Time specification the default is to include the milliseconds.

      • enableSignatureConfirmation

        protected boolean enableSignatureConfirmation

      • timeStampStrict

        protected boolean timeStampStrict
        If set to true then the timestamp handling will throw an expcetion if the timestamp contains an expires element and the semantics are expired. If set to false, not expetion will be thrown, even if the semantics are expired.

      • jceProvider

        protected java.util.HashMap jceProvider

    • Constructor Detail

      • WSSConfig

        protected WSSConfig()

    • Method Detail

      • getNewInstance

        public static WSSConfig getNewInstance()
        Returns:
        a new WSSConfig instance configured with the default values (values identical to getDefaultWSConfig())

      • getDefaultWSConfig

        public static WSSConfig getDefaultWSConfig()
        returns a static WSConfig instance that is configured with the latest OASIS WS-Seurity settings.

      • isWsiBSPCompliant

        public boolean isWsiBSPCompliant()
        Checks if we are in WS-I Basic Security Profile compliance mode
        Returns:
        TODO

      • setWsiBSPCompliant

        public void setWsiBSPCompliant​(boolean wsiBSPCompliant)
        Set the WS-I Basic Security Profile compliance mode. The default is false (dues to .Net interop problems).
        Parameters:
        wsiBSPCompliant -

      • isPrecisionInMilliSeconds

        public boolean isPrecisionInMilliSeconds()
        Checks if we need to use milliseconds in timestamps
        Returns:
        TODO

      • setPrecisionInMilliSeconds

        public void setPrecisionInMilliSeconds​(boolean precisionInMilliSeconds)
        Set the precision in milliseconds
        Parameters:
        precisionInMilliSeconds - TODO

      • isEnableSignatureConfirmation

        public boolean isEnableSignatureConfirmation()
        Returns:
        Returns the enableSignatureConfirmation.

      • setEnableSignatureConfirmation

        public void setEnableSignatureConfirmation​(boolean enableSignatureConfirmation)
        Parameters:
        enableSignatureConfirmation - The enableSignatureConfirmation to set.

      • isTimeStampStrict

        public boolean isTimeStampStrict()
        Returns:
        Returns if we shall throw an exception on expired request semantic

      • setTimeStampStrict

        public void setTimeStampStrict​(boolean timeStampStrict)
        Parameters:
        timeStampStrict - If true throw an exception on expired request semantic

      • getAction

        public org.apache.ws.security.action.Action getAction​(int action)
                                               throws WSSecurityException
        Lookup action
        Parameters:
        action -
        Returns:
        An action class to create a security token
        Throws:
        WSSecurityException

      • addJceProvider

        public boolean addJceProvider​(java.lang.String id,
                              java.lang.String className)
        Add a new JCE security provider to use for WSS4J. If the provider is not already known the method loads a security provider class and adds the provider to the java security service.
        Parameters:
        id - The id string of the provider
        className - Name of the class the implements the provider. This class must be a subclass of java.security.Provider
        Returns:
        Returns true if the provider was successfully added, false otherwise.