Class XMLSecurityProperties


  • public class XMLSecurityProperties
    extends Object
    Main configuration class to supply keys etc. This class is subject to change in the future.
    • Constructor Detail

      • XMLSecurityProperties

        public XMLSecurityProperties()
      • XMLSecurityProperties

        protected XMLSecurityProperties​(XMLSecurityProperties xmlSecurityProperties)
    • Method Detail

      • isSignaturePositionStart

        public boolean isSignaturePositionStart()
      • setSignaturePositionStart

        public void setSignaturePositionStart​(boolean signaturePositionStart)
      • getSignaturePosition

        public int getSignaturePosition()
        returns the position of the signature. By default, the signature is located at the first child of the root element
        Returns:
        The signature position
      • setSignaturePosition

        public void setSignaturePosition​(int signaturePosition)
        Specifies the position of the signature
        Parameters:
        signaturePosition - Position of the signature (by default: 0)
      • getIdAttributeNS

        public QName getIdAttributeNS()
        Return the qualified name of the ID attribute used to sign the document. By default, ID is used.
        Returns:
        the qualified name of the ID attribute
      • setIdAttributeNS

        public void setIdAttributeNS​(QName idAttributeNS)
        Sets the qualified name of the ID attribute used to sign the document.
        Parameters:
        idAttributeNS - Qualified Name of the ID attribute to use
      • getEncryptionKeyIdentifier

        public SecurityTokenConstants.KeyIdentifier getEncryptionKeyIdentifier()
        returns the KeyIdentifierType which will be used in the secured document
        Returns:
        The KeyIdentifierType
      • setEncryptionKeyIdentifier

        public void setEncryptionKeyIdentifier​(SecurityTokenConstants.KeyIdentifier encryptionKeyIdentifier)
        Specifies the KeyIdentifierType to use in the secured document
        Parameters:
        encryptionKeyIdentifier -
      • addInputProcessor

        public void addInputProcessor​(InputProcessor inputProcessor)
        Add an additional, non standard, InputProcessor to the chain
        Parameters:
        inputProcessor - The InputProcessor to add
      • getInputProcessorList

        public List<InputProcessor> getInputProcessorList()
        Returns the currently registered additional InputProcessors
        Returns:
        the List with the InputProcessors
      • setDecryptionKey

        public void setDecryptionKey​(Key decryptionKey)
      • getDecryptionKey

        public Key getDecryptionKey()
      • setEncryptionTransportKey

        public void setEncryptionTransportKey​(Key encryptionTransportKey)
      • getEncryptionTransportKey

        public Key getEncryptionTransportKey()
      • setEncryptionKey

        public void setEncryptionKey​(Key encryptionKey)
      • getEncryptionKey

        public Key getEncryptionKey()
      • addEncryptionPart

        public void addEncryptionPart​(SecurePart securePart)
        Adds a part which must be encrypted by the framework
        Parameters:
        securePart -
      • getEncryptionSecureParts

        public List<SecurePart> getEncryptionSecureParts()
        Returns the encryption parts which are actually set
        Returns:
        A List of SecurePart's
      • getEncryptionSymAlgorithm

        public String getEncryptionSymAlgorithm()
        Returns the Encryption-Algo
        Returns:
        the Encryption-Algo as String
      • setEncryptionSymAlgorithm

        public void setEncryptionSymAlgorithm​(String encryptionSymAlgorithm)
        Specifies the encryption algorithm
        Parameters:
        encryptionSymAlgorithm - The algo to use for encryption
      • getEncryptionKeyTransportAlgorithm

        public String getEncryptionKeyTransportAlgorithm()
        Returns the encryption key transport algorithm
        Returns:
        the key transport algorithm as string
      • setEncryptionKeyTransportAlgorithm

        public void setEncryptionKeyTransportAlgorithm​(String encryptionKeyTransportAlgorithm)
        Specifies the encryption key transport algorithm
        Parameters:
        encryptionKeyTransportAlgorithm - the encryption key transport algorithm as string
      • getEncryptionKeyTransportDigestAlgorithm

        public String getEncryptionKeyTransportDigestAlgorithm()
      • setEncryptionKeyTransportDigestAlgorithm

        public void setEncryptionKeyTransportDigestAlgorithm​(String encryptionKeyTransportDigestAlgorithm)
      • getEncryptionKeyTransportMGFAlgorithm

        public String getEncryptionKeyTransportMGFAlgorithm()
      • setEncryptionKeyTransportMGFAlgorithm

        public void setEncryptionKeyTransportMGFAlgorithm​(String encryptionKeyTransportMGFAlgorithm)
      • getEncryptionKeyTransportOAEPParams

        public byte[] getEncryptionKeyTransportOAEPParams()
      • setEncryptionKeyTransportOAEPParams

        public void setEncryptionKeyTransportOAEPParams​(byte[] encryptionKeyTransportOAEPParams)
      • getEncryptionUseThisCertificate

        public X509Certificate getEncryptionUseThisCertificate()
      • setEncryptionUseThisCertificate

        public void setEncryptionUseThisCertificate​(X509Certificate encryptionUseThisCertificate)
      • setSignatureCerts

        public void setSignatureCerts​(X509Certificate[] signatureCerts)
      • addSignaturePart

        public void addSignaturePart​(SecurePart securePart)
      • getSignatureSecureParts

        public List<SecurePart> getSignatureSecureParts()
      • getSignatureAlgorithm

        public String getSignatureAlgorithm()
      • setSignatureAlgorithm

        public void setSignatureAlgorithm​(String signatureAlgorithm)
      • getSignatureDigestAlgorithm

        public String getSignatureDigestAlgorithm()
      • setSignatureDigestAlgorithm

        public void setSignatureDigestAlgorithm​(String signatureDigestAlgorithm)
      • setSignatureKey

        public void setSignatureKey​(Key signatureKey)
      • getSignatureKey

        public Key getSignatureKey()
      • isUseSingleCert

        public boolean isUseSingleCert()
      • setUseSingleCert

        public void setUseSingleCert​(boolean useSingleCert)
      • isAddExcC14NInclusivePrefixes

        public boolean isAddExcC14NInclusivePrefixes()
      • setAddExcC14NInclusivePrefixes

        public void setAddExcC14NInclusivePrefixes​(boolean addExcC14NInclusivePrefixes)
      • setActions

        public void setActions​(List<XMLSecurityConstants.Action> actions)
        Specifies how to secure the document eg. Timestamp, Signature, Encrypt
        Parameters:
        actions -
      • getSignatureCanonicalizationAlgorithm

        public String getSignatureCanonicalizationAlgorithm()
      • setSignatureCanonicalizationAlgorithm

        public void setSignatureCanonicalizationAlgorithm​(String signatureCanonicalizationAlgorithm)
      • getSignatureVerificationKey

        public Key getSignatureVerificationKey()
      • setSignatureVerificationKey

        public void setSignatureVerificationKey​(Key signatureVerificationKey)
      • isSkipDocumentEvents

        public boolean isSkipDocumentEvents()
        Returns if the framework is skipping document-events
        Returns:
        true if document-events will be skipped, false otherwise
      • setSkipDocumentEvents

        public void setSkipDocumentEvents​(boolean skipDocumentEvents)
        specifies if the framework should forward Document-Events or not
        Parameters:
        skipDocumentEvents - set to true when document events should be discarded, false otherwise
      • isDisableSchemaValidation

        public boolean isDisableSchemaValidation()
      • setDisableSchemaValidation

        public void setDisableSchemaValidation​(boolean disableSchemaValidation)
      • getSignatureKeyName

        public String getSignatureKeyName()
      • setSignatureKeyName

        public void setSignatureKeyName​(String signatureKeyName)
        specifies the contents of the KeyInfo/KeyName element for signing
        Parameters:
        signatureKeyName - set to a String that will be passed as contents of the KeyName element
      • getEncryptionKeyName

        public String getEncryptionKeyName()
      • setEncryptionKeyName

        public void setEncryptionKeyName​(String encryptionKeyName)
        specifies the contents of the KeyInfo/KeyName element for encryption
        Parameters:
        encryptionKeyName - set to a String that will be passed as contents of the KeyName element
      • getKeyNameMap

        public Map<String,​Key> getKeyNameMap()
        returns an immutable instance of the map that links KeyName values to actual keys
        Returns:
        keyNameMap set to the map containing KeyNames and Keys
      • addKeyNameMapping

        public void addKeyNameMapping​(String keyname,
                                      Key key)
      • isSignatureGenerateIds

        public boolean isSignatureGenerateIds()
      • setSignatureGenerateIds

        public void setSignatureGenerateIds​(boolean signatureGenerateIds)
        specifies if Id attributes should be generated for the document element, the Signature element and KeyInfo structures
        Parameters:
        signatureGenerateIds - set to true (default) to generate Id attributes
      • isSignatureIncludeDigestTransform

        public boolean isSignatureIncludeDigestTransform()
      • setSignatureIncludeDigestTransform

        public void setSignatureIncludeDigestTransform​(boolean signatureIncludeDigestTransform)
        specifies if the transform set with signatureDigestAlgorithm should be included in the Reference/Transforms list
        Parameters:
        signatureIncludeDigestTransform - set to true (default) to include the transform in the list
      • getSignaturePositionQName

        public QName getSignaturePositionQName()
      • setSignaturePositionQName

        public void setSignaturePositionQName​(QName signaturePositionQName)