Package org.apache.cxf.ws.security.wss4j
package org.apache.cxf.ws.security.wss4j
-
ClassDescriptionAn abstract interceptor that can be used to form the basis of an interceptor to add and process a specific type of security token.Base class providing an extensibility point for populating javax.security.auth.Subject from a current UsernameToken.Translate any AlgorithmSuite policy that may be operative into a WSS4J AlgorithmSuite object to enforce what algorithms are allowed in a request.A CallbackHandler to be used to sign/encrypt SOAP Attachments.An interceptor to add a BinarySecurityToken token to the security header of an outbound request, and to process a BinarySecurityToken on an inbound request.Utility to enable the checking of WS-Security signature/encryption coverage based on the results of the WSS4J processors.A simple wrapper for an XPath expression and coverage type / scope indicating how the XPath expression should be enforced as a cryptographic coverage requirement.Utility to enable the checking of WS-Security signature / WS-Security encryption coverage based on the results of the WSS4J signature/encryption processor.Differentiates which part of an element to check for cryptographic coverage.Differentiates which type of cryptographic coverage to check for.This class uses a DOM-based approach to locate Elements that are referenced via an Id.This utility extends the CryptoCoverageChecker to provide an easy way to check to see if the SOAP (1.1 + 1.2) Body was signed and/or encrypted, if the Timestamp was signed, if the WS-Addressing ReplyTo and FaultTo headers were signed, and if the UsernameToken was encrypted.The default implementation to create a SecurityContext from a set of WSS4J processing results.An interceptor to add a Kerberos token to the security header of an outbound request, and to process a Kerberos Token on an inbound request.An interceptor to create and add a SAML token to the security header of an outbound request, and to process a SAML Token on an inbound request.This interceptor handles parsing the StaX WS-Security results (events) + checks to see whether the required Actions were fulfilled.This interceptor handles parsing the StaX WS-Security results (events) + checks that the specified crypto coverage events actually occurred.This interceptor handles parsing the StaX WS-Security results (events) + sets up the security context appropriately.Converts
Strings intoNodes and visa versa using CXF's StaxUtilsPerforms WS-Security inbound actions.Assert policies in CXF that are asserted in the WSS4J policy stax moduleA pluggable way to create a CXF SecurityContext Object from a set of WSS4J processing resultsSome common functionality that can be shared between the WSS4JInInterceptor and the UsernameTokenInterceptor.