org.apache.camel.component.xmlsecurity.processor

Class XmlSignerConfiguration

java.lang.Object

org.apache.camel.component.xmlsecurity.processor.XmlSignatureConfiguration

org.apache.camel.component.xmlsecurity.processor.XmlSignerConfiguration

All Implemented Interfaces:

Cloneable, org.apache.camel.CamelContextAware

@UriParams
public class XmlSignerConfiguration
extends XmlSignatureConfiguration

Constructor Summary

Constructors

Constructor and Description
XmlSignerConfiguration()

Method Summary

Modifier and Type	Method and Description
XmlSignerConfiguration	copy()
Boolean	getAddKeyInfoReference()
AlgorithmMethod	getCanonicalizationMethod()
String	getCanonicalizationMethodName()
String	getContentObjectId()
String	getContentReferenceType()
String	getContentReferenceUri()
String	getDigestAlgorithm()
KeyAccessor	getKeyAccessor()
String	getKeyAccessorName()
String	getParentLocalName()
String	getParentNamespace()
XPathFilterParameterSpec	getParentXpath()
Boolean	getPlainText()
String	getPlainTextEncoding()
String	getPrefixForXmlSignatureNamespace()
XmlSignatureProperties	getProperties()
String	getPropertiesName()
String	getSignatureAlgorithm()
String	getSignatureId()
List<AlgorithmMethod>	getTransformMethods()
String	getTransformMethodsName()
List<XPathFilterParameterSpec>	getXpathsToIdAttributes()
void	setAddKeyInfoReference(Boolean addKeyInfoReference) In order to protect the KeyInfo element from tampering you can add a reference to the signed info element so that it is protected via the signature value.
void	setCamelContext(org.apache.camel.CamelContext camelContext)
void	setCanonicalizationMethod(AlgorithmMethod canonicalizationMethod) Canonicalization method used to canonicalize the SignedInfo element before the digest is calculated.
void	setCanonicalizationMethod(String canonicalizationMethodName) Sets the reference name for a AlgorithmMethod that can be found in the registry.
void	setCanonicalizationMethodName(String canonicalizationMethodName)
void	setContentObjectId(String contentObjectId) Sets the content object Id attribute value.
void	setContentReferenceType(String referenceType) Type of the content reference.
void	setContentReferenceUri(String referenceUri) Reference URI for the content to be signed.
void	setDigestAlgorithm(String digestAlgorithm) Digest algorithm URI.
void	setKeyAccessor(KeyAccessor keyAccessor) For the signing process, a private key is necessary.
void	setKeyAccessor(String keyAccessorName) Sets the reference name for a KeyAccessor that can be found in the registry.
void	setKeyAccessorName(String keyAccessorName)
void	setParentLocalName(String parentLocalName) Local name of the parent element to which the XML signature element will be added.
void	setParentNamespace(String parentNamespace) Namespace of the parent element to which the XML signature element will be added.
void	setParentXpath(XPathFilterParameterSpec parentXpath) Sets the XPath to find the parent node in the enveloped case.
void	setPlainText(Boolean plainText) Indicator whether the message body contains plain text.
void	setPlainTextEncoding(String plainTextEncoding) Encoding of the plain text.
void	setPrefixForXmlSignatureNamespace(String prefixForXmlSignatureNamespace) Namespace prefix for the XML signature namespace "http://www.w3.org/2000/09/xmldsig#".
void	setProperties(String propertiesName) Sets the reference name for a XmlSignatureProperties that can be found in the registry.
void	setProperties(XmlSignatureProperties properties) For adding additional References and Objects to the XML signature which contain additional properties, you can provide a bean which implements the XmlSignatureProperties interface.
void	setPropertiesName(String propertiesName)
void	setSignatureAlgorithm(String signatureAlgorithm) Signature algorithm.
void	setSignatureId(String signatureId) Sets the signature Id.
void	setTransformMethods(List<AlgorithmMethod> transformMethods) Transforms which are executed on the message body before the digest is calculated.
void	setTransformMethods(String transformMethodsName) Sets the reference name for a List that can be found in the registry.
void	setTransformMethodsName(String transformMethodsName)
void	setXpathsToIdAttributes(List<XPathFilterParameterSpec> xpathsToIdAttributes) Define the elements which are signed in the detached case via XPATH expressions to ID attributes (attributes of type ID).

Methods inherited from class org.apache.camel.component.xmlsecurity.processor.XmlSignatureConfiguration

getBaseUri, getCamelContext, getClearHeaders, getCryptoContextProperties, getDisallowDoctypeDecl, getOmitXmlDeclaration, getOutputXmlEncoding, getSchemaResourceUri, getUriDereferencer, setBaseUri, setClearHeaders, setCryptoContextProperties, setDisallowDoctypeDecl, setOmitXmlDeclaration, setOutputXmlEncoding, setSchemaResourceUri, setUriDereferencer

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

XmlSignerConfiguration

public XmlSignerConfiguration()

Method Detail

copy

public XmlSignerConfiguration copy()

setCamelContext

public void setCamelContext(org.apache.camel.CamelContext camelContext)

Specified by:

setCamelContext in interface org.apache.camel.CamelContextAware

Overrides:

setCamelContext in class XmlSignatureConfiguration

getKeyAccessor

public KeyAccessor getKeyAccessor()

setKeyAccessor

public void setKeyAccessor(KeyAccessor keyAccessor)

For the signing process, a private key is necessary. You specify a key accessor bean which provides this private key. The key accessor bean must implement the KeyAccessor interface. The package org.apache.camel.component.xmlsecurity.api contains the default implementation class DefaultKeyAccessor which reads the private key from a Java keystore.

setKeyAccessor

public void setKeyAccessor(String keyAccessorName)

Sets the reference name for a KeyAccessor that can be found in the registry.

getCanonicalizationMethod

public AlgorithmMethod getCanonicalizationMethod()

setCanonicalizationMethod

public void setCanonicalizationMethod(AlgorithmMethod canonicalizationMethod)

Canonicalization method used to canonicalize the SignedInfo element before the digest is calculated. You can use the helper methods XmlSignatureHelper.getCanonicalizationMethod(String algorithm) or getCanonicalizationMethod(String algorithm, List inclusiveNamespacePrefixes) to create a canonicalization method.

setCanonicalizationMethod

public void setCanonicalizationMethod(String canonicalizationMethodName)

Sets the reference name for a AlgorithmMethod that can be found in the registry.

getTransformMethods

public List<AlgorithmMethod> getTransformMethods()

setTransformMethods

public void setTransformMethods(List<AlgorithmMethod> transformMethods)

Transforms which are executed on the message body before the digest is calculated. By default, C14n is added and in the case of enveloped signature (see option parentLocalName) also http://www.w3.org/2000/09/xmldsig#enveloped-signature is added at position 0 of the list. Use methods in XmlSignatureHelper to create the transform methods.

setTransformMethods

public void setTransformMethods(String transformMethodsName)

Sets the reference name for a List that can be found in the registry.

getSignatureAlgorithm

public String getSignatureAlgorithm()

setSignatureAlgorithm

public void setSignatureAlgorithm(String signatureAlgorithm)

Signature algorithm. Default value is "http://www.w3.org/2000/09/xmldsig#rsa-sha1".

getDigestAlgorithm

public String getDigestAlgorithm()

setDigestAlgorithm

public void setDigestAlgorithm(String digestAlgorithm)

Digest algorithm URI. Optional parameter. This digest algorithm is used for calculating the digest of the input message. If this digest algorithm is not specified then the digest algorithm is calculated from the signature algorithm. Example: "http://www.w3.org/2001/04/xmlenc#sha256"

getAddKeyInfoReference

public Boolean getAddKeyInfoReference()

setAddKeyInfoReference

public void setAddKeyInfoReference(Boolean addKeyInfoReference)

In order to protect the KeyInfo element from tampering you can add a reference to the signed info element so that it is protected via the signature value. The default value is true.

Only relevant when a KeyInfo is returned by KeyAccessor. and KeyInfo.getId() is not null.

getPrefixForXmlSignatureNamespace

public String getPrefixForXmlSignatureNamespace()

setPrefixForXmlSignatureNamespace

public void setPrefixForXmlSignatureNamespace(String prefixForXmlSignatureNamespace)

Namespace prefix for the XML signature namespace "http://www.w3.org/2000/09/xmldsig#". Default value is "ds". If null or an empty value is set then no prefix is used for the XML signature namespace.

See best practice http://www.w3.org/TR/xmldsig-bestpractices/#signing-xml- without-namespaces

Parameters:

prefixForXmlSignatureNamespace - prefix

getParentLocalName

public String getParentLocalName()

setParentLocalName

public void setParentLocalName(String parentLocalName)

Local name of the parent element to which the XML signature element will be added. Only relevant for enveloped XML signature. Alternatively you can also use setParentXpath(XPathFilterParameterSpec).

Default value is null. The value must be null for enveloping and detached XML signature.

This parameter or the parameter setParentXpath(XPathFilterParameterSpec) for enveloped signature and the parameter setXpathsToIdAttributes(List) for detached signature must not be set in the same configuration.

If the parameters parentXpath and parentLocalName are specified in the same configuration then an exception is thrown.

Parameters:

parentLocalName - local name

getParentNamespace

public String getParentNamespace()

setParentNamespace

public void setParentNamespace(String parentNamespace)

Namespace of the parent element to which the XML signature element will be added.

getContentObjectId

public String getContentObjectId()

setContentObjectId

public void setContentObjectId(String contentObjectId)

Sets the content object Id attribute value. By default a UUID is generated. If you set the null value, then a new UUID will be generated. Only used in the enveloping case.

getSignatureId

public String getSignatureId()

setSignatureId

public void setSignatureId(String signatureId)

Sets the signature Id. If this parameter is not set (null value) then a unique ID is generated for the signature ID (default). If this parameter is set to "" (empty string) then no Id attribute is created in the signature element.

getContentReferenceUri

public String getContentReferenceUri()

setContentReferenceUri

public void setContentReferenceUri(String referenceUri)

Reference URI for the content to be signed. Only used in the enveloped case. If the reference URI contains an ID attribute value, then the resource schema URI ( XmlSignatureConfiguration.setSchemaResourceUri(String)) must also be set because the schema validator will then find out which attributes are ID attributes. Will be ignored in the enveloping or detached case.

getContentReferenceType

public String getContentReferenceType()

setContentReferenceType

public void setContentReferenceType(String referenceType)

Type of the content reference. The default value is null. This value can be overwritten by the header XmlSignatureConstants.HEADER_CONTENT_REFERENCE_TYPE.

getPlainText

public Boolean getPlainText()

setPlainText

public void setPlainText(Boolean plainText)

Indicator whether the message body contains plain text. The default value is false, indicating that the message body contains XML. The value can be overwritten by the header XmlSignatureConstants.HEADER_MESSAGE_IS_PLAIN_TEXT.

getPlainTextEncoding

public String getPlainTextEncoding()

setPlainTextEncoding

public void setPlainTextEncoding(String plainTextEncoding)

Encoding of the plain text. Only relevant if the message body is plain text (see parameter plainText. Default value is "UTF-8".

getProperties

public XmlSignatureProperties getProperties()

setProperties

public void setProperties(XmlSignatureProperties properties)

For adding additional References and Objects to the XML signature which contain additional properties, you can provide a bean which implements the XmlSignatureProperties interface.

setProperties

public void setProperties(String propertiesName)

Sets the reference name for a XmlSignatureProperties that can be found in the registry.

getKeyAccessorName

public String getKeyAccessorName()

setKeyAccessorName

public void setKeyAccessorName(String keyAccessorName)

getCanonicalizationMethodName

public String getCanonicalizationMethodName()

setCanonicalizationMethodName

public void setCanonicalizationMethodName(String canonicalizationMethodName)

getTransformMethodsName

public String getTransformMethodsName()

setTransformMethodsName

public void setTransformMethodsName(String transformMethodsName)

getPropertiesName

public String getPropertiesName()

setPropertiesName

public void setPropertiesName(String propertiesName)

getXpathsToIdAttributes

public List<XPathFilterParameterSpec> getXpathsToIdAttributes()

setXpathsToIdAttributes

public void setXpathsToIdAttributes(List<XPathFilterParameterSpec> xpathsToIdAttributes)

Define the elements which are signed in the detached case via XPATH expressions to ID attributes (attributes of type ID). For each element found via the XPATH expression a detached signature is created whose reference URI contains the corresponding attribute value (preceded by '#'). The signature becomes the last sibling of the signed element. Elements with deeper hierarchy level are signed first.

You can also set the XPATH list dynamically via the header XmlSignatureConstants.HEADER_XPATHS_TO_ID_ATTRIBUTES.

The parameter setParentLocalName(String) or setParentXpath(XPathFilterParameterSpec) for enveloped signature and this parameter for detached signature must not be set in the same configuration.

getParentXpath

public XPathFilterParameterSpec getParentXpath()

setParentXpath

public void setParentXpath(XPathFilterParameterSpec parentXpath)

Sets the XPath to find the parent node in the enveloped case. Either you specify the parent node via this method or the local name and namespace of the parent with the methods setParentLocalName(String) and setParentNamespace(String).

Default value is null. The value must be null for enveloping and detached XML signature.

If the parameters parentXpath and parentLocalName are specified in the same configuration then an exception is thrown.

Parameters:

parentXpath - xpath to the parent node, if the xpath returns several values then the first Element node is used