Package org.apache.cxf.ws.security.wss4j

Class WSS4JUtils

  • public final class WSS4JUtils
extends Object
    Some common functionality that can be shared between the WSS4JInInterceptor and the UsernameTokenInterceptor.

    • Method Detail

      • getSecurityTokenLifetime

        public static long getSecurityTokenLifetime​(Message message)
        Get the security token lifetime value (in milliseconds). The default is "300000" (5 minutes).
        Returns:
        the security token lifetime value in milliseconds

      • getReplayCache

        public static ReplayCache getReplayCache​(org.apache.cxf.binding.soap.SoapMessage message,
                                         String booleanKey,
                                         String instanceKey)
                                  throws WSSecurityException
        Get a ReplayCache instance. It first checks to see whether caching has been explicitly enabled or disabled via the booleanKey argument. If it has been set to false then no replay caching is done (for this booleanKey). If it has not been specified, then caching is enabled only if we are not the initiator of the exchange. If it has been specified, then caching is enabled. It tries to get an instance of ReplayCache via the instanceKey argument from a contextual property, and failing that the message exchange. If it can't find any, then it defaults to using an EH-Cache instance and stores that on the message exchange.
        Throws:
        WSSecurityException

      • parseAndStoreStreamingSecurityToken

        public static String parseAndStoreStreamingSecurityToken​(org.apache.xml.security.stax.securityToken.SecurityToken securityToken,
                                                         Message message)
                                                  throws org.apache.xml.security.exceptions.XMLSecurityException,
                                                         TokenStoreException
        Throws:
        org.apache.xml.security.exceptions.XMLSecurityException
        TokenStoreException

      • createSoapFault

        public static org.apache.cxf.binding.soap.SoapFault createSoapFault​(org.apache.cxf.binding.soap.SoapMessage message,
                                                                    org.apache.cxf.binding.soap.SoapVersion version,
                                                                    WSSecurityException e)
        Create a SoapFault from a WSSecurityException, following the SOAP Message Security 1.1 specification, chapter 12 "Error Handling". When the Soap version is 1.1 then set the Fault/Code/Value from the fault code specified in the WSSecurityException (if it exists). Otherwise set the Fault/Code/Value to env:Sender and the Fault/Code/Subcode/Value as the fault code from the WSSecurityException.