com.ibm.websphere.wssecurity.callbackhandler
Class X509ConsumeCallbackHandler
- java.lang.Object
com.ibm.websphere.wssecurity.callbackhandler.X509ConsumeCallbackHandler
All implemented interfaces:
java.io.Serializable, javax.security.auth.callback.CallbackHandler
- public class X509ConsumeCallbackHandler
- extends java.lang.Object
- implements javax.security.auth.callback.CallbackHandler, java.io.Serializable
Following are the sample code to configure the X509 token for verification and decryption.
- Sample code of verification
-
// generate certStore String certpath = "intca2.cer";// The location of the X509 certificate file X509Certificate x509cert = null; try { InputStream is = new FileInputStream(certpath); CertificateFactory cf = CertificateFactory.getInstance("X.509"); x509cert = (X509Certificate)cf.generateCertificate(is); } catch(FileNotFoundException e1){ e1.printStackTrace(); } catch (CertificateException e2) { e2.printStackTrace(); } Set<Object> eeCerts = new HashSet<Object>(); eeCerts.add(x509cert); // generate certStore java.util.List<CertStore> certList = new java.util.ArrayList<CertStore>(); CollectionCertStoreParameters certparam = new CollectionCertStoreParameters(eeCerts); CertStore cert = null; try { cert = CertStore.getInstance("Collection", certparam, "IBMCertPath"); } catch (NoSuchProviderException e1) { e1.printStackTrace(); } catch (InvalidAlgorithmParameterException e2) { e2.printStackTrace(); } catch (NoSuchAlgorithmException e3) { e3.printStackTrace(); } if(certList != null ){ certList.add(cert); } // generate the callback handler object X509ConsumeCallbackHandler callbackhandler = new X509ConsumeCallbackHandler( "dsig-receiver.ks", // keystore "jks", // keystore type "server".toCharArray(), // keystore password certList, // certificate list java.security.Security.getProvider("IBMCertPath") //provider );
- Sample code of decryption
-
X509ConsumeCallbackHandler callbackhandler = new X509ConsumeCallbackHandler( "", // cert list "enc-sender.jceks", // keystore "jceks", // keystore type "storepass".toCharArray(), // store password "alice", // alias "keypass".toCharArray(), // key password "CN=Alice, O=IBM, C=US" // subject name );
See Also:
Constructor Summary
Constructor and Description X509ConsumeCallbackHandler()Class constructor.X509ConsumeCallbackHandler(java.util.Map<java.lang.Object,java.lang.Object> properties)Class constructor.X509ConsumeCallbackHandler(java.lang.String trustAnchorPath,java.lang.String trustAnchorType,char[] trustAnchorPassword,java.util.List certStores,java.security.Provider provider)Class constructor.X509ConsumeCallbackHandler(java.lang.String keyStoreRef,java.lang.String keyStorePath,java.lang.String keyStoreType,char[] keyStorePassword,java.lang.String alias,char[] keyPassword,java.lang.String keyName)Class constructor.X509ConsumeCallbackHandler(java.lang.String keyStoreRef,java.lang.String keyStorePath,java.lang.String keyStoreType,char[] keyStorePassword,java.lang.String alias,char[] keyPassword,java.lang.String keyName,java.lang.String trustAnchorPath,java.lang.String trustAnchorType,char[] trustAnchorPassword,java.util.List certStores,java.security.Provider provider)Class constructor.Method Summary
Modifier and Type Method and Description - void
handle(javax.security.auth.callback.Callback[] callbacks)Sets necessary information to aX509ConsumeCallbackobject.Methods inherited from class java.lang.Object clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitConstructor Detail
X509ConsumeCallbackHandler
- public X509ConsumeCallbackHandler( java.util.Map<java.lang.Object,java.lang.Object> properties)
Class constructor.Parameters:properties- map including key-value pairs
X509ConsumeCallbackHandler
- public X509ConsumeCallbackHandler( java.lang.String keyStoreRef,
- java.lang.String keyStorePath,
- java.lang.String keyStoreType,
- char[] keyStorePassword,
- java.lang.String alias,
- char[] keyPassword,
- java.lang.String keyName,
- java.lang.String trustAnchorPath,
- java.lang.String trustAnchorType,
- char[] trustAnchorPassword,
- java.util.List certStores,
- java.security.Provider provider)
Class constructor.Parameters:keyStoreRef- reference name of the keystore used for key locatorkeyStorePath- file path from which the keystore used for key locator is loadedkeyStorePassword- password used to check the integrity of the keystore used for key locator or the password used to unlock the keystorekeyStoreType- type of the keystore used for key locatoralias- alias namekeyPassword- password for recovering the keykeyName- name of the keytrustAnchorPath- file path from which the trust anchor is loadedtrustAnchorType- type of the trust anchortrustAnchorPassword- password used to check the integrity of the trust anchor or the password used to unlock the keystorecertStores- list of certificate storesprovider- ecurity provider
X509ConsumeCallbackHandler
- public X509ConsumeCallbackHandler( java.lang.String keyStoreRef,
- java.lang.String keyStorePath,
- java.lang.String keyStoreType,
- char[] keyStorePassword,
- java.lang.String alias,
- char[] keyPassword,
- java.lang.String keyName)
Class constructor.Parameters:keyStoreRef- reference name of the keystore used for key locatorkeyStorePath- file path from which the keystore used for key locator is loadedkeyStorePassword- password used to check the integrity of the keystore used for key locator or the password used to unlock the keystorekeyStoreType- type of the keystore used for key locatoralias- alias namekeyPassword- password for recovering the keykeyName- name of the key
X509ConsumeCallbackHandler
- public X509ConsumeCallbackHandler( java.lang.String trustAnchorPath,
- java.lang.String trustAnchorType,
- char[] trustAnchorPassword,
- java.util.List certStores,
- java.security.Provider provider)
Class constructor.Parameters:trustAnchorPath- file path from which the trust anchor is loadedtrustAnchorPassword- password used to check the integrity of the trust anchor or the password used to unlock the keystoretrustAnchorType- type of the trust anchor
X509ConsumeCallbackHandler
- public X509ConsumeCallbackHandler( )
Class constructor.Method Detail
handle
- public void handle(javax.security.auth.callback.Callback[] callbacks)
- throws java.io.IOException
- javax.security.auth.callback.UnsupportedCallbackException
Sets necessary information to aX509ConsumeCallbackobject.Specified by:handlein interfacejavax.security.auth.callback.CallbackHandlerParameters:callbacks- array ofCallbackobjects provided by the underlying security service which contains the information requested to be retrieved or displayed.Throws:java.io.IOException- if an input or output error occurs.javax.security.auth.callback.UnsupportedCallbackException- if the implementation of this method does not support one or more of theCallbacks specified in the callbacks parameter.See Also:CallbackHandler.handle(javax.security.auth.callback.Callback[])