Oracle Fusion Middleware
Oracle WebLogic Server API Reference
11g Release 1 (10.3.4)

Part Number E13941-04

weblogic.wsee.security.bst
Class ClientBSTCredentialProvider

java.lang.Object
  extended by weblogic.wsee.security.bst.BSTCredentialProvider
      extended by weblogic.wsee.security.bst.BST11CredentialProvider
          extended by weblogic.wsee.security.bst.ClientBSTCredentialProvider
All Implemented Interfaces:
Serializable, CredentialProvider
Direct Known Subclasses:
ClientBST11Pkcs7CredentialProvider

public class ClientBSTCredentialProvider
extends BST11CredentialProvider
implements Serializable

Client CredentialProvider for BinarySecurityTokens with ValueTypes #X509v3, #X509PKIPathv1, #PKCS7, #X509SubjectKeyIdentifier and #ThumbprintSHA1.

See Also:
Serialized Form

Field Summary
 
Fields inherited from class weblogic.wsee.security.bst.BST11CredentialProvider
BUILTIN_BST_VALUETYPES
 
Fields inherited from class weblogic.wsee.security.bst.BSTCredentialProvider
verbose
 
Constructor Summary
ClientBSTCredentialProvider(CertPath certPath, PrivateKey pk)
          Creates client BST credential provider for the indicated certificate file and private key.
ClientBSTCredentialProvider(String clientCertPath, String clientPrivateKeyPath)
          Creates client BST credential provider for the indicated certificate file and PKCS8 private key file.
ClientBSTCredentialProvider(String clientCertPath, String clientPrivateKeyPath, String serverCertPath)
          Creates client BST credential provider for the indicated certificate file, PKCS8 private key file and server certificate.
ClientBSTCredentialProvider(String keyStoreFileName, String keyStorePasswd, String certAlias, String keyPasswd)
          Creates client BST credential provider for the indicated keystore and certificate alias.
ClientBSTCredentialProvider(String keyStoreFileName, String keyStorePasswd, String certAlias, String keyPasswd, String keyStoreType)
          Creates client BST credential provider for the indicated keystore and certificate alias.
ClientBSTCredentialProvider(String keyStoreFileName, String keyStorePasswd, String certAlias, String keyPasswd, String keyStoreType, X509Certificate serverCert)
          Creates client BST credential provider for the indicated keystore, certificate alias and server certificate.
ClientBSTCredentialProvider(X509Certificate serverCert, CertPath certPath, PrivateKey pk)
          Creates client BST credential provider for the indicated certificate file and private key.
ClientBSTCredentialProvider(X509Certificate clientCert, PrivateKey clientPrivateKey, X509Certificate serverCert)
          Creates client BST credential provider for the indicated certificate file, PKCS8 private key file and server certificate.
 
Method Summary
 ClientBSTCredentialProvider cloneAndReplaceServerCert(X509Certificate serverCert)
           
 Object getCredential(String tokenType, String issuerName, ContextHandler ctxHandler, Purpose p)
           
 void setServerCertificate(X509Certificate serverCert)
          set Server's public X509 certificate
 String toString()
           
 
Methods inherited from class weblogic.wsee.security.bst.BST11CredentialProvider
getValueTypes
 
Methods inherited from class weblogic.wsee.security.bst.BSTCredentialProvider
isForDecryption, isForEncryption, isForIdentity, isForResponseEncryption, isForSigning, isForVerification
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Constructor Detail

ClientBSTCredentialProvider

public ClientBSTCredentialProvider(String keyStoreFileName,
                                   String keyStorePasswd,
                                   String certAlias,
                                   String keyPasswd)
                            throws Exception
Creates client BST credential provider for the indicated keystore and certificate alias. Keystore is assumed to be of type, "JKS".

Parameters:
keyStoreFileName - Keystore file name
keyStorePasswd - Keystore password
certAlias - Certificate alias
keyPasswd - Certificate entry password
Throws:
Exception - thrown if keystore or certificate entry is missing or corrupt or if passwords are incorrect

ClientBSTCredentialProvider

public ClientBSTCredentialProvider(String keyStoreFileName,
                                   String keyStorePasswd,
                                   String certAlias,
                                   String keyPasswd,
                                   String keyStoreType)
                            throws Exception
Creates client BST credential provider for the indicated keystore and certificate alias.

Parameters:
keyStoreFileName - Keystore file name
keyStorePasswd - Keystore password
certAlias - Certificate alias
keyPasswd - Certificate entry password
keyStoreType - Keystore type, e.g. "JKS"
Throws:
Exception - thrown if keystore or certificate entry is missing or corrupt or if passwords are incorrect

ClientBSTCredentialProvider

public ClientBSTCredentialProvider(String keyStoreFileName,
                                   String keyStorePasswd,
                                   String certAlias,
                                   String keyPasswd,
                                   String keyStoreType,
                                   X509Certificate serverCert)
                            throws Exception
Creates client BST credential provider for the indicated keystore, certificate alias and server certificate. If security policy requires message-level encryption for this client's request, the certificate passed for the parameter serverCert will be used to encrypt the message body contents. If security policy requires message-level integrity (signature) for the server's response, the certificate passed for the parameter serverCert will be used to verify the received signature. Any KeyInfo received as part of the in-bound signature (e.g. certificate thumbprint) must correctly identify the same server certificate.

Parameters:
keyStoreFileName - Keystore file name
keyStorePasswd - Keystore password
certAlias - Certificate alias
keyPasswd - Certificate entry password
keyStoreType - Keystore type, e.g. "JKS"
serverCert - Server's public X509 certificate
Throws:
Exception - thrown if keystore or certificate entry is missing or corrupt or if passwords are incorrect

ClientBSTCredentialProvider

public ClientBSTCredentialProvider(String clientCertPath,
                                   String clientPrivateKeyPath)
                            throws Exception
Creates client BST credential provider for the indicated certificate file and PKCS8 private key file.

Parameters:
clientCertPath - File name contiaining client's X509 public certificate
clientPrivateKeyPath - PKCS8 file name continaing client's private key
Throws:
Exception - thrown if certificate or key file are missing or corrupt

ClientBSTCredentialProvider

public ClientBSTCredentialProvider(String clientCertPath,
                                   String clientPrivateKeyPath,
                                   String serverCertPath)
                            throws Exception
Creates client BST credential provider for the indicated certificate file, PKCS8 private key file and server certificate. If security policy requires message-level encryption for this client's request, the certificate read from the file serverCertPath will be used to encrypt the message body contents. If security policy requires message-level integrity (signature) for the server's response, the certificate read from the file serverCertPath will be used to verify the received signature. Any KeyInfo received as part of the in-bound signature (e.g. certificate thumbprint) must correctly identify the same server certificate.

Parameters:
clientCertPath - File name contiaining client's X509 public certificate
clientPrivateKeyPath - PKCS8 file name continaing client's private key
serverCertPath - File name containging server's X509 public certificate
Throws:
Exception - thrown if the client certificate, key, or server certificate files are missing or corrupt

ClientBSTCredentialProvider

public ClientBSTCredentialProvider(X509Certificate clientCert,
                                   PrivateKey clientPrivateKey,
                                   X509Certificate serverCert)
Creates client BST credential provider for the indicated certificate file, PKCS8 private key file and server certificate. If security policy requires message-level encryption for this client's request, the certificate passed for the parameter serverCert will be used to encrypt the message body contents. If security policy requires message-level integrity (signature) for the server's response, the certificate passed for the parameter serverCert will be used to verify the received signature. Any KeyInfo received as part of the in-bound signature (e.g. certificate thumbprint) must correctly identify the same server certificate.

Parameters:
clientCert - client's X509 public certificate
clientPrivateKey - client's private key
serverCert - Server's public X509 certificate

ClientBSTCredentialProvider

public ClientBSTCredentialProvider(CertPath certPath,
                                   PrivateKey pk)
Creates client BST credential provider for the indicated certificate file and private key.

Parameters:
certPath - Certpath object for client's X509 public certificate
pk - Client's private key

ClientBSTCredentialProvider

public ClientBSTCredentialProvider(X509Certificate serverCert,
                                   CertPath certPath,
                                   PrivateKey pk)
Creates client BST credential provider for the indicated certificate file and private key.

Parameters:
serverCert - Server's public X509 certificate
certPath - Certpath object for client's X509 public certificate
pk - Client's private key
Method Detail

setServerCertificate

public void setServerCertificate(X509Certificate serverCert)
set Server's public X509 certificate

Parameters:
serverCert - Server's public X509 certificate

getCredential

public Object getCredential(String tokenType,
                            String issuerName,
                            ContextHandler ctxHandler,
                            Purpose p)
Specified by:
getCredential in interface CredentialProvider

cloneAndReplaceServerCert

public ClientBSTCredentialProvider cloneAndReplaceServerCert(X509Certificate serverCert)

toString

public String toString()
Overrides:
toString in class Object

Copyright 1996, 2010, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.

Oracle Fusion Middleware
Oracle WebLogic Server API Reference
11g Release 1 (10.3.4)

Part Number E13941-04