Package org.apache.camel.component.xmlsecurity.processor

Class XmlVerifierConfiguration

    • Constructor Detail

      • XmlVerifierConfiguration

        public XmlVerifierConfiguration()

    • Method Detail

      • setKeySelector

        public void setKeySelector​(KeySelector keySelector)
        Provides the key for validating the XML signature.

      • setXmlSignatureChecker

        public void setXmlSignatureChecker​(XmlSignatureChecker xmlSignatureChecker)
        This interface allows the application to check the XML signature before the validation is executed. This step is recommended in http://www.w3.org/TR/xmldsig-bestpractices/#check-what-is-signed

      • setXmlSignature2Message

        public void setXmlSignature2Message​(XmlSignature2Message xmlSignature2Message)
        Bean which maps the XML signature to the output-message after the validation. How this mapping should be done can be configured by the options outputNodeSearchType, outputNodeSearch, and removeSignatureElements. The default implementation offers three possibilities which are related to the three output node search types "Default", "ElementName", and "XPath". The default implementation determines a node which is then serialized and set to the body of the output message If the search type is "ElementName" then the output node (which must be in this case an element) is determined by the local name and namespace defined in the search value (see option outputNodeSearch). If the search type is "XPath" then the output node is determined by the XPath specified in the search value (in this case the output node can be of type "Element", "TextNode" or "Document"). If the output node search type is "Default" then the following rules apply: In the enveloped XML signature case (there is a reference with URI="" and transform "http://www.w3.org/2000/09/xmldsig#enveloped-signature"), the incoming XML document without the Signature element is set to the output message body. In the non-enveloped XML signature case, the message body is determined from a referenced Object; this is explained in more detail in chapter "Output Node Determination in Enveloping XML Signature Case".

      • setValidationFailedHandler

        public void setValidationFailedHandler​(ValidationFailedHandler validationFailedHandler)
        Handles the different validation failed situations. The default implementation throws specific exceptions for the different situations (All exceptions have the package name org.apache.camel.component.xmlsecurity.api and are a sub-class of XmlSignatureInvalidException. If the signature value validation fails, a XmlSignatureInvalidValueException is thrown. If a reference validation fails, a XmlSignatureInvalidContentHashException is thrown. For more detailed information, see the JavaDoc.

      • getOutputNodeSearch

        public Object getOutputNodeSearch()

      • setOutputNodeSearch

        public void setOutputNodeSearch​(Object outputNodeSearch)
        Sets the output node search value for determining the node from the XML signature document which shall be set to the output message body. The class of the value depends on the type of the output node search. The output node search is forwarded to XmlSignature2Message.

      • getOutputNodeSearchType

        public String getOutputNodeSearchType()

      • setOutputNodeSearchType

        public void setOutputNodeSearchType​(String outputNodeSearchType)
        Determines the search type for determining the output node which is serialized into the output message bodyF. See setOutputNodeSearch(Object). The supported default search types you can find in DefaultXmlSignature2Message.

      • getRemoveSignatureElements

        public Boolean getRemoveSignatureElements()

      • setRemoveSignatureElements

        public void setRemoveSignatureElements​(Boolean removeSignatureElements)
        Indicator whether the XML signature elements (elements with local name "Signature" and namesapce ""http://www.w3.org/2000/09/xmldsig#"") shall be removed from the document set to the output message. Normally, this is only necessary, if the XML signature is enveloped. The default value is Boolean.FALSE. This parameter is forwarded to XmlSignature2Message.

        This indicator has no effect if the output node search is of type DefaultXmlSignature2Message.OUTPUT_NODE_SEARCH_TYPE_DEFAULT.F

      • getSecureValidation

        public Boolean getSecureValidation()

      • setSecureValidation

        public void setSecureValidation​(Boolean secureValidation)
        Enables secure validation. If true then secure validation is enabled.