Component docs
Project: http://git-wip-us.apache.org/repos/asf/camel/repo Commit: http://git-wip-us.apache.org/repos/asf/camel/commit/42afd879 Tree: http://git-wip-us.apache.org/repos/asf/camel/tree/42afd879 Diff: http://git-wip-us.apache.org/repos/asf/camel/diff/42afd879 Branch: refs/heads/master Commit: 42afd87936c6b1d2931ef8d8a042297cd76a1101 Parents: 0207b66 Author: Claus Ibsen <[email protected]> Authored: Wed Jun 17 15:04:52 2015 +0200 Committer: Claus Ibsen <[email protected]> Committed: Wed Jun 17 15:13:57 2015 +0200 ---------------------------------------------------------------------- .../xmlsecurity/XmlSignatureEndpoint.java | 6 + .../processor/XmlSignatureConfiguration.java | 36 +--- .../processor/XmlSignerConfiguration.java | 177 ++++++++----------- .../processor/XmlVerifierConfiguration.java | 76 ++++---- 4 files changed, 130 insertions(+), 165 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/camel/blob/42afd879/components/camel-xmlsecurity/src/main/java/org/apache/camel/component/xmlsecurity/XmlSignatureEndpoint.java ---------------------------------------------------------------------- diff --git a/components/camel-xmlsecurity/src/main/java/org/apache/camel/component/xmlsecurity/XmlSignatureEndpoint.java b/components/camel-xmlsecurity/src/main/java/org/apache/camel/component/xmlsecurity/XmlSignatureEndpoint.java index 30f6884..dd93b56 100644 --- a/components/camel-xmlsecurity/src/main/java/org/apache/camel/component/xmlsecurity/XmlSignatureEndpoint.java +++ b/components/camel-xmlsecurity/src/main/java/org/apache/camel/component/xmlsecurity/XmlSignatureEndpoint.java @@ -52,6 +52,9 @@ public abstract class XmlSignatureEndpoint extends DefaultEndpoint { return command; } + /** + * Whether to sign or verify. + */ public void setCommand(XmlCommand command) { this.command = command; } @@ -60,6 +63,9 @@ public abstract class XmlSignatureEndpoint extends DefaultEndpoint { return name; } + /** + * The name part in the URI can be chosen by the user to distinguish between different signer/verifier endpoints within the camel context. + */ public void setName(String name) { this.name = name; } http://git-wip-us.apache.org/repos/asf/camel/blob/42afd879/components/camel-xmlsecurity/src/main/java/org/apache/camel/component/xmlsecurity/processor/XmlSignatureConfiguration.java ---------------------------------------------------------------------- diff --git a/components/camel-xmlsecurity/src/main/java/org/apache/camel/component/xmlsecurity/processor/XmlSignatureConfiguration.java b/components/camel-xmlsecurity/src/main/java/org/apache/camel/component/xmlsecurity/processor/XmlSignatureConfiguration.java index beded30..3c4d3c3 100644 --- a/components/camel-xmlsecurity/src/main/java/org/apache/camel/component/xmlsecurity/processor/XmlSignatureConfiguration.java +++ b/components/camel-xmlsecurity/src/main/java/org/apache/camel/component/xmlsecurity/processor/XmlSignatureConfiguration.java @@ -32,28 +32,21 @@ import org.apache.camel.spi.UriParams; public abstract class XmlSignatureConfiguration implements Cloneable, CamelContextAware { private CamelContext context; - private URIDereferencer uriDereferencer; - @UriParam + @UriParam(label = "verify,sign") private String baseUri; - - @UriParam + @UriParam(label = "verify,sign") private Map<String, ?> cryptoContextProperties; - - @UriParam(defaultValue = "true") + @UriParam(label = "verify,sign", defaultValue = "true") private Boolean disallowDoctypeDecl = Boolean.TRUE; - - @UriParam(defaultValue = "false") + @UriParam(label = "verify,sign", defaultValue = "false") private Boolean omitXmlDeclaration = Boolean.FALSE; - - @UriParam(defaultValue = "true") + @UriParam(label = "verify,sign", defaultValue = "true") private Boolean clearHeaders = Boolean.TRUE; - - @UriParam + @UriParam(label = "verify,sign") private String schemaResourceUri; - - @UriParam + @UriParam(label = "verify,sign") private String outputXmlEncoding; public XmlSignatureConfiguration() { @@ -79,7 +72,6 @@ public abstract class XmlSignatureConfiguration implements Cloneable, CamelConte * <p> * Attention: The implementation is provider dependent! * - * @param uriDereferencer * @see XMLCryptoContext#setURIDereferencer(URIDereferencer) */ public void setUriDereferencer(URIDereferencer uriDereferencer) { @@ -93,10 +85,7 @@ public abstract class XmlSignatureConfiguration implements Cloneable, CamelConte /** * You can set a base URI which is used in the URI dereferencing. Relative * URIs are then concatenated with the base URI. - * - * @param baseUri - * base URI - * + * * @see XMLCryptoContext#setBaseURI(String) */ public void setBaseUri(String baseUri) { @@ -120,8 +109,6 @@ public abstract class XmlSignatureConfiguration implements Cloneable, CamelConte * <li><code>"org.jcp.xml.dsig.validateManifests"</code></li> * <li><code>"javax.xml.crypto.dsig.cacheReference"</code></li> * </ul> - * - * @param cryptoContextProperties */ public void setCryptoContextProperties(Map<String, ? extends Object> cryptoContextProperties) { this.cryptoContextProperties = cryptoContextProperties; @@ -135,9 +122,7 @@ public abstract class XmlSignatureConfiguration implements Cloneable, CamelConte * Disallows that the incoming XML document contains DTD DOCTYPE * declaration. The default value is {@link Boolean#TRUE}. * - * @param disallowDoctypeDecl - * if set to {@link Boolean#FALSE} then DOCTYPE declaration is - * allowed, otherwise not + * @param disallowDoctypeDecl if set to {@link Boolean#FALSE} then DOCTYPE declaration is allowed, otherwise not */ public void setDisallowDoctypeDecl(Boolean disallowDoctypeDecl) { this.disallowDoctypeDecl = disallowDoctypeDecl; @@ -196,9 +181,6 @@ public abstract class XmlSignatureConfiguration implements Cloneable, CamelConte /** * The character encoding of the resulting signed XML document. If * <code>null</code> then the encoding of the original XML document is used. - * - * @param outputXmlEncoding - * character encoding */ public void setOutputXmlEncoding(String outputXmlEncoding) { this.outputXmlEncoding = outputXmlEncoding; http://git-wip-us.apache.org/repos/asf/camel/blob/42afd879/components/camel-xmlsecurity/src/main/java/org/apache/camel/component/xmlsecurity/processor/XmlSignerConfiguration.java ---------------------------------------------------------------------- diff --git a/components/camel-xmlsecurity/src/main/java/org/apache/camel/component/xmlsecurity/processor/XmlSignerConfiguration.java b/components/camel-xmlsecurity/src/main/java/org/apache/camel/component/xmlsecurity/processor/XmlSignerConfiguration.java index 3872349..ee22768 100644 --- a/components/camel-xmlsecurity/src/main/java/org/apache/camel/component/xmlsecurity/processor/XmlSignerConfiguration.java +++ b/components/camel-xmlsecurity/src/main/java/org/apache/camel/component/xmlsecurity/processor/XmlSignerConfiguration.java @@ -38,104 +38,45 @@ import org.apache.camel.spi.UriParams; @UriParams public class XmlSignerConfiguration extends XmlSignatureConfiguration { - @UriParam - private KeyAccessor keyAccessor; - - /** - * Optional canonicalization method for SignerInfo. Default value is - * {@link CanonicalizationMethod#INCLUSIVE}. - * - */ - @UriParam - private AlgorithmMethod canonicalizationMethod = new XmlSignatureTransform(CanonicalizationMethod.INCLUSIVE); - - /** - * Optional transform methods. Default value is - * {@link CanonicalizationMethod#INCLUSIVE}. - */ + @UriParam(label = "sign") + private XPathFilterParameterSpec parentXpath; + private List<XPathFilterParameterSpec> xpathsToIdAttributes = Collections.emptyList(); + @UriParam(label = "sign") private List<AlgorithmMethod> transformMethods = Collections.singletonList(XmlSignatureHelper .getCanonicalizationMethod(CanonicalizationMethod.INCLUSIVE)); - - @UriParam + private String transformMethodsName; + @UriParam(label = "sign") + private KeyAccessor keyAccessor; + private String keyAccessorName; + @UriParam(label = "sign", defaultValue = "http://www.w3.org/TR/2001/REC-xml-c14n-20010315";) + private AlgorithmMethod canonicalizationMethod = new XmlSignatureTransform(CanonicalizationMethod.INCLUSIVE); + private String canonicalizationMethodName; + @UriParam(label = "sign", defaultValue = "http://www.w3.org/2000/09/xmldsig#rsa-sha1";) private String signatureAlgorithm = "http://www.w3.org/2000/09/xmldsig#rsa-sha1";; - - /** - * Digest algorithm URI. Optional parameter. This digest algorithm is used - * for calculating the digest of the input message. If this digest algorithm - * is not specified then the digest algorithm is calculated from the - * signature algorithm. Example: "http://www.w3.org/2001/04/xmlenc#sha256"; - */ - @UriParam + @UriParam(label = "sign") private String digestAlgorithm; - - @UriParam(defaultValue = "true") + @UriParam(label = "sign", defaultValue = "true") private Boolean addKeyInfoReference = Boolean.TRUE; - - @UriParam(defaultValue = "ds") + @UriParam(label = "sign", defaultValue = "ds") private String prefixForXmlSignatureNamespace = "ds"; - - @UriParam + @UriParam(label = "sign") private String contentObjectId; - - // default value is null so that a unique ID is generated. - @UriParam + @UriParam(label = "sign") private String signatureId; - - /** - * The URI of the content reference. This value can be overwritten by the - * header {@link XmlSignatureConstants#HEADER_CONTENT_REFERENCE_URI}. Can - * only be used in connection with the enveloped case when you specify a - * schema (see {@link #setSchemaResourceUri(String)}. Will be ignored in the - * enveloping and detached case. - */ - @UriParam + @UriParam(label = "sign") private String contentReferenceUri; - - /** - * Type of the content reference. The default value is <code>null</code>. - * This value can be overwritten by the header - * {@link XmlSignatureConstants#HEADER_CONTENT_REFERENCE_TYPE}. - */ - @UriParam + @UriParam(label = "sign") private String contentReferenceType; - - @UriParam + @UriParam(label = "sign") private String parentLocalName; - - @UriParam + @UriParam(label = "sign") private String parentNamespace; - - /** - * Indicator whether the message body contains plain text. The default value - * is <code>false</code>, indicating that the message body contains XML. The - * value can be overwritten by the header - * {@link XmlSignatureConstants#HEADER_MESSAGE_IS_PLAIN_TEXT}. - */ - @UriParam(defaultValue = "false") + @UriParam(label = "sign", defaultValue = "false") private Boolean plainText = Boolean.FALSE; - - /** - * Encoding of the plain text. Only relevant if the message body is plain - * text (see parameter {@link #plainText}. Default value is "UTF-8". - * - */ - @UriParam + @UriParam(label = "sign", defaultValue = "UTF-8") private String plainTextEncoding = "UTF-8"; - + @UriParam(label = "sign") private XmlSignatureProperties properties; - - private List<XPathFilterParameterSpec> xpathsToIdAttributes = Collections.emptyList(); - - private XPathFilterParameterSpec parentXpath; - - /* references that should be resolved when the context changes */ - @UriParam - private String keyAccessorName; - @UriParam - private String canonicalizationMethodName; - @UriParam - private String transformMethodsName; - @UriParam private String propertiesName; public XmlSignerConfiguration() { @@ -163,13 +104,17 @@ public class XmlSignerConfiguration extends XmlSignatureConfiguration { return keyAccessor; } + /** + * For the signing process, a private key is necessary. You specify a key accessor bean which provides this private key. + * The key accessor bean must implement the KeyAccessor interface. The package org.apache.camel.component.xmlsecurity.api + * contains the default implementation class DefaultKeyAccessor which reads the private key from a Java keystore. + */ public void setKeyAccessor(KeyAccessor keyAccessor) { this.keyAccessor = keyAccessor; } /** - * Sets the reference name for a KeyAccessor that can be found in the - * registry. + * Sets the reference name for a KeyAccessor that can be found in the registry. */ public void setKeyAccessor(String keyAccessorName) { if (getCamelContext() != null && keyAccessorName != null) { @@ -187,13 +132,17 @@ public class XmlSignerConfiguration extends XmlSignatureConfiguration { return canonicalizationMethod; } + /** + * Canonicalization method used to canonicalize the SignedInfo element before the digest is calculated. + * You can use the helper methods XmlSignatureHelper.getCanonicalizationMethod(String algorithm) + * or getCanonicalizationMethod(String algorithm, List<String> inclusiveNamespacePrefixes) to create a canonicalization method. + */ public void setCanonicalizationMethod(AlgorithmMethod canonicalizationMethod) { this.canonicalizationMethod = canonicalizationMethod; } /** - * Sets the reference name for a AlgorithmMethod that can be found in the - * registry. + * Sets the reference name for a AlgorithmMethod that can be found in the registry. */ public void setCanonicalizationMethod(String canonicalizationMethodName) { if (getCamelContext() != null && canonicalizationMethodName != null) { @@ -211,13 +160,17 @@ public class XmlSignerConfiguration extends XmlSignatureConfiguration { return transformMethods; } + /** + * Transforms which are executed on the message body before the digest is calculated. + * By default, C14n is added and in the case of enveloped signature (see option parentLocalName) also http://www.w3.org/2000/09/xmldsig#enveloped-signature + * is added at position 0 of the list. Use methods in XmlSignatureHelper to create the transform methods. + */ public void setTransformMethods(List<AlgorithmMethod> transformMethods) { this.transformMethods = transformMethods; } /** - * Sets the reference name for a List<AlgorithmMethod> that can be found in - * the registry. + * Sets the reference name for a List<AlgorithmMethod> that can be found in the registry. */ public void setTransformMethods(String transformMethodsName) { if (getCamelContext() != null && transformMethodsName != null) { @@ -239,9 +192,6 @@ public class XmlSignerConfiguration extends XmlSignatureConfiguration { /** * Signature algorithm. Default value is * "http://www.w3.org/2000/09/xmldsig#rsa-sha1";. - * - * @param signatureAlgorithm - * signature algorithm */ public void setSignatureAlgorithm(String signatureAlgorithm) { this.signatureAlgorithm = signatureAlgorithm; @@ -251,6 +201,12 @@ public class XmlSignerConfiguration extends XmlSignatureConfiguration { return digestAlgorithm; } + /** + * Digest algorithm URI. Optional parameter. This digest algorithm is used + * for calculating the digest of the input message. If this digest algorithm + * is not specified then the digest algorithm is calculated from the + * signature algorithm. Example: "http://www.w3.org/2001/04/xmlenc#sha256"; + */ public void setDigestAlgorithm(String digestAlgorithm) { this.digestAlgorithm = digestAlgorithm; } @@ -266,9 +222,6 @@ public class XmlSignerConfiguration extends XmlSignatureConfiguration { * <p> * Only relevant when a KeyInfo is returned by {@link KeyAccessor}. and * {@link KeyInfo#getId()} is not <code>null</code>. - * - * @param addKeyInfoReference - * boolean value */ public void setAddKeyInfoReference(Boolean addKeyInfoReference) { this.addKeyInfoReference = addKeyInfoReference; @@ -347,8 +300,6 @@ public class XmlSignerConfiguration extends XmlSignatureConfiguration { * Sets the content object Id attribute value. By default a UUID is * generated. If you set the <code>null</code> value, then a new UUID will * be generated. Only used in the enveloping case. - * - * @param contentObjectId */ public void setContentObjectId(String contentObjectId) { this.contentObjectId = contentObjectId; @@ -363,8 +314,6 @@ public class XmlSignerConfiguration extends XmlSignatureConfiguration { * unique ID is generated for the signature ID (default). If this parameter * is set to "" (empty string) then no Id attribute is created in the * signature element. - * - * @param signatureId */ public void setSignatureId(String signatureId) { this.signatureId = signatureId; @@ -380,11 +329,8 @@ public class XmlSignerConfiguration extends XmlSignatureConfiguration { * resource schema URI ( {@link #setSchemaResourceUri(String)}) must also be * set because the schema validator will then find out which attributes are * ID attributes. Will be ignored in the enveloping or detached case. - * - * @param referenceUri */ public void setContentReferenceUri(String referenceUri) { - this.contentReferenceUri = referenceUri; } @@ -392,6 +338,11 @@ public class XmlSignerConfiguration extends XmlSignatureConfiguration { return contentReferenceType; } + /** + * Type of the content reference. The default value is <code>null</code>. + * This value can be overwritten by the header + * {@link XmlSignatureConstants#HEADER_CONTENT_REFERENCE_TYPE}. + */ public void setContentReferenceType(String referenceType) { this.contentReferenceType = referenceType; } @@ -400,6 +351,12 @@ public class XmlSignerConfiguration extends XmlSignatureConfiguration { return plainText; } + /** + * Indicator whether the message body contains plain text. The default value + * is <code>false</code>, indicating that the message body contains XML. The + * value can be overwritten by the header + * {@link XmlSignatureConstants#HEADER_MESSAGE_IS_PLAIN_TEXT}. + */ public void setPlainText(Boolean plainText) { this.plainText = plainText; } @@ -408,6 +365,10 @@ public class XmlSignerConfiguration extends XmlSignatureConfiguration { return plainTextEncoding; } + /** + * Encoding of the plain text. Only relevant if the message body is plain + * text (see parameter {@link #plainText}. Default value is "UTF-8". + */ public void setPlainTextEncoding(String plainTextEncoding) { this.plainTextEncoding = plainTextEncoding; } @@ -416,13 +377,16 @@ public class XmlSignerConfiguration extends XmlSignatureConfiguration { return properties; } + /** + * For adding additional References and Objects to the XML signature which contain additional properties, + * you can provide a bean which implements the XmlSignatureProperties interface. + */ public void setProperties(XmlSignatureProperties properties) { this.properties = properties; } /** - * Sets the reference name for a XmlSignatureProperties that can be found in - * the registry. + * Sets the reference name for a XmlSignatureProperties that can be found in the registry. */ public void setProperties(String propertiesName) { if (getCamelContext() != null && propertiesName != null) { @@ -487,8 +451,6 @@ public class XmlSignerConfiguration extends XmlSignatureConfiguration { * The parameter {@link #setParentLocalName(String)} or {@link #setParentXpath(XPathFilterParameterSpec)} * for enveloped signature and this parameter for detached signature must not * be set in the same configuration. - * - * @param xpathsToIdAttributes */ public void setXpathsToIdAttributes(List<XPathFilterParameterSpec> xpathsToIdAttributes) { if (xpathsToIdAttributes == null) { @@ -502,7 +464,8 @@ public class XmlSignerConfiguration extends XmlSignatureConfiguration { return parentXpath; } - /** Sets the XPath to find the parent node in the enveloped case. + /** + * Sets the XPath to find the parent node in the enveloped case. * Either you specify the parent node via this method or the local name and namespace of the parent * with the methods {@link #setParentLocalName(String)} and {@link #setParentNamespace(String)}. * <p> http://git-wip-us.apache.org/repos/asf/camel/blob/42afd879/components/camel-xmlsecurity/src/main/java/org/apache/camel/component/xmlsecurity/processor/XmlVerifierConfiguration.java ---------------------------------------------------------------------- diff --git a/components/camel-xmlsecurity/src/main/java/org/apache/camel/component/xmlsecurity/processor/XmlVerifierConfiguration.java b/components/camel-xmlsecurity/src/main/java/org/apache/camel/component/xmlsecurity/processor/XmlVerifierConfiguration.java index 3139ddf..dba59c6 100644 --- a/components/camel-xmlsecurity/src/main/java/org/apache/camel/component/xmlsecurity/processor/XmlVerifierConfiguration.java +++ b/components/camel-xmlsecurity/src/main/java/org/apache/camel/component/xmlsecurity/processor/XmlVerifierConfiguration.java @@ -26,43 +26,30 @@ import org.apache.camel.component.xmlsecurity.api.ValidationFailedHandler; import org.apache.camel.component.xmlsecurity.api.XmlSignature2Message; import org.apache.camel.component.xmlsecurity.api.XmlSignatureChecker; import org.apache.camel.spi.UriParam; +import org.apache.camel.spi.UriParams; +@UriParams public class XmlVerifierConfiguration extends XmlSignatureConfiguration { - @UriParam + @UriParam(label = "verify") private KeySelector keySelector; - - @UriParam private String keySelectorName; - - @UriParam + @UriParam(label = "verify") private XmlSignatureChecker xmlSignatureChecker; - - @UriParam private String xmlSignatureCheckerName; - - @UriParam + @UriParam(label = "verify") private XmlSignature2Message xmlSignature2Message = new DefaultXmlSignature2Message(); - - @UriParam private String xmlSignature2MessageName; - - @UriParam + @UriParam(label = "verify") private ValidationFailedHandler validationFailedHandler = new DefaultValidationFailedHandler(); - - @UriParam private String validationFailedHandlerName; - - @UriParam + @UriParam(label = "verify") private Object outputNodeSearch; - - @UriParam(defaultValue = DefaultXmlSignature2Message.OUTPUT_NODE_SEARCH_TYPE_DEFAULT) + @UriParam(label = "verify", defaultValue = DefaultXmlSignature2Message.OUTPUT_NODE_SEARCH_TYPE_DEFAULT) private String outputNodeSearchType = DefaultXmlSignature2Message.OUTPUT_NODE_SEARCH_TYPE_DEFAULT; - - @UriParam(defaultValue = "false") + @UriParam(label = "verify", defaultValue = "false") private Boolean removeSignatureElements = Boolean.FALSE; - - @UriParam(defaultValue = "true") + @UriParam(label = "verify", defaultValue = "true") private Boolean secureValidation = Boolean.TRUE; public XmlVerifierConfiguration() { @@ -84,6 +71,9 @@ public class XmlVerifierConfiguration extends XmlSignatureConfiguration { setValidationFailedHandler(validationFailedHandlerName); } + /** + * Provides the key for validating the XML signature. + */ public void setKeySelector(KeySelector keySelector) { this.keySelector = keySelector; } @@ -93,8 +83,7 @@ public class XmlVerifierConfiguration extends XmlSignatureConfiguration { } /** - * Sets the reference name for a KeySelector that can be found in the - * registry. + * Sets the reference name for a KeySelector that can be found in the registry. */ public void setKeySelector(String keySelectorName) { if (getCamelContext() != null && keySelectorName != null) { @@ -113,13 +102,16 @@ public class XmlVerifierConfiguration extends XmlSignatureConfiguration { return xmlSignatureChecker; } + /** + * This interface allows the application to check the XML signature before the validation is executed. + * This step is recommended in http://www.w3.org/TR/xmldsig-bestpractices/#check-what-is-signed + */ public void setXmlSignatureChecker(XmlSignatureChecker xmlSignatureChecker) { this.xmlSignatureChecker = xmlSignatureChecker; } /** - * Sets the reference name for a application checker that can be found in - * the registry. + * Sets the reference name for a application checker that can be found in the registry. */ public void setXmlSignatureChecker(String xmlSignatureCheckerName) { if (getCamelContext() != null && xmlSignatureCheckerName != null) { @@ -139,6 +131,21 @@ public class XmlVerifierConfiguration extends XmlSignatureConfiguration { return xmlSignature2Message; } + /** + * Bean which maps the XML signature to the output-message after the validation. + * How this mapping should be done can be configured by the options outputNodeSearchType, outputNodeSearch, and removeSignatureElements. + * The default implementation offers three possibilities which are related to the three output node search types "Default", "ElementName", and "XPath". + * The default implementation determines a node which is then serialized and set to the body of the output message + * If the search type is "ElementName" then the output node (which must be in this case an element) is determined + * by the local name and namespace defined in the search value (see option outputNodeSearch). + * If the search type is "XPath" then the output node is determined by the XPath specified in the search value + * (in this case the output node can be of type "Element", "TextNode" or "Document"). + * If the output node search type is "Default" then the following rules apply: + * In the enveloped XML signature case (there is a reference with URI="" and transform "http://www.w3.org/2000/09/xmldsig#enveloped-signature";), + * the incoming XML document without the Signature element is set to the output message body. + * In the non-enveloped XML signature case, the message body is determined from a referenced Object; + * this is explained in more detail in chapter "Output Node Determination in Enveloping XML Signature Case". + */ public void setXmlSignature2Message(XmlSignature2Message xmlSignature2Message) { this.xmlSignature2Message = xmlSignature2Message; } @@ -165,6 +172,13 @@ public class XmlVerifierConfiguration extends XmlSignatureConfiguration { return validationFailedHandler; } + /** + * Handles the different validation failed situations. + * The default implementation throws specific exceptions for the different situations + * (All exceptions have the package name org.apache.camel.component.xmlsecurity.api and are a sub-class of XmlSignatureInvalidException. + * If the signature value validation fails, a XmlSignatureInvalidValueException is thrown. + * If a reference validation fails, a XmlSignatureInvalidContentHashException is thrown. For more detailed information, see the JavaDoc. + */ public void setValidationFailedHandler(ValidationFailedHandler validationFailedHandler) { this.validationFailedHandler = validationFailedHandler; } @@ -173,7 +187,7 @@ public class XmlVerifierConfiguration extends XmlSignatureConfiguration { if (getCamelContext() != null && validationFailedHandlerName != null) { ValidationFailedHandler vailFailedHandler = getCamelContext() .getRegistry().lookupByNameAndType(validationFailedHandlerName, - ValidationFailedHandler.class); + ValidationFailedHandler.class); if (vailFailedHandler != null) { setValidationFailedHandler(vailFailedHandler); } @@ -192,7 +206,6 @@ public class XmlVerifierConfiguration extends XmlSignatureConfiguration { * signature document which shall be set to the output message body. The * class of the value depends on the type of the output node search. The * output node search is forwarded to {@link XmlSignature2Message}. - * */ public void setOutputNodeSearch(Object outputNodeSearch) { this.outputNodeSearch = outputNodeSearch; @@ -207,8 +220,6 @@ public class XmlVerifierConfiguration extends XmlSignatureConfiguration { * serialized into the output message bodyF. See * {@link #setOutputNodeSearch(Object)}. The supported default search types * you can find in {@link DefaultXmlSignature2Message}. - * - * @param outputNodeSearchType */ public void setOutputNodeSearchType(String outputNodeSearchType) { this.outputNodeSearchType = outputNodeSearchType; @@ -237,6 +248,9 @@ public class XmlVerifierConfiguration extends XmlSignatureConfiguration { return secureValidation; } + /** + * Enables secure validation. If true then secure validation is enabled. + */ public void setSecureValidation(Boolean secureValidation) { this.secureValidation = secureValidation; }
