Package com.adaptris.core.security
Service
interface providing encryption and
decryption functionality.
A number of difference keystore types can be configured for storing the certificates required for encryption/decryption. Any sun keystore provider can be used, provided that it is added as a provider before any concrete implementations are initialised. The default SUN keystore implementation JKS (or JCEKS in JDK1.4) is provided as part of the JRE. Keystores may be stored remotely provided they are accessible via the HTTP or HTTPS protocol.
In additional to the standard keystore types the following are also supported within the Adapter :
- IAIK - Provided by the IAIK JCE Implementation
- PKCS12 - where you wish to proxy a single PKCS12 file containing a private key
- X509 - where you wish to proxy a single file containing a certificate.
- XmlKeyInfo - where you wish to proxy a XML KeyInfo element that contains certifcate information
When using single certificate implementations such as PKCS12, X509, XmlKeyInfo, then you also
need to provide an alias (Constants.KEYSTORE_ALIAS
) to be
associated with the file.
Example keystore configuration would be
<keystore-url xsi:type="java:com.adaptris.security.keystore.ConfiguredUrl">
<url>file://localhost/path/keystore?keystoreType=JKS&keystorePassword=pwd</url>
</keystore-url>
<keystore-url xsi:type="java:com.adaptris.security.keystore.ConfiguredUrl">
<url>file://localhost/path/keystore?keystoreType=X509?keystoreAlias=myAlias</url>
</keystore-url>
<keystore-url xsi:type="java:com.adaptris.security.keystore.ConfiguredUrl">
<url>http://localhost/path/keystore?keystoreType=PKCS12?keystoreAlias=myAlias&keystorePassword=pwd</url>
</keystore-url>
<keystore-url xsi:type="java:com.adaptris.security.keystore.ConfiguredUrl">
<url>http://host/path/keystore?keystoreType=JKS&keystorePassword=pwd</url>
</keystore-url>
-
ClassDescriptionPrivate key password provider which explicitly configures the password in configurationThe base class for all security services.Perform decryption.Perform encryption only.Base case for performing encryption and signing.Perform encryption and signing.Legacy private key password provider based on the property file 'security.properties'.Interface for
PathBuilder
.Decrypt part of a message using a configurable path.Encrypt part of a message using a configurable path.Interface for providing the private key password within adapter configuration.Perform Signing.Extracts and inserts values from message payload using defined XpathsString
.