Ceptor PortalProtect has support for WS-Security meaning it can be used to sign/encrypt outgoing SOAP messages, and it can verify signatures / decrypt incoming SOAP messages.
...
</childtag>
</ns1:parenttag>
Xpath
...
Transformations
Some applications require Xpath transformations – this can be done with both the signXML and setWSDoSignXML methods.
...
Decryption just requires the xml and the alias of a private key loaded by portalprotect server, and it can then decrypt the xml message.
Publicclass WSSAgent {
/**
*SignandEncryptaSOAPmessage
*@paramsessionIDSessionIDofuserdoingthesigning
*@paramxmlXML–SOAPrequestorresponsetosignandencrypt
*@paramsignerIDofsigner–mustbealiasofkeyregisteredatPPserver
*@paramreceipientIDofreceiver,eitheraliasofpublickey/certificate,oremailaddressorserialwhichcanbelookedupinTDC’sLDAPserver.
*@returnSignedandencryptedSOAP.
*@throwsPTException
*/
publicstatic String signAndEncryptSOAP(String sessionID, String xml, String signer, String receipient) throws PTException;
/**
*SignandEncryptaSOAPmessage
*@paramsessionIDSessionIDofuserdoingthesigning
*@paramxmlXML–SOAPrequestorresponsetosignandencrypt
*@paramsignerIDofsigner–mustbealiasofkeyregisteredatPPserver
*@paramreceipientIDofreceiver,eitheraliasofpublickey/certificate,oremailaddressorserialwhichcanbelookedupinTDC’sLDAPserver.
*@parampartsDefinitionDefineswhichpartstosign–e.g.“Body;{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}BinarySecurityToken”
*@returnSignedandencryptedSOAP.
*@throwsPTException
*/
publicstatic String signAndEncryptSOAP(String sessionID, String xml, String signer, String receipient, String partsDefinition) throws PTException;
/**
*SignaSOAPmessage
*@paramsessionIDSessionIDofuserdoingthesigning
*@paramxmlSOAPrequestorresponsetosignandencrypt
*@paramsignerIDofsigner–mustbealiasofkeyregisteredatPPserver
*@returnSignedSOAP.
*@throwsPTException
*/
publicstatic String signSOAP(String sessionID, String xml, String signer) throws PTException;
/**
*SignaSOAPmessage
*@paramsessionIDSessionIDofuserdoingthesigning
*@paramxmlSOAPrequestorresponsetosignandencrypt
*@paramsignerIDofsigner–mustbealiasofkeyregisteredatPPserver
*@parampartsDefinitionDefineswhichpartstosign–e.g.“Body;{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}BinarySecurityToken”
*@returnSignedSOAP.
*@throwsPTException
*/
publicstatic String signSOAP(String sessionID, String xml, String signer,String partsDefinition) throws PTException;
/**
*Validatesanddecryptsanlusteredsignedand/orencryptedSOAPmessage
*@paramsessionIDSessionIDofuserdoingthevalidation
*@paramxmlSOAPtodecrypt/checksignaturefor.
*@returnDecryptedSOAPmessage
*@throwsPTException
*/
publicstatic String validateSignatureAndDecryptSOAP(String sessionID, String xml) throws PTException;
/**
*LogonwithasignedXMLmessage–thecertificatewhichsignedthemessagewillbeusedforloggingin.
*@paramsessionIDSessiontologinto
*@paramxmlSOAPtodecrypt/checksignaturefor.
*@returnDecryptedSOAPmessage
*@throwsPTException
*/
publicstatic String logonWithSOAP(String sessionID, String xml) throws PTException;
/**
*SignsaparticularpieceofXML(notSOAP)usingXMLDSIG
*@paramsessionIDSessionIDtouseforsigning
*@paramxmlXMLtosign
*@paramsignerIDofsigner–mustmatchaliasornameofcertificateconfiguredonPPserver
*@paramreferenceIDsListofreferencestosign
*@paramsignatureDestinationPlacetoputthesignatureintheXML–listoftokenslusteredby/
*@returnSignedXML
*@throwsPTException
*/
publicstatic String signXML(String sessionID, String xml, String signer, String[] referenceIDs, String signatureDestination) throws PTException;
/**
*ValidatesanXMLDSIGsigneddocument.
*
*@paramsessionIDSessionIDtouseforvalidating
*@paramxmlSignedXML
*@returnList of certificates which signed this XML
*@throwsPTException
*/
publicstatic X509Certificate[] validateXMLSignature(String sessionID, String xml) throws PTException;