ValidationFailedHandler (Camel :: XML Security 2.13.0 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.apache.camel.component.xmlsecurity.api
Interface ValidationFailedHandler

All Known Implementing Classes:: DefaultValidationFailedHandler

public interface ValidationFailedHandler

Handler for handling the case when the core signature validation fails or a XMLSignatureException occurs during calling XMLSignature.validate(javax.xml.crypto.dsig.XMLValidateContext). This handler can be used to react in a specific way on validation failures. For example, the handler could write logs or may even ignore certain validation failures.

Typically the handler throws an exception when a validation failure occurs. There is a certain order how the methods are called.

First, the method start() is called when a core validation fails.
Then #signatureValueValidationFailed(SignatureValue) is called if the signature validation fails.
Then, for each reference in the signed info whose validation fails referenceValidationFailed(Reference) is called.
Then, for each reference in the manifests whose validation fails, the method manifestReferenceValidationFailed(Reference) is called.
Then, the method ignoreCoreValidationFailure() is called where you can finally decide whether the processing should go on or be interrupted.
It is ensured that the method end() is called at the end of the validation, even if the methods called before have thrown an exception. This allows you to hold state between the start and end of the validation handling process.

If you throw an exception then the validation checking is interrupted and after that only the end() method is called in a finally block. Best practice is to interrupt the validation at the first occurrence of a validation error.

Method Summary
`void`	`end()`
`boolean`	`ignoreCoreValidationFailure()` If `true` is returned then the verifier will go-on as if there was no validation failure.
`void`	`manifestReferenceValidationFailed(Reference ref)`
`Exception`	`onXMLSignatureException(XMLSignatureException e)` Method called when an XMLSignatureException is thrown by the method `XMLSignature.validate(javax.xml.crypto.dsig.XMLValidateContext)`.
`void`	`referenceValidationFailed(Reference ref)`
`void`	`signatureValueValidationFailed(XMLSignature.SignatureValue value)`
`void`	`start()`

Method Detail

onXMLSignatureException

Exception onXMLSignatureException(XMLSignatureException e)

Method called when an XMLSignatureException is thrown by the method XMLSignature.validate(javax.xml.crypto.dsig.XMLValidateContext).

You can return more specific exceptions which are useful for your use-case.

Parameters:: e - exception
Returns:: exception exception which is then thrown by XmlSignerProcessor.

start

void start()

signatureValueValidationFailed

void signatureValueValidationFailed(XMLSignature.SignatureValue value)
                                    throws Exception

Throws:: Exception

referenceValidationFailed

void referenceValidationFailed(Reference ref)
                               throws Exception

Throws:: Exception

manifestReferenceValidationFailed

void manifestReferenceValidationFailed(Reference ref)
                                       throws Exception

Throws:: Exception

ignoreCoreValidationFailure

boolean ignoreCoreValidationFailure()
                                    throws Exception

If true is returned then the verifier will go-on as if there was no validation failure. If false is returned than the verifier will throw an XmlSignatureInvalidException.

Best practice is to return false to ensure that after a core validation failure, the verification fails.

Returns:: true or false
Throws:: Exception

end

void end()
         throws Exception

Throws:: Exception