Package se.idsec.signservice.integration.config

Interface IntegrationServiceDefaultConfiguration

All Superinterfaces:
Extensible, Serializable
public interface IntegrationServiceDefaultConfiguration extends Extensible
Interface that represents the default settings of a SignService Integration Service policy/instance.
Author:
Martin Lindström (martin@idsec.se), Stefan Santesson (stefan@idsec.se)

  • Field Details

  • Method Details

    • getPolicy

      String getPolicy()
      Gets the integration policy name for which this configuration applies.
      Returns:
      the policy identifier

    • getDefaultSignRequesterID

      String getDefaultSignRequesterID()
      Gets the default ID of the entity that requests a signature. If SAML is used as the authentication protocol, this is the SAML entityID of the sign requester.

      This value is used if SignRequestInput.getSignRequesterID() returns null.

      Returns:
      the default sign requester ID

    • getDefaultReturnUrl

      String getDefaultReturnUrl()
      Gets the default URL to which the user agent along with the sign response message should be directed after a signature operation.

      This value is used if SignRequestInput.getReturnUrl() returns null.

      Returns:
      the default URL to which a sign response is to be returned

    • getDefaultSignatureAlgorithm

      String getDefaultSignatureAlgorithm()
      Gets the default algorithm identifier for the signature algorithm that should be used during signing of specified tasks.

      This value is used if SignRequestInput.getSignatureAlgorithm() returns null.

      Returns:
      signature algorithm identifier

    • getSignServiceID

      String getSignServiceID()
      Gets the entityID of the signature service. If SAML is used as the authentication protocol, this is the SAML entityID of the SAML Service Provider that is running in the signature service.
      Returns:
      the ID of the signature service

    • getDefaultDestinationUrl

      String getDefaultDestinationUrl()
      Gets the default signature service URL to where SignRequest messages should be posted.

      This value is used if SignRequestInput.getDestinationUrl() returns null.

      Returns:
      the default destination URL of the signature service to where sign messages should be posted

    • getDefaultAuthnServiceID

      String getDefaultAuthnServiceID()
      In a setup where only one authentication service (IdP) is used to authenticate users, a default value could be used. If the AuthnRequirements.getAuthnServiceID() method returns null, the default value will the be used.
      Returns:
      the entityID for the default authentication service, or null if no default exists
      See Also:

    • getDefaultAuthnContextRef

      String getDefaultAuthnContextRef()
      In a setup where all users are authenticated according to the same authentication contect, a default value could be used. If the AuthnRequirements.getAuthnContextClassRefs() method returns null or is empty, the default value will be used.
      Returns:
      the default authentication context reference URI
      See Also:

    • getDefaultCertificateRequirements

      SigningCertificateRequirements getDefaultCertificateRequirements()
      Gets the default signing certificate requirements to use for SignRequest messages created under this policy/configuration.

      This value is used if SignRequestInput.getCertificateRequirements() returns null.

      Returns:
      the default signing certificate requirements

    • getDefaultVisiblePdfSignatureRequirement

      VisiblePdfSignatureRequirement getDefaultVisiblePdfSignatureRequirement()
      A policy may be configured to include a default "visible PDF signature requirement" for all PDF documents that are signed under this policy.
      Returns:
      the default visible PDF signature requirement to use for PDF signatures, or null

    • getPdfSignatureImageTemplates

      List<? extends PdfSignatureImageTemplate> getPdfSignatureImageTemplates()
      A policy may have one, or more, image templates for visible PDF signatures in its configuration. See PdfSignatureImageTemplate. This method gets these templates.
      Returns:
      a list of image templates for visible PDF signatures, or null if none exists

    • getPdfSignaturePages

      List<? extends PdfSignaturePage> getPdfSignaturePages()
      A policy may have one, or more, configured PDF signature pages. See ExtendedSignServiceIntegrationService.preparePdfSignaturePage(String, byte[], se.idsec.signservice.integration.document.pdf.PdfSignaturePagePreferences) for a description of PDF signature pages. The first object in the list is regarded as the default page for the policy.
      Returns:
      a list of PDF signature pages for the policy, or null if no such pages are defined for the policy

    • isStateless

      boolean isStateless()
      Tells whether the SignService Integration Service is running in stateless mode or not.

      A SignService Integration Service may execute in a stateless mode, meaning that it does not keep a session state and leaves it up to the caller to maintain the state between calls to SignServiceIntegrationService.createSignRequest(SignRequestInput) and SignServiceIntegrationService.processSignResponse(String, String, SignatureState, SignResponseProcessingParameters), or it may execute in a stateful mode, meaning that it keeps the necessary data between calls to SignServiceIntegrationService.createSignRequest(SignRequestInput) and SignServiceIntegrationService.processSignResponse(String, String, SignatureState, SignResponseProcessingParameters) and the only thing the caller needs to keep track of its the ID of the signature operation (see SignatureState.getId().

      Returns:
      if the SignService Integration Service is running in stateless mode true is returned, otherwise false
      See Also:

    • getDefaultEncryptionParameters

      EncryptionParameters getDefaultEncryptionParameters()
      Gets the default encryption parameters (algorithms) that is used by the SignService Integration Service when encrypting a SignMessage. The sign requester can not override these values, but the recipient may declare other algorithms to use (in the SAML case, this is done in IdP metadata).
      Returns:
      the default encryption parameters

    • getSignatureCertificate

      String getSignatureCertificate()
      Gets the signing certificate that the SignService Integration Service uses to sign SignRequest messages.

      The format on the returned certificate is the Base64-encoding of the DER-encoding.

      Note: This certificate has nothing to do with the signing certificates that are issued by the sign service.

      Returns:
      the signature certificates for the SignService Integration Service

    • getSignServiceCertificates

      List<String> getSignServiceCertificates()
      Gets the signature service signing certificate(s) used by the signature service to sign SignResponse messages.

      The format on the returned certificates is the Base64-encoding of the DER-encoding.

      The reason that more than one certificate may be returned is to facilitate signature service key rollover.

      Returns:
      the signature service signing certificate(s)

    • getTrustAnchors

      List<String> getTrustAnchors()
      Gets the trust anchor certificate(s) of the SignService CA (Certificate Authority). With trust anchor we mean the trusted root certificate that is the root of the certificate chain that starts with the generated user signature certificate.

      The format on the returned certificates is the Base64-encoding of the DER-encoding.

      If an empty list is returned, this means that signature validation "trusts any" root.

      Returns:
      the SignService CA root certificate(s)