Please Note:

WebServices Guide
Deploy CADP for Java Webservices
Session Oriented APIS
- Add Users to a Group
- Session_AllUserInfo
- Session_ChangePassword
- Session_Cert_Export
- Session_Cert_Import
- Session_Close
- Session_CreateGroup
- Session_CreateUser
- Session_Decrypt
- Session_DeleteGroup
- Session_DeleteUser
- Session_Encrypt
- Session_FPEEncrypt
- Session_FPEDecrypt
- Session_FPEFormatDecryption
- Session_FPEFormatEncryption
- Session_GCMEncrypt
- Session_GCMDecrypt
- Session_GetAllGroupInfo
- Session_GetGroupInfo
- Session_GetKeyAttributes
- Session_GetKeyNames
- Session_Date2_Request
- Session_Date2_CleanupRequest
- Session_HMAC
- Session_HMAC_Verify
- Session_Key_Gen
- Session_Key_Export
- Session_Key_Import
- Session_ModifyCustomAttributes
- Session_Open
- Session_PRNG
- Session_ RemoveUsersFromGroup
- Session_RSA_Sign
- Session_Sign
- Session_RSA_Verify
- Session_SignVerify
- Session_UserInfo
- Session_WrapKey
Stateless APIs
- AddUsersToGroup
- AllUserInfo
- ChangePassword
- Cert_Export
- CertImport
- CreateGroup
- CreateUser
- Decrypt
- DeleteGroup
- DeleteUser
- Encrypt
- FPE_Encrypt
- FPE_Decrypt
- FPEFormatDecryption
- FPEFormatEncryption
- GCM_Encrypt
- GCM_Decrypt
- GetAllGroupInfo
- GetKeyAttributes
- GetKeyNames
- Date2Request
- Date2_CleanupRequest
- HMAC
- HMACVerify
- KeyGen
- keyExport
- KeyImport
- ModifyCustomAttributes
- PRNG
- RemoveUsersFromGroup
- RSASign
- Sign
- RSAVerify
- SignVerify
- UserInfo
- CreateCSRRequest
- modifyKeyPermission
- WrapKey
- GenerateKeyVersion
- AddSecretData
- GetGroupInfo
- GetSecretData
- CertificateSigningRequest
CADP for Java Mobile App Samples
Frequently Asked Questions

CADP for Java
WebServices Guide

WebServices Guide

This document describes how to use the WebServices for CADP for Java. The WebServices include SOAP and Rest APIs.

The CADP for Java WebServices provide an interface to the capabilities of the Key Manager’s key management and cryptographic operations platform. A very thorough set of operations are provided which include: key creation, pseudo random number generation, import and export of key and certificate, encrypt, decrypt, hashing, signing, and hash/sign verification. Access to keys and cryptographic operations are centrally controlled and audited via the Key Manager GUI.

The CADP for Java WebServices are deployed on Apache Tomcat 9 utilizing the CADP for Java provider, which enables interaction between the WebService and Key Manager. Both session oriented and stateless interfaces are provided to all capabilities via SOAP and REST protocols. When using the session oriented APIs, the session context must be established and maintained by the HTTP session during access to the appliances, and closed upon termination of the session. The stateless API requires credentials with every invocation and there is no common context between each call. It is also possible to combine access to both session oriented and stateless API wherever suitable as calls to the stateless API do not affect the active sessions.

Authentication to the WebService is controlled by Key Manager credentials stored within the appliances and optional Active Directory (AD) domain entities. This allows the accommodation of WebService specific credentials in combination with access by AD verified authorizations as is most suitable for each application. All WebService’s users are represented in the Key Manager as cryptographic users and the WebService access is controlled and audited by the user authorizations defined within Key Manager.

The CADP for Java WebService provides both - session oriented and stateless (SOAP and REST) interfaces to Key Manager cryptographic facilities. All session oriented access must be enclosed between Session_Open and Session_Close calls. All stateless calls are autonomous and do not require any setup or closing context. For repeated operations it is most efficient to utilize the session based API as it has the capability to limit repeated interactions with the Key Manager by caching information and cryptographic objects for reuse within the same session.

Session affinity is managed through maintenance of an “HTTP” session scope. This allows the potential for both SOAP and REST interfaces to use session oriented access should that be desirable. The CADP for Java WebService is configured to use “transport session” scope which establishes an HTTP session cookie that the client must return with all interaction with the web server in order to enable access to the same session.

Suggest A Change

WebServices Guide

On this page