Package com.pdftools.crypto.providers.globalsigndss

Class Session

  • All Implemented Interfaces:
    java.lang.AutoCloseable
    public class Session
extends Provider

    GlobalSign Digital Signing Service

    In this session, signatures can be created using different identities, i.e. signing certificates. Signing sessions and signing certificates expire after 10 minutes. After this time, they are renewed automatically.

    When signing with this provider, these errors can occur:

    • PermissionException: If the account's quota is reached.

    • RetryException: If one of the account's rate limits is exceeded.

      The service enforces rate limits for both creating new identities and signing operations. So, if multiple documents must be signed at once, it is advisable to re-use the signature configuration (and hence its signing certificates) for signing.

    • HttpException: If a network error occurs or the service is not operational.

    • Constructor Detail

      • Session

        public Session​(java.net.URI url,
               java.lang.String api_key,
               java.lang.String api_secret,
               HttpClientHandler httpClientHandler)
        throws PermissionException,
               HttpException,
               RetryException

        Establish a session to the service

        Parameters:
        url -

        The URL to the service endpoint.

        Typically: https://emea.api.dss.globalsign.com:8443

        api_key - Your account credentials’ key parameter for the login request.
        api_secret - Your account credentials’ secret parameter for the login request.
        httpClientHandler - The SSL configuration with the client certificate and trust store. Use pdftools.HttpClientHandler.setClientCertificateAndKey to set your SSL client certificate "clientcert.crt" and private key "privateKey.key" of your GlobalSign account.
        Throws:
        HttpException - If a network error occurs.
        PermissionException - If a login error occurs, e.g. because the client certificate is rejected or the credentials are incorrect.
        RetryException - If the login rate limit is exceeded.
        java.lang.IllegalArgumentException - if url is null
        java.lang.IllegalArgumentException - if api_key is null
        java.lang.IllegalArgumentException - if api_secret is null
        java.lang.IllegalArgumentException - if httpClientHandler is null

    • Method Detail

      • createSignatureForDynamicIdentity

        public SignatureConfiguration createSignatureForDynamicIdentity​(java.lang.String identity)
                                                         throws PermissionException,
                                                                HttpException,
                                                                RetryException

        Create a signing certificate for an account with a dynamic identity.

        Parameters:
        identity -

        The dynamic identity as JSON string.

        Example: { "subject_dn": {"common_name": "John Doe" } }

        Returns:
        Throws:
        HttpException - If a network error occurs.
        PermissionException - If the request is not authorized by the service.
        RetryException - If the rate limit for creating new identities has been exceeded.
        java.lang.IllegalArgumentException - if identity is null

      • createTimestamp

        public TimestampConfiguration createTimestamp()

        Create a time-stamp configuration

        Returns: