Package com.sun.xml.wss

Examples of com.sun.xml.wss.XWSSecurityException

247
248
249
250
251
252
253
254
           Callback[] callbacks = new Callback[] { pkCallback };
           _handler.handle(callbacks);

           return pkCallback.getKey();
        } catch (Exception e) {
            throw new XWSSecurityException(e);
        }
    }
View Full Code Here
296
297
298
299
300
301
302
303
           Callback[] callbacks = new Callback[] { pkCallback };
           _handler.handle(callbacks);

           return pkCallback.getKey();
        } catch (Exception e) {
            throw new XWSSecurityException(e);
        }
     }
View Full Code Here
327
328
329
330
331
332
333
334
335
336
337
                    XMLStreamBuffer mark = new XMLStreamBufferMark(headerBlockNamespaces, creator);
                    GenericSecuredHeader gsh = new GenericSecuredHeader(reader, soapVersion, creator, (HashMap) namespaces, staxIF, context.getEncHeaderContent());
                    headers.add(gsh);

                } catch (XMLStreamBufferException ex) {
                    throw new XWSSecurityException("Error occurred while reading SOAP Header" + ex);
                }
            }
            while (reader.isWhiteSpace()) {
                reader.next();
            }
View Full Code Here
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
                                }
                            }
                        } else {
                            //unrecognized valuetype
                            logger.log(Level.SEVERE, LogStringsMessages.WSS_1616_UNRECOGNIZED_BST_VALUETYPE(valueType));
                            throw new XWSSecurityException(LogStringsMessages.WSS_1616_UNRECOGNIZED_BST_VALUETYPE(valueType));
                        }

                        break;
                    }
                    case ENCRYPTED_KEY_ELEMENT: {
                        EncryptedKey ek = new EncryptedKey(message, context, (HashMap) currentParentNS);
                        ArrayList<String> list = (ArrayList) ek.getPendingReferenceList();
                        if (list != null) {
                            findAndReplaceED(list, ek);
                            if (ek.getPendingReferenceList().size() > 0) {
                                if (pendingElement == null) {
                                    pendingElement = ek;
                                }//else{
                                addSecurityHeader(ek);
                                //}
                            }
                        } else {
                            addSecurityHeader(ek);
                        }
                        if (ek.getPolicy() != null) {
                            context.getInferredSecurityPolicy().append(ek.getPolicy());
                        }
                        break;
                    }
                    case ENCRYPTED_DATA_ELEMENT: {
                        EncryptedData ed = new EncryptedData(message, context, currentParentNS);
                        handleEncryptedData(ed, currentParentNS);
                        break;
                    }

                    case ENCRYPTED_HEADER_ELEMENT: {
                        throw new XWSSecurityException("wsse11:EncryptedHeader not allowed inside SecurityHeader");
                        //break;
                    }

                    case REFERENCE_LIST_ELEMENT: {
                        ReferenceListHeader refList = new ReferenceListHeader(message, context);
                        if (pendingElement == null) {
                            pendingElement = refList;
                        } else {
                            addSecurityHeader(refList);
                        }

                        context.getInferredSecurityPolicy().append(refList.getPolicy());
                        break;
                    }
                    case SIGNATURE_ELEMENT: {
                        Signature sig = new Signature(context, currentParentNS, creator);
                        sig.process(message);
                        if (!sig.isValidated()) {
                            if (pendingElement == null) {
                                pendingElement = sig;
                            } else {
                                addSecurityHeader(sig);
                            }
                        } else {
                            if (!processedHeaders.contains(sig)) {
                                processedHeaders.add(sig);
                            }
                        }
                        context.getInferredSecurityPolicy().append(sig.getPolicy());
                        break;
                    }
                    case DERIVED_KEY_ELEMENT: {
                        DerivedKeyToken dkt = new DerivedKeyToken(message, context, (HashMap) currentParentNS);
                        processedHeaders.add(dkt);
                        break;
                    }
                    case SIGNATURE_CONFIRMATION_ELEMENT: {
                        SignatureConfirmation signConfirm = new SignatureConfirmation(message, creator, (HashMap) currentParentNS, staxIF);
                        WSSPolicy policy = signConfirm.getPolicy();
                        signConfirm.validate(context);
                        processedHeaders.add(signConfirm);
                        context.getInferredSecurityPolicy().append(signConfirm.getPolicy());
                        break;
                    }
                    case SECURITY_CONTEXT_TOKEN: {
                        SecurityContextToken sct = new SecurityContextToken(message, context, (HashMap) currentParentNS);
                        processedHeaders.add(sct);
                        break;
                    }
                    case SAML_ASSERTION_ELEMENT: {
                        SAMLAssertion samlAssertion = new SAMLAssertion(message, context, null, (HashMap) currentParentNS);
                        processedHeaders.add(samlAssertion);
                        if (samlAssertion.isHOK()) {
                            if (!samlAssertion.validateSignature()) {
                                logger.log(Level.SEVERE, LogStringsMessages.WSS_1614_SAML_SIGNATURE_INVALID());
                                throw SOAPUtil.newSOAPFaultException(MessageConstants.WSSE_FAILED_AUTHENTICATION,
                                        LogStringsMessages.WSS_1614_SAML_SIGNATURE_INVALID(),
                                        new Exception(LogStringsMessages.WSS_1614_SAML_SIGNATURE_INVALID()));
                            }
                        }
                        samlAssertion.validate(context);
                        samlAssertion.getKey();
                        // Set in the extraneous property only if not already set
                        // workaround in the case where there are two HOK assertions in the request
                        if (context.getExtraneousProperty(MessageConstants.INCOMING_SAML_ASSERTION) == null && samlAssertion.isHOK()) {
                            context.getExtraneousProperties().put(MessageConstants.INCOMING_SAML_ASSERTION, samlAssertion);
                        }
                        context.getInferredSecurityPolicy().append(samlAssertion.getPolicy());
                        if (context.isTrustMessage() && !context.isClient()) {
                            IssuedTokenContext ctx;
                            if (context.getTrustContext() == null) {
                                ctx = new IssuedTokenContextImpl();
                                ctx.setAuthnContextClass(MessageConstants.PREVIOUS_SESSION_AUTH_TYPE);
                                context.setTrustContext(ctx);
                            } else {
                                ctx = context.getTrustContext();
                                if (ctx.getAuthnContextClass() != null) {
                                    ctx.setAuthnContextClass(MessageConstants.PREVIOUS_SESSION_AUTH_TYPE);
                                    context.setTrustContext(ctx);
                                }
                            }
                        }
//                        } else if (!context.isTrustMessage()) {
//                            context.getInferredSecurityPolicy().append(samlAssertion.getPolicy());
//                        }

                        break;
                    }
                    case STR_ELEMENT: {
                        SecurityTokenProcessor str = new SecurityTokenProcessor(context, null);
                        str.resolveReference(message);
                        break;
                    }
                    default: {
                        // Throw Exception if an unrecognized Security Header is present
                        if (message.getEventType() == XMLStreamReader.START_ELEMENT
                                && getSecurityElementType() == -1) {
                            logger.log(Level.SEVERE, LogStringsMessages.WSS_1613_UNRECOGNIZED_SECURITY_ELEMENT(message.getLocalName()));
                            throw new XWSSecurityException(LogStringsMessages.WSS_1613_UNRECOGNIZED_SECURITY_ELEMENT(message.getLocalName()));
                        }
                    }
                }
                if (StreamUtil._break(message, MessageConstants.WSSE_SECURITY_LNAME, MessageConstants.WSSE_NS)) {
                    break;
                }
                eventType = getSecurityElementType();
                if (eventType == -1 && !StreamUtil.isStartElement(message)) {
                    if (StreamUtil._break(message, MessageConstants.WSSE_SECURITY_LNAME, MessageConstants.WSSE_NS)) {
                        break;
                    } else {
                        message.next();
                    }
                }
            }
            message.next();
        } catch (XMLStreamException ex) {
            //ex.printStackTrace();
            logger.log(Level.FINE, "Error occurred while reading SOAP Headers", ex);
            throw new XWSSecurityException(ex);
        } catch (XMLStreamBufferException ex) {
            //  ex.printStackTrace();
            logger.log(Level.FINE, "Error occurred while reading SOAP Headers", ex);
            throw new XWSSecurityException(ex);
        }
    }
View Full Code Here
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
                    }
                    if (refList.getPendingReferenceList().isEmpty()) {
                        pendingElement = null;
                    } else {
                        String uri = refList.getPendingReferenceList().get(0);
                        throw new XWSSecurityException("Reference with ID " + uri + " was not found in the message");
                    }

                }
            } catch (XMLStreamException e) {
                // TODO need to throw more meaningful exception
                throw new WebServiceException(e);
            } catch (XWSSecurityException xse) {
                throw new WebServiceException(xse);
            }
        }

        ArrayList clonedBufferedHeaders = (ArrayList) bufferedHeaders.clone();
        if (clonedBufferedHeaders.size() > 0) {
            for (int i = 0; i < clonedBufferedHeaders.size(); i++) {
                SecurityHeaderElement she = (SecurityHeaderElement) clonedBufferedHeaders.get(i);
                processSecurityHeader(she);
            }
        }
        if (processedHeaders.size() > 0) {
            for (int i = 0; i < processedHeaders.size(); i++) {
                SecurityHeaderElement she = (SecurityHeaderElement) processedHeaders.get(i);
                processProcessedHeaders(she);
            }
        }

        try {
            if (message == null) {
                message = getEmptyBody();
            }
        } catch (XMLStreamException xse) {
            throw new XWSSecurityException(xse);
        }

        Message streamMsg = null;
        AttachmentSet as = securityContext.getDecryptedAttachmentSet();
        if (as == null || as.isEmpty()) {
            as = securityContext.getAttachmentSet();
        }       
        if (!context.getDisablePayloadBuffering() && (!context.isSecure() || "Fault".equals(message.getLocalName()))) {
            if (logger.isLoggable(Level.FINE)) {
                logger.log(Level.FINE, "Buffering Payload from incomming message");
            }
            VerifiedMessageXMLStreamReader verifiedReader = new VerifiedMessageXMLStreamReader(message, bodyENVNS);
            streamMsg = new VerifiedStreamMessage(envelopeTag, headerTag, as, headers, bodyTag, verifiedReader, soapVersion, this.bodyENVNS);
        } else {
            if (logger.isLoggable(Level.FINE)) {
                logger.log(Level.FINE, "Not Buffering Payload from incomming message");
            }
            // FIXME: RJE -- remove cast once StreamMessage constr can take MessageHeaders
            streamMsg = new StreamMessage(envelopeTag, headerTag, as, (HeaderList) headers, bodyTag, message, soapVersion);
        }
        context.setMessage(streamMsg);
        boolean scCancel = false;
        /*if(streamMsg.isFault())
        return streamMsg;*/
        if (context.getAddressingVersion() != null) {
            String action = AddressingUtils.getAction(streamMsg.getHeaders(), context.getAddressingVersion(), context.getSOAPVersion());

            if (MessageConstants.MEX_GET.equals(action)) {
                return streamMsg;
            }
            if (MessageConstants.CANCEL_SECURITY_CONTEXT_TOKEN_ACTION.equals(action) ||
                    MessageConstants.CANCEL_SECURITY_CONTEXT_TOKEN_RESPONSE_ACTION.equals(action)) {
                scCancel = true;
            }
        }
        SecurityPolicy msgPolicy =  context.getSecurityPolicy();

        //boolean isTrust = context.isTrustMessage();
        if (PolicyUtils.isEmpty(msgPolicy)) {
            PolicyResolver opResolver =
                    (PolicyResolver) context.getExtraneousProperty(context.OPERATION_RESOLVER);
            if (opResolver != null) {
                msgPolicy = opResolver.resolvePolicy(context);
            }
        }
        if (context.isSecure() && context.getInferredSecurityPolicy().isEmpty()) {
            if (PolicyUtils.isEmpty(msgPolicy) || context.isMissingTimestampAllowed()) {
                return streamMsg;
            } else {
                throw new XWSSecurityException("Security Requirements not met - No Security header in message");
            }
        }

        // for policy verification, replace target uris with qnames for signature and encryption targets
        try {
            MessagePolicy inferredMessagePolicy = context.getInferredSecurityPolicy();
            for (int i = 0; i < inferredMessagePolicy.size(); i++) {
                WSSPolicy wssPolicy = (WSSPolicy) inferredMessagePolicy.get(i);
                if (PolicyTypeUtil.signaturePolicy(wssPolicy)) {
                    SignaturePolicy.FeatureBinding fb = (SignaturePolicy.FeatureBinding) wssPolicy.getFeatureBinding();
                    ArrayList targets = fb.getTargetBindings();
                    // replace uri target types with qname target types
                    modifyTargets(targets);
                } else if (PolicyTypeUtil.encryptionPolicy(wssPolicy)) {
                    EncryptionPolicy.FeatureBinding fb = (EncryptionPolicy.FeatureBinding) wssPolicy.getFeatureBinding();
                    ArrayList targets = fb.getTargetBindings();
                    // replace uri target types with qname target types
                    modifyTargets(targets);
                }
            }

        } catch (Exception ex) {
            throw new XWSSecurityException(ex);
        }

        if (scCancel) {
            boolean securedBody = false;
            boolean allHeaders = false;
            try {
                MessagePolicy mp = context.getInferredSecurityPolicy();
                for (int i = 0; i < mp.size(); i++) {
                    WSSPolicy wp = (WSSPolicy) mp.get(i);
                    if (PolicyTypeUtil.encryptionPolicy(wp)) {
                        EncryptionPolicy ep = (EncryptionPolicy) wp;
                        ArrayList list = ((EncryptionPolicy.FeatureBinding) ep.getFeatureBinding()).getTargetBindings();
                        for (int ei = 0; ei < list.size(); ei++) {
                            EncryptionTarget et = (EncryptionTarget) list.get(ei);
                            if (et.getValue().equals(Target.BODY)) {
                                securedBody = true;
                            }
                        }
                    } else if (PolicyTypeUtil.signaturePolicy(wp)) {
                        SignaturePolicy sp = (SignaturePolicy) wp;
                        ArrayList list = ((SignaturePolicy.FeatureBinding) sp.getFeatureBinding()).getTargetBindings();
                        for (int ei = 0; ei < list.size(); ei++) {
                            SignatureTarget st = (SignatureTarget) list.get(ei);
                            //if(st.getValue() == Target.BODY){
                            if (st.getValue().equals(Target.BODY)) {
                                securedBody = true;
                            }
                        }
                        if (!allHeaders) {
                            allHeaders = areHeadersSecured(sp);
                        }
                    }
                }
            } catch (Exception ex) {
                throw new XWSSecurityException(ex);
            }

            if (!context.isSecure() && (!securedBody || !allHeaders)) {
                logger.log(Level.SEVERE, LogStringsMessages.WSS_1602_SCCANCEL_SECURITY_UNCONFIGURED());
                throw new XWSSecurityException("Security Requirements not met");
            }
            return streamMsg;
        }

        if (context.getInferredSecurityPolicy() == null || context.getInferredSecurityPolicy().isEmpty()) {
View Full Code Here
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
    }

    @SuppressWarnings("unchecked")
    private void processProcessedHeaders(SecurityHeaderElement she) throws XWSSecurityException {
        if (she instanceof EncryptedData) {
            throw new XWSSecurityException("Error in Processing, EncryptedData inside procesesdHeaders, should never happen");
        } else if (she instanceof EncryptedKey) {
            EncryptedKey ek = (EncryptedKey) she;
            ArrayList<String> list = (ArrayList) ek.getPendingReferenceList();
            if (list != null && list.size() > 0) {
                throw new XWSSecurityException("Error in processing, ReferenceList inside EK should have been processed");
            }
        } else if (she instanceof ReferenceListHeader) {
            ReferenceListHeader refList = (ReferenceListHeader) she;
            if (refList.getPendingReferenceList() != null && refList.getPendingReferenceList().size() > 0) {
                throw new XWSSecurityException("Error in processing, references in ReferenceList not processed");
            }
        } else if (she instanceof Signature) {
            Signature sig = (Signature) she;
            if (sig.getReferences() != null && sig.getReferences().size() > 0) {
                throw new XWSSecurityException("Error in processing, references in Signature not processed");
            }
        }
    }
View Full Code Here
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
                    Attachment as = new AttachmentImpl(ed.getAttachmentContentId(), decryptedMimeData, ed.getAttachmentMimeType());
                    securityContext.getDecryptedAttachmentSet().add(as);
                }
            } catch (XMLStreamException ex) {
                logger.log(Level.SEVERE,LogStringsMessages.WSS_1615_ERROR_DECRYPTING_ENCRYPTED_DATA(),ex);
                throw new XWSSecurityException("Error occurred while decrypting EncryptedData with ID " + ed.getId(), ex);
            }
        } else if (she instanceof EncryptedKey) {
            EncryptedKey ek = (EncryptedKey) she;
            if (pendingElement == null) {
                pendingElement = ek;
            }
            addSecurityHeader(ek);
            ArrayList<String> list = (ArrayList) ek.getPendingReferenceList();
            if (list != null) {
                findAndReplaceED(list, ek);

                if (ek.getPendingReferenceList().size() > 0 && payLoadWsuId.length() > 0) {
                    if (ek.getPendingReferenceList().contains(payLoadWsuId)) {

                        EncryptedData ed;
                        try {
                            ed = new EncryptedData(message, context, bodyENVNS);
                            payLoadWsuId = ed.getId();
                            handlePayLoadED(ed);
                        } catch (XMLStreamException ex) {
                            logger.log(Level.SEVERE, LogStringsMessages.WSS_1615_ERROR_DECRYPTING_ENCRYPTED_DATA(), ex);
                            throw new XWSSecurityException("Error occurred while parsing EncryptedData" + ex);
                        }
                        ek.getPendingReferenceList().remove(payLoadWsuId);
                    }
                }
                if (!ek.getPendingReferenceList().isEmpty()) {
                    throw new XWSSecurityException("Data  Reference under EncryptedKey with ID " + ek.getId() + " is not found");
                } else {
                    pendingElement = null;
                    bufferedHeaders.remove(ek);
                    addSecurityHeader(ek);
                }
            }
        } else if (she instanceof ReferenceListHeader) {
            ReferenceListHeader refList = (ReferenceListHeader) she;
            if (refList.getPendingReferenceList().contains(payLoadWsuId)) {
                try {
                    EncryptedData ed = new EncryptedData(message, context, bodyENVNS);

                    //for policy verification
                    refList.getPolicy().setKeyBinding(ed.getInferredKB());
                    //
                    payLoadWsuId = ed.getId();
                    handlePayLoadED(ed);
                    refList.getPendingReferenceList().remove(payLoadWsuId);
                    cachePayLoadId();
                    payLoadEncId = ed.getId();
                } catch (XMLStreamException ex) {
                    throw new XWSSecurityException("Error occurred while processing EncryptedData", ex);
                }
            }
            if (refList.getPendingReferenceList().size() > 0) {
                findAndReplaceED((ArrayList<String>) refList.getPendingReferenceList(), refList);
            }
            if (refList.getPendingReferenceList().size() > 0) {
                String uri = refList.getPendingReferenceList().get(0);
                throw new XWSSecurityException("Reference with ID " + uri + " was not found in the message");
            }
        } else {
            throw new XWSSecurityException("Need to support this header, please file a bug." + she);
        }
    }
View Full Code Here
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
        }
        if (payLoadWsuId.length() > 0) {
            payLoadRef = sig.removeReferenceWithID("#" + payLoadWsuId);
        }
        if (bodyRef != null && payLoadRef != null) {
            throw new XWSSecurityException("Does not support signing of Body and PayLoad together");
        }

        boolean validated = false;
        try {
            validated = sig.validate();
        } catch (XWSSecurityException xe) {
            throw new WebServiceException(xe);
        }
        if (!validated) {
            ArrayList<com.sun.xml.ws.security.opt.crypto.dsig.Reference> refs = sig.getReferences();
            if (refs != null && refs.size() > 0) {
                throw new WebServiceException("Could not find Reference " + refs.get(0).getURI() + " under Signature with ID" + sig.getId());
            } else {
                throw new XWSSecurityException("Verification of Signature with ID  " + sig.getId() + " failed, possible cause : proper canonicalized" +
                        "signedinfo was not produced.");
            }
        } else {
            if (bodyRef != null) {
                message = sig.wrapWithDigester(bodyRef, message, bodyPrologue, bodyEpilogue, bodyTag, parentNSOnEnvelope, false);
View Full Code Here
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
                findAndReplaceED((ArrayList<String>) ek.getPendingReferenceList(), ek);
                if (ek.getPendingReferenceList().isEmpty()) {
                    pendingElement = null;
                } else {
                    String uri = ek.getPendingReferenceList().get(0);
                    throw new XWSSecurityException("Could not find Reference " + uri + " under EncryptedKey with ID" + ek.getId());
                }
            }
        } else {
            message = ed.getDecryptedData();
            if (message != null && message.hasNext()) {
View Full Code Here
1592
1593
1594
1595
1596
1597
1598
1599
1600
1601
1602
1603
1604
1605
1606
1607
1608
1609
1610
1611
1612
1613
1614
1615
1616
1617
1618
1619
1620
1621
1622
1623
1624
1625
1626
1627
1628
1629
1630
1631
1632
1633
1634
1635
1636
1637
1638
1639
1640
1641
1642
1643
1644
1645
1646
1647
1648
1649
1650
1651
1652
            for (int j = 0; j < processedHeaders.size(); j++) {
                SecurityHeaderElement header = (SecurityHeaderElement) processedHeaders.get(j);
                if (id.equals(header.getId())) {
                    if (header instanceof EncryptedData) {
                        found = true;
                        throw new XWSSecurityException("EncryptedKey or ReferenceList must appear before EncryptedData element with ID" + header.getId());
                    }
                }
            }
            if (found) {
                continue;
            }
            for (int j = 0; j < bufferedHeaders.size(); j++) {
                SecurityHeaderElement header = (SecurityHeaderElement) bufferedHeaders.get(j);
                if (id.equals(header.getId())) {
                    if (header instanceof EncryptedData) {
                        EncryptedData ed = (EncryptedData) header;
                        if (!ed.hasCipherReference()) {
                            XMLStreamReader decryptedData = null;
                            try {
                                if (ek != null) {
                                    if (ek.getPolicy() != null) {
                                        //for policy verification
                                        ek.getPolicy().setKeyBinding(ek.getInferredKB());
                                    }
                                    decryptedData = ed.getDecryptedData(ek.getKey(ed.getEncryptionAlgorithm()));
                                } else if (rlh != null) {
                                    rlh.getPolicy().setKeyBinding(ed.getInferredKB());
                                    decryptedData = ed.getDecryptedData();
                                } else {
                                    throw new XWSSecurityException("Internal Error: Both EncryptedKey and ReferenceList are set to null");
                                }


                                SecurityHeaderProcessor shp = new SecurityHeaderProcessor(context, envshNS, staxIF, creator);
                                if (decryptedData.getEventType() != XMLStreamReader.START_ELEMENT) {
                                    StreamUtil.moveToNextElement(decryptedData);
                                }
                                SecurityHeaderElement she = shp.createHeader(decryptedData);
                                edList.remove(ed.getId());
                                encIds.put(ed.getId(), she.getId());
                                edAlgos.put(ed.getId(), ed.getEncryptionAlgorithm());
                                bufferedHeaders.set(i, she);
                            } catch (XMLStreamException ex) {
                                logger.log(Level.SEVERE,LogStringsMessages.WSS_1615_ERROR_DECRYPTING_ENCRYPTED_DATA(), ex);
                                throw new XWSSecurityException("Error occurred while decrypting EncryptedData with ID " + ed.getId(), ex);
                            }
                        } else {
                            // handle encrypted attachment here
                            byte[] decryptedMimeData = null;
                            if (ek != null) {
                                decryptedMimeData = ed.getDecryptedMimeData(ek.getKey(ed.getEncryptionAlgorithm()));
                            } else if (rlh != null) {
                                decryptedMimeData = ed.getDecryptedMimeData();
                            } else {
                                throw new XWSSecurityException("Internal Error: Both EncryptedKey and ReferenceList are set to null");
                            }
                            Attachment as = new AttachmentImpl(ed.getAttachmentContentId(), decryptedMimeData, ed.getAttachmentMimeType());
                            securityContext.getDecryptedAttachmentSet().add(as);
                            edList.remove(ed.getId());
                        }
View Full Code Here
TOP

Related Classes of com.sun.xml.wss.XWSSecurityException

  • com.sun.xml.rpc.security.SecurityPluginUtil
  • com.sun.xml.ws.security.impl.IssuedTokenContextImpl
  • com.sun.xml.ws.security.impl.kerberos.KerberosLogin
  • com.sun.xml.ws.security.opt.impl.crypto.JAXBDataImpl
  • com.sun.xml.ws.security.opt.impl.dsig.DSigResolver
  • com.sun.xml.ws.security.opt.impl.dsig.SignatureElementFactory
  • com.sun.xml.ws.security.opt.impl.incoming.DerivedKeyToken
  • com.sun.xml.ws.security.opt.impl.incoming.EncryptedData
  • com.sun.xml.ws.security.opt.impl.incoming.EncryptedKey
  • com.sun.xml.ws.security.opt.impl.incoming.KeySelectorImpl
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.