* @throws RuntimeException
*/
@SuppressWarnings("unchecked")
private void augmentConfiguration(int requiredState, boolean modifyReceiverSettings, CallbackHandler handler, boolean debugON,
String signAlias, String encryptAlias) throws PolicyGenerationException {
MessagePolicy mPolicy = null;
DeclarativeSecurityConfiguration dConfiguration = (DeclarativeSecurityConfiguration) _policy;
boolean senderConfiguration = false;
if (requiredState == EMPTY_POLICY_STATE) {
if (modifyReceiverSettings) {
mPolicy = dConfiguration.receiverSettings();
mPolicy.removeAll();
} else {
mPolicy = dConfiguration.senderSettings();
mPolicy.removeAll();
}
if (debugON) {
mPolicy.dumpMessages(true);
}
return;
}
if (modifyReceiverSettings) {
mPolicy = dConfiguration.receiverSettings();
} else {
mPolicy = dConfiguration.senderSettings();
senderConfiguration = !senderConfiguration;
}
Collection newMPolicy = null;
WSSPolicy ts = getTimestampPolicy(mPolicy, handler, senderConfiguration);
boolean requireTimestampPolicy = false;
switch (requiredState) {
case AUTHENTICATE_RECIPIENT_ONLY:
// Resultant List: (encrypt+)
newMPolicy = getEncryptPolicies(mPolicy, handler, senderConfiguration);
mPolicy.removeAll();
mPolicy.appendAll(newMPolicy);
break;
case AUTHENTICATE_SENDER_TOKEN_ONLY:
// Resultant List: (authenticate, encrypt?)
newMPolicy = getUsernamePolicies(mPolicy, handler, senderConfiguration);
mPolicy.removeAll();
mPolicy.appendAll(newMPolicy);
if (!modifyReceiverSettings && configOptimizeAttribute) {
optimize=MessageConstants.SECURITY_HEADERS;
}
break;
case AUTHENTICATE_SENDER_SIGNATURE_ONLY:
// Resultant List: (sign+)
newMPolicy = getSignPolicies(mPolicy, handler, senderConfiguration);
requireTimestampPolicy = !(newMPolicy.isEmpty());
mPolicy.removeAll();
mPolicy.appendAll(newMPolicy);
if (!modifyReceiverSettings && configOptimizeAttribute) {
optimize=MessageConstants.SIGN_BODY;
}
break;
case AUTHENTICATE_RECIPIENT_AUTHENTICATE_SENDER_TOKEN:
/* Resultant List: (encrypt+, authenticate, encrypt?) */
newMPolicy = getEncryptUsernamePolicies(mPolicy, handler, senderConfiguration);
mPolicy.removeAll();
mPolicy.appendAll(newMPolicy);
break;
case AUTHENTICATE_SENDER_TOKEN_AUTHENTICATE_RECIPIENT:
/* Resultant List: (authenticate, encrypt+) */
newMPolicy = getUsernameEncryptPolicies(mPolicy, handler, senderConfiguration);
mPolicy.removeAll();
mPolicy.appendAll(newMPolicy);
break;
case AUTHENTICATE_RECIPIENT_AUTHENTICATE_SENDER_SIGNATURE:
/* Resultant List: (encrypt+, sign+) */
newMPolicy = getEncryptPolicies(mPolicy, handler, senderConfiguration);
Collection signPolicies = getSignPolicies(mPolicy, handler, senderConfiguration);
requireTimestampPolicy = !(signPolicies.isEmpty());
newMPolicy.addAll(signPolicies);
mPolicy.removeAll();
mPolicy.appendAll(newMPolicy);
break;
case AUTHENTICATE_SENDER_SIGNATURE_AUTHENTICATE_RECIPIENT:
/* Resultant List: (sign+, encrypt+) */
newMPolicy = getSignPolicies(mPolicy, handler, senderConfiguration);
requireTimestampPolicy = !(newMPolicy.isEmpty());
newMPolicy.addAll(getEncryptPolicies(mPolicy, handler, senderConfiguration));
mPolicy.removeAll();
mPolicy.appendAll(newMPolicy);
if (!modifyReceiverSettings && configOptimizeAttribute) {
optimize=MessageConstants.SIGN_ENCRYPT_BODY;
}
break;
default:
break;
}
if ((ts != null) && requireTimestampPolicy) {
mPolicy.prepend(ts);
}
if (debugON) {
mPolicy.dumpMessages(true);
}
augmentSignAlias(mPolicy, signAlias);
augmentEncryptAlias(mPolicy, encryptAlias);
}