Examples of com.sun.xml.wss.impl.policy.mls.MessagePolicy

com.sun.xml.wss.impl.policy.mls.MessagePolicy
Represents an ordered collection of Security Policies

            operation =message.getOperation(pipeConfig.getWSDLPort());
        }
        
        //Review : Will this return operation name in all cases , doclit,rpclit, wrap / non wrap ?
        
        MessagePolicy mp = null;
        PolicyAlternativeHolder applicableAlternative =
                    resolveAlternative(packet,isSCMessage);
        //if(operation == null){
        //Body could be encrypted. Security will have to infer the
        //policy from the message till the Body is decrypted.
        //    mp =  new MessagePolicy();
        //}
        if (applicableAlternative.getOutMessagePolicyMap() == null) {
            //empty message policy
            return new MessagePolicy();
        }
        SecurityPolicyHolder sph = 
                (SecurityPolicyHolder) applicableAlternative.getOutMessagePolicyMap().get(operation);
        if(sph == null){
            return new MessagePolicy();
        }
        mp = sph.getMessagePolicy();
        return mp;
    }

View Full Code Here

     * @param ap SecurityPolicy
     * @throws com.sun.xml.wss.impl.PolicyViolationException
     */
    public void verifyPolicy(SecurityPolicy ip, SecurityPolicy ap) throws PolicyViolationException {
        
        MessagePolicy actualPolicy = (MessagePolicy)ap;
        MessagePolicy inferredSecurityPolicy = (MessagePolicy)ip;
        JAXBFilterProcessingContext context = null;
        if (ctx instanceof JAXBFilterProcessingContext) {
            context = (JAXBFilterProcessingContext)ctx;
        }
        //this code has been moved from SecurityRecipient.
        //because in the presence of alternatives this check has to be done
        //with a specific actualpolicy only.
        if (actualPolicy != null) {
            if (actualPolicy.isSSL() && context != null && !context.isSecure()) {
                log.log(Level.SEVERE, LogStringsMessages.WSS_1601_SSL_NOT_ENABLED());
                throw new XWSSecurityRuntimeException(LogStringsMessages.WSS_1601_SSL_NOT_ENABLED());
            }
        }


        if(actualPolicy == null || actualPolicy.size() <= 0){
            if ((inferredSecurityPolicy != null) && (inferredSecurityPolicy.size() > 0)) {
                //this could be a plain SSL scenario
                if (!checkAllowExtraTimestamp(inferredSecurityPolicy)) {
                    log.log(Level.SEVERE, LogStringsMessages.WSS_0805_POLICY_NULL());
                    throw new PolicyViolationException("ERROR: Policy for the service could not be obtained");
                }
            }
        } else if(inferredSecurityPolicy == null || inferredSecurityPolicy.size() <= 0){
            throw new PolicyViolationException("ERROR: No security header found in the message");
        } else{ // verify policy now
            try{
                for(int i = 0; i < actualPolicy.size(); i++) {
                    WSSPolicy actualPol = (WSSPolicy)actualPolicy.get(i);

View Full Code Here

  }


  private SupportingTokenType determineTokenType(SecurityPolicy recvdPolicy) {
    SupportingTokenType ret = SupportingTokenType.UNKNOWN;
    if (recvdPolicy instanceof MessagePolicy) {
      MessagePolicy pol = (MessagePolicy) recvdPolicy;
      for (int i = 0; i < pol.size(); i++) {
        try {
          WSSPolicy p = (WSSPolicy) pol.get(i);
          if (PolicyTypeUtil.usernameTokenBinding(p) || PolicyTypeUtil.usernameTokenBinding(p.getFeatureBinding())) {
            ret = SupportingTokenType.USERNAME;
            break;
          } else if (PolicyTypeUtil.samlTokenPolicy(p) || PolicyTypeUtil.samlTokenPolicy(p.getFeatureBinding())) {
            ret = SupportingTokenType.SAML;

View Full Code Here

        } else {
           //do policy verification 
           // try with an AlternativeSelector first
           //AlternativeSelector selector = new  DefaultAlternativeSelector();
           AlternativeSelector selector = findAlternativesSelector(mps);
           MessagePolicy toVerify = selector.selectAlternative(ctx, mps, recvdPolicy);
           //TODO: the PolicyVerifier.verifyPolicy() method expects the toVerify argument to be
           //passed again. since that interface is a legacy interface,  not changing it
           //right now.
            if (toVerify != null) {
                PolicyVerifier verifier = PolicyVerifierFactory.createVerifier(toVerify, ctx);
                verifier.verifyPolicy(recvdPolicy, toVerify);
                if (toVerify.getPolicyAlternativeId() != null) {
                   ctx.getExtraneousProperties().put(POLICY_ALTERNATIVE_ID,toVerify.getPolicyAlternativeId());
                }
                return;
            } else {
                //unsupported
               throw new UnsupportedOperationException(

View Full Code Here

        if (addVer != null) {
            ctx.setAction(getAction(packet));
        }
        ctx.setSecurityPolicyVersion(spVersion.namespaceUri);
        try {
            MessagePolicy policy = null;
            PolicyAlternativeHolder applicableAlternative =
                    resolveAlternative(packet, isSCMessage);


            if (packet.getMessage().isFault()) {
                policy = getOutgoingFaultPolicy(packet);
            } else if (isRMMessage(packet) || isMakeConnectionMessage(packet)) {
                SecurityPolicyHolder holder = applicableAlternative.getOutProtocolPM().get("RM");
                policy = holder.getMessagePolicy();
            } else if (isSCCancel(packet)) {
                SecurityPolicyHolder holder = applicableAlternative.getOutProtocolPM().get("SC-CANCEL");
                policy = holder.getMessagePolicy();
            } else {
                policy = getOutgoingXWSSecurityPolicy(packet, isSCMessage);
            }


            if (debug && policy != null) {
                policy.dumpMessages(true);
            }
            //this might mislead if there is a bug in code above
            //but we are doing this check for cases such as no-fault-security-policy
            if (policy != null) {
                ctx.setSecurityPolicy(policy);
            }
            if (isTrustMessage(packet)) {
                ctx.isTrustMessage(true);
            }
            // set the policy, issued-token-map, and extraneous properties
            //ctx.setIssuedTokenContextMap(issuedTokenContextMap);
            if (isSCMessage) {
                ctx.setAlgorithmSuite(policy.getAlgorithmSuite());
            } else {
                ctx.setAlgorithmSuite(getAlgoSuite(getBindingAlgorithmSuite(packet)));
            }
            ctx.setSecurityEnvironment(secEnv);
            ctx.isInboundMessage(false);

View Full Code Here

        if (isSCMessage) {
            Token scToken = (Token) packet.invocationProperties.get(SC_ASSERTION);
            return getOutgoingXWSBootstrapPolicy(scToken);
        }


        MessagePolicy mp = null;
        PolicyAlternativeHolder applicableAlternative =
                resolveAlternative(packet, isSCMessage);
        WSDLBoundOperation wsdlOperation = cachedOperation;
        //if(operation == null){
        //Body could be encrypted. Security will have to infer the
        //policy from the message till the Body is decrypted.
        //    mp = emptyMessagePolicy;
        //}
        if (applicableAlternative.getOutMessagePolicyMap() == null) {
            //empty message policy
            return new MessagePolicy();
        }


        if (isTrustMessage(packet) || cachedOperation == null) {
            cachedOperation = getWSDLOpFromAction(packet, false);
        }


        SecurityPolicyHolder sph = applicableAlternative.getOutMessagePolicyMap().get(cachedOperation);
        if (sph == null) {
            return new MessagePolicy();
        }
        mp = sph.getMessagePolicy();
        return mp;
    }

View Full Code Here

            if (faultDetail != null) {
                fault = operation.getFault(faultDetail);
            }
            SecurityPolicyHolder sph = applicableAlternative.getOutMessagePolicyMap().get(cachedOperation);
            if (fault == null) {
                MessagePolicy faultPolicy1 = (sph != null) ? (sph.getMessagePolicy()) : new MessagePolicy();
                return faultPolicy1;
            }
            SecurityPolicyHolder faultPolicyHolder = sph.getFaultPolicy(fault);
            MessagePolicy faultPolicy = (faultPolicyHolder == null) ? new MessagePolicy() : faultPolicyHolder.getMessagePolicy();
            return faultPolicy;
        }
        return null;


    }

View Full Code Here

        Message message = packet.getMessage();
        for (PolicyAlternativeHolder p : this.policyAlternatives) {
            WSDLBoundOperation operation = message.getOperation(tubeConfig.getWSDLPort());
            SecurityPolicyHolder sph = (SecurityPolicyHolder) p.getOutMessagePolicyMap().get(operation);
            if (sph != null && sph.isIssuedTokenAsEncryptedSupportingToken()) {
                MessagePolicy policy = sph.getMessagePolicy();
                ArrayList list = policy.getPrimaryPolicies();
                Iterator i = list.iterator();
                boolean breakOuterLoop = false;
                while (i.hasNext()) {
                    SecurityPolicy primaryPolicy = (SecurityPolicy) i.next();
                    if (PolicyTypeUtil.encryptionPolicy(primaryPolicy)) {

View Full Code Here

        } else {
            mp = getInboundXWSSecurityPolicy(msg);
        }


        if (mp == null) {
            return new MessagePolicy();
        }
        return mp;
    }

View Full Code Here

                    Node faultNode = node.getFirstChild();
                    while (faultNode != null && faultNode.getNodeType() != Node.ELEMENT_NODE)
                            faultNode = faultNode.getNextSibling();   //fix for bug #1487
                    
                    if (faultNode == null) {
                        return new MessagePolicy();
                    }
                    final String uri = faultNode.getNamespaceURI();
                    final QName faultDetail;
                    if (uri != null && uri.length() > 0) {
                        faultDetail = new QName(uri, faultNode.getLocalName());
                    } else {
                        faultDetail = new QName(faultNode.getLocalName());
                    }
                    WSDLFault fault = operation.getFault(faultDetail);                    
                    SecurityPolicyHolder faultPolicyHolder = sph.getFaultPolicy(fault);
                    SecurityPolicy faultPolicy = (faultPolicyHolder == null) ? new MessagePolicy() : faultPolicyHolder.getMessagePolicy();
                    return faultPolicy;
                }
            } catch (SOAPException sx) {
                //sx.printStackTrace();
                //log error
            }
        }
        return new MessagePolicy();


    }

View Full Code Here

0 1 2 3 4 5

TOP

Related Classes of com.sun.xml.wss.impl.policy.mls.MessagePolicy

com.sun.xml.ws.security.impl.policyconv.XWSSPolicyContainer

com.sun.xml.ws.security.impl.policyconv.XWSSPolicyGenerator

com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient

com.sun.xml.ws.security.opt.impl.JAXBFilterProcessingContext

com.sun.xml.ws.security.secconv.impl.client.SCTokenProviderImpl

com.sun.xml.wss.impl.apachecrypto.DecryptionProcessor

com.sun.xml.wss.impl.config.ApplicationSecurityConfiguration

com.sun.xml.wss.impl.dsig.SignatureProcessor

com.sun.xml.wss.impl.misc.XWSSProcessor2_0Impl

com.sun.xml.wss.impl.NewSecurityRecipient

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.