Package org.apache.cxf.ws.security.policy.model

Examples of org.apache.cxf.ws.security.policy.model.HttpsToken


    public Assertion build(Element element, AssertionBuilderFactory factory) {
        SPConstants consts = SP11Constants.SP_NS.equals(element.getNamespaceURI())
            ? SP11Constants.INSTANCE : SP12Constants.INSTANCE;

       
        HttpsToken httpsToken = new HttpsToken(consts);
        httpsToken.setOptional(PolicyConstants.isOptional(element));
        httpsToken.setIgnorable(PolicyConstants.isIgnorable(element));

        if (consts.getVersion() == SPConstants.Version.SP_V11) {
            String attr = DOMUtils.getAttribute(element,
                                                SPConstants.REQUIRE_CLIENT_CERTIFICATE);
            if (attr != null) {
                httpsToken.setRequireClientCertificate("true".equals(attr));
            }
        } else {
            Element polEl = PolicyConstants.findPolicyElement(element);
            
            if (polEl != null) {
                Element child = DOMUtils.getFirstElement(polEl);
                if (child != null) {
                    if (SP12Constants.HTTP_BASIC_AUTHENTICATION.equals(DOMUtils.getElementQName(child))) {
                        httpsToken.setHttpBasicAuthentication(true);
                    } else if (SP12Constants.HTTP_DIGEST_AUTHENTICATION
                            .equals(DOMUtils.getElementQName(child))) {
                        httpsToken.setHttpDigestAuthentication(true);
                    } else if (SP12Constants.REQUIRE_CLIENT_CERTIFICATE
                            .equals(DOMUtils.getElementQName(child))) {
                        httpsToken.setRequireClientCertificate(true);
                    }
                }
            }
        }
View Full Code Here


    public Assertion build(Element element, AssertionBuilderFactory factory) {
        SPConstants consts = SP11Constants.SP_NS.equals(element.getNamespaceURI())
            ? SP11Constants.INSTANCE : SP12Constants.INSTANCE;

       
        HttpsToken httpsToken = new HttpsToken(consts);
        httpsToken.setOptional(PolicyConstants.isOptional(element));
        httpsToken.setIgnorable(PolicyConstants.isIgnorable(element));

        if (consts.getVersion() == SPConstants.Version.SP_V11) {
            String attr = DOMUtils.getAttribute(element, SPConstants.REQUIRE_CLIENT_CERTIFICATE);
            if (attr != null) {
                httpsToken.setRequireClientCertificate("true".equals(attr));
            }
        } else {
            Element polEl = PolicyConstants.findPolicyElement(element);
            if (polEl == null) {
                LOG.warning("sp:HttpsToken/wsp:Policy should have a value!");
            } else {
                httpsToken.setPolicy(polEl);
                Element child = DOMUtils.getFirstElement(polEl);
                if (child != null) {
                    if (SP12Constants.HTTP_BASIC_AUTHENTICATION.equals(DOMUtils.getElementQName(child))) {
                        httpsToken.setHttpBasicAuthentication(true);
                    } else if (SP12Constants.HTTP_DIGEST_AUTHENTICATION
                            .equals(DOMUtils.getElementQName(child))) {
                        httpsToken.setHttpDigestAuthentication(true);
                    } else if (SP12Constants.REQUIRE_CLIENT_CERTIFICATE
                            .equals(DOMUtils.getElementQName(child))) {
                        httpsToken.setRequireClientCertificate(true);
                    }
                }
            }
        }
View Full Code Here

    public Assertion build(Element element, AssertionBuilderFactory factory) {
        SPConstants consts = SP11Constants.SP_NS.equals(element.getNamespaceURI())
            ? SP11Constants.INSTANCE : SP12Constants.INSTANCE;

       
        HttpsToken httpsToken = new HttpsToken(consts);
        httpsToken.setOptional(PolicyConstants.isOptional(element));
        httpsToken.setIgnorable(PolicyConstants.isIgnorable(element));

        if (consts.getVersion() == SPConstants.Version.SP_V11) {
            String attr = DOMUtils.getAttribute(element, SPConstants.REQUIRE_CLIENT_CERTIFICATE);
            if (attr != null) {
                httpsToken.setRequireClientCertificate("true".equals(attr));
            }
        } else {
            Element polEl = PolicyConstants.findPolicyElement(element);
            if (polEl == null) {
                throw new IllegalArgumentException(
                    "sp:HttpsToken/wsp:Policy must have a value"
                );
            }
           
            Element child = DOMUtils.getFirstElement(polEl);
            if (child != null) {
                if (SP12Constants.HTTP_BASIC_AUTHENTICATION.equals(DOMUtils.getElementQName(child))) {
                    httpsToken.setHttpBasicAuthentication(true);
                } else if (SP12Constants.HTTP_DIGEST_AUTHENTICATION
                        .equals(DOMUtils.getElementQName(child))) {
                    httpsToken.setHttpDigestAuthentication(true);
                } else if (SP12Constants.REQUIRE_CLIENT_CERTIFICATE
                        .equals(DOMUtils.getElementQName(child))) {
                    httpsToken.setRequireClientCertificate(true);
                }
            }
        }

        return httpsToken;
View Full Code Here

                }
            }
        }
        private void assertHttps(Collection<AssertionInfo> ais, Message message) {
            for (AssertionInfo ai : ais) {
                HttpsToken token = (HttpsToken)ai.getAssertion();
               
                HttpURLConnection connection =
                    (HttpURLConnection) message.get("http.connection");
               
                ai.setAsserted(true);
                Map<String, List<String>> headers = getSetProtocolHeaders(message);
                if (connection instanceof HttpsURLConnection) {
                    HttpsURLConnection https = (HttpsURLConnection)connection;
                    if (token.isRequireClientCertificate()
                        && https.getLocalCertificates().length == 0) {
                        ai.setNotAsserted("RequireClientCertificate is set, but no local certificates");
                    }
                    if (token.isHttpBasicAuthentication()) {
                        List<String> auth = headers.get("Authorization");
                        if (auth == null || auth.size() == 0
                            || !auth.get(0).startsWith("Basic")) {
                            ai.setNotAsserted("HttpBasicAuthentication is set, but not being used");
                        }
                    }
                    if (token.isHttpDigestAuthentication()) {
                        List<String> auth = headers.get("Authorization");
                        if (auth == null || auth.size() == 0
                            || !auth.get(0).startsWith("Digest")) {
                            ai.setNotAsserted("HttpDigestAuthentication is set, but not being used");
                        }                       
View Full Code Here

    public PolicyAssertion build(Element element) {
        SPConstants consts = SP11Constants.SP_NS.equals(element.getNamespaceURI())
            ? SP11Constants.INSTANCE : SP12Constants.INSTANCE;

       
        HttpsToken httpsToken = new HttpsToken(consts);
        httpsToken.setOptional(PolicyConstants.isOptional(element));

        if (consts.getVersion() == SPConstants.Version.SP_V11) {
            String attr = DOMUtils.getAttribute(element,
                                                SPConstants.REQUIRE_CLIENT_CERTIFICATE);
            if (attr != null) {
                httpsToken.setRequireClientCertificate("true".equals(attr));
            }
        } else if (consts.getVersion() == SPConstants.Version.SP_V11) {
            Element polEl = PolicyConstants.findPolicyElement(element);
            
            if (polEl != null) {
                Element child = DOMUtils.getFirstElement(polEl);
                if (child != null) {
                    if (SP12Constants.HTTP_BASIC_AUTHENTICATION.equals(DOMUtils.getElementQName(child))) {
                        httpsToken.setHttpBasicAuthentication(true);
                    } else if (SP12Constants.HTTP_DIGEST_AUTHENTICATION
                            .equals(DOMUtils.getElementQName(child))) {
                        httpsToken.setHttpDigestAuthentication(true);
                    } else if (SP12Constants.REQUIRE_CLIENT_CERTIFICATE
                            .equals(DOMUtils.getElementQName(child))) {
                        httpsToken.setRequireClientCertificate(true);
                    }
                }
            }
        }
View Full Code Here

            }
        }
        private void assertHttps(Collection<AssertionInfo> ais, Message message) {
            for (AssertionInfo ai : ais) {
                boolean asserted = true;
                HttpsToken token = (HttpsToken)ai.getAssertion();
               
                Map<String, List<String>> headers = getSetProtocolHeaders(message);               
                if (token.isHttpBasicAuthentication()) {
                    List<String> auth = headers.get("Authorization");
                    if (auth == null || auth.size() == 0
                        || !auth.get(0).startsWith("Basic")) {
                        asserted = false;
                    }
                }
                if (token.isHttpDigestAuthentication()) {
                    List<String> auth = headers.get("Authorization");
                    if (auth == null || auth.size() == 0
                        || !auth.get(0).startsWith("Digest")) {
                        asserted = false;
                    }                       
                }

                TLSSessionInfo tlsInfo = message.get(TLSSessionInfo.class);               
                if (tlsInfo != null) {
                    if (token.isRequireClientCertificate()
                        && tlsInfo.getPeerCertificates().length == 0) {
                        asserted = false;
                    }
                } else {
                    asserted = false;
View Full Code Here

   
    /**
     * {@inheritDoc}
     */
    public PolicyAssertion build(Element element) {
        HttpsToken httpsToken = new HttpsToken(SP12Constants.INSTANCE);
       
        Policy policy = builder.getPolicy(DOMUtils.getFirstElement(element));
        policy = (Policy) policy.normalize(false);
       
        for (Iterator iterator = policy.getAlternatives(); iterator.hasNext();) {
View Full Code Here

        for (Iterator iterator = assertions.iterator(); iterator.hasNext();) {
            XmlPrimitiveAssertion primtive = (XmlPrimitiveAssertion)iterator.next();
            QName qname = primtive.getName();

            if (SP11Constants.HTTPS_TOKEN.equals(qname)) {
                HttpsToken httpsToken = new HttpsToken(SP11Constants.INSTANCE);
                String attr = DOMUtils.getAttribute(primtive.getValue(),
                                                    SPConstants.REQUIRE_CLIENT_CERTIFICATE);
                if (attr != null) {
                    httpsToken.setRequireClientCertificate("true".equals(attr));
                }
                parent.setToken(httpsToken);
            } else if (SP12Constants.HTTPS_TOKEN.equals(qname)) {
                HttpsToken httpsToken = new HttpsToken(SP12Constants.INSTANCE);
                                
                Element element = DOMUtils.getFirstChildWithName(primtive.getValue(), SPConstants.POLICY);
                
                if (element != null) {
                    Element child = DOMUtils.getFirstElement(element);
                    if (child != null) {
                        if (SP12Constants.HTTP_BASIC_AUTHENTICATION.equals(DOMUtils.getElementQName(child))) {
                            httpsToken.setHttpBasicAuthentication(true);
                        } else if (SP12Constants.HTTP_DIGEST_AUTHENTICATION
                                .equals(DOMUtils.getElementQName(child))) {
                            httpsToken.setHttpDigestAuthentication(true);
                        } else if (SP12Constants.REQUIRE_CLIENT_CERTIFICATE
                                .equals(DOMUtils.getElementQName(child))) {
                            httpsToken.setRequireClientCertificate(true);
                        }
                    }
                }
            }
        }
View Full Code Here

    public Assertion build(Element element, AssertionBuilderFactory factory) {
        SPConstants consts = SP11Constants.SP_NS.equals(element.getNamespaceURI())
            ? SP11Constants.INSTANCE : SP12Constants.INSTANCE;

       
        HttpsToken httpsToken = new HttpsToken(consts);
        httpsToken.setOptional(PolicyConstants.isOptional(element));
        httpsToken.setIgnorable(PolicyConstants.isIgnorable(element));

        if (consts.getVersion() == SPConstants.Version.SP_V11) {
            String attr = DOMUtils.getAttribute(element, SPConstants.REQUIRE_CLIENT_CERTIFICATE);
            if (attr != null) {
                httpsToken.setRequireClientCertificate("true".equals(attr));
            }
        } else {
            Element polEl = PolicyConstants.findPolicyElement(element);
            if (polEl == null) {
                LOG.warning("sp:HttpsToken/wsp:Policy should have a value!");
            } else {
                Element child = DOMUtils.getFirstElement(polEl);
                if (child != null) {
                    if (SP12Constants.HTTP_BASIC_AUTHENTICATION.equals(DOMUtils.getElementQName(child))) {
                        httpsToken.setHttpBasicAuthentication(true);
                    } else if (SP12Constants.HTTP_DIGEST_AUTHENTICATION
                            .equals(DOMUtils.getElementQName(child))) {
                        httpsToken.setHttpDigestAuthentication(true);
                    } else if (SP12Constants.REQUIRE_CLIENT_CERTIFICATE
                            .equals(DOMUtils.getElementQName(child))) {
                        httpsToken.setRequireClientCertificate(true);
                    }
                }
            }
        }
View Full Code Here

                }
            }
        }
        private void assertHttps(Collection<AssertionInfo> ais, Message message) {
            for (AssertionInfo ai : ais) {
                HttpsToken token = (HttpsToken)ai.getAssertion();
               
                HttpURLConnection connection =
                    (HttpURLConnection) message.get("http.connection");
               
                ai.setAsserted(true);
                Map<String, List<String>> headers = getSetProtocolHeaders(message);
               
                if (connection instanceof HttpsURLConnection) {
                    if (token.isRequireClientCertificate()) {
                        final MessageTrustDecider orig = message.get(MessageTrustDecider.class);
                        MessageTrustDecider trust = new MessageTrustDecider() {
                            public void establishTrust(String conduitName,
                                                       URLConnectionInfo connectionInfo,
                                                       Message message)
                                throws UntrustedURLConnectionIOException {
                                if (orig != null) {
                                    orig.establishTrust(conduitName, connectionInfo, message);
                                }
                                HttpsURLConnectionInfo info = (HttpsURLConnectionInfo)connectionInfo;
                                if (info.getLocalCertificates() == null
                                    || info.getLocalCertificates().length == 0) {
                                    throw new UntrustedURLConnectionIOException(
                                        "RequireClientCertificate is set, "
                                        + "but no local certificates were negotiated.  Is"
                                        + " the server set to ask for client authorization?");
                                }
                            }
                        };
                        message.put(MessageTrustDecider.class, trust);
                    }
                    if (token.isHttpBasicAuthentication()) {
                        List<String> auth = headers.get("Authorization");
                        if (auth == null || auth.size() == 0
                            || !auth.get(0).startsWith("Basic")) {
                            ai.setNotAsserted("HttpBasicAuthentication is set, but not being used");
                        }
                    }
                    if (token.isHttpDigestAuthentication()) {
                        List<String> auth = headers.get("Authorization");
                        if (auth == null || auth.size() == 0
                            || !auth.get(0).startsWith("Digest")) {
                            ai.setNotAsserted("HttpDigestAuthentication is set, but not being used");
                        }                       
View Full Code Here

TOP

Related Classes of org.apache.cxf.ws.security.policy.model.HttpsToken

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.