Deque<XMLSecEvent> eventQueue, Integer index) throws XMLSecurityException {
@SuppressWarnings("unchecked")
JAXBElement<AbstractSecurityContextTokenType> securityContextTokenTypeJAXBElement =
((JAXBElement<AbstractSecurityContextTokenType>) parseStructure(eventQueue, index, securityProperties));
final AbstractSecurityContextTokenType securityContextTokenType = securityContextTokenTypeJAXBElement.getValue();
if (securityContextTokenType.getId() == null) {
securityContextTokenType.setId(IDGenerator.generateID(null));
}
final QName elementName = new QName(securityContextTokenTypeJAXBElement.getName().getNamespaceURI(),
WSSConstants.TAG_wsc0502_Identifier.getLocalPart());
final String identifier = (String) XMLSecurityUtils.getQNameType(securityContextTokenType.getAny(),
elementName);
final WSInboundSecurityContext wsInboundSecurityContext = (WSInboundSecurityContext) inputProcessorChain.getSecurityContext();
final WSSSecurityProperties wssSecurityProperties = (WSSSecurityProperties) securityProperties;
final List<XMLSecEvent> xmlSecEvents = getResponsibleXMLSecEvents(eventQueue, index);
final List<QName> elementPath = getElementPath(eventQueue);
final TokenContext tokenContext = new TokenContext(wssSecurityProperties, wsInboundSecurityContext, xmlSecEvents, elementPath);
SecurityContextTokenValidator securityContextTokenValidator = wssSecurityProperties.getValidator(elementName);
if (securityContextTokenValidator == null) {
securityContextTokenValidator = new SecurityContextTokenValidatorImpl();
}
final InboundSecurityToken securityContextToken =
securityContextTokenValidator.validate(securityContextTokenType, identifier, tokenContext);
SecurityTokenProvider<InboundSecurityToken> securityTokenProvider =
new SecurityTokenProvider<InboundSecurityToken>() {
@Override
public InboundSecurityToken getSecurityToken() throws XMLSecurityException {
return securityContextToken;
}
@Override
public String getId() {
return securityContextTokenType.getId();
}
};
wsInboundSecurityContext.registerSecurityTokenProvider(securityContextTokenType.getId(), securityTokenProvider);
//also register a SecurityProvider with the identifier. @see SecurityContexTest#testSCTKDKTSignAbsolute
SecurityTokenProvider<InboundSecurityToken> securityTokenProviderDirectReference =
new SecurityTokenProvider<InboundSecurityToken>() {
@Override
public InboundSecurityToken getSecurityToken() throws XMLSecurityException {
return securityContextToken;
}
@Override
public String getId() {
return identifier;
}
};
wsInboundSecurityContext.registerSecurityTokenProvider(identifier, securityTokenProviderDirectReference);
//fire a tokenSecurityEvent
SecurityContextTokenSecurityEvent securityContextTokenSecurityEvent = new SecurityContextTokenSecurityEvent();
securityContextTokenSecurityEvent.setSecurityToken(securityTokenProvider.getSecurityToken());
securityContextTokenSecurityEvent.setCorrelationID(securityContextTokenType.getId());
wsInboundSecurityContext.registerSecurityEvent(securityContextTokenSecurityEvent);
}