Package org.apache.wss4j.policy.model

Examples of org.apache.wss4j.policy.model.SignedParts

822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
   
    /**
     * Identifies the portions of the message to be signed
     */
    protected List<SecurePart> getSignedParts() throws SOAPException {
        SignedParts parts = null;
        SignedElements elements = null;
       
        AssertionInfoMap aim = message.get(AssertionInfoMap.class);
        AssertionInfo assertionInfo = getFirstAssertionByLocalname(aim, SPConstants.SIGNED_PARTS);
        if (assertionInfo != null) {
            parts = (SignedParts)assertionInfo.getAssertion();
            assertionInfo.setAsserted(true);
        }
       
        assertionInfo = getFirstAssertionByLocalname(aim, SPConstants.SIGNED_ELEMENTS);
        if (assertionInfo != null) {
            elements = (SignedElements)assertionInfo.getAssertion();
            assertionInfo.setAsserted(true);
        }
       
        List<SecurePart> signedParts = new ArrayList<SecurePart>();
        if (parts != null) {
            if (parts.isBody()) {
                QName soapBody = new QName(WSSConstants.NS_SOAP12, "Body");
                SecurePart securePart = new SecurePart(soapBody, Modifier.Element);
                signedParts.add(securePart);
            }
            for (Header head : parts.getHeaders()) {
                String localName = head.getName();
                if (localName == null) {
                    localName = "*";
                }
                QName qname = new QName(head.getNamespace(), localName);
                SecurePart securePart = new SecurePart(qname, Modifier.Element);
                securePart.setRequired(false);
                signedParts.add(securePart);
            }
            Attachments attachments = parts.getAttachments();
            if (attachments != null) {
                Modifier modifier = Modifier.Element;
                if (attachments.isContentSignatureTransform()) {
                    modifier = Modifier.Content;
                }
View Full Code Here
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
    public List<WSEncryptionPart> getSignedParts(SupportingTokens supportingToken)
        throws SOAPException {
       
        boolean isSignBody = false;
       
        SignedParts parts = null;
        SignedElements elements = null;
       
        if (supportingToken != null && supportingToken.isEndorsing()) {
            parts = supportingToken.getSignedParts();
            elements = supportingToken.getSignedElements();
            // Store them so that the main Signature doesn't sign them
            if (parts != null) {
                suppTokenParts.add(parts);
            }
            if (elements != null) {
                suppTokenParts.add(elements);
            }
        } else {
            Collection<AssertionInfo> ais = getAllAssertionsByLocalname(SPConstants.SIGNED_PARTS);
            if (!ais.isEmpty()) {
                for (AssertionInfo ai : ais) {
                    SignedParts signedParts = (SignedParts)ai.getAssertion();
                    if (!suppTokenParts.contains(signedParts)) {
                        parts = signedParts;
                        ai.setAsserted(true);
                    }
                }           
            }
           
            ais = getAllAssertionsByLocalname(SPConstants.SIGNED_ELEMENTS);
            if (!ais.isEmpty()) {
                for (AssertionInfo ai : ais) {
                    SignedElements signedElements = (SignedElements)ai.getAssertion();
                    if (!suppTokenParts.contains(signedElements)) {
                        elements = signedElements;
                        ai.setAsserted(true);
                    }
                }           
            }
        }
       
        if (parts == null && elements == null) {
            return new ArrayList<WSEncryptionPart>();
        }
       
        List<WSEncryptionPart> signedParts = new ArrayList<WSEncryptionPart>();
        if (parts != null) {
            isSignBody = parts.isBody();
            for (Header head : parts.getHeaders()) {
                WSEncryptionPart wep = new WSEncryptionPart(head.getName(),
                                                            head.getNamespace(),
                                                            "Element");
                signedParts.add(wep);
            }
            Attachments attachments = parts.getAttachments();
            if (attachments != null) {
                String modifier = "Element";
                if (attachments.isContentSignatureTransform()) {
                    modifier = "Content";
                }
                WSEncryptionPart wep = new WSEncryptionPart("cid:Attachments", modifier);
                signedParts.add(wep);
            }
        }
       
        // REVISIT consider catching exceptions and unassert failed assertions or
        // to process and assert them one at a time.  Additionally, a found list
View Full Code Here
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
                              CoverageType type) throws SOAPException {
        Collection<AssertionInfo> ais = getAllAssertionsByLocalname(aim, name);
        if (!ais.isEmpty()) {
            for (AssertionInfo ai : ais) {
                ai.setAsserted(true);
                SignedParts p = (SignedParts)ai.getAssertion();
               
                if (p.isBody()) {
                    try {
                        if (CoverageType.SIGNED.equals(type)) {
                            CryptoCoverageUtil.checkBodyCoverage(
                                soapBody, signed, type, CoverageScope.ELEMENT
                            );
                        } else {
                            CryptoCoverageUtil.checkBodyCoverage(
                                soapBody, signed, type, CoverageScope.CONTENT
                            );
                        }
                    } catch (WSSecurityException e) {
                        ai.setNotAsserted(msg.getVersion().getBody() + " not " + type);
                        continue;
                    }
                }
               
                for (Header h : p.getHeaders()) {
                    try {
                        CryptoCoverageUtil.checkHeaderCoverage(soapHeader, signed, h
                                .getNamespace(), h.getName(), type,
                                CoverageScope.ELEMENT);
                    } catch (WSSecurityException e) {
                        ai.setNotAsserted(h.getNamespace() + ":" + h.getName() + " not + " + type);
                    }
                }
               
                Attachments attachments = p.getAttachments();
                if (attachments != null) {
                    try {
                        CoverageScope scope = CoverageScope.ELEMENT;
                        if (attachments.isContentSignatureTransform()) {
                            scope = CoverageScope.CONTENT;
View Full Code Here
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
            headers.add(new Header("ReplyTo", addrNamespace));
            headers.add(new Header("Action", addrNamespace));
            headers.add(new Header("MessageID", addrNamespace));
            headers.add(new Header("RelatesTo", addrNamespace));
           
            SignedParts parts = new SignedParts(SPConstants.SPVersion.SP12, true, null, headers, false);
            parts.setOptional(true);
            all.addPolicyComponent(parts);
           
            client.getRequestContext().put(PolicyConstants.POLICY_OVERRIDE, cancelPolicy);
        }
       
View Full Code Here
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
            headers.add(new Header("ReplyTo", addrNamespace));
            headers.add(new Header("Action", addrNamespace));
            headers.add(new Header("MessageID", addrNamespace));
            headers.add(new Header("RelatesTo", addrNamespace));
           
            SignedParts parts = new SignedParts(SPConstants.SPVersion.SP12, true, null, headers, false);
            parts.setOptional(true);
            all.addPolicyComponent(parts);
           
            client.getRequestContext().put(PolicyConstants.POLICY_OVERRIDE, cancelPolicy);
        }
       
View Full Code Here
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
                              CoverageType type) throws SOAPException {
        Collection<AssertionInfo> ais = getAllAssertionsByLocalname(aim, name);
        if (!ais.isEmpty()) {
            for (AssertionInfo ai : ais) {
                ai.setAsserted(true);
                SignedParts p = (SignedParts)ai.getAssertion();
               
                if (p.isBody()) {
                    try {
                        if (CoverageType.SIGNED.equals(type)) {
                            CryptoCoverageUtil.checkBodyCoverage(
                                soapBody, signed, type, CoverageScope.ELEMENT
                            );
                        } else {
                            CryptoCoverageUtil.checkBodyCoverage(
                                soapBody, signed, type, CoverageScope.CONTENT
                            );
                        }
                    } catch (WSSecurityException e) {
                        ai.setNotAsserted(msg.getVersion().getBody() + " not " + type);
                        continue;
                    }
                }
               
                for (Header h : p.getHeaders()) {
                    try {
                        CryptoCoverageUtil.checkHeaderCoverage(soapHeader, signed, h
                                .getNamespace(), h.getName(), type,
                                CoverageScope.ELEMENT);
                    } catch (WSSecurityException e) {
                        ai.setNotAsserted(h.getNamespace() + ":" + h.getName() + " not + " + type);
                    }
                }
               
                Attachments attachments = p.getAttachments();
                if (attachments != null) {
                    try {
                        CoverageScope scope = CoverageScope.ELEMENT;
                        if (attachments.isContentSignatureTransform()) {
                            scope = CoverageScope.CONTENT;
View Full Code Here
185
186
187
188
189
190
191
192
193
194
195
                    binding.setOnlySignEntireHeadersAndBody(true);
                    binding.setProtectTokens(false);
                   
                    all.addPolicyComponent(binding);
                   
                    SignedParts signedParts = getSignedParts(aim, addNs);
                    all.addPolicyComponent(signedParts);
                    pol = p;
                    message.getInterceptorChain().add(SecureConversationTokenFinderInterceptor.INSTANCE);
                } else {
                    Policy p = new Policy();
View Full Code Here
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
    }
   
    private SignedParts getSignedParts(AssertionInfoMap aim, String addNs) {
        Collection<AssertionInfo> signedPartsAis =
            NegotiationUtils.getAllAssertionsByLocalname(aim, SPConstants.SIGNED_PARTS);
        SignedParts signedParts = null;
        if (!signedPartsAis.isEmpty()) {
            signedParts = (SignedParts)signedPartsAis.iterator().next().getAssertion();
        }
        if (signedParts == null) {
            List<Header> headers = new ArrayList<Header>();
            if (addNs != null) {
                headers.add(new Header("To", addNs));
                headers.add(new Header("From", addNs));
                headers.add(new Header("FaultTo", addNs));
                headers.add(new Header("ReplyTo", addNs));
                headers.add(new Header("Action", addNs));
                headers.add(new Header("MessageID", addNs));
                headers.add(new Header("RelatesTo", addNs));
            }
           
            signedParts =
                new SignedParts(SPConstants.SPVersion.SP12, true, null, headers, false);
        }
        return signedParts;
    }
View Full Code Here
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
    public List<WSEncryptionPart> getSignedParts()
        throws SOAPException {
       
        boolean isSignBody = false;
       
        SignedParts parts = null;
        SignedElements elements = null;
       
        Collection<AssertionInfo> ais = getAllAssertionsByLocalname(SPConstants.SIGNED_PARTS);
        if (!ais.isEmpty()) {
            for (AssertionInfo ai : ais) {
                parts = (SignedParts)ai.getAssertion();
                ai.setAsserted(true);
            }           
        }
       
        ais = getAllAssertionsByLocalname(SPConstants.SIGNED_ELEMENTS);
        if (!ais.isEmpty()) {
            for (AssertionInfo ai : ais) {
                elements = (SignedElements)ai.getAssertion();
                ai.setAsserted(true);
            }           
        }
       
        List<WSEncryptionPart> signedParts = new ArrayList<WSEncryptionPart>();
        if (parts != null) {
            isSignBody = parts.isBody();
            for (Header head : parts.getHeaders()) {
                WSEncryptionPart wep = new WSEncryptionPart(head.getName(),
                                                            head.getNamespace(),
                                                            "Element");
                signedParts.add(wep);
            }
            Attachments attachments = parts.getAttachments();
            if (attachments != null) {
                String modifier = "Element";
                if (attachments.isContentSignatureTransform()) {
                    modifier = "Content";
                }
View Full Code Here
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
   
    /**
     * Identifies the portions of the message to be signed
     */
    protected List<SecurePart> getSignedParts() throws SOAPException {
        SignedParts parts = null;
        SignedElements elements = null;
       
        AssertionInfoMap aim = message.get(AssertionInfoMap.class);
        Collection<AssertionInfo> ais = getAllAssertionsByLocalname(aim, SPConstants.SIGNED_PARTS);
        if (!ais.isEmpty()) {
            for (AssertionInfo ai : ais) {
                parts = (SignedParts)ai.getAssertion();
                ai.setAsserted(true);
            }           
        }
       
        ais = getAllAssertionsByLocalname(aim, SPConstants.SIGNED_ELEMENTS);
        if (!ais.isEmpty()) {
            for (AssertionInfo ai : ais) {
                elements = (SignedElements)ai.getAssertion();
                ai.setAsserted(true);
            }           
        }
       
        List<SecurePart> signedParts = new ArrayList<SecurePart>();
        if (parts != null) {
            if (parts.isBody()) {
                QName soapBody = new QName(WSSConstants.NS_SOAP12, "Body");
                SecurePart securePart = new SecurePart(soapBody, Modifier.Element);
                signedParts.add(securePart);
            }
            for (Header head : parts.getHeaders()) {
                String localName = head.getName();
                if (localName == null) {
                    localName = "*";
                }
                QName qname = new QName(head.getNamespace(), localName);
                SecurePart securePart = new SecurePart(qname, Modifier.Element);
                securePart.setRequired(false);
                signedParts.add(securePart);
            }
            Attachments attachments = parts.getAttachments();
            if (attachments != null) {
                Modifier modifier = Modifier.Element;
                if (attachments.isContentSignatureTransform()) {
                    modifier = Modifier.Content;
                }
View Full Code Here
TOP

Related Classes of org.apache.wss4j.policy.model.SignedParts

  • org.apache.cxf.systest.ws.wssc.WSSCUnitTest
  • org.apache.cxf.ws.security.policy.interceptors.SecureConversationInInterceptor
  • org.apache.cxf.ws.security.trust.AbstractSTSClient
  • org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor
  • org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder
  • org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractStaxBindingHandler
  • org.apache.wss4j.policy.builders.SignedPartsBuilder
  • org.apache.wss4j.policy.stax.assertionStates.SignedPartsAssertionState
  • org.apache.wss4j.policy.tests.SignedPartsTest
  • javax.xml.namespace.QName
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.