}
@Override
public boolean assertEvent(SecurityEvent securityEvent) throws WSSPolicyException {
EncryptedPartSecurityEvent encryptedPartSecurityEvent = (EncryptedPartSecurityEvent) securityEvent;
EncryptedParts encryptedParts = (EncryptedParts) getAssertion();
if (encryptedParts.getAttachments() != null) {
encryptedAttachmentRequired = true;
if (encryptedPartSecurityEvent.isAttachment()) {
encryptedAttachmentCount++;
setAsserted(true);
policyAsserter.assertPolicy(getAssertion());
return true;
}
}
//we'll never get events with the exact body path but child elements so we can just check if we are in the body
if (encryptedParts.isBody() && WSSUtils.isInSOAPBody(encryptedPartSecurityEvent.getElementPath())) {
if (encryptedPartSecurityEvent.isEncrypted()) {
setAsserted(true);
policyAsserter.assertPolicy(getAssertion());
return true;
} else {
setAsserted(false);
setErrorMessage("SOAP-Body must be encrypted");
policyAsserter.unassertPolicy(getAssertion(), getErrorMessage());
return false;
}
}
//body processed above. so this must be a header element
for (int i = 0; i < encryptedParts.getHeaders().size(); i++) {
Header header = encryptedParts.getHeaders().get(i);
QName headerQName = new QName(header.getNamespace(), header.getName() == null ? "" : header.getName());
List<QName> header11Path = new LinkedList<QName>();
header11Path.addAll(WSSConstants.SOAP_11_HEADER_PATH);
header11Path.add(headerQName);
if (WSSUtils.pathMatches(header11Path, encryptedPartSecurityEvent.getElementPath(), true, header.getName() == null)) {
if (encryptedPartSecurityEvent.isEncrypted()) {
setAsserted(true);
policyAsserter.assertPolicy(getAssertion());
return true;
} else {
setAsserted(false);
setErrorMessage("Element " + WSSUtils.pathAsString(encryptedPartSecurityEvent.getElementPath()) + " must be encrypted");
policyAsserter.unassertPolicy(getAssertion(), getErrorMessage());
return false;
}
}
}