Package org.apache.xml.security.stax.ext

Examples of org.apache.xml.security.stax.ext.InputProcessorChain


    @Override
    public XMLSecEvent processNextEvent(InputProcessorChain inputProcessorChain)
            throws XMLStreamException, XMLSecurityException {

        //buffer all events until the end of the security header
        final InputProcessorChain subInputProcessorChain = inputProcessorChain.createSubChain(this);
        final InternalSecurityHeaderBufferProcessor internalSecurityHeaderBufferProcessor
                = new InternalSecurityHeaderBufferProcessor(getSecurityProperties());
        subInputProcessorChain.addProcessor(internalSecurityHeaderBufferProcessor);

        boolean responsibleSecurityHeaderFound = false;
        boolean timestampFound = false;

        XMLSecEvent xmlSecEvent;
        do {
            subInputProcessorChain.reset();
            xmlSecEvent = subInputProcessorChain.processHeaderEvent();
            eventCount++;

            switch (xmlSecEvent.getEventType()) {
                case XMLStreamConstants.START_ELEMENT:
                    XMLSecStartElement xmlSecStartElement = xmlSecEvent.asStartElement();
                    int documentLevel = xmlSecStartElement.getDocumentLevel();

                    if (documentLevel == 1) {
                        if (WSSUtils.getSOAPMessageVersionNamespace(xmlSecStartElement) == null) {
                            throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY, "notASOAPMessage");
                        }
                    } else if (documentLevel == 3
                            && xmlSecStartElement.getName().equals(WSSConstants.TAG_wsse_Security)
                            && WSSUtils.isInSOAPHeader(xmlSecStartElement)) {

                        if (!WSSUtils.isResponsibleActorOrRole(xmlSecStartElement,
                                ((WSSSecurityProperties) getSecurityProperties()).getActor())) {
                            continue;
                        }
                        responsibleSecurityHeaderFound = true;

                    } else if (documentLevel == 4 && responsibleSecurityHeaderFound
                            && WSSUtils.isInSecurityHeader(xmlSecStartElement,
                            ((WSSSecurityProperties) getSecurityProperties()).getActor())) {
                        startIndexForProcessor = eventCount - 1;
                    }
                    break;
                case XMLStreamConstants.END_ELEMENT:
                    XMLSecEndElement xmlSecEndElement = xmlSecEvent.asEndElement();
                    documentLevel = xmlSecEndElement.getDocumentLevel();
                    if (documentLevel == 3 && responsibleSecurityHeaderFound
                            && xmlSecEndElement.getName().equals(WSSConstants.TAG_wsse_Security)) {

                        return finalizeHeaderProcessing(
                                inputProcessorChain, subInputProcessorChain,
                                internalSecurityHeaderBufferProcessor, xmlSecEventList);

                    } else if (documentLevel == 4 && responsibleSecurityHeaderFound
                            && WSSUtils.isInSecurityHeader(xmlSecEndElement,
                            ((WSSSecurityProperties) getSecurityProperties()).getActor())) {
                        //we are in the security header and the depth is +1, so every child
                        //element should have a responsible handler:
                        engageSecurityHeaderHandler(subInputProcessorChain, getSecurityProperties(),
                                xmlSecEventList, startIndexForProcessor, xmlSecEndElement.getName());
                       
                        // Check for multiple timestamps
                        if (xmlSecEndElement.getName().equals(WSSConstants.TAG_wsu_Timestamp)) {
                            if (timestampFound) {
                                WSInboundSecurityContext context =
                                    (WSInboundSecurityContext)subInputProcessorChain.getSecurityContext();
                                context.handleBSPRule(BSPRule.R3227);
                            }
                            timestampFound = true;
                        }
                    }
View Full Code Here


                            new InternalReplayProcessor(getSecurityProperties(), xmlSecEventList);
                    internalReplayProcessor.addBeforeProcessor(XMLSignatureReferenceVerifyInputProcessor.class.getName());
                    inputProcessorChain.addProcessor(internalReplayProcessor);

                    //...and let the SignatureVerificationProcessor process the buffered events (enveloped signature).
                    InputProcessorChain subInputProcessorChain = inputProcessorChain.createSubChain(this);
                    while (!xmlSecEventList.isEmpty()) {
                        subInputProcessorChain.reset();
                        subInputProcessorChain.processEvent();
                    }
                }
                break;
        }
View Full Code Here

    @Override
    public XMLSecEvent processNextEvent(InputProcessorChain inputProcessorChain)
            throws XMLStreamException, XMLSecurityException {

        //buffer all events until the end of the security header
        final InputProcessorChain subInputProcessorChain = inputProcessorChain.createSubChain(this);
        final InternalSecurityHeaderBufferProcessor internalSecurityHeaderBufferProcessor
                = new InternalSecurityHeaderBufferProcessor(getSecurityProperties());
        subInputProcessorChain.addProcessor(internalSecurityHeaderBufferProcessor);

        boolean responsibleSecurityHeaderFound = false;
        boolean timestampFound = false;

        XMLSecEvent xmlSecEvent;
        do {
            subInputProcessorChain.reset();
            xmlSecEvent = subInputProcessorChain.processHeaderEvent();

            switch (xmlSecEvent.getEventType()) {
                case XMLStreamConstants.START_ELEMENT:
                    XMLSecStartElement xmlSecStartElement = xmlSecEvent.asStartElement();
                    int documentLevel = xmlSecStartElement.getDocumentLevel();

                    if (documentLevel == 1) {
                        if (WSSUtils.getSOAPMessageVersionNamespace(xmlSecStartElement) == null) {
                            throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY, "notASOAPMessage");
                        }
                    } else if (documentLevel == 3
                            && xmlSecStartElement.getName().equals(WSSConstants.TAG_wsse_Security)
                            && WSSUtils.isInSOAPHeader(xmlSecStartElement)) {

                        if (!WSSUtils.isResponsibleActorOrRole(xmlSecStartElement,
                                ((WSSSecurityProperties) getSecurityProperties()).getActor())) {
                            continue;
                        }
                        responsibleSecurityHeaderFound = true;

                    } else if (documentLevel == 4 && responsibleSecurityHeaderFound
                            && WSSUtils.isInSecurityHeader(xmlSecStartElement,
                            ((WSSSecurityProperties) getSecurityProperties()).getActor())) {
                        startIndexForProcessor = xmlSecEventList.size() - 1;

                        //special handling for EncryptedData in the SecurityHeader. This way, if for example
                        // a token was encrypted we have the possibility to decrypt it before so that we
                        // are able to engage the appropriate processor for the token.
                        if (WSSConstants.TAG_xenc_EncryptedData.equals(xmlSecStartElement.getName())) {
                            engageSecurityHeaderHandler(subInputProcessorChain, getSecurityProperties(),
                                    xmlSecEventList, startIndexForProcessor, xmlSecStartElement.getName());
                        }
                    } else if (documentLevel == 5 && responsibleSecurityHeaderFound
                            && WSSUtils.isInSecurityHeader(xmlSecStartElement,
                            ((WSSSecurityProperties) getSecurityProperties()).getActor())
                            && WSSConstants.TAG_xenc_EncryptedData.equals(xmlSecStartElement.getName())) {
                        startIndexForProcessor = xmlSecEventList.size() - 1;

                        // Same goes as per EncryptedData above. This is when a child of a security header
                        // element is encrypted (e.g. EncryptedAssertion)
                        engageSecurityHeaderHandler(subInputProcessorChain, getSecurityProperties(),
                                xmlSecEventList, startIndexForProcessor, xmlSecStartElement.getName());
                    }
                    break;
                case XMLStreamConstants.END_ELEMENT:
                    XMLSecEndElement xmlSecEndElement = xmlSecEvent.asEndElement();
                    documentLevel = xmlSecEndElement.getDocumentLevel();
                    if (documentLevel == 3 && responsibleSecurityHeaderFound
                            && xmlSecEndElement.getName().equals(WSSConstants.TAG_wsse_Security)) {

                        return finalizeHeaderProcessing(
                                inputProcessorChain, subInputProcessorChain,
                                internalSecurityHeaderBufferProcessor, xmlSecEventList);

                    } else if (documentLevel == 4 && responsibleSecurityHeaderFound
                            && WSSUtils.isInSecurityHeader(xmlSecEndElement,
                            ((WSSSecurityProperties) getSecurityProperties()).getActor())) {
                        //we are in the security header and the depth is +1, so every child
                        //element should have a responsible handler with the exception of an EncryptedData SecurityHeader
                        //which is already handled in the above StartElement logic (@see comment above).
                        if (!WSSConstants.TAG_xenc_EncryptedData.equals(xmlSecEndElement.getName())) {
                            engageSecurityHeaderHandler(subInputProcessorChain, getSecurityProperties(),
                                    xmlSecEventList, startIndexForProcessor, xmlSecEndElement.getName());
                        }
                       
                        // Check for multiple timestamps
                        if (xmlSecEndElement.getName().equals(WSSConstants.TAG_wsu_Timestamp)) {
                            if (timestampFound) {
                                WSInboundSecurityContext context =
                                    (WSInboundSecurityContext)subInputProcessorChain.getSecurityContext();
                                context.handleBSPRule(BSPRule.R3227);
                            }
                            timestampFound = true;
                        }
                    }
View Full Code Here

    @Override
    public XMLSecEvent processNextEvent(InputProcessorChain inputProcessorChain)
            throws XMLStreamException, XMLSecurityException {

        //buffer all events until the end of the security header
        final InputProcessorChain subInputProcessorChain = inputProcessorChain.createSubChain(this);
        final InternalSecurityHeaderBufferProcessor internalSecurityHeaderBufferProcessor
                = new InternalSecurityHeaderBufferProcessor(getSecurityProperties());
        subInputProcessorChain.addProcessor(internalSecurityHeaderBufferProcessor);

        boolean responsibleSecurityHeaderFound = false;
        boolean timestampFound = false;

        XMLSecEvent xmlSecEvent;
        do {
            subInputProcessorChain.reset();
            xmlSecEvent = subInputProcessorChain.processHeaderEvent();

            switch (xmlSecEvent.getEventType()) {
                case XMLStreamConstants.START_ELEMENT:
                    XMLSecStartElement xmlSecStartElement = xmlSecEvent.asStartElement();
                    int documentLevel = xmlSecStartElement.getDocumentLevel();

                    if (documentLevel == 1) {
                        if (WSSUtils.getSOAPMessageVersionNamespace(xmlSecStartElement) == null) {
                            throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY, "notASOAPMessage");
                        }
                    } else if (documentLevel == 3
                            && xmlSecStartElement.getName().equals(WSSConstants.TAG_wsse_Security)
                            && WSSUtils.isInSOAPHeader(xmlSecStartElement)) {

                        if (!WSSUtils.isResponsibleActorOrRole(xmlSecStartElement,
                                ((WSSSecurityProperties) getSecurityProperties()).getActor())) {
                            continue;
                        }
                        responsibleSecurityHeaderFound = true;

                    } else if (documentLevel == 4 && responsibleSecurityHeaderFound
                            && WSSUtils.isInSecurityHeader(xmlSecStartElement,
                            ((WSSSecurityProperties) getSecurityProperties()).getActor())) {
                        startIndexForProcessor = xmlSecEventList.size() - 1;

                        //special handling for EncryptedData in the SecurityHeader. This way, if for example
                        // a token was encrypted we have the possibility to decrypt it before so that we
                        // are able to engage the appropriate processor for the token.
                        if (WSSConstants.TAG_xenc_EncryptedData.equals(xmlSecStartElement.getName())) {
                            engageSecurityHeaderHandler(subInputProcessorChain, getSecurityProperties(),
                                    xmlSecEventList, startIndexForProcessor, xmlSecStartElement.getName());
                        }
                    }
                    break;
                case XMLStreamConstants.END_ELEMENT:
                    XMLSecEndElement xmlSecEndElement = xmlSecEvent.asEndElement();
                    documentLevel = xmlSecEndElement.getDocumentLevel();
                    if (documentLevel == 3 && responsibleSecurityHeaderFound
                            && xmlSecEndElement.getName().equals(WSSConstants.TAG_wsse_Security)) {

                        return finalizeHeaderProcessing(
                                inputProcessorChain, subInputProcessorChain,
                                internalSecurityHeaderBufferProcessor, xmlSecEventList);

                    } else if (documentLevel == 4 && responsibleSecurityHeaderFound
                            && WSSUtils.isInSecurityHeader(xmlSecEndElement,
                            ((WSSSecurityProperties) getSecurityProperties()).getActor())) {
                        //we are in the security header and the depth is +1, so every child
                        //element should have a responsible handler with the exception of an EncryptedData SecurityHeader
                        //which is already handled in the above StartElement logic (@see comment above).
                        if (!WSSConstants.TAG_xenc_EncryptedData.equals(xmlSecEndElement.getName())) {
                            engageSecurityHeaderHandler(subInputProcessorChain, getSecurityProperties(),
                                    xmlSecEventList, startIndexForProcessor, xmlSecEndElement.getName());
                        }
                       
                        // Check for multiple timestamps
                        if (xmlSecEndElement.getName().equals(WSSConstants.TAG_wsu_Timestamp)) {
                            if (timestampFound) {
                                WSInboundSecurityContext context =
                                    (WSInboundSecurityContext)subInputProcessorChain.getSecurityContext();
                                context.handleBSPRule(BSPRule.R3227);
                            }
                            timestampFound = true;
                        }
                    }
View Full Code Here

    @Override
    public XMLSecEvent processNextEvent(InputProcessorChain inputProcessorChain)
            throws XMLStreamException, XMLSecurityException {

        //buffer all events until the end of the required actions
        final InputProcessorChain subInputProcessorChain = inputProcessorChain.createSubChain(this);
        final InternalBufferProcessor internalBufferProcessor
                = new InternalBufferProcessor(getSecurityProperties());
        subInputProcessorChain.addProcessor(internalBufferProcessor);

        boolean signatureElementFound = false;

        XMLSecEvent xmlSecEvent;
        do {
            subInputProcessorChain.reset();
            xmlSecEvent = subInputProcessorChain.processHeaderEvent();
            eventCount++;

            switch (xmlSecEvent.getEventType()) {
                case XMLStreamConstants.START_ELEMENT:
                    final XMLSecStartElement xmlSecStartElement = xmlSecEvent.asStartElement();

                    if (xmlSecStartElement.getName().equals(XMLSecurityConstants.TAG_dsig_Signature)) {
                        signatureElementFound = true;
                        startIndexForProcessor = eventCount - 1;
                    } else if (xmlSecStartElement.getName().equals(XMLSecurityConstants.TAG_xenc_EncryptedData)) {
                        XMLDecryptInputProcessor inputProcessor = new XMLDecryptInputProcessor(getSecurityProperties());
                        subInputProcessorChain.addProcessor(inputProcessor);

                        subInputProcessorChain.removeProcessor(internalBufferProcessor);
                        InternalReplayProcessor internalReplayProcessor = new InternalReplayProcessor(getSecurityProperties());
                        internalReplayProcessor.setPhase(XMLSecurityConstants.Phase.PROCESSING);
                        internalReplayProcessor.getAfterProcessors().clear();
                        internalReplayProcessor.getBeforeProcessors().clear();
                        internalReplayProcessor.addAfterProcessor(XMLDecryptInputProcessor.class.getName());
                        subInputProcessorChain.addProcessor(internalReplayProcessor);

                        AbstractInputProcessor abstractInputProcessor = new AbstractInputProcessor(getSecurityProperties()) {
                            @Override
                            public XMLSecEvent processNextHeaderEvent(InputProcessorChain inputProcessorChain) throws XMLStreamException, XMLSecurityException {
                                return null;
                            }

                            @Override
                            public XMLSecEvent processNextEvent(InputProcessorChain inputProcessorChain) throws XMLStreamException, XMLSecurityException {
                                inputProcessorChain.removeProcessor(this);
                                return xmlSecStartElement;
                            }
                        };
                        abstractInputProcessor.setPhase(XMLSecurityConstants.Phase.PREPROCESSING);
                        abstractInputProcessor.addBeforeProcessor(XMLSecurityInputProcessor.class.getName());
                        abstractInputProcessor.addAfterProcessor(XMLEventReaderInputProcessor.class.getName());
                        subInputProcessorChain.addProcessor(abstractInputProcessor);

                        //remove this processor from chain now. the next events will go directly to the other processors
                        subInputProcessorChain.removeProcessor(this);
                        //since we cloned the inputProcessor list we have to add the processors from
                        //the subChain to the main chain.
                        inputProcessorChain.getProcessors().clear();
                        inputProcessorChain.getProcessors().addAll(subInputProcessorChain.getProcessors());

                        //remove the last event which will be emitted in the temporary processor above:
                        xmlSecEventList.pollFirst();
                        //return first event now;
                        return xmlSecEventList.pollLast();
                    }
                    break;
                case XMLStreamConstants.END_ELEMENT:
                    XMLSecEndElement xmlSecEndElement = xmlSecEvent.asEndElement();
                    // Handle the signature
                    if (signatureElementFound
                            && xmlSecEndElement.getName().equals(XMLSecurityConstants.TAG_dsig_Signature)) {
                            XMLSignatureInputHandler inputHandler = new XMLSignatureInputHandler();
                            inputHandler.handle(subInputProcessorChain, getSecurityProperties(),
                                                xmlSecEventList, startIndexForProcessor);

                        subInputProcessorChain.removeProcessor(internalBufferProcessor);
                        subInputProcessorChain.addProcessor(
                                new InternalReplayProcessor(getSecurityProperties()));

                        //remove this processor from chain now. the next events will go directly to the other processors
                        subInputProcessorChain.removeProcessor(this);
                        //since we cloned the inputProcessor list we have to add the processors from
                        //the subChain to the main chain.
                        inputProcessorChain.getProcessors().clear();
                        inputProcessorChain.getProcessors().addAll(subInputProcessorChain.getProcessors());

                        //return first event now;
                        return xmlSecEventList.pollLast();
                    }
                    break;
View Full Code Here

TOP

Related Classes of org.apache.xml.security.stax.ext.InputProcessorChain

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.