Examples of RampartPolicyData

Examples of org.apache.rampart.policy.RampartPolicyData

67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
      log.debug("Enter process(MessageContext msgCtx)");
    }

    RampartMessageData rmd = new RampartMessageData(msgCtx, false);

    RampartPolicyData rpd = rmd.getPolicyData();
   
    msgCtx.setProperty(RampartMessageData.RAMPART_POLICY_DATA, rpd);
   
          //If there is no policy information or if the message is a security fault or no security
                // header required by the policy
    if(rpd == null || isSecurityFault(rmd) || !RampartUtil.isSecHeaderRequired(rpd,rmd.isInitiator(),true)) {
      SOAPEnvelope env = Axis2Util.getSOAPEnvelopeFromDOMDocument(rmd.getDocument(), true);

      //Convert back to llom since the inflow cannot use llom
      msgCtx.setEnvelope(env);
      Axis2Util.useDOOM(false);
      if(doDebug){
        log.debug("Return process MessageContext msgCtx)");
      }
      return null;
    }


    Vector results = null;

    WSSecurityEngine engine = new WSSecurityEngine();

    ValidatorData data = new ValidatorData(rmd);

    SOAPHeader header = rmd.getMsgContext().getEnvelope().getHeader();
    if(header == null) {
        throw new RampartException("missingSOAPHeader");
    }
   
                ArrayList headerBlocks = header.getHeaderBlocksWithNSURI(WSConstants.WSSE_NS);
    SOAPHeaderBlock secHeader = null;
    //Issue is axiom - a returned collection must not be null
    if(headerBlocks != null) {
        Iterator headerBlocksIterator = headerBlocks.iterator();
        while (headerBlocksIterator.hasNext()) {
          SOAPHeaderBlock elem = (SOAPHeaderBlock) headerBlocksIterator.next();
          if(elem.getLocalName().equals(WSConstants.WSSE_LN)) {
            secHeader = elem;
            break;
          }
        }
    }
   
    if(secHeader == null) {
        throw new RampartException("missingSecurityHeader");
    }
   
    long t0=0, t1=0, t2=0, t3=0;
    if(dotDebug){
      t0 = System.currentTimeMillis();
    }

    String actorValue = secHeader.getAttributeValue(new QName(rmd
        .getSoapConstants().getEnvelopeURI(), "actor"));

    Crypto signatureCrypto = RampartUtil.getSignatureCrypto(rpd.getRampartConfig(),
            msgCtx.getAxisService().getClassLoader());
        TokenCallbackHandler tokenCallbackHandler = new TokenCallbackHandler(rmd.getTokenStorage(), RampartUtil.getPasswordCB(rmd));
        if(rpd.isSymmetricBinding()) {
      //Here we have to create the CB handler to get the tokens from the
      //token storage
      if(doDebug){
        log.debug("Processing security header using SymetricBinding");
      }

      results = engine.processSecurityHeader(rmd.getDocument(),
          actorValue,
          tokenCallbackHandler,
          signatureCrypto);
    } else {
      if(doDebug){
        log.debug("Processing security header in normal path");
      }
      results = engine.processSecurityHeader(rmd.getDocument(),
          actorValue,
          tokenCallbackHandler,
          signatureCrypto,
              RampartUtil.getEncryptionCrypto(rpd.getRampartConfig(),
                  msgCtx.getAxisService().getClassLoader()));
    }

    if(dotDebug){
      t1 = System.currentTimeMillis();
View Full Code Here

Examples of org.apache.rampart.policy.RampartPolicyData

59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
    public void validate(ValidatorData data, Vector results)
    throws RampartException {
       
        RampartMessageData rmd = data.getRampartMessageData();
       
        RampartPolicyData rpd = rmd.getPolicyData();
       
        //If there's Security policy present and no results
        //then we should throw an error
        if(rpd != null && results == null) {
            throw new RampartException("noSecurityResults");
        }
       
        //Check presence of timestamp
        WSSecurityEngineResult tsResult = null;
        if(rpd != null &&  rpd.isIncludeTimestamp()) {
            tsResult =
                WSSecurityUtil.fetchActionResult(results, WSConstants.TS);
            if(tsResult == null) {
                throw new RampartException("timestampMissing");
            }
           
        }
       
        //sig/encr
        Vector encryptedParts = RampartUtil.getEncryptedParts(rmd);
        if(rpd != null && rpd.isSignatureProtection() && isSignatureRequired(rmd)) {
           
            String sigId = RampartUtil.getSigElementId(rmd);
           
            encryptedParts.add(new WSEncryptionPart(WSConstants.SIG_LN,
                    WSConstants.SIG_NS, "Element"));
        }
       
        Vector signatureParts = RampartUtil.getSignedParts(rmd);

        //Timestamp is not included in sig parts
        if(rpd != null && rpd.isIncludeTimestamp() && !rpd.isTransportBinding()) {
            signatureParts.add(new WSEncryptionPart("timestamp"));
        }
       
        if(!rmd.isInitiator()) {
                       
            //Just an indicator for EndorsingSupportingToken signature
            SupportingToken endSupportingToken = rpd.getEndorsingSupportingTokens();
            if(endSupportingToken !=  null) {
                SignedEncryptedParts endSignedParts = endSupportingToken.getSignedParts();
                if((endSignedParts != null &&
                        (endSignedParts.isBody() ||
                                endSignedParts.getHeaders().size() > 0)) ||
                                rpd.isIncludeTimestamp()) {
                    signatureParts.add(
                            new WSEncryptionPart("EndorsingSupportingTokens"));
                }
            }
            //Just an indicator for SignedEndorsingSupportingToken signature
            SupportingToken sgndEndSupportingToken = rpd.getSignedEndorsingSupportingTokens();
            if(sgndEndSupportingToken != null) {
                SignedEncryptedParts sgndEndSignedParts = sgndEndSupportingToken.getSignedParts();
                if((sgndEndSignedParts != null &&
                        (sgndEndSignedParts.isBody() ||
                                sgndEndSignedParts.getHeaders().size() > 0)) ||
                                rpd.isIncludeTimestamp()) {
                    signatureParts.add(
                            new WSEncryptionPart("SignedEndorsingSupportingTokens"));
                }
            }
        }
       
        validateEncrSig(data,encryptedParts, signatureParts, results);
       
        if(!rpd.isTransportBinding()) {
            validateProtectionOrder(data, results);
       
       
        if(rpd.isTransportBinding() && !rmd.isInitiator()){
            if (rpd.getTransportToken() instanceof HttpsToken) {
                String incomingTransport = rmd.getMsgContext().getIncomingTransportName();
                if(!incomingTransport.equals(org.apache.axis2.Constants.TRANSPORT_HTTPS)){
                    throw new RampartException("invalidTransport",
                            new String[]{incomingTransport});
                }
View Full Code Here

Examples of org.apache.rampart.policy.RampartPolicyData

217
218
219
220
221
222
223
224
225
226
227
228
229
230
            } else if(act.intValue() == WSConstants.ENCR) {
                encr = true;
            }
        }
       
        RampartPolicyData rpd = data.getRampartMessageData().getPolicyData();
       
        SupportingToken sgndSupTokens = rpd.getSignedSupportingTokens();
        SupportingToken sgndEndorSupTokens = rpd.getSignedEndorsingSupportingTokens();
       
        if(sig && signatureParts.size() == 0
                && (sgndSupTokens == null || sgndSupTokens.getTokens().size() == 0)
                 && (sgndEndorSupTokens == null || sgndEndorSupTokens.getTokens().size() == 0)) {
           
View Full Code Here

Examples of org.apache.rampart.policy.RampartPolicyData

266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
     */
    protected void validateSupportingTokens(ValidatorData data, Vector results)
    throws RampartException {
       
        //Check for UsernameToken
        RampartPolicyData rpd = data.getRampartMessageData().getPolicyData();
        SupportingToken suppTok = rpd.getSupportingTokens();
        handleSupportingTokens(results, suppTok);
        SupportingToken signedSuppToken = rpd.getSignedSupportingTokens();
        handleSupportingTokens(results, signedSuppToken);
        SupportingToken signedEndSuppToken = rpd.getSignedEndorsingSupportingTokens();
        handleSupportingTokens(results, signedEndSuppToken);
        SupportingToken endSuppToken = rpd.getEndorsingSupportingTokens();
        handleSupportingTokens(results, endSuppToken);
    }
View Full Code Here

Examples of org.apache.rampart.policy.RampartPolicyData

412
413
414
415
416
417
418
419
420
421
422
423
424
425
       
        RampartMessageData rmd = data.getRampartMessageData();
       
        ArrayList encrRefs = getEncryptedReferences(results);
       
        RampartPolicyData rpd = rmd.getPolicyData();
       
        //Check for encrypted body
        if(rpd.isEncryptBody()) {
           
            if( !isRefIdPresent(encrRefs, data.getBodyEncrDataId())){
                throw new RampartException("encryptedPartMissing",
                        new String[]{data.getBodyEncrDataId()});
            }
View Full Code Here

Examples of org.apache.rampart.policy.RampartPolicyData

458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
   
    public void validateRequiredElements(ValidatorData data) throws RampartException {
       
        RampartMessageData rmd = data.getRampartMessageData();
       
        RampartPolicyData rpd = rmd.getPolicyData();
       
        SOAPEnvelope envelope = rmd.getMsgContext().getEnvelope();
       
        Iterator elementsIter = rpd.getRequiredElements().iterator();
       
        while (elementsIter.hasNext()) {
           
            String expression = (String) elementsIter.next();
           
            if ( !RampartUtil.checkRequiredElements(envelope, rpd.getDeclaredNamespaces(), expression)) {
                throw new RampartException("requiredElementsMissing", new String[] { expression } );
            }
        }
       
    }
View Full Code Here

Examples of org.apache.rampart.policy.RampartPolicyData

519
520
521
522
523
524
525
526
527
528
529
        }
    }

   
    protected boolean isSignatureRequired(RampartMessageData rmd) {
        RampartPolicyData rpd = rmd.getPolicyData();
        return (rpd.isSymmetricBinding() && rpd.getSignatureToken() != null) ||
                (!rpd.isSymmetricBinding() && !rpd.isTransportBinding() &&
                        ((rpd.getInitiatorToken() != null && rmd.isInitiator())
                                || rpd.getRecipientToken() != null && !rmd.isInitiator()));
    }
View Full Code Here

Examples of org.apache.rampart.policy.RampartPolicyData

134
135
136
137
138
139
140
141
142
143
144
        }
       
       
       
        if (securityPolicyPresent) {
            RampartPolicyData rpd = (RampartPolicyData)msgContext.
                                                getProperty(RampartMessageData.RAMPART_POLICY_DATA);
            // Security policy data has not been populated at the time of verification
            if (rpd == null ) {
                throw new AxisFault("InvalidSecurity");
            }
View Full Code Here

Examples of org.apache.rampart.policy.RampartPolicyData

753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
    protected boolean isUsernameTokenPresent(ValidatorData data) {
       
        //TODO This can be integrated with supporting token processing
        // which also checks whether Username Tokens present
       
        RampartPolicyData rpd = data.getRampartMessageData().getPolicyData();
       
        SupportingToken suppTok = rpd.getSupportingTokens();
        if(isUsernameTokenPresent(suppTok)){
            return true;
        }
       
        SupportingToken signedSuppToken = rpd.getSignedSupportingTokens();
        if(isUsernameTokenPresent(signedSuppToken)) {
            return true;
        }
       
        SupportingToken signedEndSuppToken = rpd.getSignedEndorsingSupportingTokens();
        if(isUsernameTokenPresent(signedEndSuppToken)) {
            return true;
        }
       
        SupportingToken endSuppToken = rpd.getEndorsingSupportingTokens();
        if(isUsernameTokenPresent(endSuppToken)){
            return true;
        }
       
        return false;
View Full Code Here

Examples of org.apache.rampart.policy.RampartPolicyData

112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
     */
    protected WSSecUsernameToken addUsernameToken(RampartMessageData rmd, UsernameToken token) throws RampartException {
      
        log.debug("Adding a UsernameToken");
       
        RampartPolicyData rpd = rmd.getPolicyData();
       
        //Get the user
        //First try options
        Options options = rmd.getMsgContext().getOptions();
        String user = options.getUserName();
        if(user == null || user.length() == 0) {
            //Then try RampartConfig
            if(rpd.getRampartConfig() != null) {
                user = rpd.getRampartConfig().getUser();
            }
        }
       
        if(user != null && !"".equals(user)) {
            log.debug("User : " + user);
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.