Example 61 with AssertionInfo
use of org.apache.cxf.ws.policy.AssertionInfo in project cxf by apache.
the class SecurityVerificationOutInterceptor method handleMessage.
/**
* Checks if some security assertions are specified without binding assertion and cannot be fulfilled.
* Throw PolicyException in this case
*
* @param message
* @throws PolicyException if assertions are specified without binding
*/
public void handleMessage(SoapMessage message) throws Fault {
if (MessageUtils.isRequestor(message)) {
AssertionInfoMap aim = message.get(AssertionInfoMap.class);
if (aim != null && PolicyUtils.getSecurityBinding(aim) == null) {
AssertionInfo assertion = getSecuredPart(aim);
if (assertion != null) {
String error = String.format("%s assertion cannot be fulfilled without binding. " + "At least one binding assertion (%s, %s, %s) must be specified in policy.", assertion.getAssertion().getName(), SP12Constants.TRANSPORT_BINDING.getLocalPart(), SP12Constants.ASYMMETRIC_BINDING.getLocalPart(), SP12Constants.SYMMETRIC_BINDING.getLocalPart());
assertion.setNotAsserted(error);
LOG.severe(error);
throw new PolicyException(assertion);
}
}
}
}
Also used :
AssertionInfo(org.apache.cxf.ws.policy.AssertionInfo)
PolicyException(org.apache.cxf.ws.policy.PolicyException)
AssertionInfoMap(org.apache.cxf.ws.policy.AssertionInfoMap)
Example 62 with AssertionInfo
use of org.apache.cxf.ws.policy.AssertionInfo in project cxf by apache.
the class SecureConversationInInterceptor method getSignedParts.
private SignedParts getSignedParts(AssertionInfoMap aim, String addNs) {
AssertionInfo signedPartsAi = PolicyUtils.getFirstAssertionByLocalname(aim, SPConstants.SIGNED_PARTS);
SignedParts signedParts = null;
if (signedPartsAi != null) {
signedParts = (SignedParts) signedPartsAi.getAssertion();
}
if (signedParts == null) {
List<Header> headers = new ArrayList<>();
if (addNs != null) {
headers.add(new Header("To", addNs));
headers.add(new Header("From", addNs));
headers.add(new Header("FaultTo", addNs));
headers.add(new Header("ReplyTo", addNs));
headers.add(new Header("Action", addNs));
headers.add(new Header("MessageID", addNs));
headers.add(new Header("RelatesTo", addNs));
}
signedParts = new SignedParts(SPConstants.SPVersion.SP12, true, null, headers, false);
}
return signedParts;
}
Also used :
AssertionInfo(org.apache.cxf.ws.policy.AssertionInfo)
Header(org.apache.wss4j.policy.model.Header)
ArrayList(java.util.ArrayList)
SignedParts(org.apache.wss4j.policy.model.SignedParts)
Example 63 with AssertionInfo
use of org.apache.cxf.ws.policy.AssertionInfo in project cxf by apache.
the class PolicyUtils method isThereAnAssertionByLocalname.
public static boolean isThereAnAssertionByLocalname(AssertionInfoMap aim, String localname) {
Collection<AssertionInfo> sp11Ais = aim.get(new QName(SP11Constants.SP_NS, localname));
Collection<AssertionInfo> sp12Ais = aim.get(new QName(SP12Constants.SP_NS, localname));
return (sp11Ais != null && !sp11Ais.isEmpty()) || (sp12Ais != null && !sp12Ais.isEmpty());
}
Also used :
AssertionInfo(org.apache.cxf.ws.policy.AssertionInfo)
QName(javax.xml.namespace.QName)
Example 64 with AssertionInfo
use of org.apache.cxf.ws.policy.AssertionInfo in project cxf by apache.
the class PolicyUtils method getSecurityBinding.
public static AbstractBinding getSecurityBinding(AssertionInfoMap aim) {
AssertionInfo asymAis = PolicyUtils.getFirstAssertionByLocalname(aim, SPConstants.ASYMMETRIC_BINDING);
if (asymAis != null) {
asymAis.setAsserted(true);
return (AbstractBinding) asymAis.getAssertion();
}
AssertionInfo symAis = PolicyUtils.getFirstAssertionByLocalname(aim, SPConstants.SYMMETRIC_BINDING);
if (symAis != null) {
symAis.setAsserted(true);
return (AbstractBinding) symAis.getAssertion();
}
AssertionInfo transAis = PolicyUtils.getFirstAssertionByLocalname(aim, SPConstants.TRANSPORT_BINDING);
if (transAis != null) {
transAis.setAsserted(true);
return (AbstractBinding) transAis.getAssertion();
}
return null;
}
Also used :
AssertionInfo(org.apache.cxf.ws.policy.AssertionInfo)
AbstractBinding(org.apache.wss4j.policy.model.AbstractBinding)
Example 65 with AssertionInfo
use of org.apache.cxf.ws.policy.AssertionInfo in project cxf by apache.
the class PolicyUtils method getAllAssertionsByLocalname.
public static Collection<AssertionInfo> getAllAssertionsByLocalname(AssertionInfoMap aim, String localname) {
Collection<AssertionInfo> sp11Ais = aim.get(new QName(SP11Constants.SP_NS, localname));
Collection<AssertionInfo> sp12Ais = aim.get(new QName(SP12Constants.SP_NS, localname));
if ((sp11Ais != null && !sp11Ais.isEmpty()) || (sp12Ais != null && !sp12Ais.isEmpty())) {
Collection<AssertionInfo> ais = new HashSet<>();
if (sp11Ais != null) {
ais.addAll(sp11Ais);
}
if (sp12Ais != null) {
ais.addAll(sp12Ais);
}
return ais;
}
return Collections.emptySet();
}
Also used :
AssertionInfo(org.apache.cxf.ws.policy.AssertionInfo)
QName(javax.xml.namespace.QName)
HashSet(java.util.HashSet)
Aggregations
AssertionInfo (org.apache.cxf.ws.policy.AssertionInfo)99
AssertionInfoMap (org.apache.cxf.ws.policy.AssertionInfoMap)45
QName (javax.xml.namespace.QName)21
SupportingTokens (org.apache.wss4j.policy.model.SupportingTokens)14
ArrayList (java.util.ArrayList)12
AbstractToken (org.apache.wss4j.policy.model.AbstractToken)12
SamlToken (org.apache.wss4j.policy.model.SamlToken)12
IssuedToken (org.apache.wss4j.policy.model.IssuedToken)10
UsernameToken (org.apache.wss4j.policy.model.UsernameToken)10
KerberosToken (org.apache.wss4j.policy.model.KerberosToken)9
SecurityContextToken (org.apache.wss4j.policy.model.SecurityContextToken)9
X509Token (org.apache.wss4j.policy.model.X509Token)9
Element (org.w3c.dom.Element)9
PolicyException (org.apache.cxf.ws.policy.PolicyException)8
KeyValueToken (org.apache.wss4j.policy.model.KeyValueToken)8
Header (org.apache.wss4j.policy.model.Header)7
SoapMessage (org.apache.cxf.binding.soap.SoapMessage)6
Message (org.apache.cxf.message.Message)6
WSSecurityEngineResult (org.apache.wss4j.dom.engine.WSSecurityEngineResult)6
TLSSessionInfo (org.apache.cxf.security.transport.TLSSessionInfo)5
