Example 16 with AssertionInfo
use of org.apache.cxf.ws.policy.AssertionInfo in project cxf by apache.
the class SpnegoContextTokenOutInterceptor method handleMessage.
public void handleMessage(SoapMessage message) throws Fault {
AssertionInfoMap aim = message.get(AssertionInfoMap.class);
// extract Assertion information
if (aim != null) {
Collection<AssertionInfo> ais = PolicyUtils.getAllAssertionsByLocalname(aim, SPConstants.SPNEGO_CONTEXT_TOKEN);
if (ais.isEmpty()) {
return;
}
if (isRequestor(message)) {
String tokId = (String) message.getContextualProperty(SecurityConstants.TOKEN_ID);
SecurityToken tok = null;
try {
if (tokId != null) {
tok = TokenStoreUtils.getTokenStore(message).getToken(tokId);
if (tok != null && tok.isExpired()) {
message.getExchange().getEndpoint().remove(SecurityConstants.TOKEN_ID);
message.getExchange().remove(SecurityConstants.TOKEN_ID);
TokenStoreUtils.getTokenStore(message).remove(tokId);
tok = null;
}
}
if (tok == null) {
tok = issueToken(message, aim);
}
for (AssertionInfo ai : ais) {
ai.setAsserted(true);
}
message.getExchange().getEndpoint().put(SecurityConstants.TOKEN_ID, tok.getId());
message.getExchange().put(SecurityConstants.TOKEN_ID, tok.getId());
TokenStoreUtils.getTokenStore(message).add(tok);
} catch (TokenStoreException ex) {
throw new Fault(ex);
}
} else {
// server side should be checked on the way in
for (AssertionInfo ai : ais) {
ai.setAsserted(true);
}
}
}
}
Also used :
SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken)
AssertionInfo(org.apache.cxf.ws.policy.AssertionInfo)
TokenStoreException(org.apache.cxf.ws.security.tokenstore.TokenStoreException)
Fault(org.apache.cxf.interceptor.Fault)
AssertionInfoMap(org.apache.cxf.ws.policy.AssertionInfoMap)
Example 17 with AssertionInfo
use of org.apache.cxf.ws.policy.AssertionInfo in project cxf by apache.
the class PolicyUtils method getFirstAssertionByLocalname.
public static AssertionInfo getFirstAssertionByLocalname(AssertionInfoMap aim, String localname) {
Collection<AssertionInfo> sp11Ais = aim.get(new QName(SP11Constants.SP_NS, localname));
if (sp11Ais != null && !sp11Ais.isEmpty()) {
return sp11Ais.iterator().next();
}
Collection<AssertionInfo> sp12Ais = aim.get(new QName(SP12Constants.SP_NS, localname));
if (sp12Ais != null && !sp12Ais.isEmpty()) {
return sp12Ais.iterator().next();
}
return null;
}
Also used :
AssertionInfo(org.apache.cxf.ws.policy.AssertionInfo)
QName(javax.xml.namespace.QName)
Example 18 with AssertionInfo
use of org.apache.cxf.ws.policy.AssertionInfo in project cxf by apache.
the class RMPolicyUtilities method getRMConfiguration.
/**
* Returns an RMAssertion that is compatible with the default value and all RMAssertions pertaining to the
* message (can never be null).
*
* @param defaultValue the default value (non-<code>null</code>)
* @param message the message
* @return the compatible RMAssertion
*/
public static RMConfiguration getRMConfiguration(RMConfiguration defaultValue, Message message) {
RMConfiguration compatible = defaultValue;
Collection<AssertionInfo> ais = collectRMAssertions(message.get(AssertionInfoMap.class));
for (AssertionInfo ai : ais) {
if (ai.getAssertion() instanceof JaxbAssertion<?>) {
RMAssertion rma = (RMAssertion) ((JaxbAssertion<?>) ai.getAssertion()).getData();
compatible = intersect(rma, compatible);
} else if (ai.getAssertion() instanceof PrimitiveAssertion) {
PrimitiveAssertion assertion = (PrimitiveAssertion) ai.getAssertion();
if (RM11Constants.WSRMP_NAMESPACE_URI.equals(assertion.getName().getNamespaceURI())) {
compatible = intersect(assertion, compatible);
}
}
}
return compatible;
}
Also used :
AssertionInfo(org.apache.cxf.ws.policy.AssertionInfo)
RMAssertion(org.apache.cxf.ws.rmp.v200502.RMAssertion)
PrimitiveAssertion(org.apache.neethi.builders.PrimitiveAssertion)
RMConfiguration(org.apache.cxf.ws.rm.RMConfiguration)
JaxbAssertion(org.apache.cxf.ws.policy.builder.jaxb.JaxbAssertion)
AssertionInfoMap(org.apache.cxf.ws.policy.AssertionInfoMap)
Example 19 with AssertionInfo
use of org.apache.cxf.ws.policy.AssertionInfo in project cxf by apache.
the class MAPAggregatorImpl method setupNamespace.
private void setupNamespace(AddressingProperties maps, Message message) {
AssertionInfoMap aim = message.get(AssertionInfoMap.class);
if (null == aim) {
String ns = (String) message.getContextualProperty(MAPAggregator.ADDRESSING_NAMESPACE);
if (ns != null) {
maps.exposeAs(ns);
}
return;
}
Collection<AssertionInfo> aic = aim.getAssertionInfo(MetadataConstants.USING_ADDRESSING_2004_QNAME);
if (aic != null && !aic.isEmpty()) {
maps.exposeAs(Names200408.WSA_NAMESPACE_NAME);
}
}
Also used :
AssertionInfo(org.apache.cxf.ws.policy.AssertionInfo)
AssertionInfoMap(org.apache.cxf.ws.policy.AssertionInfoMap)
Example 20 with AssertionInfo
use of org.apache.cxf.ws.policy.AssertionInfo in project cxf by apache.
the class AbstractPolicySecurityTest method runOutInterceptorAndValidate.
protected Document runOutInterceptorAndValidate(SoapMessage msg, Policy policy, AssertionInfoMap aim, List<QName> assertedOutAssertions, List<QName> notAssertedOutAssertions) throws Exception {
if (msg.getExchange().getEndpoint() != null && msg.getExchange().getEndpoint().getEndpointInfo().getProperty(TokenStore.class.getName()) == null) {
msg.put(SecurityConstants.TOKEN_STORE_CACHE_INSTANCE, new MemoryTokenStore());
}
this.getOutInterceptor().handleMessage(msg);
try {
aim.checkEffectivePolicy(policy);
} catch (PolicyException e) {
// Expected but not relevant
} finally {
if (assertedOutAssertions != null) {
for (QName assertionType : assertedOutAssertions) {
Collection<AssertionInfo> ais = aim.get(assertionType);
assertNotNull(ais);
for (AssertionInfo ai : ais) {
checkAssertion(aim, assertionType, ai, true);
}
}
}
if (notAssertedOutAssertions != null) {
for (QName assertionType : notAssertedOutAssertions) {
Collection<AssertionInfo> ais = aim.get(assertionType);
assertNotNull(ais);
for (AssertionInfo ai : ais) {
checkAssertion(aim, assertionType, ai, false);
}
}
}
}
return msg.getContent(SOAPMessage.class).getSOAPPart();
}
Also used :
MemoryTokenStore(org.apache.cxf.ws.security.tokenstore.MemoryTokenStore)
AssertionInfo(org.apache.cxf.ws.policy.AssertionInfo)
PolicyException(org.apache.cxf.ws.policy.PolicyException)
QName(javax.xml.namespace.QName)
TokenStore(org.apache.cxf.ws.security.tokenstore.TokenStore)
MemoryTokenStore(org.apache.cxf.ws.security.tokenstore.MemoryTokenStore)
SOAPMessage(javax.xml.soap.SOAPMessage)
Aggregations
AssertionInfo (org.apache.cxf.ws.policy.AssertionInfo)99
AssertionInfoMap (org.apache.cxf.ws.policy.AssertionInfoMap)45
QName (javax.xml.namespace.QName)21
SupportingTokens (org.apache.wss4j.policy.model.SupportingTokens)14
ArrayList (java.util.ArrayList)12
AbstractToken (org.apache.wss4j.policy.model.AbstractToken)12
SamlToken (org.apache.wss4j.policy.model.SamlToken)12
IssuedToken (org.apache.wss4j.policy.model.IssuedToken)10
UsernameToken (org.apache.wss4j.policy.model.UsernameToken)10
KerberosToken (org.apache.wss4j.policy.model.KerberosToken)9
SecurityContextToken (org.apache.wss4j.policy.model.SecurityContextToken)9
X509Token (org.apache.wss4j.policy.model.X509Token)9
Element (org.w3c.dom.Element)9
PolicyException (org.apache.cxf.ws.policy.PolicyException)8
KeyValueToken (org.apache.wss4j.policy.model.KeyValueToken)8
Header (org.apache.wss4j.policy.model.Header)7
SoapMessage (org.apache.cxf.binding.soap.SoapMessage)6
Message (org.apache.cxf.message.Message)6
WSSecurityEngineResult (org.apache.wss4j.dom.engine.WSSecurityEngineResult)6
TLSSessionInfo (org.apache.cxf.security.transport.TLSSessionInfo)5
