use of org.apache.cxf.ws.policy.AssertionInfo in project cxf by apache.
the class AbstractStaxBindingHandler method getSignedParts.
/**
* Identifies the portions of the message to be signed
*/
protected List<SecurePart> getSignedParts() throws SOAPException {
SignedParts parts = null;
SignedElements elements = null;
AssertionInfoMap aim = message.get(AssertionInfoMap.class);
AssertionInfo assertionInfo = PolicyUtils.getFirstAssertionByLocalname(aim, SPConstants.SIGNED_PARTS);
if (assertionInfo != null) {
parts = (SignedParts) assertionInfo.getAssertion();
assertionInfo.setAsserted(true);
}
assertionInfo = PolicyUtils.getFirstAssertionByLocalname(aim, SPConstants.SIGNED_ELEMENTS);
if (assertionInfo != null) {
elements = (SignedElements) assertionInfo.getAssertion();
assertionInfo.setAsserted(true);
}
List<SecurePart> signedParts = new ArrayList<>();
if (parts != null) {
if (parts.isBody()) {
QName soapBody = new QName(WSSConstants.NS_SOAP12, "Body");
SecurePart securePart = new SecurePart(soapBody, Modifier.Element);
signedParts.add(securePart);
}
for (Header head : parts.getHeaders()) {
String localName = head.getName();
if (localName == null) {
localName = "*";
}
QName qname = new QName(head.getNamespace(), localName);
SecurePart securePart = new SecurePart(qname, Modifier.Element);
securePart.setRequired(false);
signedParts.add(securePart);
}
Attachments attachments = parts.getAttachments();
if (attachments != null) {
Modifier modifier = Modifier.Element;
if (attachments.isContentSignatureTransform()) {
modifier = Modifier.Content;
}
SecurePart securePart = new SecurePart("cid:Attachments", modifier);
securePart.setRequired(false);
signedParts.add(securePart);
}
}
if (elements != null && elements.getXPaths() != null) {
for (XPath xPath : elements.getXPaths()) {
List<QName> qnames = org.apache.wss4j.policy.stax.PolicyUtils.getElementPath(xPath);
if (!qnames.isEmpty()) {
SecurePart securePart = new SecurePart(qnames.get(qnames.size() - 1), Modifier.Element);
signedParts.add(securePart);
}
}
}
return signedParts;
}
use of org.apache.cxf.ws.policy.AssertionInfo in project cxf by apache.
the class AbstractStaxBindingHandler method getEncryptedParts.
/**
* Identifies the portions of the message to be encrypted
*/
protected List<SecurePart> getEncryptedParts() throws SOAPException {
EncryptedParts parts = null;
EncryptedElements elements = null;
ContentEncryptedElements celements = null;
AssertionInfoMap aim = message.get(AssertionInfoMap.class);
Collection<AssertionInfo> ais = PolicyUtils.getAllAssertionsByLocalname(aim, SPConstants.ENCRYPTED_PARTS);
if (!ais.isEmpty()) {
for (AssertionInfo ai : ais) {
parts = (EncryptedParts) ai.getAssertion();
ai.setAsserted(true);
}
}
ais = PolicyUtils.getAllAssertionsByLocalname(aim, SPConstants.ENCRYPTED_ELEMENTS);
if (!ais.isEmpty()) {
for (AssertionInfo ai : ais) {
elements = (EncryptedElements) ai.getAssertion();
ai.setAsserted(true);
}
}
ais = PolicyUtils.getAllAssertionsByLocalname(aim, SPConstants.CONTENT_ENCRYPTED_ELEMENTS);
if (!ais.isEmpty()) {
for (AssertionInfo ai : ais) {
celements = (ContentEncryptedElements) ai.getAssertion();
ai.setAsserted(true);
}
}
List<SecurePart> encryptedParts = new ArrayList<>();
if (parts != null) {
if (parts.isBody()) {
QName soapBody = new QName(WSSConstants.NS_SOAP12, "Body");
SecurePart securePart = new SecurePart(soapBody, Modifier.Content);
encryptedParts.add(securePart);
}
for (Header head : parts.getHeaders()) {
String localName = head.getName();
if (localName == null) {
localName = "*";
}
QName qname = new QName(head.getNamespace(), localName);
SecurePart securePart = new SecurePart(qname, Modifier.Element);
securePart.setRequired(false);
encryptedParts.add(securePart);
}
Attachments attachments = parts.getAttachments();
if (attachments != null) {
SecurePart securePart = new SecurePart("cid:Attachments", Modifier.Element);
if (MessageUtils.getContextualBoolean(message, SecurityConstants.USE_ATTACHMENT_ENCRYPTION_CONTENT_ONLY_TRANSFORM, false)) {
securePart.setModifier(Modifier.Content);
}
securePart.setRequired(false);
encryptedParts.add(securePart);
}
}
if (elements != null && elements.getXPaths() != null) {
for (XPath xPath : elements.getXPaths()) {
List<QName> qnames = org.apache.wss4j.policy.stax.PolicyUtils.getElementPath(xPath);
if (!qnames.isEmpty()) {
SecurePart securePart = new SecurePart(qnames.get(qnames.size() - 1), Modifier.Element);
encryptedParts.add(securePart);
}
}
}
if (celements != null && celements.getXPaths() != null) {
for (XPath xPath : celements.getXPaths()) {
List<QName> qnames = org.apache.wss4j.policy.stax.PolicyUtils.getElementPath(xPath);
if (!qnames.isEmpty()) {
SecurePart securePart = new SecurePart(qnames.get(qnames.size() - 1), Modifier.Content);
encryptedParts.add(securePart);
}
}
}
return encryptedParts;
}
use of org.apache.cxf.ws.policy.AssertionInfo in project cxf by apache.
the class AbstractStaxBindingHandler method handleSupportingTokens.
protected Map<AbstractToken, SecurePart> handleSupportingTokens(Collection<AssertionInfo> tokenAssertions, boolean signed, boolean endorse) throws Exception {
if (tokenAssertions != null && !tokenAssertions.isEmpty()) {
Map<AbstractToken, SecurePart> ret = new HashMap<>();
for (AssertionInfo assertionInfo : tokenAssertions) {
if (assertionInfo.getAssertion() instanceof SupportingTokens) {
assertionInfo.setAsserted(true);
handleSupportingTokens((SupportingTokens) assertionInfo.getAssertion(), signed, endorse, ret);
}
}
return ret;
}
return Collections.emptyMap();
}
use of org.apache.cxf.ws.policy.AssertionInfo in project cxf by apache.
the class TransportBindingHandler method handleEndorsingSupportingTokens.
/**
* Handle the endorsing supporting tokens
*/
private void handleEndorsingSupportingTokens() throws Exception {
Collection<AssertionInfo> ais;
ais = getAllAssertionsByLocalname(SPConstants.SIGNED_ENDORSING_SUPPORTING_TOKENS);
if (!ais.isEmpty()) {
SupportingTokens sgndSuppTokens = null;
for (AssertionInfo ai : ais) {
sgndSuppTokens = (SupportingTokens) ai.getAssertion();
ai.setAsserted(true);
}
if (sgndSuppTokens != null) {
for (AbstractToken token : sgndSuppTokens.getTokens()) {
handleEndorsingToken(token, sgndSuppTokens);
}
}
}
ais = getAllAssertionsByLocalname(SPConstants.ENDORSING_SUPPORTING_TOKENS);
if (!ais.isEmpty()) {
SupportingTokens endSuppTokens = null;
for (AssertionInfo ai : ais) {
endSuppTokens = (SupportingTokens) ai.getAssertion();
ai.setAsserted(true);
}
if (endSuppTokens != null) {
for (AbstractToken token : endSuppTokens.getTokens()) {
handleEndorsingToken(token, endSuppTokens);
}
}
}
ais = getAllAssertionsByLocalname(SPConstants.ENDORSING_ENCRYPTED_SUPPORTING_TOKENS);
if (!ais.isEmpty()) {
SupportingTokens endSuppTokens = null;
for (AssertionInfo ai : ais) {
endSuppTokens = (SupportingTokens) ai.getAssertion();
ai.setAsserted(true);
}
if (endSuppTokens != null) {
for (AbstractToken token : endSuppTokens.getTokens()) {
handleEndorsingToken(token, endSuppTokens);
}
}
}
ais = getAllAssertionsByLocalname(SPConstants.SIGNED_ENDORSING_ENCRYPTED_SUPPORTING_TOKENS);
if (!ais.isEmpty()) {
SupportingTokens endSuppTokens = null;
for (AssertionInfo ai : ais) {
endSuppTokens = (SupportingTokens) ai.getAssertion();
ai.setAsserted(true);
}
if (endSuppTokens != null) {
for (AbstractToken token : endSuppTokens.getTokens()) {
handleEndorsingToken(token, endSuppTokens);
}
}
}
}
use of org.apache.cxf.ws.policy.AssertionInfo in project cxf by apache.
the class UsernameTokenInterceptor method addToken.
protected void addToken(SoapMessage message) {
UsernameToken tok = assertTokens(message);
Header h = findSecurityHeader(message, true);
Element el = (Element) h.getObject();
Document doc = el.getOwnerDocument();
WSSecUsernameToken utBuilder = addUsernameToken(message, doc, tok);
if (utBuilder == null) {
AssertionInfoMap aim = message.get(AssertionInfoMap.class);
Collection<AssertionInfo> ais = PolicyUtils.getAllAssertionsByLocalname(aim, SPConstants.USERNAME_TOKEN);
for (AssertionInfo ai : ais) {
if (ai.isAsserted()) {
ai.setAsserted(false);
}
}
return;
}
utBuilder.prepare();
el.appendChild(utBuilder.getUsernameTokenElement());
}
Aggregations