Search in sources :

Example 1 with ProtectionTokenBuilder

use of org.apache.wss4j.policy.builders.ProtectionTokenBuilder in project cxf by apache.

the class WSSecurityPolicyLoader method registerBuilders.

public void registerBuilders() {
    AssertionBuilderRegistry reg = bus.getExtension(AssertionBuilderRegistry.class);
    if (reg == null) {
        return;
    }
    reg.registerBuilder(new AlgorithmSuiteBuilder(bus));
    reg.registerBuilder(new AsymmetricBindingBuilder());
    reg.registerBuilder(new ContentEncryptedElementsBuilder());
    reg.registerBuilder(new EncryptedElementsBuilder());
    reg.registerBuilder(new EncryptionTokenBuilder());
    reg.registerBuilder(new EncryptedPartsBuilder());
    reg.registerBuilder(new HttpsTokenBuilder());
    reg.registerBuilder(new InitiatorTokenBuilder());
    reg.registerBuilder(new InitiatorSignatureTokenBuilder());
    reg.registerBuilder(new InitiatorEncryptionTokenBuilder());
    reg.registerBuilder(new IssuedTokenBuilder());
    reg.registerBuilder(new LayoutBuilder());
    reg.registerBuilder(new ProtectionTokenBuilder());
    reg.registerBuilder(new RecipientTokenBuilder());
    reg.registerBuilder(new RecipientSignatureTokenBuilder());
    reg.registerBuilder(new RecipientEncryptionTokenBuilder());
    reg.registerBuilder(new RequiredElementsBuilder());
    reg.registerBuilder(new RequiredPartsBuilder());
    reg.registerBuilder(new SamlTokenBuilder());
    reg.registerBuilder(new KerberosTokenBuilder());
    reg.registerBuilder(new SecureConversationTokenBuilder());
    reg.registerBuilder(new BootstrapPolicyBuilder());
    reg.registerBuilder(new SecurityContextTokenBuilder());
    reg.registerBuilder(new SignedElementsBuilder());
    reg.registerBuilder(new SignedPartsBuilder());
    reg.registerBuilder(new SignatureTokenBuilder());
    reg.registerBuilder(new SpnegoContextTokenBuilder());
    reg.registerBuilder(new SupportingTokensBuilder());
    reg.registerBuilder(new SymmetricBindingBuilder());
    reg.registerBuilder(new TransportBindingBuilder());
    reg.registerBuilder(new TransportTokenBuilder());
    reg.registerBuilder(new Trust10Builder());
    reg.registerBuilder(new Trust13Builder());
    reg.registerBuilder(new UsernameTokenBuilder());
    reg.registerBuilder(new KeyValueTokenBuilder());
    reg.registerBuilder(new WSS10Builder());
    reg.registerBuilder(new WSS11Builder());
    reg.registerBuilder(new X509TokenBuilder());
    // add generic assertions for these known things to prevent warnings
    List<QName> others = Arrays.asList(new QName[] { SP12Constants.INCLUDE_TIMESTAMP, SP11Constants.INCLUDE_TIMESTAMP, SP12Constants.ENCRYPT_SIGNATURE, SP11Constants.ENCRYPT_SIGNATURE, SP12Constants.PROTECT_TOKENS, SP11Constants.PROTECT_TOKENS, SP12Constants.ONLY_SIGN_ENTIRE_HEADERS_AND_BODY, SP11Constants.ONLY_SIGN_ENTIRE_HEADERS_AND_BODY, SP12Constants.WSS_X509_V1_TOKEN_10, SP12Constants.WSS_X509_V1_TOKEN_11, SP12Constants.WSS_X509_V3_TOKEN_10, SP12Constants.WSS_X509_V3_TOKEN_11, SP11Constants.WSS_X509_V1_TOKEN_10, SP11Constants.WSS_X509_V1_TOKEN_11, SP11Constants.WSS_X509_V3_TOKEN_10, SP11Constants.WSS_X509_V3_TOKEN_11, SP12Constants.WSS_X509_PKCS7_TOKEN_11, SP12Constants.WSS_X509_PKI_PATH_V1_TOKEN_11, SP11Constants.WSS_X509_PKCS7_TOKEN_11, SP11Constants.WSS_X509_PKI_PATH_V1_TOKEN_11, SP12Constants.REQUIRE_THUMBPRINT_REFERENCE, SP11Constants.REQUIRE_THUMBPRINT_REFERENCE, SP12Constants.REQUIRE_DERIVED_KEYS, SP11Constants.REQUIRE_DERIVED_KEYS, SP12Constants.REQUIRE_INTERNAL_REFERENCE, SP11Constants.REQUIRE_INTERNAL_REFERENCE, SP12Constants.REQUIRE_ISSUER_SERIAL_REFERENCE, SP11Constants.REQUIRE_ISSUER_SERIAL_REFERENCE, SP12Constants.REQUIRE_EMBEDDED_TOKEN_REFERENCE, SP11Constants.REQUIRE_EMBEDDED_TOKEN_REFERENCE, SP12Constants.ENCRYPT_BEFORE_SIGNING, SP11Constants.ENCRYPT_BEFORE_SIGNING, SP12Constants.SIGN_BEFORE_ENCRYPTING, SP11Constants.SIGN_BEFORE_ENCRYPTING, SP12Constants.REQUIRE_KEY_IDENTIFIER_REFERENCE, SP11Constants.REQUIRE_KEY_IDENTIFIER_REFERENCE, SP12Constants.PROTECT_TOKENS, SP11Constants.PROTECT_TOKENS, SP12Constants.RSA_KEY_VALUE, // Layout
    SP11Constants.LAX, SP11Constants.LAXTSFIRST, SP11Constants.LAXTSLAST, SP11Constants.STRICT, SP12Constants.LAX, SP12Constants.LAXTSFIRST, SP12Constants.LAXTSLAST, SP12Constants.STRICT, // UsernameToken
    SP11Constants.WSS_USERNAME_TOKEN10, SP12Constants.WSS_USERNAME_TOKEN10, SP11Constants.WSS_USERNAME_TOKEN11, SP12Constants.WSS_USERNAME_TOKEN11, SP12Constants.HASH_PASSWORD, SP12Constants.NO_PASSWORD, SP13Constants.CREATED, SP13Constants.NONCE, SP12Constants.REQUIRE_INTERNAL_REFERENCE, SP11Constants.REQUIRE_INTERNAL_REFERENCE, SP12Constants.REQUIRE_EXTERNAL_REFERNCE, SP11Constants.REQUIRE_EXTERNAL_REFERNCE, // Kerberos
    new QName(SP11Constants.SP_NS, "WssKerberosV5ApReqToken11"), new QName(SP12Constants.SP_NS, "WssKerberosV5ApReqToken11"), new QName(SP11Constants.SP_NS, "WssGssKerberosV5ApReqToken11"), new QName(SP12Constants.SP_NS, "WssGssKerberosV5ApReqToken11"), // Spnego
    SP12Constants.MUST_NOT_SEND_AMEND, SP12Constants.MUST_NOT_SEND_CANCEL, SP12Constants.MUST_NOT_SEND_RENEW, // Backwards compatibility thing
    new QName("http://schemas.microsoft.com/ws/2005/07/securitypolicy", SPConstants.MUST_NOT_SEND_CANCEL), // SCT
    SP12Constants.REQUIRE_EXTERNAL_URI_REFERENCE, SP12Constants.SC13_SECURITY_CONTEXT_TOKEN, SP11Constants.SC10_SECURITY_CONTEXT_TOKEN, // WSS10
    SP12Constants.MUST_SUPPORT_REF_KEY_IDENTIFIER, SP11Constants.MUST_SUPPORT_REF_KEY_IDENTIFIER, SP12Constants.MUST_SUPPORT_REF_ISSUER_SERIAL, SP11Constants.MUST_SUPPORT_REF_ISSUER_SERIAL, SP12Constants.MUST_SUPPORT_REF_EXTERNAL_URI, SP12Constants.MUST_SUPPORT_REF_EXTERNAL_URI, SP12Constants.MUST_SUPPORT_REF_EMBEDDED_TOKEN, SP11Constants.MUST_SUPPORT_REF_EMBEDDED_TOKEN, // WSS11
    SP12Constants.MUST_SUPPORT_REF_THUMBPRINT, SP11Constants.MUST_SUPPORT_REF_THUMBPRINT, SP12Constants.MUST_SUPPORT_REF_ENCRYPTED_KEY, SP11Constants.MUST_SUPPORT_REF_ENCRYPTED_KEY, SP12Constants.REQUIRE_SIGNATURE_CONFIRMATION, SP11Constants.REQUIRE_SIGNATURE_CONFIRMATION, // SAML
    new QName(SP11Constants.SP_NS, "WssSamlV11Token10"), new QName(SP12Constants.SP_NS, "WssSamlV11Token10"), new QName(SP11Constants.SP_NS, "WssSamlV11Token11"), new QName(SP12Constants.SP_NS, "WssSamlV11Token11"), new QName(SP11Constants.SP_NS, "WssSamlV20Token11"), new QName(SP12Constants.SP_NS, "WssSamlV20Token11"), // HTTPs
    SP12Constants.HTTP_BASIC_AUTHENTICATION, SP12Constants.HTTP_DIGEST_AUTHENTICATION, SP12Constants.REQUIRE_CLIENT_CERTIFICATE, // Trust13
    SP12Constants.MUST_SUPPORT_CLIENT_CHALLENGE, SP11Constants.MUST_SUPPORT_CLIENT_CHALLENGE, SP12Constants.MUST_SUPPORT_SERVER_CHALLENGE, SP11Constants.MUST_SUPPORT_SERVER_CHALLENGE, SP12Constants.REQUIRE_CLIENT_ENTROPY, SP11Constants.REQUIRE_CLIENT_ENTROPY, SP12Constants.REQUIRE_SERVER_ENTROPY, SP11Constants.REQUIRE_SERVER_ENTROPY, SP12Constants.MUST_SUPPORT_ISSUED_TOKENS, SP11Constants.MUST_SUPPORT_ISSUED_TOKENS, SP12Constants.REQUIRE_REQUEST_SECURITY_TOKEN_COLLECTION, SP12Constants.REQUIRE_APPLIES_TO, SP13Constants.SCOPE_POLICY_15, SP13Constants.MUST_SUPPORT_INTERACTIVE_CHALLENGE, // AlgorithmSuite misc
    new QName(SP11Constants.SP_NS, SPConstants.INCLUSIVE_C14N), new QName(SP12Constants.SP_NS, SPConstants.INCLUSIVE_C14N) });
    final Map<QName, Assertion> assertions = new HashMap<>();
    for (QName q : others) {
        assertions.put(q, new PrimitiveAssertion(q));
    }
    for (String s : AlgorithmSuite.getSupportedAlgorithmSuiteNames()) {
        QName q = new QName(SP11Constants.SP_NS, s);
        assertions.put(q, new PrimitiveAssertion(q));
        q = new QName(SP12Constants.SP_NS, s);
        assertions.put(q, new PrimitiveAssertion(q));
    }
    reg.registerBuilder(new PrimitiveAssertionBuilder(assertions.keySet()) {

        public Assertion build(Element element, AssertionBuilderFactory fact) {
            if (XMLPrimitiveAssertionBuilder.isOptional(element) || XMLPrimitiveAssertionBuilder.isIgnorable(element)) {
                return super.build(element, fact);
            }
            QName q = new QName(element.getNamespaceURI(), element.getLocalName());
            return assertions.get(q);
        }
    });
}
Also used : LayoutBuilder(org.apache.wss4j.policy.builders.LayoutBuilder) ProtectionTokenBuilder(org.apache.wss4j.policy.builders.ProtectionTokenBuilder) IssuedTokenBuilder(org.apache.wss4j.policy.builders.IssuedTokenBuilder) EncryptedPartsBuilder(org.apache.wss4j.policy.builders.EncryptedPartsBuilder) HashMap(java.util.HashMap) SamlTokenBuilder(org.apache.wss4j.policy.builders.SamlTokenBuilder) AssertionBuilderRegistry(org.apache.cxf.ws.policy.AssertionBuilderRegistry) RequiredElementsBuilder(org.apache.wss4j.policy.builders.RequiredElementsBuilder) SecureConversationTokenBuilder(org.apache.wss4j.policy.builders.SecureConversationTokenBuilder) BootstrapPolicyBuilder(org.apache.wss4j.policy.builders.BootstrapPolicyBuilder) AssertionBuilderFactory(org.apache.neethi.AssertionBuilderFactory) KeyValueTokenBuilder(org.apache.wss4j.policy.builders.KeyValueTokenBuilder) X509TokenBuilder(org.apache.wss4j.policy.builders.X509TokenBuilder) Trust13Builder(org.apache.wss4j.policy.builders.Trust13Builder) PrimitiveAssertion(org.apache.cxf.ws.policy.builder.primitive.PrimitiveAssertion) Assertion(org.apache.neethi.Assertion) PrimitiveAssertion(org.apache.cxf.ws.policy.builder.primitive.PrimitiveAssertion) RecipientTokenBuilder(org.apache.wss4j.policy.builders.RecipientTokenBuilder) RequiredPartsBuilder(org.apache.wss4j.policy.builders.RequiredPartsBuilder) AlgorithmSuiteBuilder(org.apache.cxf.ws.security.policy.custom.AlgorithmSuiteBuilder) UsernameTokenBuilder(org.apache.wss4j.policy.builders.UsernameTokenBuilder) KerberosTokenBuilder(org.apache.wss4j.policy.builders.KerberosTokenBuilder) SupportingTokensBuilder(org.apache.wss4j.policy.builders.SupportingTokensBuilder) WSS11Builder(org.apache.wss4j.policy.builders.WSS11Builder) TransportTokenBuilder(org.apache.wss4j.policy.builders.TransportTokenBuilder) WSS10Builder(org.apache.wss4j.policy.builders.WSS10Builder) Element(org.w3c.dom.Element) AsymmetricBindingBuilder(org.apache.wss4j.policy.builders.AsymmetricBindingBuilder) InitiatorEncryptionTokenBuilder(org.apache.wss4j.policy.builders.InitiatorEncryptionTokenBuilder) EncryptedElementsBuilder(org.apache.wss4j.policy.builders.EncryptedElementsBuilder) ContentEncryptedElementsBuilder(org.apache.wss4j.policy.builders.ContentEncryptedElementsBuilder) RecipientEncryptionTokenBuilder(org.apache.wss4j.policy.builders.RecipientEncryptionTokenBuilder) SecurityContextTokenBuilder(org.apache.wss4j.policy.builders.SecurityContextTokenBuilder) SignatureTokenBuilder(org.apache.wss4j.policy.builders.SignatureTokenBuilder) InitiatorSignatureTokenBuilder(org.apache.wss4j.policy.builders.InitiatorSignatureTokenBuilder) RecipientSignatureTokenBuilder(org.apache.wss4j.policy.builders.RecipientSignatureTokenBuilder) SignedPartsBuilder(org.apache.wss4j.policy.builders.SignedPartsBuilder) InitiatorEncryptionTokenBuilder(org.apache.wss4j.policy.builders.InitiatorEncryptionTokenBuilder) RecipientEncryptionTokenBuilder(org.apache.wss4j.policy.builders.RecipientEncryptionTokenBuilder) EncryptionTokenBuilder(org.apache.wss4j.policy.builders.EncryptionTokenBuilder) TransportBindingBuilder(org.apache.wss4j.policy.builders.TransportBindingBuilder) XMLPrimitiveAssertionBuilder(org.apache.neethi.builders.xml.XMLPrimitiveAssertionBuilder) PrimitiveAssertionBuilder(org.apache.cxf.ws.policy.builder.primitive.PrimitiveAssertionBuilder) HttpsTokenBuilder(org.apache.wss4j.policy.builders.HttpsTokenBuilder) RecipientSignatureTokenBuilder(org.apache.wss4j.policy.builders.RecipientSignatureTokenBuilder) SignedElementsBuilder(org.apache.wss4j.policy.builders.SignedElementsBuilder) Trust10Builder(org.apache.wss4j.policy.builders.Trust10Builder) SymmetricBindingBuilder(org.apache.wss4j.policy.builders.SymmetricBindingBuilder) QName(javax.xml.namespace.QName) InitiatorSignatureTokenBuilder(org.apache.wss4j.policy.builders.InitiatorSignatureTokenBuilder) SpnegoContextTokenBuilder(org.apache.wss4j.policy.builders.SpnegoContextTokenBuilder) InitiatorTokenBuilder(org.apache.wss4j.policy.builders.InitiatorTokenBuilder) ContentEncryptedElementsBuilder(org.apache.wss4j.policy.builders.ContentEncryptedElementsBuilder)

Aggregations

HashMap (java.util.HashMap)1 QName (javax.xml.namespace.QName)1 AssertionBuilderRegistry (org.apache.cxf.ws.policy.AssertionBuilderRegistry)1 PrimitiveAssertion (org.apache.cxf.ws.policy.builder.primitive.PrimitiveAssertion)1 PrimitiveAssertionBuilder (org.apache.cxf.ws.policy.builder.primitive.PrimitiveAssertionBuilder)1 AlgorithmSuiteBuilder (org.apache.cxf.ws.security.policy.custom.AlgorithmSuiteBuilder)1 Assertion (org.apache.neethi.Assertion)1 AssertionBuilderFactory (org.apache.neethi.AssertionBuilderFactory)1 XMLPrimitiveAssertionBuilder (org.apache.neethi.builders.xml.XMLPrimitiveAssertionBuilder)1 AsymmetricBindingBuilder (org.apache.wss4j.policy.builders.AsymmetricBindingBuilder)1 BootstrapPolicyBuilder (org.apache.wss4j.policy.builders.BootstrapPolicyBuilder)1 ContentEncryptedElementsBuilder (org.apache.wss4j.policy.builders.ContentEncryptedElementsBuilder)1 EncryptedElementsBuilder (org.apache.wss4j.policy.builders.EncryptedElementsBuilder)1 EncryptedPartsBuilder (org.apache.wss4j.policy.builders.EncryptedPartsBuilder)1 EncryptionTokenBuilder (org.apache.wss4j.policy.builders.EncryptionTokenBuilder)1 HttpsTokenBuilder (org.apache.wss4j.policy.builders.HttpsTokenBuilder)1 InitiatorEncryptionTokenBuilder (org.apache.wss4j.policy.builders.InitiatorEncryptionTokenBuilder)1 InitiatorSignatureTokenBuilder (org.apache.wss4j.policy.builders.InitiatorSignatureTokenBuilder)1 InitiatorTokenBuilder (org.apache.wss4j.policy.builders.InitiatorTokenBuilder)1 IssuedTokenBuilder (org.apache.wss4j.policy.builders.IssuedTokenBuilder)1