use of org.apache.wss4j.policy.builders.ProtectionTokenBuilder in project cxf by apache.
the class WSSecurityPolicyLoader method registerBuilders.
public void registerBuilders() {
AssertionBuilderRegistry reg = bus.getExtension(AssertionBuilderRegistry.class);
if (reg == null) {
return;
}
reg.registerBuilder(new AlgorithmSuiteBuilder(bus));
reg.registerBuilder(new AsymmetricBindingBuilder());
reg.registerBuilder(new ContentEncryptedElementsBuilder());
reg.registerBuilder(new EncryptedElementsBuilder());
reg.registerBuilder(new EncryptionTokenBuilder());
reg.registerBuilder(new EncryptedPartsBuilder());
reg.registerBuilder(new HttpsTokenBuilder());
reg.registerBuilder(new InitiatorTokenBuilder());
reg.registerBuilder(new InitiatorSignatureTokenBuilder());
reg.registerBuilder(new InitiatorEncryptionTokenBuilder());
reg.registerBuilder(new IssuedTokenBuilder());
reg.registerBuilder(new LayoutBuilder());
reg.registerBuilder(new ProtectionTokenBuilder());
reg.registerBuilder(new RecipientTokenBuilder());
reg.registerBuilder(new RecipientSignatureTokenBuilder());
reg.registerBuilder(new RecipientEncryptionTokenBuilder());
reg.registerBuilder(new RequiredElementsBuilder());
reg.registerBuilder(new RequiredPartsBuilder());
reg.registerBuilder(new SamlTokenBuilder());
reg.registerBuilder(new KerberosTokenBuilder());
reg.registerBuilder(new SecureConversationTokenBuilder());
reg.registerBuilder(new BootstrapPolicyBuilder());
reg.registerBuilder(new SecurityContextTokenBuilder());
reg.registerBuilder(new SignedElementsBuilder());
reg.registerBuilder(new SignedPartsBuilder());
reg.registerBuilder(new SignatureTokenBuilder());
reg.registerBuilder(new SpnegoContextTokenBuilder());
reg.registerBuilder(new SupportingTokensBuilder());
reg.registerBuilder(new SymmetricBindingBuilder());
reg.registerBuilder(new TransportBindingBuilder());
reg.registerBuilder(new TransportTokenBuilder());
reg.registerBuilder(new Trust10Builder());
reg.registerBuilder(new Trust13Builder());
reg.registerBuilder(new UsernameTokenBuilder());
reg.registerBuilder(new KeyValueTokenBuilder());
reg.registerBuilder(new WSS10Builder());
reg.registerBuilder(new WSS11Builder());
reg.registerBuilder(new X509TokenBuilder());
// add generic assertions for these known things to prevent warnings
List<QName> others = Arrays.asList(new QName[] { SP12Constants.INCLUDE_TIMESTAMP, SP11Constants.INCLUDE_TIMESTAMP, SP12Constants.ENCRYPT_SIGNATURE, SP11Constants.ENCRYPT_SIGNATURE, SP12Constants.PROTECT_TOKENS, SP11Constants.PROTECT_TOKENS, SP12Constants.ONLY_SIGN_ENTIRE_HEADERS_AND_BODY, SP11Constants.ONLY_SIGN_ENTIRE_HEADERS_AND_BODY, SP12Constants.WSS_X509_V1_TOKEN_10, SP12Constants.WSS_X509_V1_TOKEN_11, SP12Constants.WSS_X509_V3_TOKEN_10, SP12Constants.WSS_X509_V3_TOKEN_11, SP11Constants.WSS_X509_V1_TOKEN_10, SP11Constants.WSS_X509_V1_TOKEN_11, SP11Constants.WSS_X509_V3_TOKEN_10, SP11Constants.WSS_X509_V3_TOKEN_11, SP12Constants.WSS_X509_PKCS7_TOKEN_11, SP12Constants.WSS_X509_PKI_PATH_V1_TOKEN_11, SP11Constants.WSS_X509_PKCS7_TOKEN_11, SP11Constants.WSS_X509_PKI_PATH_V1_TOKEN_11, SP12Constants.REQUIRE_THUMBPRINT_REFERENCE, SP11Constants.REQUIRE_THUMBPRINT_REFERENCE, SP12Constants.REQUIRE_DERIVED_KEYS, SP11Constants.REQUIRE_DERIVED_KEYS, SP12Constants.REQUIRE_INTERNAL_REFERENCE, SP11Constants.REQUIRE_INTERNAL_REFERENCE, SP12Constants.REQUIRE_ISSUER_SERIAL_REFERENCE, SP11Constants.REQUIRE_ISSUER_SERIAL_REFERENCE, SP12Constants.REQUIRE_EMBEDDED_TOKEN_REFERENCE, SP11Constants.REQUIRE_EMBEDDED_TOKEN_REFERENCE, SP12Constants.ENCRYPT_BEFORE_SIGNING, SP11Constants.ENCRYPT_BEFORE_SIGNING, SP12Constants.SIGN_BEFORE_ENCRYPTING, SP11Constants.SIGN_BEFORE_ENCRYPTING, SP12Constants.REQUIRE_KEY_IDENTIFIER_REFERENCE, SP11Constants.REQUIRE_KEY_IDENTIFIER_REFERENCE, SP12Constants.PROTECT_TOKENS, SP11Constants.PROTECT_TOKENS, SP12Constants.RSA_KEY_VALUE, // Layout
SP11Constants.LAX, SP11Constants.LAXTSFIRST, SP11Constants.LAXTSLAST, SP11Constants.STRICT, SP12Constants.LAX, SP12Constants.LAXTSFIRST, SP12Constants.LAXTSLAST, SP12Constants.STRICT, // UsernameToken
SP11Constants.WSS_USERNAME_TOKEN10, SP12Constants.WSS_USERNAME_TOKEN10, SP11Constants.WSS_USERNAME_TOKEN11, SP12Constants.WSS_USERNAME_TOKEN11, SP12Constants.HASH_PASSWORD, SP12Constants.NO_PASSWORD, SP13Constants.CREATED, SP13Constants.NONCE, SP12Constants.REQUIRE_INTERNAL_REFERENCE, SP11Constants.REQUIRE_INTERNAL_REFERENCE, SP12Constants.REQUIRE_EXTERNAL_REFERNCE, SP11Constants.REQUIRE_EXTERNAL_REFERNCE, // Kerberos
new QName(SP11Constants.SP_NS, "WssKerberosV5ApReqToken11"), new QName(SP12Constants.SP_NS, "WssKerberosV5ApReqToken11"), new QName(SP11Constants.SP_NS, "WssGssKerberosV5ApReqToken11"), new QName(SP12Constants.SP_NS, "WssGssKerberosV5ApReqToken11"), // Spnego
SP12Constants.MUST_NOT_SEND_AMEND, SP12Constants.MUST_NOT_SEND_CANCEL, SP12Constants.MUST_NOT_SEND_RENEW, // Backwards compatibility thing
new QName("http://schemas.microsoft.com/ws/2005/07/securitypolicy", SPConstants.MUST_NOT_SEND_CANCEL), // SCT
SP12Constants.REQUIRE_EXTERNAL_URI_REFERENCE, SP12Constants.SC13_SECURITY_CONTEXT_TOKEN, SP11Constants.SC10_SECURITY_CONTEXT_TOKEN, // WSS10
SP12Constants.MUST_SUPPORT_REF_KEY_IDENTIFIER, SP11Constants.MUST_SUPPORT_REF_KEY_IDENTIFIER, SP12Constants.MUST_SUPPORT_REF_ISSUER_SERIAL, SP11Constants.MUST_SUPPORT_REF_ISSUER_SERIAL, SP12Constants.MUST_SUPPORT_REF_EXTERNAL_URI, SP12Constants.MUST_SUPPORT_REF_EXTERNAL_URI, SP12Constants.MUST_SUPPORT_REF_EMBEDDED_TOKEN, SP11Constants.MUST_SUPPORT_REF_EMBEDDED_TOKEN, // WSS11
SP12Constants.MUST_SUPPORT_REF_THUMBPRINT, SP11Constants.MUST_SUPPORT_REF_THUMBPRINT, SP12Constants.MUST_SUPPORT_REF_ENCRYPTED_KEY, SP11Constants.MUST_SUPPORT_REF_ENCRYPTED_KEY, SP12Constants.REQUIRE_SIGNATURE_CONFIRMATION, SP11Constants.REQUIRE_SIGNATURE_CONFIRMATION, // SAML
new QName(SP11Constants.SP_NS, "WssSamlV11Token10"), new QName(SP12Constants.SP_NS, "WssSamlV11Token10"), new QName(SP11Constants.SP_NS, "WssSamlV11Token11"), new QName(SP12Constants.SP_NS, "WssSamlV11Token11"), new QName(SP11Constants.SP_NS, "WssSamlV20Token11"), new QName(SP12Constants.SP_NS, "WssSamlV20Token11"), // HTTPs
SP12Constants.HTTP_BASIC_AUTHENTICATION, SP12Constants.HTTP_DIGEST_AUTHENTICATION, SP12Constants.REQUIRE_CLIENT_CERTIFICATE, // Trust13
SP12Constants.MUST_SUPPORT_CLIENT_CHALLENGE, SP11Constants.MUST_SUPPORT_CLIENT_CHALLENGE, SP12Constants.MUST_SUPPORT_SERVER_CHALLENGE, SP11Constants.MUST_SUPPORT_SERVER_CHALLENGE, SP12Constants.REQUIRE_CLIENT_ENTROPY, SP11Constants.REQUIRE_CLIENT_ENTROPY, SP12Constants.REQUIRE_SERVER_ENTROPY, SP11Constants.REQUIRE_SERVER_ENTROPY, SP12Constants.MUST_SUPPORT_ISSUED_TOKENS, SP11Constants.MUST_SUPPORT_ISSUED_TOKENS, SP12Constants.REQUIRE_REQUEST_SECURITY_TOKEN_COLLECTION, SP12Constants.REQUIRE_APPLIES_TO, SP13Constants.SCOPE_POLICY_15, SP13Constants.MUST_SUPPORT_INTERACTIVE_CHALLENGE, // AlgorithmSuite misc
new QName(SP11Constants.SP_NS, SPConstants.INCLUSIVE_C14N), new QName(SP12Constants.SP_NS, SPConstants.INCLUSIVE_C14N) });
final Map<QName, Assertion> assertions = new HashMap<>();
for (QName q : others) {
assertions.put(q, new PrimitiveAssertion(q));
}
for (String s : AlgorithmSuite.getSupportedAlgorithmSuiteNames()) {
QName q = new QName(SP11Constants.SP_NS, s);
assertions.put(q, new PrimitiveAssertion(q));
q = new QName(SP12Constants.SP_NS, s);
assertions.put(q, new PrimitiveAssertion(q));
}
reg.registerBuilder(new PrimitiveAssertionBuilder(assertions.keySet()) {
public Assertion build(Element element, AssertionBuilderFactory fact) {
if (XMLPrimitiveAssertionBuilder.isOptional(element) || XMLPrimitiveAssertionBuilder.isIgnorable(element)) {
return super.build(element, fact);
}
QName q = new QName(element.getNamespaceURI(), element.getLocalName());
return assertions.get(q);
}
});
}
Aggregations