Example 1 with AbstractBinding
use of org.apache.wss4j.policy.model.AbstractBinding in project cxf by apache.
the class AlgorithmSuiteTranslater method getBindings.
/**
* Get all of the WS-SecurityPolicy Bindings that are in operation
*/
private List<AbstractBinding> getBindings(AssertionInfoMap aim) {
List<AbstractBinding> bindings = new ArrayList<>();
Collection<AssertionInfo> ais = PolicyUtils.getAllAssertionsByLocalname(aim, SPConstants.TRANSPORT_BINDING);
if (!ais.isEmpty()) {
for (AssertionInfo ai : ais) {
bindings.add((AbstractBinding) ai.getAssertion());
}
}
ais = PolicyUtils.getAllAssertionsByLocalname(aim, SPConstants.ASYMMETRIC_BINDING);
if (!ais.isEmpty()) {
for (AssertionInfo ai : ais) {
bindings.add((AbstractBinding) ai.getAssertion());
}
}
ais = PolicyUtils.getAllAssertionsByLocalname(aim, SPConstants.SYMMETRIC_BINDING);
if (!ais.isEmpty()) {
for (AssertionInfo ai : ais) {
bindings.add((AbstractBinding) ai.getAssertion());
}
}
return bindings;
}
Also used :
AssertionInfo(org.apache.cxf.ws.policy.AssertionInfo)
ArrayList(java.util.ArrayList)
AbstractBinding(org.apache.wss4j.policy.model.AbstractBinding)
Example 2 with AbstractBinding
use of org.apache.wss4j.policy.model.AbstractBinding in project cxf by apache.
the class PolicyUtils method getSecurityBinding.
public static AbstractBinding getSecurityBinding(AssertionInfoMap aim) {
AssertionInfo asymAis = PolicyUtils.getFirstAssertionByLocalname(aim, SPConstants.ASYMMETRIC_BINDING);
if (asymAis != null) {
asymAis.setAsserted(true);
return (AbstractBinding) asymAis.getAssertion();
}
AssertionInfo symAis = PolicyUtils.getFirstAssertionByLocalname(aim, SPConstants.SYMMETRIC_BINDING);
if (symAis != null) {
symAis.setAsserted(true);
return (AbstractBinding) symAis.getAssertion();
}
AssertionInfo transAis = PolicyUtils.getFirstAssertionByLocalname(aim, SPConstants.TRANSPORT_BINDING);
if (transAis != null) {
transAis.setAsserted(true);
return (AbstractBinding) transAis.getAssertion();
}
return null;
}
Also used :
AssertionInfo(org.apache.cxf.ws.policy.AssertionInfo)
AbstractBinding(org.apache.wss4j.policy.model.AbstractBinding)
Example 3 with AbstractBinding
use of org.apache.wss4j.policy.model.AbstractBinding in project cxf by apache.
the class SecureConversationInInterceptor method handleMessageForAction.
void handleMessageForAction(SoapMessage message, String s, AssertionInfoMap aim, Collection<AssertionInfo> ais) {
String addNs = null;
AddressingProperties inProps = (AddressingProperties) message.getContextualProperty(JAXWSAConstants.ADDRESSING_PROPERTIES_INBOUND);
if (inProps != null) {
addNs = inProps.getNamespaceURI();
if (s == null) {
// MS/WCF doesn't put a soap action out for this, must check the headers
s = inProps.getAction().getValue();
}
}
if (s != null && s.contains("/RST/SCT") && (s.startsWith(STSUtils.WST_NS_05_02) || s.startsWith(STSUtils.WST_NS_05_12))) {
SecureConversationToken tok = (SecureConversationToken) ais.iterator().next().getAssertion();
Policy pol = tok.getBootstrapPolicy().getPolicy();
if (s.endsWith("Cancel")) {
// Cancel just sign with the token
Policy p = new Policy();
ExactlyOne ea = new ExactlyOne();
p.addPolicyComponent(ea);
All all = new All();
Assertion ass = NegotiationUtils.getAddressingPolicy(aim, false);
all.addPolicyComponent(ass);
ea.addPolicyComponent(all);
final SecureConversationToken secureConversationToken = new SecureConversationToken(SPConstants.SPVersion.SP12, SPConstants.IncludeTokenType.INCLUDE_TOKEN_NEVER, null, null, null, new Policy());
Policy sctPolicy = new Policy();
ExactlyOne sctPolicyEa = new ExactlyOne();
sctPolicy.addPolicyComponent(sctPolicyEa);
All sctPolicyAll = new All();
sctPolicyAll.addPolicyComponent(secureConversationToken);
sctPolicyEa.addPolicyComponent(sctPolicyAll);
Policy bindingPolicy = new Policy();
ExactlyOne bindingPolicyEa = new ExactlyOne();
bindingPolicy.addPolicyComponent(bindingPolicyEa);
All bindingPolicyAll = new All();
AbstractBinding origBinding = PolicyUtils.getSecurityBinding(aim);
bindingPolicyAll.addPolicyComponent(origBinding.getAlgorithmSuite());
bindingPolicyAll.addPolicyComponent(new ProtectionToken(SPConstants.SPVersion.SP12, sctPolicy));
bindingPolicyAll.addAssertion(new PrimitiveAssertion(SP12Constants.INCLUDE_TIMESTAMP));
bindingPolicyAll.addAssertion(new PrimitiveAssertion(SP12Constants.ONLY_SIGN_ENTIRE_HEADERS_AND_BODY));
bindingPolicyEa.addPolicyComponent(bindingPolicyAll);
DefaultSymmetricBinding binding = new DefaultSymmetricBinding(SPConstants.SPVersion.SP12, bindingPolicy);
binding.setOnlySignEntireHeadersAndBody(true);
binding.setProtectTokens(false);
all.addPolicyComponent(binding);
SignedParts signedParts = getSignedParts(aim, addNs);
all.addPolicyComponent(signedParts);
pol = p;
message.getInterceptorChain().add(SecureConversationTokenFinderInterceptor.INSTANCE);
} else {
Policy p = new Policy();
ExactlyOne ea = new ExactlyOne();
p.addPolicyComponent(ea);
All all = new All();
Assertion ass = NegotiationUtils.getAddressingPolicy(aim, false);
all.addPolicyComponent(ass);
ea.addPolicyComponent(all);
pol = p.merge(pol);
}
// setup SCT endpoint and forward to it.
unmapSecurityProps(message);
String ns = STSUtils.WST_NS_05_12;
if (s.startsWith(STSUtils.WST_NS_05_02)) {
ns = STSUtils.WST_NS_05_02;
}
NegotiationUtils.recalcEffectivePolicy(message, ns, pol, new SecureConversationSTSInvoker(), true);
// recalc based on new endpoint
SoapActionInInterceptor.getAndSetOperation(message, s);
} else {
message.getInterceptorChain().add(SecureConversationTokenFinderInterceptor.INSTANCE);
}
assertPolicies(aim);
}
Also used :
Policy(org.apache.neethi.Policy)
All(org.apache.neethi.All)
PrimitiveAssertion(org.apache.cxf.ws.policy.builder.primitive.PrimitiveAssertion)
Assertion(org.apache.neethi.Assertion)
PrimitiveAssertion(org.apache.cxf.ws.policy.builder.primitive.PrimitiveAssertion)
DefaultSymmetricBinding(org.apache.cxf.ws.security.trust.DefaultSymmetricBinding)
AbstractBinding(org.apache.wss4j.policy.model.AbstractBinding)
ExactlyOne(org.apache.neethi.ExactlyOne)
SecureConversationToken(org.apache.wss4j.policy.model.SecureConversationToken)
AddressingProperties(org.apache.cxf.ws.addressing.AddressingProperties)
SignedParts(org.apache.wss4j.policy.model.SignedParts)
ProtectionToken(org.apache.wss4j.policy.model.ProtectionToken)
Aggregations
AbstractBinding (org.apache.wss4j.policy.model.AbstractBinding)3
AssertionInfo (org.apache.cxf.ws.policy.AssertionInfo)2
ArrayList (java.util.ArrayList)1
AddressingProperties (org.apache.cxf.ws.addressing.AddressingProperties)1
PrimitiveAssertion (org.apache.cxf.ws.policy.builder.primitive.PrimitiveAssertion)1
DefaultSymmetricBinding (org.apache.cxf.ws.security.trust.DefaultSymmetricBinding)1
All (org.apache.neethi.All)1
Assertion (org.apache.neethi.Assertion)1
ExactlyOne (org.apache.neethi.ExactlyOne)1
Policy (org.apache.neethi.Policy)1
ProtectionToken (org.apache.wss4j.policy.model.ProtectionToken)1
SecureConversationToken (org.apache.wss4j.policy.model.SecureConversationToken)1
SignedParts (org.apache.wss4j.policy.model.SignedParts)1
