Example 1 with AbstractSecuredParts
use of org.apache.wss4j.policy.model.AbstractSecuredParts in project cxf by apache.
the class SecuredPartsPolicyValidator method validatePolicies.
/**
* Validate policies.
*/
public void validatePolicies(PolicyValidatorParameters parameters, Collection<AssertionInfo> ais) {
//
if (isTransportBinding(parameters.getAssertionInfoMap(), parameters.getMessage())) {
return;
}
Message msg = parameters.getMessage();
Element soapBody = parameters.getSoapBody();
Element header = parameters.getSoapHeader();
soapBody = (Element) DOMUtils.getDomElement(soapBody);
header = (Element) DOMUtils.getDomElement(header);
Collection<WSDataRef> dataRefs = parameters.getEncrypted();
if (coverageType == CoverageType.SIGNED) {
dataRefs = parameters.getSigned();
}
for (AssertionInfo ai : ais) {
if (ai.isAsserted()) {
// they are a child of a SupportingToken
continue;
}
AbstractSecuredParts p = (AbstractSecuredParts) ai.getAssertion();
ai.setAsserted(true);
if (p.isBody()) {
try {
if (coverageType == CoverageType.SIGNED) {
CryptoCoverageUtil.checkBodyCoverage(soapBody, dataRefs, CoverageType.SIGNED, CoverageScope.ELEMENT);
} else {
CryptoCoverageUtil.checkBodyCoverage(soapBody, dataRefs, CoverageType.ENCRYPTED, CoverageScope.CONTENT);
}
} catch (WSSecurityException e) {
ai.setNotAsserted("Soap Body is not " + coverageType);
continue;
}
}
for (Header h : p.getHeaders()) {
try {
CryptoCoverageUtil.checkHeaderCoverage(header, dataRefs, h.getNamespace(), h.getName(), coverageType, CoverageScope.ELEMENT);
} catch (WSSecurityException e) {
ai.setNotAsserted(h.getNamespace() + ":" + h.getName() + " not + " + coverageType);
}
}
Attachments attachments = p.getAttachments();
if (attachments != null) {
try {
CoverageScope scope = CoverageScope.ELEMENT;
if (attachments.isContentSignatureTransform()) {
scope = CoverageScope.CONTENT;
}
CryptoCoverageUtil.checkAttachmentsCoverage(msg.getAttachments(), dataRefs, coverageType, scope);
} catch (WSSecurityException e) {
ai.setNotAsserted("An attachment was not signed/encrypted");
}
}
}
}
Also used :
CoverageScope(org.apache.cxf.ws.security.wss4j.CryptoCoverageUtil.CoverageScope)
AssertionInfo(org.apache.cxf.ws.policy.AssertionInfo)
Message(org.apache.cxf.message.Message)
Header(org.apache.wss4j.policy.model.Header)
AbstractSecuredParts(org.apache.wss4j.policy.model.AbstractSecuredParts)
Element(org.w3c.dom.Element)
WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException)
WSDataRef(org.apache.wss4j.dom.WSDataRef)
Attachments(org.apache.wss4j.policy.model.Attachments)
Aggregations
Message (org.apache.cxf.message.Message)1
AssertionInfo (org.apache.cxf.ws.policy.AssertionInfo)1
CoverageScope (org.apache.cxf.ws.security.wss4j.CryptoCoverageUtil.CoverageScope)1
WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)1
WSDataRef (org.apache.wss4j.dom.WSDataRef)1
AbstractSecuredParts (org.apache.wss4j.policy.model.AbstractSecuredParts)1
Attachments (org.apache.wss4j.policy.model.Attachments)1
Header (org.apache.wss4j.policy.model.Header)1
Element (org.w3c.dom.Element)1
