Example 1 with AbstractSecurityAssertion
use of org.apache.wss4j.policy.model.AbstractSecurityAssertion in project cxf by apache.
the class AlgorithmSuiteTranslater method translateAlgorithmSuites.
public void translateAlgorithmSuites(AssertionInfoMap aim, RequestData data) throws WSSecurityException {
if (aim == null) {
return;
}
List<org.apache.wss4j.policy.model.AlgorithmSuite> algorithmSuites = getAlgorithmSuites(getBindings(aim));
if (!algorithmSuites.isEmpty()) {
// Translate into WSS4J's AlgorithmSuite class
AlgorithmSuite algorithmSuite = translateAlgorithmSuites(algorithmSuites);
data.setAlgorithmSuite(algorithmSuite);
}
// Now look for an AlgorithmSuite for a SAML Assertion
Collection<AssertionInfo> ais = PolicyUtils.getAllAssertionsByLocalname(aim, SPConstants.SAML_TOKEN);
if (!ais.isEmpty()) {
List<org.apache.wss4j.policy.model.AlgorithmSuite> samlAlgorithmSuites = new ArrayList<>();
for (AssertionInfo ai : ais) {
SamlToken samlToken = (SamlToken) ai.getAssertion();
AbstractSecurityAssertion parentAssertion = samlToken.getParentAssertion();
if (parentAssertion instanceof SupportingTokens && ((SupportingTokens) parentAssertion).getAlgorithmSuite() != null) {
samlAlgorithmSuites.add(((SupportingTokens) parentAssertion).getAlgorithmSuite());
}
}
if (!samlAlgorithmSuites.isEmpty()) {
data.setSamlAlgorithmSuite(translateAlgorithmSuites(samlAlgorithmSuites));
}
}
}
Also used :
SupportingTokens(org.apache.wss4j.policy.model.SupportingTokens)
AlgorithmSuite(org.apache.wss4j.common.crypto.AlgorithmSuite)
AssertionInfo(org.apache.cxf.ws.policy.AssertionInfo)
SamlToken(org.apache.wss4j.policy.model.SamlToken)
ArrayList(java.util.ArrayList)
AbstractSecurityAssertion(org.apache.wss4j.policy.model.AbstractSecurityAssertion)
Example 2 with AbstractSecurityAssertion
use of org.apache.wss4j.policy.model.AbstractSecurityAssertion in project cxf by apache.
the class UsernameTokenPolicyValidator method isNonEndorsingSupportingToken.
/**
* Return true if this UsernameToken policy is a (non-endorsing)SupportingToken. If this is
* true then the corresponding UsernameToken must have a password element.
*/
private boolean isNonEndorsingSupportingToken(org.apache.wss4j.policy.model.UsernameToken usernameTokenPolicy) {
AbstractSecurityAssertion parentAssertion = usernameTokenPolicy.getParentAssertion();
if (parentAssertion instanceof SupportingTokens) {
SupportingTokens supportingToken = (SupportingTokens) parentAssertion;
String localname = supportingToken.getName().getLocalPart();
if (localname.equals(SPConstants.SUPPORTING_TOKENS) || localname.equals(SPConstants.SIGNED_SUPPORTING_TOKENS) || localname.equals(SPConstants.ENCRYPTED_SUPPORTING_TOKENS) || localname.equals(SPConstants.SIGNED_ENCRYPTED_SUPPORTING_TOKENS)) {
return true;
}
}
return false;
}
Also used :
SupportingTokens(org.apache.wss4j.policy.model.SupportingTokens)
AbstractSecurityAssertion(org.apache.wss4j.policy.model.AbstractSecurityAssertion)
Aggregations
AbstractSecurityAssertion (org.apache.wss4j.policy.model.AbstractSecurityAssertion)2
SupportingTokens (org.apache.wss4j.policy.model.SupportingTokens)2
ArrayList (java.util.ArrayList)1
AssertionInfo (org.apache.cxf.ws.policy.AssertionInfo)1
AlgorithmSuite (org.apache.wss4j.common.crypto.AlgorithmSuite)1
SamlToken (org.apache.wss4j.policy.model.SamlToken)1
