Examples with Attachments org.apache.wss4j.policy.model.Attachments used on opensource projects

Search in sources :

Example 1 with Attachments

use of org.apache.wss4j.policy.model.Attachments in project cxf by apache.

the class SecuredPartsPolicyValidator method validatePolicies.

/**
 * Validate policies.
 */
public void validatePolicies(PolicyValidatorParameters parameters, Collection<AssertionInfo> ais) {
    // 
    if (isTransportBinding(parameters.getAssertionInfoMap(), parameters.getMessage())) {
        return;
    }
    Message msg = parameters.getMessage();
    Element soapBody = parameters.getSoapBody();
    Element header = parameters.getSoapHeader();
    soapBody = (Element) DOMUtils.getDomElement(soapBody);
    header = (Element) DOMUtils.getDomElement(header);
    Collection<WSDataRef> dataRefs = parameters.getEncrypted();
    if (coverageType == CoverageType.SIGNED) {
        dataRefs = parameters.getSigned();
    }
    for (AssertionInfo ai : ais) {
        if (ai.isAsserted()) {
            // they are a child of a SupportingToken
            continue;
        }
        AbstractSecuredParts p = (AbstractSecuredParts) ai.getAssertion();
        ai.setAsserted(true);
        if (p.isBody()) {
            try {
                if (coverageType == CoverageType.SIGNED) {
                    CryptoCoverageUtil.checkBodyCoverage(soapBody, dataRefs, CoverageType.SIGNED, CoverageScope.ELEMENT);
                } else {
                    CryptoCoverageUtil.checkBodyCoverage(soapBody, dataRefs, CoverageType.ENCRYPTED, CoverageScope.CONTENT);
                }
            } catch (WSSecurityException e) {
                ai.setNotAsserted("Soap Body is not " + coverageType);
                continue;
            }
        }
        for (Header h : p.getHeaders()) {
            if (header == null) {
                ai.setNotAsserted(h.getNamespace() + ":" + h.getName() + " not + " + coverageType);
            } else {
                try {
                    CryptoCoverageUtil.checkHeaderCoverage(header, dataRefs, h.getNamespace(), h.getName(), coverageType, CoverageScope.ELEMENT);
                } catch (WSSecurityException e) {
                    ai.setNotAsserted(h.getNamespace() + ":" + h.getName() + " not + " + coverageType);
                }
            }
        }
        Attachments attachments = p.getAttachments();
        if (attachments != null) {
            try {
                CoverageScope scope = CoverageScope.ELEMENT;
                if (attachments.isContentSignatureTransform()) {
                    scope = CoverageScope.CONTENT;
                }
                CryptoCoverageUtil.checkAttachmentsCoverage(msg.getAttachments(), dataRefs, coverageType, scope);
            } catch (WSSecurityException e) {
                ai.setNotAsserted("An attachment was not signed/encrypted");
            }
        }
    }
}
Also used : CoverageScope(org.apache.cxf.ws.security.wss4j.CryptoCoverageUtil.CoverageScope) AssertionInfo(org.apache.cxf.ws.policy.AssertionInfo) Message(org.apache.cxf.message.Message) Header(org.apache.wss4j.policy.model.Header) AbstractSecuredParts(org.apache.wss4j.policy.model.AbstractSecuredParts) Element(org.w3c.dom.Element) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException) WSDataRef(org.apache.wss4j.dom.WSDataRef) Attachments(org.apache.wss4j.policy.model.Attachments)

Example 2 with Attachments

use of org.apache.wss4j.policy.model.Attachments in project cxf by apache.

the class AbstractBindingBuilder method getSignedParts.

public List<WSEncryptionPart> getSignedParts(SupportingTokens supportingToken) throws SOAPException {
    boolean isSignBody = false;
    SignedParts parts = null;
    SignedElements elements = null;
    if (supportingToken != null && supportingToken.isEndorsing()) {
        parts = supportingToken.getSignedParts();
        elements = supportingToken.getSignedElements();
        // Store them so that the main Signature doesn't sign them
        if (parts != null) {
            suppTokenParts.add(parts);
            this.assertPolicy(parts.getName());
        }
        if (elements != null) {
            suppTokenParts.add(elements);
            this.assertPolicy(elements.getName());
        }
    } else {
        Collection<AssertionInfo> ais = getAllAssertionsByLocalname(SPConstants.SIGNED_PARTS);
        if (!ais.isEmpty()) {
            for (AssertionInfo ai : ais) {
                SignedParts signedParts = (SignedParts) ai.getAssertion();
                ai.setAsserted(true);
                if (!suppTokenParts.contains(signedParts)) {
                    parts = signedParts;
                }
            }
        }
        ais = getAllAssertionsByLocalname(SPConstants.SIGNED_ELEMENTS);
        if (!ais.isEmpty()) {
            for (AssertionInfo ai : ais) {
                SignedElements signedElements = (SignedElements) ai.getAssertion();
                ai.setAsserted(true);
                if (!suppTokenParts.contains(signedElements)) {
                    elements = signedElements;
                }
            }
        }
    }
    if (parts == null && elements == null) {
        return new ArrayList<>();
    }
    List<WSEncryptionPart> signedParts = new ArrayList<>();
    if (parts != null) {
        isSignBody = parts.isBody();
        for (Header head : parts.getHeaders()) {
            WSEncryptionPart wep = new WSEncryptionPart(head.getName(), head.getNamespace(), "Header");
            signedParts.add(wep);
        }
        Attachments attachments = parts.getAttachments();
        if (attachments != null) {
            String modifier = "Element";
            if (attachments.isContentSignatureTransform()) {
                modifier = "Content";
            }
            WSEncryptionPart wep = new WSEncryptionPart("cid:Attachments", modifier);
            signedParts.add(wep);
        }
    }
    return getPartsAndElements(true, isSignBody, signedParts, elements == null ? null : elements.getXPaths(), null);
}
Also used : AssertionInfo(org.apache.cxf.ws.policy.AssertionInfo) WSEncryptionPart(org.apache.wss4j.common.WSEncryptionPart) SOAPHeader(javax.xml.soap.SOAPHeader) Header(org.apache.wss4j.policy.model.Header) WSSecHeader(org.apache.wss4j.dom.message.WSSecHeader) SignedElements(org.apache.wss4j.policy.model.SignedElements) ArrayList(java.util.ArrayList) SignedParts(org.apache.wss4j.policy.model.SignedParts) Attachments(org.apache.wss4j.policy.model.Attachments)

Example 3 with Attachments

use of org.apache.wss4j.policy.model.Attachments in project cxf by apache.

the class AbstractStaxBindingHandler method getSignedParts.

/**
 * Identifies the portions of the message to be signed
 */
protected List<SecurePart> getSignedParts() throws SOAPException {
    SignedParts parts = null;
    SignedElements elements = null;
    AssertionInfoMap aim = message.get(AssertionInfoMap.class);
    AssertionInfo assertionInfo = PolicyUtils.getFirstAssertionByLocalname(aim, SPConstants.SIGNED_PARTS);
    if (assertionInfo != null) {
        parts = (SignedParts) assertionInfo.getAssertion();
        assertionInfo.setAsserted(true);
    }
    assertionInfo = PolicyUtils.getFirstAssertionByLocalname(aim, SPConstants.SIGNED_ELEMENTS);
    if (assertionInfo != null) {
        elements = (SignedElements) assertionInfo.getAssertion();
        assertionInfo.setAsserted(true);
    }
    List<SecurePart> signedParts = new ArrayList<>();
    if (parts != null) {
        if (parts.isBody()) {
            QName soapBody = new QName(WSSConstants.NS_SOAP12, "Body");
            SecurePart securePart = new SecurePart(soapBody, Modifier.Element);
            signedParts.add(securePart);
        }
        for (Header head : parts.getHeaders()) {
            String localName = head.getName();
            if (localName == null) {
                localName = "*";
            }
            QName qname = new QName(head.getNamespace(), localName);
            SecurePart securePart = new SecurePart(qname, Modifier.Element);
            securePart.setRequired(false);
            signedParts.add(securePart);
        }
        Attachments attachments = parts.getAttachments();
        if (attachments != null) {
            Modifier modifier = Modifier.Element;
            if (attachments.isContentSignatureTransform()) {
                modifier = Modifier.Content;
            }
            SecurePart securePart = new SecurePart("cid:Attachments", modifier);
            securePart.setRequired(false);
            signedParts.add(securePart);
        }
    }
    if (elements != null && elements.getXPaths() != null) {
        for (XPath xPath : elements.getXPaths()) {
            List<QName> qnames = org.apache.wss4j.policy.stax.PolicyUtils.getElementPath(xPath);
            if (!qnames.isEmpty()) {
                SecurePart securePart = new SecurePart(qnames.get(qnames.size() - 1), Modifier.Element);
                signedParts.add(securePart);
            }
        }
    }
    return signedParts;
}
Also used : XPath(org.apache.wss4j.policy.model.XPath) AssertionInfo(org.apache.cxf.ws.policy.AssertionInfo) QName(javax.xml.namespace.QName) SignedElements(org.apache.wss4j.policy.model.SignedElements) ArrayList(java.util.ArrayList) Attachments(org.apache.wss4j.policy.model.Attachments) AssertionInfoMap(org.apache.cxf.ws.policy.AssertionInfoMap) SecurePart(org.apache.xml.security.stax.ext.SecurePart) Header(org.apache.wss4j.policy.model.Header) SignedParts(org.apache.wss4j.policy.model.SignedParts) Modifier(org.apache.xml.security.stax.ext.SecurePart.Modifier)

Example 4 with Attachments

use of org.apache.wss4j.policy.model.Attachments in project cxf by apache.

the class AbstractStaxBindingHandler method getEncryptedParts.

/**
 * Identifies the portions of the message to be encrypted
 */
protected List<SecurePart> getEncryptedParts() throws SOAPException {
    EncryptedParts parts = null;
    EncryptedElements elements = null;
    ContentEncryptedElements celements = null;
    AssertionInfoMap aim = message.get(AssertionInfoMap.class);
    Collection<AssertionInfo> ais = PolicyUtils.getAllAssertionsByLocalname(aim, SPConstants.ENCRYPTED_PARTS);
    if (!ais.isEmpty()) {
        for (AssertionInfo ai : ais) {
            parts = (EncryptedParts) ai.getAssertion();
            ai.setAsserted(true);
        }
    }
    ais = PolicyUtils.getAllAssertionsByLocalname(aim, SPConstants.ENCRYPTED_ELEMENTS);
    if (!ais.isEmpty()) {
        for (AssertionInfo ai : ais) {
            elements = (EncryptedElements) ai.getAssertion();
            ai.setAsserted(true);
        }
    }
    ais = PolicyUtils.getAllAssertionsByLocalname(aim, SPConstants.CONTENT_ENCRYPTED_ELEMENTS);
    if (!ais.isEmpty()) {
        for (AssertionInfo ai : ais) {
            celements = (ContentEncryptedElements) ai.getAssertion();
            ai.setAsserted(true);
        }
    }
    List<SecurePart> encryptedParts = new ArrayList<>();
    if (parts != null) {
        if (parts.isBody()) {
            QName soapBody = new QName(WSSConstants.NS_SOAP12, "Body");
            SecurePart securePart = new SecurePart(soapBody, Modifier.Content);
            encryptedParts.add(securePart);
        }
        for (Header head : parts.getHeaders()) {
            String localName = head.getName();
            if (localName == null) {
                localName = "*";
            }
            QName qname = new QName(head.getNamespace(), localName);
            SecurePart securePart = new SecurePart(qname, Modifier.Element);
            securePart.setRequired(false);
            encryptedParts.add(securePart);
        }
        Attachments attachments = parts.getAttachments();
        if (attachments != null) {
            SecurePart securePart = new SecurePart("cid:Attachments", Modifier.Element);
            if (MessageUtils.getContextualBoolean(message, SecurityConstants.USE_ATTACHMENT_ENCRYPTION_CONTENT_ONLY_TRANSFORM, false)) {
                securePart.setModifier(Modifier.Content);
            }
            securePart.setRequired(false);
            encryptedParts.add(securePart);
        }
    }
    if (elements != null && elements.getXPaths() != null) {
        for (XPath xPath : elements.getXPaths()) {
            List<QName> qnames = org.apache.wss4j.policy.stax.PolicyUtils.getElementPath(xPath);
            if (!qnames.isEmpty()) {
                SecurePart securePart = new SecurePart(qnames.get(qnames.size() - 1), Modifier.Element);
                encryptedParts.add(securePart);
            }
        }
    }
    if (celements != null && celements.getXPaths() != null) {
        for (XPath xPath : celements.getXPaths()) {
            List<QName> qnames = org.apache.wss4j.policy.stax.PolicyUtils.getElementPath(xPath);
            if (!qnames.isEmpty()) {
                SecurePart securePart = new SecurePart(qnames.get(qnames.size() - 1), Modifier.Content);
                encryptedParts.add(securePart);
            }
        }
    }
    return encryptedParts;
}
Also used : XPath(org.apache.wss4j.policy.model.XPath) EncryptedParts(org.apache.wss4j.policy.model.EncryptedParts) AssertionInfo(org.apache.cxf.ws.policy.AssertionInfo) ContentEncryptedElements(org.apache.wss4j.policy.model.ContentEncryptedElements) QName(javax.xml.namespace.QName) ArrayList(java.util.ArrayList) Attachments(org.apache.wss4j.policy.model.Attachments) AssertionInfoMap(org.apache.cxf.ws.policy.AssertionInfoMap) ContentEncryptedElements(org.apache.wss4j.policy.model.ContentEncryptedElements) EncryptedElements(org.apache.wss4j.policy.model.EncryptedElements) SecurePart(org.apache.xml.security.stax.ext.SecurePart) Header(org.apache.wss4j.policy.model.Header)

Example 5 with Attachments

use of org.apache.wss4j.policy.model.Attachments in project cxf by apache.

the class AbstractBindingBuilder method getEncryptedParts.

public List<WSEncryptionPart> getEncryptedParts() throws SOAPException {
    EncryptedParts parts = null;
    EncryptedElements elements = null;
    ContentEncryptedElements celements = null;
    Collection<AssertionInfo> ais = getAllAssertionsByLocalname(SPConstants.ENCRYPTED_PARTS);
    if (!ais.isEmpty()) {
        for (AssertionInfo ai : ais) {
            parts = (EncryptedParts) ai.getAssertion();
            ai.setAsserted(true);
        }
    }
    ais = getAllAssertionsByLocalname(SPConstants.ENCRYPTED_ELEMENTS);
    if (!ais.isEmpty()) {
        for (AssertionInfo ai : ais) {
            elements = (EncryptedElements) ai.getAssertion();
            ai.setAsserted(true);
        }
    }
    ais = getAllAssertionsByLocalname(SPConstants.CONTENT_ENCRYPTED_ELEMENTS);
    if (!ais.isEmpty()) {
        for (AssertionInfo ai : ais) {
            celements = (ContentEncryptedElements) ai.getAssertion();
            ai.setAsserted(true);
        }
    }
    if (parts == null && elements == null && celements == null) {
        return new ArrayList<>();
    }
    List<WSEncryptionPart> securedParts = new ArrayList<>();
    boolean isBody = false;
    if (parts != null) {
        isBody = parts.isBody();
        for (Header head : parts.getHeaders()) {
            WSEncryptionPart wep = new WSEncryptionPart(head.getName(), head.getNamespace(), "Header");
            securedParts.add(wep);
        }
        Attachments attachments = parts.getAttachments();
        if (attachments != null) {
            String encModifier = "Element";
            if (MessageUtils.getContextualBoolean(message, SecurityConstants.USE_ATTACHMENT_ENCRYPTION_CONTENT_ONLY_TRANSFORM, false)) {
                encModifier = "Content";
            }
            WSEncryptionPart wep = new WSEncryptionPart("cid:Attachments", encModifier);
            securedParts.add(wep);
        }
    }
    // the encrypted list to prevent duplication / errors in encryption.
    return getPartsAndElements(false, isBody, securedParts, elements == null ? null : elements.getXPaths(), celements == null ? null : celements.getXPaths());
}
Also used : ContentEncryptedElements(org.apache.wss4j.policy.model.ContentEncryptedElements) EncryptedElements(org.apache.wss4j.policy.model.EncryptedElements) EncryptedParts(org.apache.wss4j.policy.model.EncryptedParts) AssertionInfo(org.apache.cxf.ws.policy.AssertionInfo) WSEncryptionPart(org.apache.wss4j.common.WSEncryptionPart) SOAPHeader(javax.xml.soap.SOAPHeader) Header(org.apache.wss4j.policy.model.Header) WSSecHeader(org.apache.wss4j.dom.message.WSSecHeader) ContentEncryptedElements(org.apache.wss4j.policy.model.ContentEncryptedElements) ArrayList(java.util.ArrayList) Attachments(org.apache.wss4j.policy.model.Attachments)

Aggregations

AssertionInfo (org.apache.cxf.ws.policy.AssertionInfo)5 Attachments (org.apache.wss4j.policy.model.Attachments)5 Header (org.apache.wss4j.policy.model.Header)5 ArrayList (java.util.ArrayList)4 QName (javax.xml.namespace.QName)2 SOAPHeader (javax.xml.soap.SOAPHeader)2 AssertionInfoMap (org.apache.cxf.ws.policy.AssertionInfoMap)2 WSEncryptionPart (org.apache.wss4j.common.WSEncryptionPart)2 WSSecHeader (org.apache.wss4j.dom.message.WSSecHeader)2 ContentEncryptedElements (org.apache.wss4j.policy.model.ContentEncryptedElements)2 EncryptedElements (org.apache.wss4j.policy.model.EncryptedElements)2 EncryptedParts (org.apache.wss4j.policy.model.EncryptedParts)2 SignedElements (org.apache.wss4j.policy.model.SignedElements)2 SignedParts (org.apache.wss4j.policy.model.SignedParts)2 XPath (org.apache.wss4j.policy.model.XPath)2 SecurePart (org.apache.xml.security.stax.ext.SecurePart)2 Message (org.apache.cxf.message.Message)1 CoverageScope (org.apache.cxf.ws.security.wss4j.CryptoCoverageUtil.CoverageScope)1 WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)1 WSDataRef (org.apache.wss4j.dom.WSDataRef)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial