use of org.apache.wss4j.policy.model.Header in project cxf by apache.
the class TransportBindingHandler method signPartsAndElements.
/**
* Identifies the portions of the message to be signed/encrypted.
*/
private List<WSEncryptionPart> signPartsAndElements(SignedParts signedParts, SignedElements signedElements) throws SOAPException {
List<WSEncryptionPart> result = new ArrayList<>();
List<Element> found = new ArrayList<>();
// Add timestamp
if (timestampEl != null) {
WSEncryptionPart timestampPart = new WSEncryptionPart("Timestamp", WSS4JConstants.WSU_NS, "Element");
String id = addWsuIdToElement(timestampEl.getElement());
timestampPart.setId(id);
timestampPart.setElement(timestampEl.getElement());
found.add(timestampPart.getElement());
result.add(timestampPart);
}
// Add SignedParts
if (signedParts != null) {
List<WSEncryptionPart> parts = new ArrayList<>();
boolean isSignBody = signedParts.isBody();
for (Header head : signedParts.getHeaders()) {
WSEncryptionPart wep = new WSEncryptionPart(head.getName(), head.getNamespace(), "Element");
parts.add(wep);
}
// Handle sign/enc parts
result.addAll(this.getParts(true, isSignBody, parts, found));
}
if (signedElements != null) {
// Handle SignedElements
result.addAll(this.getElements("Element", signedElements.getXPaths(), found, true));
}
return result;
}
use of org.apache.wss4j.policy.model.Header in project cxf by apache.
the class AbstractSupportingTokenPolicyValidator method validateSignedEncryptedParts.
/**
* Validate the SignedParts or EncryptedParts policies
*/
private boolean validateSignedEncryptedParts(AbstractSecuredParts parts, boolean content, List<WSSecurityEngineResult> protResults, List<WSSecurityEngineResult> tokenResults, Message message) {
if (parts == null) {
return true;
}
if (parts.isBody()) {
SOAPMessage soapMessage = message.getContent(SOAPMessage.class);
Element soapBody = null;
try {
soapBody = soapMessage.getSOAPBody();
} catch (SOAPException ex) {
LOG.log(Level.FINE, ex.getMessage(), ex);
return false;
}
if (!checkProtectionResult(soapBody, content, protResults, tokenResults)) {
return false;
}
}
for (Header h : parts.getHeaders()) {
SOAPMessage soapMessage = message.getContent(SOAPMessage.class);
Element soapHeader = null;
try {
soapHeader = soapMessage.getSOAPHeader();
} catch (SOAPException ex) {
LOG.log(Level.FINE, ex.getMessage(), ex);
return false;
}
final List<Element> elements;
if (h.getName() == null) {
elements = DOMUtils.getChildrenWithNamespace(soapHeader, h.getNamespace());
} else {
elements = DOMUtils.getChildrenWithName(soapHeader, h.getNamespace(), h.getName());
}
for (Element el : elements) {
el = (Element) DOMUtils.getDomElement(el);
if (!checkProtectionResult(el, false, protResults, tokenResults)) {
return false;
}
}
}
return true;
}
Aggregations