Example 11 with Header
use of org.apache.wss4j.policy.model.Header in project cxf by apache.
the class TransportBindingHandler method signPartsAndElements.
/**
* Identifies the portions of the message to be signed/encrypted.
*/
private List<WSEncryptionPart> signPartsAndElements(SignedParts signedParts, SignedElements signedElements) throws SOAPException {
List<WSEncryptionPart> result = new ArrayList<>();
List<Element> found = new ArrayList<>();
// Add timestamp
if (timestampEl != null) {
WSEncryptionPart timestampPart = new WSEncryptionPart("Timestamp", WSS4JConstants.WSU_NS, "Element");
String id = addWsuIdToElement(timestampEl.getElement());
timestampPart.setId(id);
timestampPart.setElement(timestampEl.getElement());
found.add(timestampPart.getElement());
result.add(timestampPart);
}
// Add SignedParts
if (signedParts != null) {
List<WSEncryptionPart> parts = new ArrayList<>();
boolean isSignBody = signedParts.isBody();
for (Header head : signedParts.getHeaders()) {
WSEncryptionPart wep = new WSEncryptionPart(head.getName(), head.getNamespace(), "Element");
parts.add(wep);
}
// Handle sign/enc parts
result.addAll(this.getParts(true, isSignBody, parts, found));
}
if (signedElements != null) {
// Handle SignedElements
result.addAll(this.getElements("Element", signedElements.getXPaths(), found, true));
}
return result;
}
Also used :
WSEncryptionPart(org.apache.wss4j.common.WSEncryptionPart)
Header(org.apache.wss4j.policy.model.Header)
WSSecHeader(org.apache.wss4j.dom.message.WSSecHeader)
Element(org.w3c.dom.Element)
ArrayList(java.util.ArrayList)
Example 12 with Header
use of org.apache.wss4j.policy.model.Header in project cxf by apache.
the class AbstractSupportingTokenPolicyValidator method validateSignedEncryptedParts.
/**
* Validate the SignedParts or EncryptedParts policies
*/
private boolean validateSignedEncryptedParts(AbstractSecuredParts parts, boolean content, List<WSSecurityEngineResult> protResults, List<WSSecurityEngineResult> tokenResults, Message message) {
if (parts == null) {
return true;
}
if (parts.isBody()) {
SOAPMessage soapMessage = message.getContent(SOAPMessage.class);
Element soapBody = null;
try {
soapBody = soapMessage.getSOAPBody();
} catch (SOAPException ex) {
LOG.log(Level.FINE, ex.getMessage(), ex);
return false;
}
if (!checkProtectionResult(soapBody, content, protResults, tokenResults)) {
return false;
}
}
for (Header h : parts.getHeaders()) {
SOAPMessage soapMessage = message.getContent(SOAPMessage.class);
Element soapHeader = null;
try {
soapHeader = soapMessage.getSOAPHeader();
} catch (SOAPException ex) {
LOG.log(Level.FINE, ex.getMessage(), ex);
return false;
}
final List<Element> elements;
if (h.getName() == null) {
elements = DOMUtils.getChildrenWithNamespace(soapHeader, h.getNamespace());
} else {
elements = DOMUtils.getChildrenWithName(soapHeader, h.getNamespace(), h.getName());
}
for (Element el : elements) {
el = (Element) DOMUtils.getDomElement(el);
if (!checkProtectionResult(el, false, protResults, tokenResults)) {
return false;
}
}
}
return true;
}
Also used :
Header(org.apache.wss4j.policy.model.Header)
Element(org.w3c.dom.Element)
SOAPException(javax.xml.soap.SOAPException)
SOAPMessage(javax.xml.soap.SOAPMessage)
Aggregations
Header (org.apache.wss4j.policy.model.Header)12
ArrayList (java.util.ArrayList)8
AssertionInfo (org.apache.cxf.ws.policy.AssertionInfo)7
QName (javax.xml.namespace.QName)5
Attachments (org.apache.wss4j.policy.model.Attachments)5
SignedParts (org.apache.wss4j.policy.model.SignedParts)5
Element (org.w3c.dom.Element)5
WSEncryptionPart (org.apache.wss4j.common.WSEncryptionPart)3
WSSecHeader (org.apache.wss4j.dom.message.WSSecHeader)3
XPath (org.apache.wss4j.policy.model.XPath)3
SecurePart (org.apache.xml.security.stax.ext.SecurePart)3
SOAPHeader (javax.xml.soap.SOAPHeader)2
AssertionInfoMap (org.apache.cxf.ws.policy.AssertionInfoMap)2
All (org.apache.neethi.All)2
ExactlyOne (org.apache.neethi.ExactlyOne)2
Policy (org.apache.neethi.Policy)2
ContentEncryptedElements (org.apache.wss4j.policy.model.ContentEncryptedElements)2
EncryptedElements (org.apache.wss4j.policy.model.EncryptedElements)2
EncryptedParts (org.apache.wss4j.policy.model.EncryptedParts)2
ProtectionToken (org.apache.wss4j.policy.model.ProtectionToken)2
