Examples with TransportBinding - org.apache.wss4j.policy.model.TransportBinding

Example 1 with TransportBinding

use of org.apache.wss4j.policy.model.TransportBinding in project cxf by apache.

the class PolicyBasedWSS4JStaxOutInterceptor method configureProperties.

@Override
protected void configureProperties(SoapMessage msg, OutboundSecurityContext outboundSecurityContext, WSSSecurityProperties securityProperties) throws WSSecurityException {
    AssertionInfoMap aim = msg.get(AssertionInfoMap.class);
    AssertionInfo asymAis = PolicyUtils.getFirstAssertionByLocalname(aim, SPConstants.ASYMMETRIC_BINDING);
    if (asymAis != null) {
        checkAsymmetricBinding(msg, securityProperties);
        asymAis.setAsserted(true);
    }
    AssertionInfo symAis = PolicyUtils.getFirstAssertionByLocalname(aim, SPConstants.SYMMETRIC_BINDING);
    if (symAis != null) {
        checkSymmetricBinding(msg, securityProperties);
        symAis.setAsserted(true);
    }
    AssertionInfo transAis = PolicyUtils.getFirstAssertionByLocalname(aim, SPConstants.TRANSPORT_BINDING);
    if (transAis != null) {
        checkTransportBinding(msg, securityProperties);
        transAis.setAsserted(true);
    }
    super.configureProperties(msg, outboundSecurityContext, securityProperties);
    if (transAis != null) {
        TransportBinding binding = (TransportBinding) transAis.getAssertion();
        new StaxTransportBindingHandler(securityProperties, msg, binding, outboundSecurityContext).handleBinding();
    } else if (asymAis != null) {
        AsymmetricBinding binding = (AsymmetricBinding) asymAis.getAssertion();
        new StaxAsymmetricBindingHandler(securityProperties, msg, binding, outboundSecurityContext).handleBinding();
    } else if (symAis != null) {
        SymmetricBinding binding = (SymmetricBinding) symAis.getAssertion();
        new StaxSymmetricBindingHandler(securityProperties, msg, binding, outboundSecurityContext).handleBinding();
    } else {
        // Fall back to Transport Binding
        new StaxTransportBindingHandler(securityProperties, msg, null, outboundSecurityContext).handleBinding();
    }
}

Also used : SymmetricBinding(org.apache.wss4j.policy.model.SymmetricBinding) AssertionInfo(org.apache.cxf.ws.policy.AssertionInfo) AsymmetricBinding(org.apache.wss4j.policy.model.AsymmetricBinding) StaxSymmetricBindingHandler(org.apache.cxf.ws.security.wss4j.policyhandlers.StaxSymmetricBindingHandler) StaxTransportBindingHandler(org.apache.cxf.ws.security.wss4j.policyhandlers.StaxTransportBindingHandler) StaxAsymmetricBindingHandler(org.apache.cxf.ws.security.wss4j.policyhandlers.StaxAsymmetricBindingHandler) TransportBinding(org.apache.wss4j.policy.model.TransportBinding) AssertionInfoMap(org.apache.cxf.ws.policy.AssertionInfoMap)

Example 2 with TransportBinding

use of org.apache.wss4j.policy.model.TransportBinding in project cxf by apache.

the class TransportBindingPolicyValidator method validatePolicies.

/**
 * Validate policies.
 */
public void validatePolicies(PolicyValidatorParameters parameters, Collection<AssertionInfo> ais) {
    for (AssertionInfo ai : ais) {
        TransportBinding binding = (TransportBinding) ai.getAssertion();
        ai.setAsserted(true);
        // Check that TLS is in use if we are not the requestor
        boolean initiator = MessageUtils.isRequestor(parameters.getMessage());
        TLSSessionInfo tlsInfo = parameters.getMessage().get(TLSSessionInfo.class);
        if (!initiator && tlsInfo == null) {
            ai.setNotAsserted("TLS is not enabled");
            continue;
        }
        // HttpsToken is validated by the HttpsTokenInterceptorProvider
        if (binding.getTransportToken() != null) {
            PolicyUtils.assertPolicy(parameters.getAssertionInfoMap(), binding.getTransportToken().getName());
        }
        // Check the IncludeTimestamp
        if (!validateTimestamp(binding.isIncludeTimestamp(), true, parameters.getResults(), parameters.getSignedResults(), parameters.getMessage())) {
            String error = "Received Timestamp does not match the requirements";
            ai.setNotAsserted(error);
            continue;
        }
        PolicyUtils.assertPolicy(parameters.getAssertionInfoMap(), new QName(binding.getName().getNamespaceURI(), SPConstants.INCLUDE_TIMESTAMP));
    }
    // We don't need to check these policies for the Transport binding
    if (!ais.isEmpty()) {
        PolicyUtils.assertPolicy(parameters.getAssertionInfoMap(), SP12Constants.ENCRYPTED_PARTS);
        PolicyUtils.assertPolicy(parameters.getAssertionInfoMap(), SP11Constants.ENCRYPTED_PARTS);
        PolicyUtils.assertPolicy(parameters.getAssertionInfoMap(), SP12Constants.SIGNED_PARTS);
        PolicyUtils.assertPolicy(parameters.getAssertionInfoMap(), SP11Constants.SIGNED_PARTS);
    }
}

Also used : AssertionInfo(org.apache.cxf.ws.policy.AssertionInfo) QName(javax.xml.namespace.QName) TLSSessionInfo(org.apache.cxf.security.transport.TLSSessionInfo) TransportBinding(org.apache.wss4j.policy.model.TransportBinding)

Aggregations

AssertionInfo (org.apache.cxf.ws.policy.AssertionInfo)2 TransportBinding (org.apache.wss4j.policy.model.TransportBinding)2 QName (javax.xml.namespace.QName)1 TLSSessionInfo (org.apache.cxf.security.transport.TLSSessionInfo)1 AssertionInfoMap (org.apache.cxf.ws.policy.AssertionInfoMap)1 StaxAsymmetricBindingHandler (org.apache.cxf.ws.security.wss4j.policyhandlers.StaxAsymmetricBindingHandler)1 StaxSymmetricBindingHandler (org.apache.cxf.ws.security.wss4j.policyhandlers.StaxSymmetricBindingHandler)1 StaxTransportBindingHandler (org.apache.cxf.ws.security.wss4j.policyhandlers.StaxTransportBindingHandler)1 AsymmetricBinding (org.apache.wss4j.policy.model.AsymmetricBinding)1 SymmetricBinding (org.apache.wss4j.policy.model.SymmetricBinding)1