Search in sources :

Example 1 with TransportToken

use of org.apache.wss4j.policy.model.TransportToken in project cxf by apache.

the class TransportBindingHandler method handleBinding.

public void handleBinding() {
    WSSecTimestamp timestamp = createTimestamp();
    handleLayout(timestamp);
    try {
        if (this.isRequestor()) {
            TransportToken transportTokenWrapper = tbinding.getTransportToken();
            if (transportTokenWrapper != null) {
                AbstractToken transportToken = transportTokenWrapper.getToken();
                if (transportToken instanceof IssuedToken) {
                    SecurityToken secToken = getSecurityToken();
                    if (secToken == null) {
                        unassertPolicy(transportToken, "No transport token id");
                        return;
                    }
                    assertPolicy(transportToken);
                    if (isTokenRequired(transportToken.getIncludeTokenType())) {
                        Element el = secToken.getToken();
                        addEncryptedKeyElement(cloneElement(el));
                    }
                }
                assertToken(transportToken);
                assertTokenWrapper(transportTokenWrapper);
            }
            handleNonEndorsingSupportingTokens();
            if (transportTokenWrapper != null) {
                handleEndorsingSupportingTokens();
            }
        } else {
            handleNonEndorsingSupportingTokens();
            if (tbinding != null && tbinding.getTransportToken() != null) {
                assertTokenWrapper(tbinding.getTransportToken());
                assertToken(tbinding.getTransportToken().getToken());
                handleEndorsingSupportingTokens();
            }
            addSignatureConfirmation(null);
        }
    } catch (Exception e) {
        LOG.log(Level.FINE, e.getMessage(), e);
        throw new Fault(e);
    }
    if (tbinding != null) {
        assertPolicy(tbinding.getName());
        assertAlgorithmSuite(tbinding.getAlgorithmSuite());
        assertWSSProperties(tbinding.getName().getNamespaceURI());
        assertTrustProperties(tbinding.getName().getNamespaceURI());
    }
    assertPolicy(SP12Constants.SIGNED_PARTS);
    assertPolicy(SP11Constants.SIGNED_PARTS);
    assertPolicy(SP12Constants.ENCRYPTED_PARTS);
    assertPolicy(SP11Constants.ENCRYPTED_PARTS);
}
Also used : TransportToken(org.apache.wss4j.policy.model.TransportToken) SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken) AbstractToken(org.apache.wss4j.policy.model.AbstractToken) IssuedToken(org.apache.wss4j.policy.model.IssuedToken) Element(org.w3c.dom.Element) Fault(org.apache.cxf.interceptor.Fault) WSSecTimestamp(org.apache.wss4j.dom.message.WSSecTimestamp) SOAPException(javax.xml.soap.SOAPException) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException)

Example 2 with TransportToken

use of org.apache.wss4j.policy.model.TransportToken in project cxf by apache.

the class StaxTransportBindingHandler method handleBinding.

public void handleBinding() {
    AssertionInfoMap aim = getMessage().get(AssertionInfoMap.class);
    configureTimestamp(aim);
    if (this.isRequestor()) {
        if (tbinding != null) {
            assertPolicy(tbinding.getName());
            String asymSignatureAlgorithm = (String) getMessage().getContextualProperty(SecurityConstants.ASYMMETRIC_SIGNATURE_ALGORITHM);
            if (asymSignatureAlgorithm != null && tbinding.getAlgorithmSuite() != null) {
                tbinding.getAlgorithmSuite().setAsymmetricSignature(asymSignatureAlgorithm);
            }
            String symSignatureAlgorithm = (String) getMessage().getContextualProperty(SecurityConstants.SYMMETRIC_SIGNATURE_ALGORITHM);
            if (symSignatureAlgorithm != null && tbinding.getAlgorithmSuite() != null) {
                tbinding.getAlgorithmSuite().setSymmetricSignature(symSignatureAlgorithm);
            }
            TransportToken token = tbinding.getTransportToken();
            if (token.getToken() instanceof IssuedToken) {
                SecurityToken secToken = getSecurityToken();
                if (secToken == null) {
                    unassertPolicy(token.getToken(), "No transport token id");
                    return;
                }
                addIssuedToken(token.getToken(), secToken, false, false);
            }
            assertToken(token.getToken());
            assertTokenWrapper(token);
        }
        try {
            handleNonEndorsingSupportingTokens(aim);
            handleEndorsingSupportingTokens(aim);
        } catch (Exception e) {
            LOG.log(Level.FINE, e.getMessage(), e);
            throw new Fault(e);
        }
    } else {
        try {
            handleNonEndorsingSupportingTokens(aim);
        } catch (Exception e) {
            LOG.log(Level.FINE, e.getMessage(), e);
            throw new Fault(e);
        }
        if (tbinding != null) {
            assertPolicy(tbinding.getName());
            if (tbinding.getTransportToken() != null) {
                assertTokenWrapper(tbinding.getTransportToken());
                assertToken(tbinding.getTransportToken().getToken());
                try {
                    handleEndorsingSupportingTokens(aim);
                } catch (Exception e) {
                    LOG.log(Level.FINE, e.getMessage(), e);
                    throw new Fault(e);
                }
            }
        }
        addSignatureConfirmation(null);
    }
    configureLayout(aim);
    if (tbinding != null) {
        assertAlgorithmSuite(tbinding.getAlgorithmSuite());
        assertWSSProperties(tbinding.getName().getNamespaceURI());
        assertTrustProperties(tbinding.getName().getNamespaceURI());
    }
    assertPolicy(SP12Constants.SIGNED_PARTS);
    assertPolicy(SP11Constants.SIGNED_PARTS);
    assertPolicy(SP12Constants.ENCRYPTED_PARTS);
    assertPolicy(SP11Constants.ENCRYPTED_PARTS);
    putCustomTokenAfterSignature();
}
Also used : TransportToken(org.apache.wss4j.policy.model.TransportToken) SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken) IssuedToken(org.apache.wss4j.policy.model.IssuedToken) Fault(org.apache.cxf.interceptor.Fault) SOAPException(javax.xml.soap.SOAPException) AssertionInfoMap(org.apache.cxf.ws.policy.AssertionInfoMap)

Example 3 with TransportToken

use of org.apache.wss4j.policy.model.TransportToken in project tesb-rt-se by Talend.

the class SingleBusLocatorRegistrar method isSecuredByPolicy.

/**
 * Is the transport secured by a policy
 */
private boolean isSecuredByPolicy(Server server) {
    boolean isSecured = false;
    EndpointInfo ei = server.getEndpoint().getEndpointInfo();
    PolicyEngine pe = bus.getExtension(PolicyEngine.class);
    if (null == pe) {
        LOG.finest("No Policy engine found");
        return isSecured;
    }
    Destination destination = server.getDestination();
    EndpointPolicy ep = pe.getServerEndpointPolicy(ei, destination, null);
    Collection<Assertion> assertions = ep.getChosenAlternative();
    for (Assertion a : assertions) {
        if (a instanceof TransportBinding) {
            TransportBinding tb = (TransportBinding) a;
            TransportToken tt = tb.getTransportToken();
            AbstractToken t = tt.getToken();
            if (t instanceof HttpsToken) {
                isSecured = true;
                break;
            }
        }
    }
    Policy policy = ep.getPolicy();
    List<PolicyComponent> pcList = policy.getPolicyComponents();
    for (PolicyComponent a : pcList) {
        if (a instanceof TransportBinding) {
            TransportBinding tb = (TransportBinding) a;
            TransportToken tt = tb.getTransportToken();
            AbstractToken t = tt.getToken();
            if (t instanceof HttpsToken) {
                isSecured = true;
                break;
            }
        }
    }
    return isSecured;
}
Also used : TransportToken(org.apache.wss4j.policy.model.TransportToken) EndpointPolicy(org.apache.cxf.ws.policy.EndpointPolicy) Policy(org.apache.neethi.Policy) Destination(org.apache.cxf.transport.Destination) PolicyComponent(org.apache.neethi.PolicyComponent) Assertion(org.apache.neethi.Assertion) PolicyEngine(org.apache.cxf.ws.policy.PolicyEngine) EndpointPolicy(org.apache.cxf.ws.policy.EndpointPolicy) EndpointInfo(org.apache.cxf.service.model.EndpointInfo) HttpsToken(org.apache.wss4j.policy.model.HttpsToken) AbstractToken(org.apache.wss4j.policy.model.AbstractToken) TransportBinding(org.apache.wss4j.policy.model.TransportBinding)

Aggregations

TransportToken (org.apache.wss4j.policy.model.TransportToken)3 SOAPException (javax.xml.soap.SOAPException)2 Fault (org.apache.cxf.interceptor.Fault)2 SecurityToken (org.apache.cxf.ws.security.tokenstore.SecurityToken)2 AbstractToken (org.apache.wss4j.policy.model.AbstractToken)2 IssuedToken (org.apache.wss4j.policy.model.IssuedToken)2 EndpointInfo (org.apache.cxf.service.model.EndpointInfo)1 Destination (org.apache.cxf.transport.Destination)1 AssertionInfoMap (org.apache.cxf.ws.policy.AssertionInfoMap)1 EndpointPolicy (org.apache.cxf.ws.policy.EndpointPolicy)1 PolicyEngine (org.apache.cxf.ws.policy.PolicyEngine)1 Assertion (org.apache.neethi.Assertion)1 Policy (org.apache.neethi.Policy)1 PolicyComponent (org.apache.neethi.PolicyComponent)1 WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)1 WSSecTimestamp (org.apache.wss4j.dom.message.WSSecTimestamp)1 HttpsToken (org.apache.wss4j.policy.model.HttpsToken)1 TransportBinding (org.apache.wss4j.policy.model.TransportBinding)1 Element (org.w3c.dom.Element)1