use of org.apache.wss4j.stax.impl.securityToken.HttpsSecurityTokenImpl in project cxf by apache.
the class PolicyBasedWSS4JStaxInInterceptor method checkTransportBinding.
private void checkTransportBinding(AssertionInfoMap aim, SoapMessage message, WSSSecurityProperties securityProperties) throws XMLSecurityException {
boolean transportPolicyInEffect = PolicyUtils.getFirstAssertionByLocalname(aim, SPConstants.TRANSPORT_BINDING) != null;
if (!transportPolicyInEffect && !(PolicyUtils.getFirstAssertionByLocalname(aim, SPConstants.SYMMETRIC_BINDING) == null && PolicyUtils.getFirstAssertionByLocalname(aim, SPConstants.ASYMMETRIC_BINDING) == null)) {
return;
}
// Add a HttpsSecurityEvent so the policy verification code knows TLS is in use
if (isRequestor(message)) {
HttpsTokenSecurityEvent httpsTokenSecurityEvent = new HttpsTokenSecurityEvent();
httpsTokenSecurityEvent.setAuthenticationType(HttpsTokenSecurityEvent.AuthenticationType.HttpsNoAuthentication);
HttpsSecurityTokenImpl httpsSecurityToken = new HttpsSecurityTokenImpl();
try {
httpsSecurityToken.addTokenUsage(WSSecurityTokenConstants.TOKENUSAGE_MAIN_SIGNATURE);
} catch (XMLSecurityException e) {
LOG.fine(e.getMessage());
}
httpsTokenSecurityEvent.setSecurityToken(httpsSecurityToken);
List<SecurityEvent> securityEvents = getSecurityEventList(message);
securityEvents.add(httpsTokenSecurityEvent);
}
Object s = SecurityUtils.getSecurityPropertyValue(SecurityConstants.SIGNATURE_CRYPTO, message);
if (s == null) {
s = SecurityUtils.getSecurityPropertyValue(SecurityConstants.SIGNATURE_PROPERTIES, message);
}
Object e = SecurityUtils.getSecurityPropertyValue(SecurityConstants.ENCRYPT_CRYPTO, message);
if (e == null) {
e = SecurityUtils.getSecurityPropertyValue(SecurityConstants.ENCRYPT_PROPERTIES, message);
}
Crypto encrCrypto = getEncryptionCrypto(e, message, securityProperties);
Crypto signCrypto = null;
if (e != null && e.equals(s)) {
signCrypto = encrCrypto;
} else {
signCrypto = getSignatureCrypto(s, message, securityProperties);
}
if (signCrypto != null) {
securityProperties.setDecryptionCrypto(signCrypto);
}
if (encrCrypto != null) {
securityProperties.setSignatureVerificationCrypto(encrCrypto);
} else if (signCrypto != null) {
securityProperties.setSignatureVerificationCrypto(signCrypto);
}
}
Aggregations