Search in sources :

Example 1 with HttpsTokenSecurityEvent

use of org.apache.wss4j.stax.securityEvent.HttpsTokenSecurityEvent in project cxf by apache.

the class PolicyBasedWSS4JStaxInInterceptor method checkTransportBinding.

private void checkTransportBinding(AssertionInfoMap aim, SoapMessage message, WSSSecurityProperties securityProperties) throws XMLSecurityException {
    boolean transportPolicyInEffect = PolicyUtils.getFirstAssertionByLocalname(aim, SPConstants.TRANSPORT_BINDING) != null;
    if (!transportPolicyInEffect && !(PolicyUtils.getFirstAssertionByLocalname(aim, SPConstants.SYMMETRIC_BINDING) == null && PolicyUtils.getFirstAssertionByLocalname(aim, SPConstants.ASYMMETRIC_BINDING) == null)) {
        return;
    }
    // Add a HttpsSecurityEvent so the policy verification code knows TLS is in use
    if (isRequestor(message)) {
        HttpsTokenSecurityEvent httpsTokenSecurityEvent = new HttpsTokenSecurityEvent();
        httpsTokenSecurityEvent.setAuthenticationType(HttpsTokenSecurityEvent.AuthenticationType.HttpsNoAuthentication);
        HttpsSecurityTokenImpl httpsSecurityToken = new HttpsSecurityTokenImpl();
        try {
            httpsSecurityToken.addTokenUsage(WSSecurityTokenConstants.TOKENUSAGE_MAIN_SIGNATURE);
        } catch (XMLSecurityException e) {
            LOG.fine(e.getMessage());
        }
        httpsTokenSecurityEvent.setSecurityToken(httpsSecurityToken);
        List<SecurityEvent> securityEvents = getSecurityEventList(message);
        securityEvents.add(httpsTokenSecurityEvent);
    }
    Object s = SecurityUtils.getSecurityPropertyValue(SecurityConstants.SIGNATURE_CRYPTO, message);
    if (s == null) {
        s = SecurityUtils.getSecurityPropertyValue(SecurityConstants.SIGNATURE_PROPERTIES, message);
    }
    Object e = SecurityUtils.getSecurityPropertyValue(SecurityConstants.ENCRYPT_CRYPTO, message);
    if (e == null) {
        e = SecurityUtils.getSecurityPropertyValue(SecurityConstants.ENCRYPT_PROPERTIES, message);
    }
    Crypto encrCrypto = getEncryptionCrypto(e, message, securityProperties);
    Crypto signCrypto = null;
    if (e != null && e.equals(s)) {
        signCrypto = encrCrypto;
    } else {
        signCrypto = getSignatureCrypto(s, message, securityProperties);
    }
    if (signCrypto != null) {
        securityProperties.setDecryptionCrypto(signCrypto);
    }
    if (encrCrypto != null) {
        securityProperties.setSignatureVerificationCrypto(encrCrypto);
    } else if (signCrypto != null) {
        securityProperties.setSignatureVerificationCrypto(signCrypto);
    }
}
Also used : HttpsTokenSecurityEvent(org.apache.wss4j.stax.securityEvent.HttpsTokenSecurityEvent) SecurityEvent(org.apache.xml.security.stax.securityEvent.SecurityEvent) Crypto(org.apache.wss4j.common.crypto.Crypto) HttpsTokenSecurityEvent(org.apache.wss4j.stax.securityEvent.HttpsTokenSecurityEvent) HttpsSecurityTokenImpl(org.apache.wss4j.stax.impl.securityToken.HttpsSecurityTokenImpl) XMLSecurityException(org.apache.xml.security.exceptions.XMLSecurityException)

Aggregations

Crypto (org.apache.wss4j.common.crypto.Crypto)1 HttpsSecurityTokenImpl (org.apache.wss4j.stax.impl.securityToken.HttpsSecurityTokenImpl)1 HttpsTokenSecurityEvent (org.apache.wss4j.stax.securityEvent.HttpsTokenSecurityEvent)1 XMLSecurityException (org.apache.xml.security.exceptions.XMLSecurityException)1 SecurityEvent (org.apache.xml.security.stax.securityEvent.SecurityEvent)1