Search in sources :

Example 1 with AbstractSecuredElementSecurityEvent

use of org.apache.xml.security.stax.securityEvent.AbstractSecuredElementSecurityEvent in project cxf by apache.

the class StaxCryptoCoverageChecker method checkSignedTimestamp.

private void checkSignedTimestamp(List<SecurityEvent> results) throws WSSecurityException {
    if (!signTimestamp) {
        return;
    }
    boolean isTimestampSigned = false;
    for (SecurityEvent signedEvent : results) {
        AbstractSecuredElementSecurityEvent securedEvent = (AbstractSecuredElementSecurityEvent) signedEvent;
        if (!securedEvent.isSigned()) {
            continue;
        }
        List<QName> signedPath = securedEvent.getElementPath();
        if (isTimestamp(signedPath)) {
            isTimestampSigned = true;
            break;
        }
    }
    if (!isTimestampSigned) {
        throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, new Exception("The Timestamp is not signed"));
    }
}
Also used : SecurityEvent(org.apache.xml.security.stax.securityEvent.SecurityEvent) AbstractSecuredElementSecurityEvent(org.apache.xml.security.stax.securityEvent.AbstractSecuredElementSecurityEvent) AbstractSecuredElementSecurityEvent(org.apache.xml.security.stax.securityEvent.AbstractSecuredElementSecurityEvent) QName(javax.xml.namespace.QName) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException)

Example 2 with AbstractSecuredElementSecurityEvent

use of org.apache.xml.security.stax.securityEvent.AbstractSecuredElementSecurityEvent in project cxf by apache.

the class StaxCryptoCoverageChecker method checkEncryptedUsernameToken.

private void checkEncryptedUsernameToken(List<SecurityEvent> results) throws WSSecurityException {
    if (!encryptUsernameToken) {
        return;
    }
    boolean isUsernameTokenEncrypted = false;
    for (SecurityEvent encryptedEvent : results) {
        AbstractSecuredElementSecurityEvent securedEvent = (AbstractSecuredElementSecurityEvent) encryptedEvent;
        if (!securedEvent.isEncrypted()) {
            continue;
        }
        List<QName> encryptedPath = securedEvent.getElementPath();
        if (isUsernameToken(encryptedPath)) {
            isUsernameTokenEncrypted = true;
            break;
        }
    }
    if (!isUsernameTokenEncrypted) {
        throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, new Exception("The UsernameToken is not encrypted"));
    }
}
Also used : SecurityEvent(org.apache.xml.security.stax.securityEvent.SecurityEvent) AbstractSecuredElementSecurityEvent(org.apache.xml.security.stax.securityEvent.AbstractSecuredElementSecurityEvent) AbstractSecuredElementSecurityEvent(org.apache.xml.security.stax.securityEvent.AbstractSecuredElementSecurityEvent) QName(javax.xml.namespace.QName) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException)

Example 3 with AbstractSecuredElementSecurityEvent

use of org.apache.xml.security.stax.securityEvent.AbstractSecuredElementSecurityEvent in project cxf by apache.

the class StaxCryptoCoverageChecker method checkEncryptedBody.

private void checkEncryptedBody(List<SecurityEvent> results) throws WSSecurityException {
    if (!encryptBody) {
        return;
    }
    boolean isBodyEncrypted = false;
    for (SecurityEvent signedEvent : results) {
        AbstractSecuredElementSecurityEvent securedEvent = (AbstractSecuredElementSecurityEvent) signedEvent;
        if (!securedEvent.isEncrypted()) {
            continue;
        }
        List<QName> encryptedPath = securedEvent.getElementPath();
        if (isBody(encryptedPath)) {
            isBodyEncrypted = true;
            break;
        }
    }
    if (!isBodyEncrypted) {
        throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, new Exception("The SOAP Body is not encrypted"));
    }
}
Also used : SecurityEvent(org.apache.xml.security.stax.securityEvent.SecurityEvent) AbstractSecuredElementSecurityEvent(org.apache.xml.security.stax.securityEvent.AbstractSecuredElementSecurityEvent) AbstractSecuredElementSecurityEvent(org.apache.xml.security.stax.securityEvent.AbstractSecuredElementSecurityEvent) QName(javax.xml.namespace.QName) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException)

Example 4 with AbstractSecuredElementSecurityEvent

use of org.apache.xml.security.stax.securityEvent.AbstractSecuredElementSecurityEvent in project cxf by apache.

the class StaxCryptoCoverageChecker method checkSignedUsernameToken.

private void checkSignedUsernameToken(List<SecurityEvent> results) throws WSSecurityException {
    if (!signUsernameToken) {
        return;
    }
    boolean isUsernameTokenSigned = false;
    for (SecurityEvent signedEvent : results) {
        AbstractSecuredElementSecurityEvent securedEvent = (AbstractSecuredElementSecurityEvent) signedEvent;
        if (!securedEvent.isSigned()) {
            continue;
        }
        List<QName> signedPath = securedEvent.getElementPath();
        if (isUsernameToken(signedPath)) {
            isUsernameTokenSigned = true;
            break;
        }
    }
    if (!isUsernameTokenSigned) {
        throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, new Exception("The UsernameToken is not signed"));
    }
}
Also used : SecurityEvent(org.apache.xml.security.stax.securityEvent.SecurityEvent) AbstractSecuredElementSecurityEvent(org.apache.xml.security.stax.securityEvent.AbstractSecuredElementSecurityEvent) AbstractSecuredElementSecurityEvent(org.apache.xml.security.stax.securityEvent.AbstractSecuredElementSecurityEvent) QName(javax.xml.namespace.QName) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException)

Example 5 with AbstractSecuredElementSecurityEvent

use of org.apache.xml.security.stax.securityEvent.AbstractSecuredElementSecurityEvent in project cxf by apache.

the class StaxCryptoCoverageChecker method checkSignedBody.

private void checkSignedBody(List<SecurityEvent> results) throws WSSecurityException {
    if (!signBody) {
        return;
    }
    boolean isBodySigned = false;
    for (SecurityEvent signedEvent : results) {
        AbstractSecuredElementSecurityEvent securedEvent = (AbstractSecuredElementSecurityEvent) signedEvent;
        if (!securedEvent.isSigned()) {
            continue;
        }
        List<QName> signedPath = securedEvent.getElementPath();
        if (isBody(signedPath)) {
            isBodySigned = true;
            break;
        }
    }
    if (!isBodySigned) {
        throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, new Exception("The SOAP Body is not signed"));
    }
}
Also used : SecurityEvent(org.apache.xml.security.stax.securityEvent.SecurityEvent) AbstractSecuredElementSecurityEvent(org.apache.xml.security.stax.securityEvent.AbstractSecuredElementSecurityEvent) AbstractSecuredElementSecurityEvent(org.apache.xml.security.stax.securityEvent.AbstractSecuredElementSecurityEvent) QName(javax.xml.namespace.QName) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException)

Aggregations

AbstractSecuredElementSecurityEvent (org.apache.xml.security.stax.securityEvent.AbstractSecuredElementSecurityEvent)7 SecurityEvent (org.apache.xml.security.stax.securityEvent.SecurityEvent)7 QName (javax.xml.namespace.QName)6 WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)6 X509Certificate (java.security.cert.X509Certificate)1 List (java.util.List)1 WSHandlerResult (org.apache.wss4j.dom.handler.WSHandlerResult)1 XMLSecurityException (org.apache.xml.security.exceptions.XMLSecurityException)1