Examples with AbstractSecuredElementSecurityEvent org.apache.xml.security.stax.securityEvent.AbstractSecuredElementSecurityEvent used on opensource projects

Example 6 with AbstractSecuredElementSecurityEvent

use of org.apache.xml.security.stax.securityEvent.AbstractSecuredElementSecurityEvent in project cxf by apache.

the class StaxCryptoCoverageChecker method checkSignedAddressing.

private void checkSignedAddressing(List<SecurityEvent> results, AddressingProperties addressingProperties) throws WSSecurityException {
    if (!signAddressingHeaders || addressingProperties == null || (addressingProperties.getReplyTo() == null && addressingProperties.getFaultTo() == null)) {
        return;
    }
    boolean isReplyToSigned = false;
    boolean isFaultToSigned = false;
    for (SecurityEvent signedEvent : results) {
        AbstractSecuredElementSecurityEvent securedEvent = (AbstractSecuredElementSecurityEvent) signedEvent;
        if (!securedEvent.isSigned()) {
            continue;
        }
        List<QName> signedPath = securedEvent.getElementPath();
        if (isReplyTo(signedPath)) {
            isReplyToSigned = true;
        }
        if (isFaultTo(signedPath)) {
            isFaultToSigned = true;
        }
        if (isReplyToSigned && isFaultToSigned) {
            break;
        }
    }
    if (!isReplyToSigned && (addressingProperties.getReplyTo() != null)) {
        throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, new Exception("The Addressing headers are not signed"));
    }
    if (!isFaultToSigned && (addressingProperties.getFaultTo() != null)) {
        throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, new Exception("The Addressing headers are not signed"));
    }
}

Example 7 with AbstractSecuredElementSecurityEvent

use of org.apache.xml.security.stax.securityEvent.AbstractSecuredElementSecurityEvent in project cxf by apache.

the class TokenProviderUtils method getReqSigCert.

/**
 * Get the X509Certificate associated with the signature that was received. This cert is to be used
 * for encrypting the issued token.
 */
public static X509Certificate getReqSigCert(Map<String, Object> messageContext) {
    @SuppressWarnings("unchecked") List<WSHandlerResult> results = (List<WSHandlerResult>) messageContext.get(WSHandlerConstants.RECV_RESULTS);
    // DOM
    X509Certificate cert = WSS4JUtils.getReqSigCert(results);
    if (cert != null) {
        return cert;
    }
    // Streaming
    @SuppressWarnings("unchecked") final List<SecurityEvent> incomingEventList = (List<SecurityEvent>) messageContext.get(SecurityEvent.class.getName() + ".in");
    if (incomingEventList != null) {
        for (SecurityEvent incomingEvent : incomingEventList) {
            if (WSSecurityEventConstants.SIGNED_PART == incomingEvent.getSecurityEventType() || WSSecurityEventConstants.SignedElement == incomingEvent.getSecurityEventType()) {
                org.apache.xml.security.stax.securityToken.SecurityToken token = ((AbstractSecuredElementSecurityEvent) incomingEvent).getSecurityToken();
                try {
                    if (token != null && token.getX509Certificates() != null && token.getX509Certificates().length > 0) {
                        return token.getX509Certificates()[0];
                    }
                } catch (XMLSecurityException ex) {
                    LOG.log(Level.FINE, ex.getMessage(), ex);
                    return null;
                }
            }
        }
    }
    return null;
}