org.apache.cxf.ws.security.wss4j.policyhandlers
Class AbstractBindingBuilder

java.lang.Object
  org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractCommonBindingHandler
      org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder

Direct Known Subclasses:

AsymmetricBindingHandler, SymmetricBindingHandler, TransportBindingHandler

public abstract class AbstractBindingBuilder
extends AbstractCommonBindingHandler

CRYPTO_CACHE

public static final String CRYPTO_CACHE

See Also:

Constant Field Values

LOG

protected static final Logger LOG

protectionOrder

protected org.apache.wss4j.policy.model.AbstractSymmetricAsymmetricBinding.ProtectionOrder protectionOrder

wssConfig

protected final org.apache.wss4j.dom.WSSConfig wssConfig

saaj

protected SOAPMessage saaj

secHeader

protected org.apache.wss4j.dom.message.WSSecHeader secHeader

aim

protected AssertionInfoMap aim

binding

protected org.apache.wss4j.policy.model.AbstractBinding binding

timestampEl

protected org.apache.wss4j.dom.message.WSSecTimestamp timestampEl

mainSigId

protected String mainSigId

sigConfList

protected List<org.apache.wss4j.common.WSEncryptionPart> sigConfList

encryptedTokensList

protected Set<org.apache.wss4j.common.WSEncryptionPart> encryptedTokensList

endEncSuppTokList

protected List<org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.SupportingToken> endEncSuppTokList

endSuppTokList

protected List<org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.SupportingToken> endSuppTokList

sgndEndEncSuppTokList

protected List<org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.SupportingToken> sgndEndEncSuppTokList

sgndEndSuppTokList

protected List<org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.SupportingToken> sgndEndSuppTokList

signatures

protected List<byte[]> signatures

bottomUpElement

protected Element bottomUpElement

topDownElement

protected Element topDownElement

bstElement

protected Element bstElement

lastEncryptedKeyElement

protected Element lastEncryptedKeyElement

AbstractBindingBuilder

public AbstractBindingBuilder(org.apache.wss4j.dom.WSSConfig config,
                              org.apache.wss4j.policy.model.AbstractBinding binding,
                              SOAPMessage saaj,
                              org.apache.wss4j.dom.message.WSSecHeader secHeader,
                              AssertionInfoMap aim,
                              SoapMessage message)

insertAfter

protected void insertAfter(Element child,
                           Element sib)

addDerivedKeyElement

protected void addDerivedKeyElement(Element el)

addEncryptedKeyElement

protected void addEncryptedKeyElement(Element el)

addSupportingElement

protected void addSupportingElement(Element el)

insertBeforeBottomUp

protected void insertBeforeBottomUp(Element el)

addTopDownElement

protected void addTopDownElement(Element el)

getCryptoCache

protected final Map<Object,org.apache.wss4j.common.crypto.Crypto> getCryptoCache()

getTokenStore

protected final TokenStore getTokenStore()

createTimestamp

protected org.apache.wss4j.dom.message.WSSecTimestamp createTimestamp()

handleLayout

protected org.apache.wss4j.dom.message.WSSecTimestamp handleLayout(org.apache.wss4j.dom.message.WSSecTimestamp timestamp)

reshuffleTimestamp

protected void reshuffleTimestamp()

handleSupportingTokens

protected List<org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.SupportingToken> handleSupportingTokens(org.apache.wss4j.policy.model.SupportingTokens suppTokens,
                                                                                                                              boolean endorse,
                                                                                                                              List<org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.SupportingToken> ret)
                                                                                                                       throws org.apache.wss4j.common.ext.WSSecurityException

Throws:

org.apache.wss4j.common.ext.WSSecurityException

handleUsernameTokenSupportingToken

protected void handleUsernameTokenSupportingToken(org.apache.wss4j.policy.model.UsernameToken token,
                                                  boolean endorse,
                                                  boolean encryptedToken,
                                                  List<org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.SupportingToken> ret)
                                           throws org.apache.wss4j.common.ext.WSSecurityException

Throws:

org.apache.wss4j.common.ext.WSSecurityException

cloneElement

protected Element cloneElement(Element el)

addSignatureParts

protected void addSignatureParts(List<org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.SupportingToken> tokenList,
                                 List<org.apache.wss4j.common.WSEncryptionPart> sigParts)

addUsernameToken

protected org.apache.wss4j.dom.message.WSSecUsernameToken addUsernameToken(org.apache.wss4j.policy.model.UsernameToken token)

addDKUsernameToken

protected org.apache.wss4j.dom.message.WSSecUsernameToken addDKUsernameToken(org.apache.wss4j.policy.model.UsernameToken token,
                                                                             boolean useMac)

addSamlToken

protected org.apache.wss4j.common.saml.SamlAssertionWrapper addSamlToken(org.apache.wss4j.policy.model.SamlToken token)
                                                                  throws org.apache.wss4j.common.ext.WSSecurityException

Throws:

org.apache.wss4j.common.ext.WSSecurityException

storeAssertionAsSecurityToken

protected void storeAssertionAsSecurityToken(org.apache.wss4j.common.saml.SamlAssertionWrapper assertion)

Store a SAML Assertion as a SecurityToken

findIDFromSamlToken

protected String findIDFromSamlToken(Element samlToken)

getPassword

public String getPassword(String userName,
                          org.apache.neethi.Assertion info,
                          int usage)

getCallbackHandler

protected CallbackHandler getCallbackHandler()

addWsuIdToElement

public String addWsuIdToElement(Element elem)

Generates a wsu:Id attribute for the provided Element and returns the attribute value or finds and returns the value of the attribute if it already exists.

Parameters:

element - the Element to check/create the attribute on

Returns:

the generated or discovered wsu:Id attribute value

getEncryptedParts

public List<org.apache.wss4j.common.WSEncryptionPart> getEncryptedParts()
                                                                 throws SOAPException

Throws:

SOAPException

getSignedParts

public List<org.apache.wss4j.common.WSEncryptionPart> getSignedParts()
                                                              throws SOAPException

Throws:

SOAPException

getPartsAndElements

public List<org.apache.wss4j.common.WSEncryptionPart> getPartsAndElements(boolean sign,
                                                                          boolean includeBody,
                                                                          List<org.apache.wss4j.common.WSEncryptionPart> parts,
                                                                          List<org.apache.wss4j.policy.model.XPath> xpaths,
                                                                          List<org.apache.wss4j.policy.model.XPath> contentXpaths)
                                                                   throws SOAPException

Deprecated. Use getSignedParts() and getEncryptedParts() instead.

Identifies the portions of the message to be signed/encrypted.

Parameters:

sign - whether the matches are to be signed or encrypted

includeBody - if the body should be included in the signature/encryption

parts - any WSEncryptionParts to match for signature or encryption as specified by WS-SP signed parts or encrypted parts. Parts without a name match all elements with the provided namespace.

xpaths - any XPath expressions to sign/encrypt matches

contentXpaths - any XPath expressions to content encrypt

Returns:

a configured list of WSEncryptionParts suitable for processing by WSS4J

Throws:

SOAPException - if there is an error extracting SOAP content from the SAAJ model

getParts

protected List<org.apache.wss4j.common.WSEncryptionPart> getParts(boolean sign,
                                                                  boolean includeBody,
                                                                  List<org.apache.wss4j.common.WSEncryptionPart> parts,
                                                                  List<Element> found)
                                                           throws SOAPException

Identifies the portions of the message to be signed/encrypted.

Parameters:

sign - whether the matches are to be signed or encrypted

includeBody - if the body should be included in the signature/encryption

parts - any WSEncryptionParts to match for signature or encryption as specified by WS-SP signed parts or encrypted parts. Parts without a name match all elements with the provided namespace.

found - a list of elements that have previously been tagged for signing/encryption. Populated with additional matches found by this method and used to prevent including the same element twice under the same operation.

Returns:

a configured list of WSEncryptionParts suitable for processing by WSS4J

Throws:

SOAPException - if there is an error extracting SOAP content from the SAAJ model

getElements

protected List<org.apache.wss4j.common.WSEncryptionPart> getElements(String encryptionModifier,
                                                                     List<org.apache.wss4j.policy.model.XPath> xpaths,
                                                                     List<Element> found,
                                                                     boolean forceId)
                                                              throws XPathExpressionException,
                                                                     SOAPException

Identifies the portions of the message to be signed/encrypted.

Parameters:

encryptionModifier - indicates the scope of the crypto operation over matched elements. Either "Content" or "Element".

xpaths - any XPath expressions to sign/encrypt matches

found - a list of elements that have previously been tagged for signing/encryption. Populated with additional matches found by this method and used to prevent including the same element twice under the same operation.

forceId - force adding a wsu:Id onto the elements. Recommended for signatures.

Returns:

a configured list of WSEncryptionParts suitable for processing by WSS4J

Throws:

XPathExpressionException - if a provided XPath is invalid

SOAPException - if there is an error extracting SOAP content from the SAAJ model

getEncryptedKeyBuilder

protected org.apache.wss4j.dom.message.WSSecEncryptedKey getEncryptedKeyBuilder(org.apache.wss4j.policy.model.AbstractTokenWrapper wrapper,
                                                                                org.apache.wss4j.policy.model.AbstractToken token)
                                                                         throws org.apache.wss4j.common.ext.WSSecurityException

Throws:

org.apache.wss4j.common.ext.WSSecurityException

getSignatureCrypto

public org.apache.wss4j.common.crypto.Crypto getSignatureCrypto(org.apache.wss4j.policy.model.AbstractTokenWrapper wrapper)
                                                         throws org.apache.wss4j.common.ext.WSSecurityException

Throws:

org.apache.wss4j.common.ext.WSSecurityException

getEncryptionCrypto

public org.apache.wss4j.common.crypto.Crypto getEncryptionCrypto(org.apache.wss4j.policy.model.AbstractTokenWrapper wrapper)
                                                          throws org.apache.wss4j.common.ext.WSSecurityException

Throws:

org.apache.wss4j.common.ext.WSSecurityException

getCrypto

public org.apache.wss4j.common.crypto.Crypto getCrypto(org.apache.wss4j.policy.model.AbstractTokenWrapper wrapper,
                                                       String cryptoKey,
                                                       String propKey)
                                                throws org.apache.wss4j.common.ext.WSSecurityException

Throws:

org.apache.wss4j.common.ext.WSSecurityException

getPasswordEncryptor

protected org.apache.wss4j.common.crypto.PasswordEncryptor getPasswordEncryptor()

setKeyIdentifierType

public void setKeyIdentifierType(org.apache.wss4j.dom.message.WSSecBase secBase,
                                 org.apache.wss4j.policy.model.AbstractTokenWrapper wrapper,
                                 org.apache.wss4j.policy.model.AbstractToken token)

setEncryptionUser

public String setEncryptionUser(org.apache.wss4j.dom.message.WSSecEncryptedKey encrKeyBuilder,
                                org.apache.wss4j.policy.model.AbstractTokenWrapper token,
                                boolean sign,
                                org.apache.wss4j.common.crypto.Crypto crypto)

getUsername

public static String getUsername(List<org.apache.wss4j.dom.handler.WSHandlerResult> results)

Scan through WSHandlerResult list for a Username token and return the username if a Username Token found

Parameters:

results -

Returns:

protected org.apache.wss4j.dom.message.WSSecSignature getSignatureBuilder(org.apache.wss4j.policy.model.AbstractTokenWrapper wrapper,
                                                                          org.apache.wss4j.policy.model.AbstractToken token,
                                                                          boolean endorse)
                                                                   throws org.apache.wss4j.common.ext.WSSecurityException

protected org.apache.wss4j.dom.message.WSSecSignature getSignatureBuilder(org.apache.wss4j.policy.model.AbstractTokenWrapper wrapper,
                                                                          org.apache.wss4j.policy.model.AbstractToken token,
                                                                          boolean attached,
                                                                          boolean endorse)
                                                                   throws org.apache.wss4j.common.ext.WSSecurityException

protected void doEndorsedSignatures(List<org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.SupportingToken> tokenList,
                                    boolean isTokenProtection,
                                    boolean isSigProtect)

protected void addSupportingTokens(List<org.apache.wss4j.common.WSEncryptionPart> sigs)
                            throws org.apache.wss4j.common.ext.WSSecurityException

protected void doEndorse()

protected void addSignatureConfirmation(List<org.apache.wss4j.common.WSEncryptionPart> sigParts)

public void handleEncryptedSignedHeaders(List<org.apache.wss4j.common.WSEncryptionPart> encryptedParts,
                                         List<org.apache.wss4j.common.WSEncryptionPart> signedParts)

public org.apache.wss4j.common.WSEncryptionPart convertToEncryptionPart(Element element)