org.apache.cxf.ws.security.wss4j.policyvalidators
Class AbstractBindingPolicyValidator

java.lang.Object
  org.apache.cxf.ws.security.wss4j.policyvalidators.AbstractBindingPolicyValidator

All Implemented Interfaces:

BindingPolicyValidator

Direct Known Subclasses:

AsymmetricBindingPolicyValidator, SymmetricBindingPolicyValidator, TransportBindingPolicyValidator

public abstract class AbstractBindingPolicyValidator
extends Object
implements BindingPolicyValidator

Some abstract functionality for validating a security binding.

Constructor Summary

AbstractBindingPolicyValidator()

Method Summary

protected void	assertPolicy(AssertionInfoMap aim, org.apache.neethi.Assertion token)
protected boolean	assertPolicy(AssertionInfoMap aim, QName q)
protected boolean	checkDerivedKeys(TokenWrapper tokenWrapper, boolean hasDerivedKeys, List<org.apache.ws.security.WSSecurityEngineResult> signedResults, List<org.apache.ws.security.WSSecurityEngineResult> encryptedResults) Check the derived key requirement.
protected boolean	checkProperties(SymmetricAsymmetricBindingBase binding, AssertionInfo ai, AssertionInfoMap aim, List<org.apache.ws.security.WSSecurityEngineResult> results, List<org.apache.ws.security.WSSecurityEngineResult> signedResults, Message message) Check various properties set in the policy of the binding
protected boolean	checkProtectionOrder(SymmetricAsymmetricBindingBase binding, AssertionInfo ai, List<org.apache.ws.security.WSSecurityEngineResult> results) Check the Protection Order of the binding
protected boolean	isSignatureEncrypted(List<org.apache.ws.security.WSSecurityEngineResult> results) Check whether all Signature (and SignatureConfirmation) elements were encrypted
protected void	notAssertPolicy(AssertionInfoMap aim, QName q, String msg)
protected boolean	validateEntireHeaderAndBodySignatures(List<org.apache.ws.security.WSSecurityEngineResult> signedResults) Validate the entire header and body signature property.
protected boolean	validateLayout(boolean laxTimestampFirst, boolean laxTimestampLast, List<org.apache.ws.security.WSSecurityEngineResult> results) Validate the layout assertion.
protected boolean	validateTimestamp(boolean includeTimestamp, boolean transportBinding, List<org.apache.ws.security.WSSecurityEngineResult> results, List<org.apache.ws.security.WSSecurityEngineResult> signedResults, Message message) Validate a Timestamp

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.apache.cxf.ws.security.wss4j.policyvalidators.BindingPolicyValidator

validatePolicy

Constructor Detail

AbstractBindingPolicyValidator

public AbstractBindingPolicyValidator()

Method Detail

validateTimestamp

protected boolean validateTimestamp(boolean includeTimestamp,
                                    boolean transportBinding,
                                    List<org.apache.ws.security.WSSecurityEngineResult> results,
                                    List<org.apache.ws.security.WSSecurityEngineResult> signedResults,
                                    Message message)

Validate a Timestamp

Parameters:

includeTimestamp - whether a Timestamp must be included or not

transportBinding - whether the Transport binding is in use or not

signedResults - the signed results list

message - the Message object

Returns:

whether the Timestamp policy is valid or not

validateEntireHeaderAndBodySignatures

protected boolean validateEntireHeaderAndBodySignatures(List<org.apache.ws.security.WSSecurityEngineResult> signedResults)

Validate the entire header and body signature property.

validateLayout

protected boolean validateLayout(boolean laxTimestampFirst,
                                 boolean laxTimestampLast,
                                 List<org.apache.ws.security.WSSecurityEngineResult> results)

Validate the layout assertion. It just checks the LaxTsFirst and LaxTsLast properties

checkProperties

protected boolean checkProperties(SymmetricAsymmetricBindingBase binding,
                                  AssertionInfo ai,
                                  AssertionInfoMap aim,
                                  List<org.apache.ws.security.WSSecurityEngineResult> results,
                                  List<org.apache.ws.security.WSSecurityEngineResult> signedResults,
                                  Message message)

Check various properties set in the policy of the binding

checkProtectionOrder

protected boolean checkProtectionOrder(SymmetricAsymmetricBindingBase binding,
                                       AssertionInfo ai,
                                       List<org.apache.ws.security.WSSecurityEngineResult> results)

Check the Protection Order of the binding

checkDerivedKeys

protected boolean checkDerivedKeys(TokenWrapper tokenWrapper,
                                   boolean hasDerivedKeys,
                                   List<org.apache.ws.security.WSSecurityEngineResult> signedResults,
                                   List<org.apache.ws.security.WSSecurityEngineResult> encryptedResults)

Check the derived key requirement.

isSignatureEncrypted

protected boolean isSignatureEncrypted(List<org.apache.ws.security.WSSecurityEngineResult> results)

Check whether all Signature (and SignatureConfirmation) elements were encrypted

assertPolicy

protected void assertPolicy(AssertionInfoMap aim,
                            org.apache.neethi.Assertion token)

assertPolicy

protected boolean assertPolicy(AssertionInfoMap aim,
                               QName q)

notAssertPolicy

protected void notAssertPolicy(AssertionInfoMap aim,
                               QName q,
                               String msg)