|
Apache CXF API | |||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder
public abstract class AbstractBindingBuilder
Field Summary | |
---|---|
protected AssertionInfoMap |
aim
|
protected Binding |
binding
|
static String |
CRYPTO_CACHE
|
protected Set<org.apache.ws.security.WSEncryptionPart> |
encryptedTokensList
|
protected Map<Token,Object> |
endEncSuppTokMap
|
protected Map<Token,Object> |
endSuppTokMap
|
protected static Logger |
LOG
|
protected String |
mainSigId
|
protected SoapMessage |
message
|
protected SPConstants.ProtectionOrder |
protectionOrder
|
protected javax.xml.soap.SOAPMessage |
saaj
|
protected org.apache.ws.security.message.WSSecHeader |
secHeader
|
protected Map<Token,Object> |
sgndEndEncSuppTokMap
|
protected Map<Token,Object> |
sgndEndSuppTokMap
|
protected List<org.apache.ws.security.WSEncryptionPart> |
sigConfList
|
protected List<byte[]> |
signatures
|
protected org.apache.ws.security.message.WSSecTimestamp |
timestampEl
|
protected org.apache.ws.security.WSSConfig |
wssConfig
|
Constructor Summary | |
---|---|
AbstractBindingBuilder(org.apache.ws.security.WSSConfig config,
Binding binding,
javax.xml.soap.SOAPMessage saaj,
org.apache.ws.security.message.WSSecHeader secHeader,
AssertionInfoMap aim,
SoapMessage message)
|
Method Summary | |
---|---|
protected void |
addDerivedKeyElement(Element el)
|
protected org.apache.ws.security.message.WSSecUsernameToken |
addDKUsernameToken(UsernameToken token,
boolean useMac)
|
protected void |
addEncryptedKeyElement(Element el)
|
protected org.apache.ws.security.saml.ext.AssertionWrapper |
addSamlToken(SamlToken token)
|
protected void |
addSignatureConfirmation(List<org.apache.ws.security.WSEncryptionPart> sigParts)
|
protected void |
addSignatureParts(Map<Token,Object> tokenMap,
List<org.apache.ws.security.WSEncryptionPart> sigParts)
|
protected void |
addSupportingElement(Element el)
|
protected void |
addSupportingTokens(List<org.apache.ws.security.WSEncryptionPart> sigs)
|
protected void |
addTopDownElement(Element el)
|
protected org.apache.ws.security.message.WSSecUsernameToken |
addUsernameToken(UsernameToken token)
|
String |
addWsuIdToElement(Element elem)
Generates a wsu:Id attribute for the provided Element and returns the attribute value
or finds and returns the value of the attribute if it already exists. |
protected void |
assertSupportingTokens(Collection<org.apache.neethi.Assertion> suppTokens)
|
protected void |
assertSupportingTokens(List<org.apache.ws.security.WSEncryptionPart> sigs)
|
protected Element |
cloneElement(Element el)
|
org.apache.ws.security.WSEncryptionPart |
convertToEncryptionPart(Element element)
Convert a DOM Element into a WSEncryptionPart, adding a (wsu:)Id if there is not one already. |
protected org.apache.ws.security.message.WSSecTimestamp |
createTimestamp()
|
protected void |
doEndorse()
|
protected void |
doEndorsedSignatures(Map<Token,Object> tokenMap,
boolean isTokenProtection,
boolean isSigProtect)
|
protected Collection<org.apache.neethi.Assertion> |
findAndAssertPolicy(QName n)
|
protected String |
findIDFromSamlToken(Element samlToken)
|
protected CallbackHandler |
getCallbackHandler()
|
org.apache.ws.security.components.crypto.Crypto |
getCrypto(TokenWrapper wrapper,
String cryptoKey,
String propKey)
|
protected Map<Object,org.apache.ws.security.components.crypto.Crypto> |
getCryptoCache()
|
protected List<org.apache.ws.security.WSEncryptionPart> |
getElements(String encryptionModifier,
List<String> xpaths,
Map<String,String> namespaces,
List<Element> found)
Identifies the portions of the message to be signed/encrypted. |
protected org.apache.ws.security.message.WSSecEncryptedKey |
getEncryptedKeyBuilder(TokenWrapper wrapper,
Token token)
|
List<org.apache.ws.security.WSEncryptionPart> |
getEncryptedParts()
|
org.apache.ws.security.components.crypto.Crypto |
getEncryptionCrypto(TokenWrapper wrapper)
|
protected List<org.apache.ws.security.WSEncryptionPart> |
getParts(boolean sign,
boolean includeBody,
List<org.apache.ws.security.WSEncryptionPart> parts,
List<Element> found)
Identifies the portions of the message to be signed/encrypted. |
List<org.apache.ws.security.WSEncryptionPart> |
getPartsAndElements(boolean sign,
boolean includeBody,
List<org.apache.ws.security.WSEncryptionPart> parts,
List<String> xpaths,
Map<String,String> namespaces,
List<String> contentXpaths,
Map<String,String> cnamespaces)
Deprecated. Use getSignedParts() and getEncryptedParts()
instead. |
String |
getPassword(String userName,
org.apache.neethi.Assertion info,
int type)
|
protected SecurityToken |
getSecurityToken()
|
protected org.apache.ws.security.message.WSSecSignature |
getSignatureBuilder(TokenWrapper wrapper,
Token token,
boolean endorse)
|
protected org.apache.ws.security.message.WSSecSignature |
getSignatureBuilder(TokenWrapper wrapper,
Token token,
boolean attached,
boolean endorse)
|
org.apache.ws.security.components.crypto.Crypto |
getSignatureCrypto(TokenWrapper wrapper)
|
List<org.apache.ws.security.WSEncryptionPart> |
getSignedParts()
|
protected TokenStore |
getTokenStore()
|
static String |
getUsername(List<org.apache.ws.security.handler.WSHandlerResult> results)
Scan through WSHandlerResult |
protected Wss10 |
getWss10()
|
void |
handleEncryptedSignedHeaders(List<org.apache.ws.security.WSEncryptionPart> encryptedParts,
List<org.apache.ws.security.WSEncryptionPart> signedParts)
Processes the parts to be signed and reconfigures those parts that have already been encrypted. |
protected org.apache.ws.security.message.WSSecTimestamp |
handleLayout(org.apache.ws.security.message.WSSecTimestamp timestamp)
|
protected Map<Token,Object> |
handleSupportingTokens(Collection<org.apache.neethi.Assertion> tokens,
boolean endorse)
|
protected Map<Token,Object> |
handleSupportingTokens(SupportingToken suppTokens,
boolean endorse)
|
protected Map<Token,Object> |
handleSupportingTokens(SupportingToken suppTokens,
boolean endorse,
Map<Token,Object> ret)
|
protected void |
handleUsernameTokenSupportingToken(UsernameToken token,
boolean endorse,
boolean encryptedToken,
Map<Token,Object> ret)
|
protected boolean |
includeToken(SPConstants.IncludeTokenType inclusion)
|
protected void |
insertBeforeBottomUp(Element el)
|
protected boolean |
isRequestor()
|
protected void |
policyAsserted(org.apache.neethi.Assertion assertion)
|
protected void |
policyAsserted(QName n)
|
protected void |
policyNotAsserted(org.apache.neethi.Assertion assertion,
Exception reason)
|
protected void |
policyNotAsserted(org.apache.neethi.Assertion assertion,
String reason)
|
String |
setEncryptionUser(org.apache.ws.security.message.WSSecEncryptedKey encrKeyBuilder,
TokenWrapper token,
boolean sign,
org.apache.ws.security.components.crypto.Crypto crypto)
|
void |
setKeyIdentifierType(org.apache.ws.security.message.WSSecBase secBase,
TokenWrapper wrapper,
Token token)
|
protected void |
storeAssertionAsSecurityToken(org.apache.ws.security.saml.ext.AssertionWrapper assertion)
Store a SAML Assertion as a SecurityToken |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
public static final String CRYPTO_CACHE
protected static final Logger LOG
protected SPConstants.ProtectionOrder protectionOrder
protected final org.apache.ws.security.WSSConfig wssConfig
protected javax.xml.soap.SOAPMessage saaj
protected org.apache.ws.security.message.WSSecHeader secHeader
protected AssertionInfoMap aim
protected Binding binding
protected SoapMessage message
protected org.apache.ws.security.message.WSSecTimestamp timestampEl
protected String mainSigId
protected List<org.apache.ws.security.WSEncryptionPart> sigConfList
protected Set<org.apache.ws.security.WSEncryptionPart> encryptedTokensList
protected Map<Token,Object> endEncSuppTokMap
protected Map<Token,Object> endSuppTokMap
protected Map<Token,Object> sgndEndEncSuppTokMap
protected Map<Token,Object> sgndEndSuppTokMap
protected List<byte[]> signatures
Constructor Detail |
---|
public AbstractBindingBuilder(org.apache.ws.security.WSSConfig config, Binding binding, javax.xml.soap.SOAPMessage saaj, org.apache.ws.security.message.WSSecHeader secHeader, AssertionInfoMap aim, SoapMessage message)
Method Detail |
---|
protected void addDerivedKeyElement(Element el)
protected void addEncryptedKeyElement(Element el)
protected void addSupportingElement(Element el)
protected void insertBeforeBottomUp(Element el)
protected void addTopDownElement(Element el)
protected boolean isRequestor()
protected void policyNotAsserted(org.apache.neethi.Assertion assertion, Exception reason)
protected void policyNotAsserted(org.apache.neethi.Assertion assertion, String reason)
protected void policyAsserted(org.apache.neethi.Assertion assertion)
protected void policyAsserted(QName n)
protected Collection<org.apache.neethi.Assertion> findAndAssertPolicy(QName n)
protected final Map<Object,org.apache.ws.security.components.crypto.Crypto> getCryptoCache()
protected final TokenStore getTokenStore()
protected org.apache.ws.security.message.WSSecTimestamp createTimestamp()
protected org.apache.ws.security.message.WSSecTimestamp handleLayout(org.apache.ws.security.message.WSSecTimestamp timestamp)
protected void assertSupportingTokens(Collection<org.apache.neethi.Assertion> suppTokens)
protected Map<Token,Object> handleSupportingTokens(Collection<org.apache.neethi.Assertion> tokens, boolean endorse) throws org.apache.ws.security.WSSecurityException
org.apache.ws.security.WSSecurityException
protected Map<Token,Object> handleSupportingTokens(SupportingToken suppTokens, boolean endorse) throws org.apache.ws.security.WSSecurityException
org.apache.ws.security.WSSecurityException
protected Map<Token,Object> handleSupportingTokens(SupportingToken suppTokens, boolean endorse, Map<Token,Object> ret) throws org.apache.ws.security.WSSecurityException
org.apache.ws.security.WSSecurityException
protected void handleUsernameTokenSupportingToken(UsernameToken token, boolean endorse, boolean encryptedToken, Map<Token,Object> ret) throws org.apache.ws.security.WSSecurityException
org.apache.ws.security.WSSecurityException
protected Element cloneElement(Element el)
protected SecurityToken getSecurityToken()
protected void addSignatureParts(Map<Token,Object> tokenMap, List<org.apache.ws.security.WSEncryptionPart> sigParts)
protected org.apache.ws.security.message.WSSecUsernameToken addUsernameToken(UsernameToken token)
protected org.apache.ws.security.message.WSSecUsernameToken addDKUsernameToken(UsernameToken token, boolean useMac)
protected org.apache.ws.security.saml.ext.AssertionWrapper addSamlToken(SamlToken token) throws org.apache.ws.security.WSSecurityException
org.apache.ws.security.WSSecurityException
protected void storeAssertionAsSecurityToken(org.apache.ws.security.saml.ext.AssertionWrapper assertion)
protected String findIDFromSamlToken(Element samlToken)
public String getPassword(String userName, org.apache.neethi.Assertion info, int type)
protected CallbackHandler getCallbackHandler()
public String addWsuIdToElement(Element elem)
Element
and returns the attribute value
or finds and returns the value of the attribute if it already exists.
element
- the Element
to check/create the attribute on
public List<org.apache.ws.security.WSEncryptionPart> getEncryptedParts() throws javax.xml.soap.SOAPException
javax.xml.soap.SOAPException
public List<org.apache.ws.security.WSEncryptionPart> getSignedParts() throws javax.xml.soap.SOAPException
javax.xml.soap.SOAPException
public List<org.apache.ws.security.WSEncryptionPart> getPartsAndElements(boolean sign, boolean includeBody, List<org.apache.ws.security.WSEncryptionPart> parts, List<String> xpaths, Map<String,String> namespaces, List<String> contentXpaths, Map<String,String> cnamespaces) throws javax.xml.soap.SOAPException
getSignedParts()
and getEncryptedParts()
instead.
sign
- whether the matches are to be signed or encryptedincludeBody
- if the body should be included in the signature/encryptionparts
- any WSEncryptionPart
s to match for signature or
encryption as specified by WS-SP signed parts or encrypted
parts. Parts without a name match all elements with the
provided namespace.xpaths
- any XPath expressions to sign/encrypt matchesnamespaces
- namespace prefix to namespace mappings for XPath expressions
in xpaths
contentXpaths
- any XPath expressions to content encryptcnamespaces
- namespace prefix to namespace mappings for XPath expressions
in contentXpaths
WSEncryptionPart
s suitable for
processing by WSS4J
javax.xml.soap.SOAPException
- if there is an error extracting SOAP content from the SAAJ
modelprotected List<org.apache.ws.security.WSEncryptionPart> getParts(boolean sign, boolean includeBody, List<org.apache.ws.security.WSEncryptionPart> parts, List<Element> found) throws javax.xml.soap.SOAPException
sign
- whether the matches are to be signed or encryptedincludeBody
- if the body should be included in the signature/encryptionparts
- any WSEncryptionPart
s to match for signature or
encryption as specified by WS-SP signed parts or encrypted
parts. Parts without a name match all elements with the
provided namespace.found
- a list of elements that have previously been tagged for
signing/encryption. Populated with additional matches found by
this method and used to prevent including the same element
twice under the same operation.
WSEncryptionPart
s suitable for
processing by WSS4J
javax.xml.soap.SOAPException
- if there is an error extracting SOAP content from the SAAJ
modelprotected List<org.apache.ws.security.WSEncryptionPart> getElements(String encryptionModifier, List<String> xpaths, Map<String,String> namespaces, List<Element> found) throws XPathExpressionException, javax.xml.soap.SOAPException
encryptionModifier
- indicates the scope of the crypto operation over matched
elements. Either "Content" or "Element".xpaths
- any XPath expressions to sign/encrypt matchesnamespaces
- namespace prefix to namespace mappings for XPath expressions
in xpaths
found
- a list of elements that have previously been tagged for
signing/encryption. Populated with additional matches found by
this method and used to prevent including the same element
twice under the same operation.
WSEncryptionPart
s suitable for
processing by WSS4J
XPathExpressionException
- if a provided XPath is invalid
javax.xml.soap.SOAPException
- if there is an error extracting SOAP content from the SAAJ
modelprotected org.apache.ws.security.message.WSSecEncryptedKey getEncryptedKeyBuilder(TokenWrapper wrapper, Token token) throws org.apache.ws.security.WSSecurityException
org.apache.ws.security.WSSecurityException
public org.apache.ws.security.components.crypto.Crypto getSignatureCrypto(TokenWrapper wrapper) throws org.apache.ws.security.WSSecurityException
org.apache.ws.security.WSSecurityException
public org.apache.ws.security.components.crypto.Crypto getEncryptionCrypto(TokenWrapper wrapper) throws org.apache.ws.security.WSSecurityException
org.apache.ws.security.WSSecurityException
public org.apache.ws.security.components.crypto.Crypto getCrypto(TokenWrapper wrapper, String cryptoKey, String propKey) throws org.apache.ws.security.WSSecurityException
org.apache.ws.security.WSSecurityException
public void setKeyIdentifierType(org.apache.ws.security.message.WSSecBase secBase, TokenWrapper wrapper, Token token)
public String setEncryptionUser(org.apache.ws.security.message.WSSecEncryptedKey encrKeyBuilder, TokenWrapper token, boolean sign, org.apache.ws.security.components.crypto.Crypto crypto)
public static String getUsername(List<org.apache.ws.security.handler.WSHandlerResult> results)
WSHandlerResult list for a Username token and return
the username if a Username Token found
- Parameters:
results
-
- Returns:
protected Wss10 getWss10()
protected org.apache.ws.security.message.WSSecSignature getSignatureBuilder(TokenWrapper wrapper, Token token, boolean endorse) throws org.apache.ws.security.WSSecurityException
org.apache.ws.security.WSSecurityException
protected org.apache.ws.security.message.WSSecSignature getSignatureBuilder(TokenWrapper wrapper, Token token, boolean attached, boolean endorse) throws org.apache.ws.security.WSSecurityException
org.apache.ws.security.WSSecurityException
protected void doEndorsedSignatures(Map<Token,Object> tokenMap, boolean isTokenProtection, boolean isSigProtect)
protected void assertSupportingTokens(List<org.apache.ws.security.WSEncryptionPart> sigs)
protected void addSupportingTokens(List<org.apache.ws.security.WSEncryptionPart> sigs) throws org.apache.ws.security.WSSecurityException
org.apache.ws.security.WSSecurityException
protected void doEndorse()
protected void addSignatureConfirmation(List<org.apache.ws.security.WSEncryptionPart> sigParts)
public void handleEncryptedSignedHeaders(List<org.apache.ws.security.WSEncryptionPart> encryptedParts, List<org.apache.ws.security.WSEncryptionPart> signedParts)
encryptedParts
- the parts that have been encryptedsignedParts
- the parts that are to be signed
IllegalArgumentException
- if an element in signedParts
contains a WSEncryptionPart
with a null
id
value
and the WSEncryptionPart
name
value is not
"Token"public org.apache.ws.security.WSEncryptionPart convertToEncryptionPart(Element element)
element
- The DOM Element to convert
protected boolean includeToken(SPConstants.IncludeTokenType inclusion)
|
Apache CXF API | |||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |