AbstractBindingPolicyValidator (Apache CXF JavaDoc 3.0.0 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

Apache CXF API

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.apache.cxf.ws.security.wss4j.policyvalidators
Class AbstractBindingPolicyValidator

java.lang.Object
  org.apache.cxf.ws.security.wss4j.policyvalidators.AbstractBindingPolicyValidator

All Implemented Interfaces:: BindingPolicyValidator

Direct Known Subclasses:: AsymmetricBindingPolicyValidator, SymmetricBindingPolicyValidator, TransportBindingPolicyValidator

public abstract class AbstractBindingPolicyValidator
extends Object
implements BindingPolicyValidator
extends Object
implements BindingPolicyValidator

Some abstract functionality for validating a security binding.

Constructor Summary
`AbstractBindingPolicyValidator()`

Method Summary
`protected void`	`assertPolicy(AssertionInfoMap aim, org.apache.neethi.Assertion token)`
`protected boolean`	`assertPolicy(AssertionInfoMap aim, QName q)`
`protected boolean`	`assertPolicy(AssertionInfoMap aim, String localname)`
`protected boolean`	`checkDerivedKeys(org.apache.wss4j.policy.model.AbstractTokenWrapper tokenWrapper, boolean hasDerivedKeys, List<org.apache.wss4j.dom.WSSecurityEngineResult> signedResults, List<org.apache.wss4j.dom.WSSecurityEngineResult> encryptedResults)` Check the derived key requirement.
`protected boolean`	`checkProperties(org.apache.wss4j.policy.model.AbstractSymmetricAsymmetricBinding binding, AssertionInfo ai, AssertionInfoMap aim, List<org.apache.wss4j.dom.WSSecurityEngineResult> results, List<org.apache.wss4j.dom.WSSecurityEngineResult> signedResults, Message message)` Check various properties set in the policy of the binding
`protected boolean`	`checkProtectionOrder(org.apache.wss4j.policy.model.AbstractSymmetricAsymmetricBinding binding, AssertionInfoMap aim, AssertionInfo ai, List<org.apache.wss4j.dom.WSSecurityEngineResult> results)` Check the Protection Order of the binding
`protected Collection<AssertionInfo>`	`getAllAssertionsByLocalname(AssertionInfoMap aim, String localname)`
`protected boolean`	`isSignatureEncrypted(List<org.apache.wss4j.dom.WSSecurityEngineResult> results)` Check whether the primary Signature (and all SignatureConfirmation) elements were encrypted
`protected boolean`	`isTokenProtected(List<org.apache.wss4j.dom.WSSecurityEngineResult> results, List<org.apache.wss4j.dom.WSSecurityEngineResult> signedResults)` Check whether the token protection policy is followed.
`protected void`	`notAssertPolicy(AssertionInfoMap aim, org.apache.neethi.Assertion token, String msg)`
`protected void`	`notAssertPolicy(AssertionInfoMap aim, QName q, String msg)`
`protected boolean`	`validateEntireHeaderAndBodySignatures(List<org.apache.wss4j.dom.WSSecurityEngineResult> signedResults)` Validate the entire header and body signature property.
`protected boolean`	`validateTimestamp(boolean includeTimestamp, boolean transportBinding, List<org.apache.wss4j.dom.WSSecurityEngineResult> results, List<org.apache.wss4j.dom.WSSecurityEngineResult> signedResults, Message message)` Validate a Timestamp

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Methods inherited from interface org.apache.cxf.ws.security.wss4j.policyvalidators.BindingPolicyValidator
`validatePolicy`

Constructor Detail

AbstractBindingPolicyValidator

public AbstractBindingPolicyValidator()

Method Detail

validateTimestamp

protected boolean validateTimestamp(boolean includeTimestamp,
                                    boolean transportBinding,
                                    List<org.apache.wss4j.dom.WSSecurityEngineResult> results,
                                    List<org.apache.wss4j.dom.WSSecurityEngineResult> signedResults,
                                    Message message)

Validate a Timestamp

Parameters:: includeTimestamp - whether a Timestamp must be included or not; transportBinding - whether the Transport binding is in use or not; signedResults - the signed results list; message - the Message object
Returns:: whether the Timestamp policy is valid or not

validateEntireHeaderAndBodySignatures

protected boolean validateEntireHeaderAndBodySignatures(List<org.apache.wss4j.dom.WSSecurityEngineResult> signedResults)

Validate the entire header and body signature property.

checkProperties

protected boolean checkProperties(org.apache.wss4j.policy.model.AbstractSymmetricAsymmetricBinding binding,
                                  AssertionInfo ai,
                                  AssertionInfoMap aim,
                                  List<org.apache.wss4j.dom.WSSecurityEngineResult> results,
                                  List<org.apache.wss4j.dom.WSSecurityEngineResult> signedResults,
                                  Message message)

Check various properties set in the policy of the binding

checkProtectionOrder

protected boolean checkProtectionOrder(org.apache.wss4j.policy.model.AbstractSymmetricAsymmetricBinding binding,
                                       AssertionInfoMap aim,
                                       AssertionInfo ai,
                                       List<org.apache.wss4j.dom.WSSecurityEngineResult> results)

Check the Protection Order of the binding

checkDerivedKeys

protected boolean checkDerivedKeys(org.apache.wss4j.policy.model.AbstractTokenWrapper tokenWrapper,
                                   boolean hasDerivedKeys,
                                   List<org.apache.wss4j.dom.WSSecurityEngineResult> signedResults,
                                   List<org.apache.wss4j.dom.WSSecurityEngineResult> encryptedResults)

Check the derived key requirement.

isTokenProtected

protected boolean isTokenProtected(List<org.apache.wss4j.dom.WSSecurityEngineResult> results,
                                   List<org.apache.wss4j.dom.WSSecurityEngineResult> signedResults)

Check whether the token protection policy is followed. In other words, check that the signature token was itself signed.

isSignatureEncrypted

protected boolean isSignatureEncrypted(List<org.apache.wss4j.dom.WSSecurityEngineResult> results)

Check whether the primary Signature (and all SignatureConfirmation) elements were encrypted

assertPolicy

protected void assertPolicy(AssertionInfoMap aim,
                            org.apache.neethi.Assertion token)

notAssertPolicy

protected void notAssertPolicy(AssertionInfoMap aim,
                               org.apache.neethi.Assertion token,
                               String msg)

assertPolicy

protected boolean assertPolicy(AssertionInfoMap aim,
                               String localname)

assertPolicy

protected boolean assertPolicy(AssertionInfoMap aim,
                               QName q)

notAssertPolicy

protected void notAssertPolicy(AssertionInfoMap aim,
                               QName q,
                               String msg)

getAllAssertionsByLocalname

protected Collection<AssertionInfo> getAllAssertionsByLocalname(AssertionInfoMap aim,
                                                                String localname)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

Apache CXF API

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

Apache CXF

org.apache.cxf.ws.security.wss4j.policyvalidators Class AbstractBindingPolicyValidator

AbstractBindingPolicyValidator

validateTimestamp

validateEntireHeaderAndBodySignatures

checkProperties

checkProtectionOrder

checkDerivedKeys

isTokenProtected

isSignatureEncrypted

assertPolicy

notAssertPolicy

assertPolicy

assertPolicy

notAssertPolicy

getAllAssertionsByLocalname

org.apache.cxf.ws.security.wss4j.policyvalidators
Class AbstractBindingPolicyValidator