Apache CXF API

org.apache.cxf.ws.security.wss4j.policyvalidators
Class AbstractBindingPolicyValidator

java.lang.Object
  extended by org.apache.cxf.ws.security.wss4j.policyvalidators.AbstractBindingPolicyValidator
All Implemented Interfaces:
BindingPolicyValidator
Direct Known Subclasses:
AsymmetricBindingPolicyValidator, SymmetricBindingPolicyValidator, TransportBindingPolicyValidator

public abstract class AbstractBindingPolicyValidator
extends Object
implements BindingPolicyValidator

Some abstract functionality for validating a security binding.


Constructor Summary
AbstractBindingPolicyValidator()
           
 
Method Summary
protected  void assertPolicy(AssertionInfoMap aim, org.apache.neethi.Assertion token)
           
protected  boolean assertPolicy(AssertionInfoMap aim, QName q)
           
protected  boolean assertPolicy(AssertionInfoMap aim, String localname)
           
protected  boolean checkDerivedKeys(org.apache.wss4j.policy.model.AbstractTokenWrapper tokenWrapper, boolean hasDerivedKeys, List<org.apache.wss4j.dom.WSSecurityEngineResult> signedResults, List<org.apache.wss4j.dom.WSSecurityEngineResult> encryptedResults)
          Check the derived key requirement.
protected  boolean checkProperties(org.apache.wss4j.policy.model.AbstractSymmetricAsymmetricBinding binding, AssertionInfo ai, AssertionInfoMap aim, List<org.apache.wss4j.dom.WSSecurityEngineResult> results, List<org.apache.wss4j.dom.WSSecurityEngineResult> signedResults, Message message)
          Check various properties set in the policy of the binding
protected  boolean checkProtectionOrder(org.apache.wss4j.policy.model.AbstractSymmetricAsymmetricBinding binding, AssertionInfoMap aim, AssertionInfo ai, List<org.apache.wss4j.dom.WSSecurityEngineResult> results)
          Check the Protection Order of the binding
protected  Collection<AssertionInfo> getAllAssertionsByLocalname(AssertionInfoMap aim, String localname)
           
protected  boolean isSignatureEncrypted(List<org.apache.wss4j.dom.WSSecurityEngineResult> results)
          Check whether the primary Signature (and all SignatureConfirmation) elements were encrypted
protected  boolean isTokenProtected(List<org.apache.wss4j.dom.WSSecurityEngineResult> results, List<org.apache.wss4j.dom.WSSecurityEngineResult> signedResults)
          Check whether the token protection policy is followed.
protected  void notAssertPolicy(AssertionInfoMap aim, org.apache.neethi.Assertion token, String msg)
           
protected  void notAssertPolicy(AssertionInfoMap aim, QName q, String msg)
           
protected  boolean validateEntireHeaderAndBodySignatures(List<org.apache.wss4j.dom.WSSecurityEngineResult> signedResults)
          Validate the entire header and body signature property.
protected  boolean validateTimestamp(boolean includeTimestamp, boolean transportBinding, List<org.apache.wss4j.dom.WSSecurityEngineResult> results, List<org.apache.wss4j.dom.WSSecurityEngineResult> signedResults, Message message)
          Validate a Timestamp
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface org.apache.cxf.ws.security.wss4j.policyvalidators.BindingPolicyValidator
validatePolicy
 

Constructor Detail

AbstractBindingPolicyValidator

public AbstractBindingPolicyValidator()
Method Detail

validateTimestamp

protected boolean validateTimestamp(boolean includeTimestamp,
                                    boolean transportBinding,
                                    List<org.apache.wss4j.dom.WSSecurityEngineResult> results,
                                    List<org.apache.wss4j.dom.WSSecurityEngineResult> signedResults,
                                    Message message)
Validate a Timestamp

Parameters:
includeTimestamp - whether a Timestamp must be included or not
transportBinding - whether the Transport binding is in use or not
signedResults - the signed results list
message - the Message object
Returns:
whether the Timestamp policy is valid or not

validateEntireHeaderAndBodySignatures

protected boolean validateEntireHeaderAndBodySignatures(List<org.apache.wss4j.dom.WSSecurityEngineResult> signedResults)
Validate the entire header and body signature property.


checkProperties

protected boolean checkProperties(org.apache.wss4j.policy.model.AbstractSymmetricAsymmetricBinding binding,
                                  AssertionInfo ai,
                                  AssertionInfoMap aim,
                                  List<org.apache.wss4j.dom.WSSecurityEngineResult> results,
                                  List<org.apache.wss4j.dom.WSSecurityEngineResult> signedResults,
                                  Message message)
Check various properties set in the policy of the binding


checkProtectionOrder

protected boolean checkProtectionOrder(org.apache.wss4j.policy.model.AbstractSymmetricAsymmetricBinding binding,
                                       AssertionInfoMap aim,
                                       AssertionInfo ai,
                                       List<org.apache.wss4j.dom.WSSecurityEngineResult> results)
Check the Protection Order of the binding


checkDerivedKeys

protected boolean checkDerivedKeys(org.apache.wss4j.policy.model.AbstractTokenWrapper tokenWrapper,
                                   boolean hasDerivedKeys,
                                   List<org.apache.wss4j.dom.WSSecurityEngineResult> signedResults,
                                   List<org.apache.wss4j.dom.WSSecurityEngineResult> encryptedResults)
Check the derived key requirement.


isTokenProtected

protected boolean isTokenProtected(List<org.apache.wss4j.dom.WSSecurityEngineResult> results,
                                   List<org.apache.wss4j.dom.WSSecurityEngineResult> signedResults)
Check whether the token protection policy is followed. In other words, check that the signature token was itself signed.


isSignatureEncrypted

protected boolean isSignatureEncrypted(List<org.apache.wss4j.dom.WSSecurityEngineResult> results)
Check whether the primary Signature (and all SignatureConfirmation) elements were encrypted


assertPolicy

protected void assertPolicy(AssertionInfoMap aim,
                            org.apache.neethi.Assertion token)

notAssertPolicy

protected void notAssertPolicy(AssertionInfoMap aim,
                               org.apache.neethi.Assertion token,
                               String msg)

assertPolicy

protected boolean assertPolicy(AssertionInfoMap aim,
                               String localname)

assertPolicy

protected boolean assertPolicy(AssertionInfoMap aim,
                               QName q)

notAssertPolicy

protected void notAssertPolicy(AssertionInfoMap aim,
                               QName q,
                               String msg)

getAllAssertionsByLocalname

protected Collection<AssertionInfo> getAllAssertionsByLocalname(AssertionInfoMap aim,
                                                                String localname)

Apache CXF API

Apache CXF