public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandler
Modifier and Type | Field and Description |
---|---|
protected AssertionInfoMap |
aim |
protected org.apache.wss4j.policy.model.AbstractBinding |
binding |
protected Element |
bottomUpElement |
protected Element |
bstElement |
protected org.apache.wss4j.dom.message.CallbackLookup |
callbackLookup |
static String |
CRYPTO_CACHE |
protected Set<org.apache.wss4j.common.WSEncryptionPart> |
encryptedTokensList |
protected Element |
lastEncryptedKeyElement |
protected static Logger |
LOG |
protected String |
mainSigId |
protected org.apache.wss4j.policy.model.AbstractSymmetricAsymmetricBinding.ProtectionOrder |
protectionOrder |
protected SOAPMessage |
saaj |
protected org.apache.wss4j.dom.message.WSSecHeader |
secHeader |
protected List<org.apache.wss4j.common.WSEncryptionPart> |
sigConfList |
protected Set<Integer> |
signatures |
protected org.apache.wss4j.dom.message.WSSecTimestamp |
timestampEl |
protected Element |
topDownElement |
protected org.apache.wss4j.dom.WSSConfig |
wssConfig |
message
Constructor and Description |
---|
AbstractBindingBuilder(org.apache.wss4j.dom.WSSConfig config,
org.apache.wss4j.policy.model.AbstractBinding binding,
SOAPMessage saaj,
org.apache.wss4j.dom.message.WSSecHeader secHeader,
AssertionInfoMap aim,
SoapMessage message) |
Modifier and Type | Method and Description |
---|---|
protected void |
addDerivedKeyElement(Element el) |
protected org.apache.wss4j.dom.message.WSSecUsernameToken |
addDKUsernameToken(org.apache.wss4j.policy.model.UsernameToken token,
boolean useMac) |
protected void |
addEncryptedKeyElement(Element el) |
protected org.apache.wss4j.common.saml.SamlAssertionWrapper |
addSamlToken(org.apache.wss4j.policy.model.SamlToken token) |
protected void |
addSig(byte[] val) |
protected void |
addSignatureConfirmation(List<org.apache.wss4j.common.WSEncryptionPart> sigParts) |
protected void |
addSignatureParts(List<org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.SupportingToken> tokenList,
List<org.apache.wss4j.common.WSEncryptionPart> sigParts) |
protected void |
addSupportingElement(Element el) |
protected void |
addSupportingTokens(List<org.apache.wss4j.common.WSEncryptionPart> sigs) |
protected void |
addTopDownElement(Element el) |
protected org.apache.wss4j.dom.message.WSSecUsernameToken |
addUsernameToken(org.apache.wss4j.policy.model.UsernameToken token) |
String |
addWsuIdToElement(Element elem)
Generates a wsu:Id attribute for the provided
Element and returns the attribute value
or finds and returns the value of the attribute if it already exists. |
protected Element |
cloneElement(Element el) |
org.apache.wss4j.common.WSEncryptionPart |
convertToEncryptionPart(Element element)
Convert a DOM Element into a WSEncryptionPart, adding a (wsu:)Id if there is not
one already.
|
protected org.apache.wss4j.dom.message.WSSecTimestamp |
createTimestamp() |
protected void |
doEndorse() |
protected void |
doEndorsedSignatures(List<org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.SupportingToken> tokenList,
boolean isTokenProtection,
boolean isSigProtect) |
protected String |
findIDFromSamlToken(Element samlToken) |
protected org.apache.wss4j.common.crypto.Crypto |
getCrypto(String cryptoKey,
String propKey) |
protected Map<Object,org.apache.wss4j.common.crypto.Crypto> |
getCryptoCache() |
protected List<org.apache.wss4j.common.WSEncryptionPart> |
getElements(String encryptionModifier,
List<org.apache.wss4j.policy.model.XPath> xpaths,
List<Element> found,
boolean forceId)
Identifies the portions of the message to be signed/encrypted.
|
protected org.apache.wss4j.dom.message.WSSecEncryptedKey |
getEncryptedKeyBuilder(org.apache.wss4j.policy.model.AbstractToken token) |
protected org.apache.wss4j.dom.WSSecurityEngineResult |
getEncryptedKeyResult() |
List<org.apache.wss4j.common.WSEncryptionPart> |
getEncryptedParts() |
org.apache.wss4j.common.crypto.Crypto |
getEncryptionCrypto() |
protected List<org.apache.wss4j.common.WSEncryptionPart> |
getParts(boolean sign,
boolean includeBody,
List<org.apache.wss4j.common.WSEncryptionPart> parts,
List<Element> found)
Identifies the portions of the message to be signed/encrypted.
|
List<org.apache.wss4j.common.WSEncryptionPart> |
getPartsAndElements(boolean sign,
boolean includeBody,
List<org.apache.wss4j.common.WSEncryptionPart> parts,
List<org.apache.wss4j.policy.model.XPath> xpaths,
List<org.apache.wss4j.policy.model.XPath> contentXpaths)
Identifies the portions of the message to be signed/encrypted.
|
String |
getPassword(String userName,
org.apache.neethi.Assertion info,
int usage) |
protected org.apache.wss4j.common.crypto.PasswordEncryptor |
getPasswordEncryptor() |
protected org.apache.wss4j.dom.message.WSSecSignature |
getSignatureBuilder(org.apache.wss4j.policy.model.AbstractToken token,
boolean attached,
boolean endorse) |
org.apache.wss4j.common.crypto.Crypto |
getSignatureCrypto() |
List<org.apache.wss4j.common.WSEncryptionPart> |
getSignedParts(org.apache.wss4j.policy.model.SupportingTokens supportingToken) |
protected TokenStore |
getTokenStore() |
static String |
getUsername(List<org.apache.wss4j.dom.handler.WSHandlerResult> results)
Scan through
WSHandlerResult |
void |
handleEncryptedSignedHeaders(List<org.apache.wss4j.common.WSEncryptionPart> encryptedParts,
List<org.apache.wss4j.common.WSEncryptionPart> signedParts)
Processes the parts to be signed and reconfigures those parts that have
already been encrypted.
|
protected org.apache.wss4j.dom.message.WSSecTimestamp |
handleLayout(org.apache.wss4j.dom.message.WSSecTimestamp timestamp) |
protected List<org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.SupportingToken> |
handleSupportingTokens(org.apache.wss4j.policy.model.SupportingTokens suppTokens,
boolean endorse,
List<org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.SupportingToken> ret) |
protected void |
handleUsernameTokenSupportingToken(org.apache.wss4j.policy.model.UsernameToken token,
boolean endorse,
boolean encryptedToken,
List<org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.SupportingToken> ret) |
protected void |
insertAfter(Element child,
Element sib) |
protected void |
insertBeforeBottomUp(Element el) |
protected void |
reshuffleTimestamp() |
String |
setEncryptionUser(org.apache.wss4j.dom.message.WSSecEncryptedKey encrKeyBuilder,
org.apache.wss4j.policy.model.AbstractToken token,
boolean sign,
org.apache.wss4j.common.crypto.Crypto crypto) |
void |
setKeyIdentifierType(org.apache.wss4j.dom.message.WSSecBase secBase,
org.apache.wss4j.policy.model.AbstractToken token) |
protected void |
storeAssertionAsSecurityToken(org.apache.wss4j.common.saml.SamlAssertionWrapper assertion)
Store a SAML Assertion as a SecurityToken
|
assertAlgorithmSuite, assertPolicy, assertPolicy, assertToken, assertTokenWrapper, assertTrustProperties, assertWSSProperties, getAllAssertionsByLocalname, getMessage, getSecurityToken, getWss10, isRequestor, isTokenRequired, unassertPolicy, unassertPolicy
public static final String CRYPTO_CACHE
protected static final Logger LOG
protected org.apache.wss4j.policy.model.AbstractSymmetricAsymmetricBinding.ProtectionOrder protectionOrder
protected final org.apache.wss4j.dom.WSSConfig wssConfig
protected SOAPMessage saaj
protected org.apache.wss4j.dom.message.WSSecHeader secHeader
protected AssertionInfoMap aim
protected org.apache.wss4j.policy.model.AbstractBinding binding
protected org.apache.wss4j.dom.message.WSSecTimestamp timestampEl
protected String mainSigId
protected List<org.apache.wss4j.common.WSEncryptionPart> sigConfList
protected Set<org.apache.wss4j.common.WSEncryptionPart> encryptedTokensList
protected Element bottomUpElement
protected Element topDownElement
protected Element bstElement
protected Element lastEncryptedKeyElement
protected final org.apache.wss4j.dom.message.CallbackLookup callbackLookup
public AbstractBindingBuilder(org.apache.wss4j.dom.WSSConfig config, org.apache.wss4j.policy.model.AbstractBinding binding, SOAPMessage saaj, org.apache.wss4j.dom.message.WSSecHeader secHeader, AssertionInfoMap aim, SoapMessage message) throws SOAPException
SOAPException
protected void addDerivedKeyElement(Element el)
protected void addEncryptedKeyElement(Element el)
protected void addSupportingElement(Element el)
protected void insertBeforeBottomUp(Element el)
protected void addTopDownElement(Element el)
protected final TokenStore getTokenStore()
protected org.apache.wss4j.dom.message.WSSecTimestamp createTimestamp()
protected org.apache.wss4j.dom.message.WSSecTimestamp handleLayout(org.apache.wss4j.dom.message.WSSecTimestamp timestamp)
protected void reshuffleTimestamp()
protected List<org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.SupportingToken> handleSupportingTokens(org.apache.wss4j.policy.model.SupportingTokens suppTokens, boolean endorse, List<org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.SupportingToken> ret) throws org.apache.wss4j.common.ext.WSSecurityException, SOAPException
org.apache.wss4j.common.ext.WSSecurityException
SOAPException
protected void handleUsernameTokenSupportingToken(org.apache.wss4j.policy.model.UsernameToken token, boolean endorse, boolean encryptedToken, List<org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.SupportingToken> ret) throws org.apache.wss4j.common.ext.WSSecurityException
org.apache.wss4j.common.ext.WSSecurityException
protected void addSignatureParts(List<org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.SupportingToken> tokenList, List<org.apache.wss4j.common.WSEncryptionPart> sigParts)
protected org.apache.wss4j.dom.message.WSSecUsernameToken addUsernameToken(org.apache.wss4j.policy.model.UsernameToken token)
protected org.apache.wss4j.dom.message.WSSecUsernameToken addDKUsernameToken(org.apache.wss4j.policy.model.UsernameToken token, boolean useMac)
protected org.apache.wss4j.common.saml.SamlAssertionWrapper addSamlToken(org.apache.wss4j.policy.model.SamlToken token) throws org.apache.wss4j.common.ext.WSSecurityException
org.apache.wss4j.common.ext.WSSecurityException
protected void storeAssertionAsSecurityToken(org.apache.wss4j.common.saml.SamlAssertionWrapper assertion)
public String addWsuIdToElement(Element elem)
Element
and returns the attribute value
or finds and returns the value of the attribute if it already exists.element
- the Element
to check/create the attribute onpublic List<org.apache.wss4j.common.WSEncryptionPart> getEncryptedParts() throws SOAPException
SOAPException
public List<org.apache.wss4j.common.WSEncryptionPart> getSignedParts(org.apache.wss4j.policy.model.SupportingTokens supportingToken) throws SOAPException
SOAPException
public List<org.apache.wss4j.common.WSEncryptionPart> getPartsAndElements(boolean sign, boolean includeBody, List<org.apache.wss4j.common.WSEncryptionPart> parts, List<org.apache.wss4j.policy.model.XPath> xpaths, List<org.apache.wss4j.policy.model.XPath> contentXpaths) throws SOAPException
sign
- whether the matches are to be signed or encryptedincludeBody
- if the body should be included in the signature/encryptionparts
- any WSEncryptionPart
s to match for signature or
encryption as specified by WS-SP signed parts or encrypted
parts. Parts without a name match all elements with the
provided namespace.xpaths
- any XPath expressions to sign/encrypt matchescontentXpaths
- any XPath expressions to content encryptWSEncryptionPart
s suitable for
processing by WSS4JSOAPException
- if there is an error extracting SOAP content from the SAAJ
modelprotected List<org.apache.wss4j.common.WSEncryptionPart> getParts(boolean sign, boolean includeBody, List<org.apache.wss4j.common.WSEncryptionPart> parts, List<Element> found) throws SOAPException
sign
- whether the matches are to be signed or encryptedincludeBody
- if the body should be included in the signature/encryptionparts
- any WSEncryptionPart
s to match for signature or
encryption as specified by WS-SP signed parts or encrypted
parts. Parts without a name match all elements with the
provided namespace.found
- a list of elements that have previously been tagged for
signing/encryption. Populated with additional matches found by
this method and used to prevent including the same element
twice under the same operation.WSEncryptionPart
s suitable for
processing by WSS4JSOAPException
- if there is an error extracting SOAP content from the SAAJ
modelprotected List<org.apache.wss4j.common.WSEncryptionPart> getElements(String encryptionModifier, List<org.apache.wss4j.policy.model.XPath> xpaths, List<Element> found, boolean forceId) throws SOAPException
encryptionModifier
- indicates the scope of the crypto operation over matched
elements. Either "Content" or "Element".xpaths
- any XPath expressions to sign/encrypt matchesfound
- a list of elements that have previously been tagged for
signing/encryption. Populated with additional matches found by
this method and used to prevent including the same element
twice under the same operation.forceId
- force adding a wsu:Id onto the elements. Recommended for signatures.WSEncryptionPart
s suitable for
processing by WSS4JXPathExpressionException
- if a provided XPath is invalidSOAPException
- if there is an error extracting SOAP content from the SAAJ
modelprotected org.apache.wss4j.dom.message.WSSecEncryptedKey getEncryptedKeyBuilder(org.apache.wss4j.policy.model.AbstractToken token) throws org.apache.wss4j.common.ext.WSSecurityException
org.apache.wss4j.common.ext.WSSecurityException
public org.apache.wss4j.common.crypto.Crypto getSignatureCrypto() throws org.apache.wss4j.common.ext.WSSecurityException
org.apache.wss4j.common.ext.WSSecurityException
public org.apache.wss4j.common.crypto.Crypto getEncryptionCrypto() throws org.apache.wss4j.common.ext.WSSecurityException
org.apache.wss4j.common.ext.WSSecurityException
protected org.apache.wss4j.common.crypto.Crypto getCrypto(String cryptoKey, String propKey) throws org.apache.wss4j.common.ext.WSSecurityException
org.apache.wss4j.common.ext.WSSecurityException
protected org.apache.wss4j.common.crypto.PasswordEncryptor getPasswordEncryptor()
public void setKeyIdentifierType(org.apache.wss4j.dom.message.WSSecBase secBase, org.apache.wss4j.policy.model.AbstractToken token)
public String setEncryptionUser(org.apache.wss4j.dom.message.WSSecEncryptedKey encrKeyBuilder, org.apache.wss4j.policy.model.AbstractToken token, boolean sign, org.apache.wss4j.common.crypto.Crypto crypto)
public static String getUsername(List<org.apache.wss4j.dom.handler.WSHandlerResult> results)
WSHandlerResult list for a Username token and return
the username if a Username Token found
results
- protected org.apache.wss4j.dom.WSSecurityEngineResult getEncryptedKeyResult()
protected org.apache.wss4j.dom.message.WSSecSignature getSignatureBuilder(org.apache.wss4j.policy.model.AbstractToken token, boolean attached, boolean endorse) throws org.apache.wss4j.common.ext.WSSecurityException
org.apache.wss4j.common.ext.WSSecurityException
protected void doEndorsedSignatures(List<org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.SupportingToken> tokenList, boolean isTokenProtection, boolean isSigProtect)
protected void addSupportingTokens(List<org.apache.wss4j.common.WSEncryptionPart> sigs) throws org.apache.wss4j.common.ext.WSSecurityException
org.apache.wss4j.common.ext.WSSecurityException
protected void doEndorse()
protected void addSignatureConfirmation(List<org.apache.wss4j.common.WSEncryptionPart> sigParts)
public void handleEncryptedSignedHeaders(List<org.apache.wss4j.common.WSEncryptionPart> encryptedParts, List<org.apache.wss4j.common.WSEncryptionPart> signedParts)
encryptedParts
- the parts that have been encryptedsignedParts
- the parts that are to be signedIllegalArgumentException
- if an element in signedParts
contains a WSEncryptionPart
with a null
id
value
and the WSEncryptionPart
name
value is not
"Token"public org.apache.wss4j.common.WSEncryptionPart convertToEncryptionPart(Element element)
element
- The DOM Element to convertprotected void addSig(byte[] val)
Apache CXF