org.apache.wss4j.dom.util

Class WSSecurityUtil

java.lang.Object

org.apache.wss4j.dom.util.WSSecurityUtil

public final class WSSecurityUtil
extends Object

WS-Security Utility methods.

Method Summary

Modifier and Type	Method and Description
static Text	createBase64EncodedTextNode(Document doc, byte[] data) create a base64 test node
static List<Integer>	decodeAction(String action)
static List<HandlerAction>	decodeHandlerAction(String action, WSSConfig wssConfig) Decode an action String.
static Element	findBodyElement(Document doc) return the first soap "Body" element.
static List<Element>	findElements(WSEncryptionPart part, CallbackLookup callbackLookup, Document doc) Find the DOM Element in the SOAP Envelope that is referenced by the WSEncryptionPart argument.
static Element	findWsseSecurityHeaderBlock(Document doc, Element envelope, boolean doCreate) find the first ws-security header block
static Element	findWsseSecurityHeaderBlock(Document doc, Element envelope, String actor, boolean doCreate) find a WS-Security header block for a given actor
static byte[]	generateNonce(int length) Generate a nonce of the given length using the SHA1PRNG algorithm.
static byte[]	getBytesFromAttachment(String xopUri, RequestData data)
static WSEncryptionPart	getDefaultEncryptionPart(Document doc) Get the default encryption part - the SOAP Body of type "Content".
static List<Element>	getDirectChildElements(Node fNode, String localName, String namespace) Gets all direct children with specified localname and namespace.
static Element	getSecurityHeader(Document doc, String actor) Returns the first WS-Security header element for a given actor.
static Element	getSecurityHeader(Element soapHeader, String actor, boolean soap12) Returns the first WS-Security header element for a given actor.
static SOAPConstants	getSOAPConstants(Element startElement)
static Element	getSOAPHeader(Document doc)
static String	getSOAPNamespace(Element startElement)
static boolean	isActorEqual(String actor, String hActor) Compares two actor strings and returns true if these are equal.
static Element	prependChildElement(Element parent, Element child) prepend a child element
static void	storeBytesInAttachment(Element parentElement, Document doc, String attachmentId, byte[] bytes, CallbackHandler attachmentCallbackHandler)
static void	verifySignedElement(Element elem, List<WSSecurityEngineResult> signedResults)
static void	verifySignedElement(Element elem, WSDocInfo wsDocInfo)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

getSOAPHeader

public static Element getSOAPHeader(Document doc)

getSecurityHeader

public static Element getSecurityHeader(Document doc,
                                        String actor)
                                 throws WSSecurityException

Returns the first WS-Security header element for a given actor. Only one WS-Security header is allowed for an actor.

Parameters:

doc -

actor -

Returns:

the wsse:Security element or null if not such element found

Throws:

WSSecurityException

getSecurityHeader

public static Element getSecurityHeader(Element soapHeader,
                                        String actor,
                                        boolean soap12)
                                 throws WSSecurityException

Returns the first WS-Security header element for a given actor. Only one WS-Security header is allowed for an actor.

Throws:

WSSecurityException

isActorEqual

public static boolean isActorEqual(String actor,
                                   String hActor)

Compares two actor strings and returns true if these are equal. Takes care of the null length strings and uses ignore case.

Parameters:

actor -

hActor -

Returns:

true is the actor arguments are equal

getDirectChildElements

public static List<Element> getDirectChildElements(Node fNode,
                                                   String localName,
                                                   String namespace)

Gets all direct children with specified localname and namespace.

Parameters:

fNode - the node where to start the search

localName - local name of the children to get

namespace - the namespace of the children to get

Returns:

the list of nodes or null if not such nodes are found

findBodyElement

public static Element findBodyElement(Document doc)

return the first soap "Body" element.

Parameters:

doc -

Returns:

the body element or null if document does not contain a SOAP body

findElements

public static List<Element> findElements(WSEncryptionPart part,
                                         CallbackLookup callbackLookup,
                                         Document doc)
                                  throws WSSecurityException

Find the DOM Element in the SOAP Envelope that is referenced by the WSEncryptionPart argument. The "Id" is used before the Element localname/namespace.

Parameters:

part - The WSEncryptionPart object corresponding to the DOM Element(s) we want

callbackLookup - The CallbackLookup object used to find Elements

doc - The owning document

Returns:

the DOM Element in the SOAP Envelope that is found

Throws:

WSSecurityException

getDefaultEncryptionPart

public static WSEncryptionPart getDefaultEncryptionPart(Document doc)

Get the default encryption part - the SOAP Body of type "Content".

prependChildElement

public static Element prependChildElement(Element parent,
                                          Element child)

prepend a child element

Parameters:

parent - element of this child element

child - the element to append

Returns:

the child element

findWsseSecurityHeaderBlock

public static Element findWsseSecurityHeaderBlock(Document doc,
                                                  Element envelope,
                                                  boolean doCreate)
                                           throws WSSecurityException

find the first ws-security header block

Parameters:

doc - the DOM document (SOAP request)

envelope - the SOAP envelope

doCreate - if true create a new WSS header block if none exists

Returns:

the WSS header or null if none found and doCreate is false

Throws:

WSSecurityException

findWsseSecurityHeaderBlock

public static Element findWsseSecurityHeaderBlock(Document doc,
                                                  Element envelope,
                                                  String actor,
                                                  boolean doCreate)
                                           throws WSSecurityException

find a WS-Security header block for a given actor

Parameters:

doc - the DOM document (SOAP request)

envelope - the SOAP envelope

actor - the actor (role) name of the WSS header

doCreate - if true create a new WSS header block if none exists

Returns:

the WSS header or null if none found and doCreate is false

Throws:

WSSecurityException

createBase64EncodedTextNode

public static Text createBase64EncodedTextNode(Document doc,
                                               byte[] data)

create a base64 test node

Parameters:

doc - the DOM document (SOAP request)

data - to encode

Returns:

a Text node containing the base64 encoded data

getSOAPConstants

public static SOAPConstants getSOAPConstants(Element startElement)

getSOAPNamespace

public static String getSOAPNamespace(Element startElement)

decodeAction

public static List<Integer> decodeAction(String action)
                                  throws WSSecurityException

Throws:

WSSecurityException

decodeHandlerAction

public static List<HandlerAction> decodeHandlerAction(String action,
                                                      WSSConfig wssConfig)
                                               throws WSSecurityException

Decode an action String. This method should only be called on the outbound side.

Parameters:

action - The initial String of actions to perform

wssConfig - This object holds the list of custom actions to be performed.

Returns:

The list of HandlerAction Objects

Throws:

WSSecurityException

generateNonce

public static byte[] generateNonce(int length)
                            throws WSSecurityException

Generate a nonce of the given length using the SHA1PRNG algorithm. The SecureRandom instance that backs this method is cached for efficiency.

Returns:

a nonce of the given length

Throws:

WSSecurityException

verifySignedElement

public static void verifySignedElement(Element elem,
                                       WSDocInfo wsDocInfo)
                                throws WSSecurityException

Throws:

WSSecurityException

verifySignedElement

public static void verifySignedElement(Element elem,
                                       List<WSSecurityEngineResult> signedResults)
                                throws WSSecurityException

Throws:

WSSecurityException

getBytesFromAttachment

public static byte[] getBytesFromAttachment(String xopUri,
                                            RequestData data)
                                     throws WSSecurityException

Throws:

WSSecurityException

storeBytesInAttachment

public static void storeBytesInAttachment(Element parentElement,
                                          Document doc,
                                          String attachmentId,
                                          byte[] bytes,
                                          CallbackHandler attachmentCallbackHandler)
                                   throws WSSecurityException

Throws:

WSSecurityException