public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandler
Modifier and Type | Field and Description |
---|---|
protected org.apache.cxf.ws.policy.AssertionInfoMap |
aim |
protected AbstractBinding |
binding |
protected Element |
bottomUpElement |
protected Element |
bstElement |
protected CallbackLookup |
callbackLookup |
static String |
CRYPTO_CACHE |
protected Set<WSEncryptionPart> |
encryptedTokensList |
protected Element |
lastEncryptedKeyElement |
protected static Logger |
LOG |
protected String |
mainSigId |
protected AbstractSymmetricAsymmetricBinding.ProtectionOrder |
protectionOrder |
protected SOAPMessage |
saaj |
protected WSSecHeader |
secHeader |
protected List<WSEncryptionPart> |
sigConfList |
protected Set<Integer> |
signatures |
protected boolean |
storeBytesInAttachment |
protected WSSecTimestamp |
timestampEl |
protected Element |
topDownElement |
protected WSSConfig |
wssConfig |
message
Constructor and Description |
---|
AbstractBindingBuilder(WSSConfig config,
AbstractBinding binding,
SOAPMessage saaj,
WSSecHeader secHeader,
org.apache.cxf.ws.policy.AssertionInfoMap aim,
org.apache.cxf.binding.soap.SoapMessage message) |
Modifier and Type | Method and Description |
---|---|
protected void |
addDerivedKeyElement(Element el) |
protected WSSecUsernameToken |
addDKUsernameToken(UsernameToken token,
boolean useMac) |
protected void |
addEncryptedKeyElement(Element el) |
protected SamlAssertionWrapper |
addSamlToken(SamlToken token) |
protected void |
addSig(byte[] val) |
protected void |
addSignatureConfirmation(List<WSEncryptionPart> sigParts) |
protected void |
addSignatureParts(List<org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.SupportingToken> tokenList,
List<WSEncryptionPart> sigParts) |
protected void |
addSupportingElement(Element el) |
protected void |
addSupportingTokens(List<WSEncryptionPart> sigs) |
protected void |
addTopDownElement(Element el) |
protected WSSecUsernameToken |
addUsernameToken(UsernameToken token) |
String |
addWsuIdToElement(Element elem)
Generates a wsu:Id attribute for the provided
Element and returns the attribute value
or finds and returns the value of the attribute if it already exists. |
protected Element |
cloneElement(Element el) |
WSEncryptionPart |
convertToEncryptionPart(Element element)
Convert a DOM Element into a WSEncryptionPart, adding a (wsu:)Id if there is not
one already.
|
protected WSSecTimestamp |
createTimestamp() |
protected void |
doEndorse() |
protected void |
doEndorsedSignatures(List<org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.SupportingToken> tokenList,
boolean isTokenProtection,
boolean isSigProtect) |
protected String |
findIDFromSamlToken(Element samlToken) |
protected Crypto |
getCrypto(String cryptoKey,
String propKey) |
protected Map<Object,Crypto> |
getCryptoCache() |
protected List<WSEncryptionPart> |
getElements(String encryptionModifier,
List<XPath> xpaths,
List<Element> found,
boolean forceId)
Identifies the portions of the message to be signed/encrypted.
|
protected WSSecEncryptedKey |
getEncryptedKeyBuilder(AbstractToken token) |
protected WSSecurityEngineResult |
getEncryptedKeyResult() |
List<WSEncryptionPart> |
getEncryptedParts() |
Crypto |
getEncryptionCrypto() |
protected List<WSEncryptionPart> |
getParts(boolean sign,
boolean includeBody,
List<WSEncryptionPart> parts,
List<Element> found)
Identifies the portions of the message to be signed/encrypted.
|
List<WSEncryptionPart> |
getPartsAndElements(boolean sign,
boolean includeBody,
List<WSEncryptionPart> parts,
List<XPath> xpaths,
List<XPath> contentXpaths)
Identifies the portions of the message to be signed/encrypted.
|
protected String |
getPassword(String userName,
org.apache.neethi.Assertion info,
int usage) |
protected WSSecSignature |
getSignatureBuilder(AbstractToken token,
boolean attached,
boolean endorse) |
Crypto |
getSignatureCrypto() |
List<WSEncryptionPart> |
getSignedParts(SupportingTokens supportingToken) |
protected TokenStore |
getTokenStore() |
static String |
getUsername(List<WSHandlerResult> results)
Scan through
WSHandlerResult |
void |
handleEncryptedSignedHeaders(List<WSEncryptionPart> encryptedParts,
List<WSEncryptionPart> signedParts)
Processes the parts to be signed and reconfigures those parts that have
already been encrypted.
|
protected WSSecTimestamp |
handleLayout(WSSecTimestamp timestamp) |
protected List<org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.SupportingToken> |
handleSupportingTokens(SupportingTokens suppTokens,
boolean endorse,
List<org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.SupportingToken> ret) |
protected void |
handleUsernameTokenSupportingToken(UsernameToken token,
boolean endorse,
boolean encryptedToken,
List<org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.SupportingToken> ret) |
protected void |
insertAfter(Element child,
Element sib) |
protected void |
insertBeforeBottomUp(Element el) |
protected void |
reshuffleTimestamp() |
String |
setEncryptionUser(WSSecEncryptedKey encrKeyBuilder,
AbstractToken token,
boolean sign,
Crypto crypto) |
void |
setKeyIdentifierType(WSSecBase secBase,
AbstractToken token) |
protected void |
storeAssertionAsSecurityToken(SamlAssertionWrapper assertion)
Store a SAML Assertion as a SecurityToken
|
assertAlgorithmSuite, assertPolicy, assertPolicy, assertToken, assertTokenWrapper, assertTrustProperties, assertWSSProperties, getAllAssertionsByLocalname, getMessage, getSecurityToken, getWss10, isRequestor, isTokenRequired, unassertPolicy, unassertPolicy
public static final String CRYPTO_CACHE
protected static final Logger LOG
protected AbstractSymmetricAsymmetricBinding.ProtectionOrder protectionOrder
protected final WSSConfig wssConfig
protected SOAPMessage saaj
protected WSSecHeader secHeader
protected org.apache.cxf.ws.policy.AssertionInfoMap aim
protected AbstractBinding binding
protected WSSecTimestamp timestampEl
protected String mainSigId
protected List<WSEncryptionPart> sigConfList
protected Set<WSEncryptionPart> encryptedTokensList
protected Element bottomUpElement
protected Element topDownElement
protected Element bstElement
protected Element lastEncryptedKeyElement
protected final CallbackLookup callbackLookup
protected boolean storeBytesInAttachment
public AbstractBindingBuilder(WSSConfig config, AbstractBinding binding, SOAPMessage saaj, WSSecHeader secHeader, org.apache.cxf.ws.policy.AssertionInfoMap aim, org.apache.cxf.binding.soap.SoapMessage message) throws SOAPException
SOAPException
protected void addDerivedKeyElement(Element el)
protected void addEncryptedKeyElement(Element el)
protected void addSupportingElement(Element el)
protected void insertBeforeBottomUp(Element el)
protected void addTopDownElement(Element el)
protected final TokenStore getTokenStore()
protected WSSecTimestamp createTimestamp()
protected WSSecTimestamp handleLayout(WSSecTimestamp timestamp)
protected void reshuffleTimestamp()
protected List<org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.SupportingToken> handleSupportingTokens(SupportingTokens suppTokens, boolean endorse, List<org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.SupportingToken> ret) throws WSSecurityException, SOAPException
WSSecurityException
SOAPException
protected void handleUsernameTokenSupportingToken(UsernameToken token, boolean endorse, boolean encryptedToken, List<org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.SupportingToken> ret) throws WSSecurityException
WSSecurityException
protected void addSignatureParts(List<org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.SupportingToken> tokenList, List<WSEncryptionPart> sigParts)
protected WSSecUsernameToken addUsernameToken(UsernameToken token)
protected WSSecUsernameToken addDKUsernameToken(UsernameToken token, boolean useMac)
protected SamlAssertionWrapper addSamlToken(SamlToken token) throws WSSecurityException
WSSecurityException
protected void storeAssertionAsSecurityToken(SamlAssertionWrapper assertion)
protected String getPassword(String userName, org.apache.neethi.Assertion info, int usage)
public String addWsuIdToElement(Element elem)
Element
and returns the attribute value
or finds and returns the value of the attribute if it already exists.element
- the Element
to check/create the attribute onpublic List<WSEncryptionPart> getEncryptedParts() throws SOAPException
SOAPException
public List<WSEncryptionPart> getSignedParts(SupportingTokens supportingToken) throws SOAPException
SOAPException
public List<WSEncryptionPart> getPartsAndElements(boolean sign, boolean includeBody, List<WSEncryptionPart> parts, List<XPath> xpaths, List<XPath> contentXpaths) throws SOAPException
sign
- whether the matches are to be signed or encryptedincludeBody
- if the body should be included in the signature/encryptionparts
- any WSEncryptionPart
s to match for signature or
encryption as specified by WS-SP signed parts or encrypted
parts. Parts without a name match all elements with the
provided namespace.xpaths
- any XPath expressions to sign/encrypt matchescontentXpaths
- any XPath expressions to content encryptWSEncryptionPart
s suitable for
processing by WSS4JSOAPException
- if there is an error extracting SOAP content from the SAAJ
modelprotected List<WSEncryptionPart> getParts(boolean sign, boolean includeBody, List<WSEncryptionPart> parts, List<Element> found) throws SOAPException
sign
- whether the matches are to be signed or encryptedincludeBody
- if the body should be included in the signature/encryptionparts
- any WSEncryptionPart
s to match for signature or
encryption as specified by WS-SP signed parts or encrypted
parts. Parts without a name match all elements with the
provided namespace.found
- a list of elements that have previously been tagged for
signing/encryption. Populated with additional matches found by
this method and used to prevent including the same element
twice under the same operation.WSEncryptionPart
s suitable for
processing by WSS4JSOAPException
- if there is an error extracting SOAP content from the SAAJ
modelprotected List<WSEncryptionPart> getElements(String encryptionModifier, List<XPath> xpaths, List<Element> found, boolean forceId) throws SOAPException
encryptionModifier
- indicates the scope of the crypto operation over matched
elements. Either "Content" or "Element".xpaths
- any XPath expressions to sign/encrypt matchesfound
- a list of elements that have previously been tagged for
signing/encryption. Populated with additional matches found by
this method and used to prevent including the same element
twice under the same operation.forceId
- force adding a wsu:Id onto the elements. Recommended for signatures.WSEncryptionPart
s suitable for
processing by WSS4JSOAPException
- if there is an error extracting SOAP content from the SAAJ
modelprotected WSSecEncryptedKey getEncryptedKeyBuilder(AbstractToken token) throws WSSecurityException
WSSecurityException
public Crypto getSignatureCrypto() throws WSSecurityException
WSSecurityException
public Crypto getEncryptionCrypto() throws WSSecurityException
WSSecurityException
protected Crypto getCrypto(String cryptoKey, String propKey) throws WSSecurityException
WSSecurityException
public void setKeyIdentifierType(WSSecBase secBase, AbstractToken token)
public String setEncryptionUser(WSSecEncryptedKey encrKeyBuilder, AbstractToken token, boolean sign, Crypto crypto)
public static String getUsername(List<WSHandlerResult> results)
WSHandlerResult list for a Username token and return
the username if a Username Token found
results
- protected WSSecurityEngineResult getEncryptedKeyResult()
protected WSSecSignature getSignatureBuilder(AbstractToken token, boolean attached, boolean endorse) throws WSSecurityException
WSSecurityException
protected void doEndorsedSignatures(List<org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.SupportingToken> tokenList, boolean isTokenProtection, boolean isSigProtect)
protected void addSupportingTokens(List<WSEncryptionPart> sigs) throws WSSecurityException
WSSecurityException
protected void doEndorse()
protected void addSignatureConfirmation(List<WSEncryptionPart> sigParts)
public void handleEncryptedSignedHeaders(List<WSEncryptionPart> encryptedParts, List<WSEncryptionPart> signedParts)
encryptedParts
- the parts that have been encryptedsignedParts
- the parts that are to be signedIllegalArgumentException
- if an element in signedParts
contains a WSEncryptionPart
with a null
id
value
and the WSEncryptionPart
name
value is not
"Token"public WSEncryptionPart convertToEncryptionPart(Element element)
element
- The DOM Element to convertprotected void addSig(byte[] val)
Copyright © 2017 JBoss by Red Hat. All rights reserved.