Package org.apache.cxf.ws.security.wss4j.policyhandlers

Class AbstractBindingBuilder

java.lang.Object
org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractCommonBindingHandler
org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder
Direct Known Subclasses:
AsymmetricBindingHandler, SymmetricBindingHandler, TransportBindingHandler
public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandler

  • Field Details

  • Constructor Details

  • Method Details

    • insertAfter

      protected void insertAfter(Element child, Element sib)

    • addDerivedKeyElement

      protected void addDerivedKeyElement(Element el)

    • addEncryptedKeyElement

      protected void addEncryptedKeyElement(Element el)

    • addSupportingElement

      protected void addSupportingElement(Element el)

    • insertBeforeBottomUp

      protected void insertBeforeBottomUp(Element el)

    • addTopDownElement

      protected void addTopDownElement(Element el)

    • getCryptoCache

      protected final Map<Object,Crypto> getCryptoCache()

    • getTokenStore

      protected final TokenStore getTokenStore() throws TokenStoreException
      Throws:
      TokenStoreException

    • createTimestamp

      protected WSSecTimestamp createTimestamp()

    • handleLayout

      protected WSSecTimestamp handleLayout(WSSecTimestamp timestamp)

    • reshuffleTimestamp

      protected void reshuffleTimestamp()

    • handleSupportingTokens

      protected List<org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.SupportingToken> handleSupportingTokens(SupportingTokens suppTokens, boolean endorse, List<org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.SupportingToken> ret) throws WSSecurityException, SOAPException, TokenStoreException
      Throws:
      WSSecurityException
      SOAPException
      TokenStoreException

    • handleUsernameTokenSupportingToken

      protected void handleUsernameTokenSupportingToken(UsernameToken token, boolean endorse, boolean encryptedToken, List<org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.SupportingToken> ret) throws WSSecurityException
      Throws:
      WSSecurityException

    • cloneElement

      protected Element cloneElement(Element el)

    • addSignatureParts

      protected void addSignatureParts(List<org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.SupportingToken> tokenList, List<WSEncryptionPart> sigParts)

    • addUsernameToken

      protected WSSecUsernameToken addUsernameToken(UsernameToken token)

    • addDKUsernameToken

      protected WSSecUsernameToken addDKUsernameToken(UsernameToken token, byte[] salt)

    • addSamlToken

      protected SamlAssertionWrapper addSamlToken(SamlToken token) throws WSSecurityException, TokenStoreException
      Throws:
      WSSecurityException
      TokenStoreException

    • storeAssertionAsSecurityToken

      protected void storeAssertionAsSecurityToken(SamlAssertionWrapper assertion) throws TokenStoreException
      Store a SAML Assertion as a SecurityToken
      Throws:
      TokenStoreException

    • findIDFromSamlToken

      protected String findIDFromSamlToken(Element samlToken)

    • getPassword

      protected String getPassword(String userName, org.apache.neethi.Assertion info, int usage)

    • addWsuIdToElement

      public String addWsuIdToElement(Element element)
      Generates a wsu:Id attribute for the provided Element and returns the attribute value or finds and returns the value of the attribute if it already exists.
      Parameters:
      element - the Element to check/create the attribute on
      Returns:
      the generated or discovered wsu:Id attribute value

    • getEncryptedParts

      public List<WSEncryptionPart> getEncryptedParts() throws SOAPException
      Throws:
      SOAPException

    • getSignedParts

      public List<WSEncryptionPart> getSignedParts(SupportingTokens supportingToken) throws SOAPException
      Throws:
      SOAPException

    • getPartsAndElements

      public List<WSEncryptionPart> getPartsAndElements(boolean sign, boolean includeBody, List<WSEncryptionPart> parts, List<XPath> xpaths, List<XPath> contentXpaths) throws SOAPException
      Identifies the portions of the message to be signed/encrypted.
      Parameters:
      sign - whether the matches are to be signed or encrypted
      includeBody - if the body should be included in the signature/encryption
      parts - any WSEncryptionParts to match for signature or encryption as specified by WS-SP signed parts or encrypted parts. Parts without a name match all elements with the provided namespace.
      xpaths - any XPath expressions to sign/encrypt matches
      contentXpaths - any XPath expressions to content encrypt
      Returns:
      a configured list of WSEncryptionParts suitable for processing by WSS4J
      Throws:
      SOAPException - if there is an error extracting SOAP content from the SAAJ model

    • getParts

      protected List<WSEncryptionPart> getParts(boolean sign, boolean includeBody, List<WSEncryptionPart> parts, List<Element> found) throws SOAPException
      Identifies the portions of the message to be signed/encrypted.
      Parameters:
      sign - whether the matches are to be signed or encrypted
      includeBody - if the body should be included in the signature/encryption
      parts - any WSEncryptionParts to match for signature or encryption as specified by WS-SP signed parts or encrypted parts. Parts without a name match all elements with the provided namespace.
      found - a list of elements that have previously been tagged for signing/encryption. Populated with additional matches found by this method and used to prevent including the same element twice under the same operation.
      Returns:
      a configured list of WSEncryptionParts suitable for processing by WSS4J
      Throws:
      SOAPException - if there is an error extracting SOAP content from the SAAJ model

    • getElements

      protected List<WSEncryptionPart> getElements(String encryptionModifier, List<XPath> xpaths, List<Element> found, boolean forceId) throws SOAPException
      Identifies the portions of the message to be signed/encrypted.
      Parameters:
      encryptionModifier - indicates the scope of the crypto operation over matched elements. Either "Content" or "Element".
      xpaths - any XPath expressions to sign/encrypt matches
      found - a list of elements that have previously been tagged for signing/encryption. Populated with additional matches found by this method and used to prevent including the same element twice under the same operation.
      forceId - force adding a wsu:Id onto the elements. Recommended for signatures.
      Returns:
      a configured list of WSEncryptionParts suitable for processing by WSS4J
      Throws:
      SOAPException - if there is an error extracting SOAP content from the SAAJ model

    • getEncryptedKeyBuilder

      protected WSSecEncryptedKey getEncryptedKeyBuilder(AbstractToken token, SecretKey symmetricKey) throws WSSecurityException
      Throws:
      WSSecurityException

    • getSignatureCrypto

      public Crypto getSignatureCrypto() throws WSSecurityException
      Throws:
      WSSecurityException

    • getEncryptionCrypto

      public Crypto getEncryptionCrypto() throws WSSecurityException
      Throws:
      WSSecurityException

    • getCrypto

      protected Crypto getCrypto(String cryptoKey, String propKey) throws WSSecurityException
      Throws:
      WSSecurityException

    • setKeyIdentifierType

      public void setKeyIdentifierType(WSSecBase secBase, AbstractToken token)

    • setEncryptionUser

      public String setEncryptionUser(WSSecEncryptedKey encrKeyBuilder, AbstractToken token, boolean sign, Crypto crypto)

    • getUsername

      public static String getUsername(List<WSHandlerResult> results)
      Scan through WSHandlerResult list for a Username token and return the username if a Username Token found
      Parameters:
      results -
      Returns:

    • getEncryptedKeyResult

      protected WSSecurityEngineResult getEncryptedKeyResult()

    • getSignatureBuilder

      protected WSSecSignature getSignatureBuilder(AbstractToken token, boolean attached, boolean endorse) throws WSSecurityException, TokenStoreException
      Throws:
      WSSecurityException
      TokenStoreException

    • doEndorsedSignatures

      protected void doEndorsedSignatures(List<org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.SupportingToken> tokenList, boolean isTokenProtection, boolean isSigProtect)

    • addSupportingTokens

      protected void addSupportingTokens(List<WSEncryptionPart> sigs) throws WSSecurityException
      Throws:
      WSSecurityException

    • doEndorse

      protected void doEndorse()

    • addSignatureConfirmation

      protected void addSignatureConfirmation(List<WSEncryptionPart> sigParts)

    • handleEncryptedSignedHeaders

      public void handleEncryptedSignedHeaders(List<WSEncryptionPart> encryptedParts, List<WSEncryptionPart> signedParts)
      Processes the parts to be signed and reconfigures those parts that have already been encrypted.
      Parameters:
      encryptedParts - the parts that have been encrypted
      signedParts - the parts that are to be signed
      Throws:
      IllegalArgumentException - if an element in signedParts contains a WSEncryptionPart with a null id value and the WSEncryptionPart name value is not "Token"

    • convertToEncryptionPart

      public WSEncryptionPart convertToEncryptionPart(Element element)
      Convert a DOM Element into a WSEncryptionPart, adding a (wsu:)Id if there is not one already.
      Parameters:
      element - The DOM Element to convert
      Returns:
      The WSEncryptionPart representing the DOM Element argument

    • addSig

      protected void addSig(byte[] val)

    • isExpandXopInclude

      public boolean isExpandXopInclude()