You are viewing a plain text version of this content. The canonical link for it is here.
Posted to wss4j-dev@ws.apache.org by we...@apache.org on 2006/02/05 13:12:04 UTC
svn commit: r375011 - in
/webservices/wss4j/trunk/src/org/apache/ws/security/policy: ./ model/
parser/ parser/processors/
Author: werner
Date: Sun Feb 5 04:12:03 2006
New Revision: 375011
URL: http://svn.apache.org/viewcvs?rev=375011&view=rev
Log:
Add SuportingToken parsing and preprocessing, SupportingTokens at top level, not part of binding.
Added:
webservices/wss4j/trunk/src/org/apache/ws/security/policy/WSS4JSupportingToken.java
Modified:
webservices/wss4j/trunk/src/org/apache/ws/security/policy/WSS4JPolicyBuilder.java
webservices/wss4j/trunk/src/org/apache/ws/security/policy/WSS4JPolicyData.java
webservices/wss4j/trunk/src/org/apache/ws/security/policy/WSS4JPolicyToken.java
webservices/wss4j/trunk/src/org/apache/ws/security/policy/model/SupportingToken.java
webservices/wss4j/trunk/src/org/apache/ws/security/policy/parser/WSSPolicyProcessor.java
webservices/wss4j/trunk/src/org/apache/ws/security/policy/parser/processors/AsymmetricBindingProcessor.java
webservices/wss4j/trunk/src/org/apache/ws/security/policy/parser/processors/SymmetricBindingProcessor.java
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/policy/WSS4JPolicyBuilder.java
URL: http://svn.apache.org/viewcvs/webservices/wss4j/trunk/src/org/apache/ws/security/policy/WSS4JPolicyBuilder.java?rev=375011&r1=375010&r2=375011&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/policy/WSS4JPolicyBuilder.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/policy/WSS4JPolicyBuilder.java Sun Feb 5 04:12:03 2006
@@ -35,235 +35,244 @@
import org.apache.ws.security.policy.model.SymmetricAsymmetricBindingBase;
import org.apache.ws.security.policy.model.SignedEncryptedElements;
import org.apache.ws.security.policy.model.SignedEncryptedParts;
+import org.apache.ws.security.policy.model.SupportingToken;
import org.apache.ws.security.policy.model.Wss10;
import org.apache.ws.security.policy.model.Wss11;
public class WSS4JPolicyBuilder {
- /**
- * Compile the parsed security data into one Policy data block.
- *
- * This methods loops over all top level Policy Engine data elements,
- * extracts the parsed parameters and sets them into a single data block.
- * During this processing the method prepares the parameters in a format
- * that is ready for processing by the WSS4J functions.
- *
- * <p/>
- *
- * The WSS4J policy enabled handler takes this data block to control the
- * setup of the security header.
- *
- * @param topLevelPeds
- * The list of the top level Policy Engine data
- * @return The compile Poilcy data block.
- * @throws WSSPolicyException
- */
- public static WSS4JPolicyData build(ArrayList topLevelPeds)
- throws WSSPolicyException {
- Iterator topLevelPEDIterator = topLevelPeds.iterator();
- WSS4JPolicyData wpd = new WSS4JPolicyData();
- while (topLevelPEDIterator.hasNext()) {
- PolicyEngineData ped = (PolicyEngineData) topLevelPEDIterator
- .next();
- if (ped instanceof Binding) {
- if (ped instanceof SymmetricBinding) {
- processSymmetricPolicyBinding((SymmetricBinding) ped, wpd);
- } else {
- processAsymmetricPolicyBinding((AsymmetricBinding) ped, wpd);
- }
- /*
- * Don't change the order of Wss11 / Wss10 instance checks because
- * Wss11 extends Wss10 - thus first check Wss11.
- */
- } else if (ped instanceof Wss11) {
- processWSS11((Wss11) ped, wpd);
- } else if (ped instanceof Wss10) {
- processWSS10((Wss10) ped, wpd);
- } else if (ped instanceof SignedEncryptedElements) {
- processSignedEncryptedElements((SignedEncryptedElements) ped,
- wpd);
- } else if (ped instanceof SignedEncryptedParts) {
- processSignedEncryptedParts((SignedEncryptedParts) ped, wpd);
- }
- else {
- System.out.println("Unknown top level PED found: " + ped.getClass().getName());
- }
- }
- return wpd;
- }
-
- /**
- * Evaluate the symmetric policy binding data.
- *
- * @param binding
- * The binding data
- * @param wpd
- * The WSS4J data to initialize
- * @throws WSSPolicyException
- */
- private static void processSymmetricPolicyBinding(
- SymmetricBinding symmBinding, WSS4JPolicyData wpd)
- throws WSSPolicyException {
- wpd.setSymmetricBinding(true);
- binding(symmBinding, wpd);
- symmAsymmBinding(symmBinding, wpd);
- symmetricBinding(symmBinding, wpd);
- }
-
- private static void processWSS10(Wss10 wss10, WSS4JPolicyData wpd) {
- System.out.println("Top level PED found: " + wss10.getClass().getName());
- // TODO
- // throw new UnsupportedOperationException("TODO");
- }
-
- /**
- * Evaluate the asymmetric policy binding data.
- *
- * @param binding
- * The binding data
- * @param wpd
- * The WSS4J data to initialize
- * @throws WSSPolicyException
- */
- private static void processAsymmetricPolicyBinding(
- AsymmetricBinding binding, WSS4JPolicyData wpd)
- throws WSSPolicyException {
- wpd.setSymmetricBinding(false);
- binding(binding, wpd);
- symmAsymmBinding(binding, wpd);
- asymmetricBinding(binding, wpd);
- }
-
- private static void processWSS11(Wss11 wss11, WSS4JPolicyData wpd) {
- wpd.setSignatureConfirmation(wss11.isRequireSignatureConfirmation());
- }
-
- /**
- * Populate elements to sign and/or encrypt with the message tokens.
- *
- * @param sep
- * The data describing the elements (XPath)
- * @param wpd
- * The WSS4J data to initialize
- */
- private static void processSignedEncryptedElements(
- SignedEncryptedElements see, WSS4JPolicyData wpd) {
- Iterator it = see.getXPathExpressions().iterator();
- if (see.isSignedElements()) {
- while (it.hasNext()) {
- wpd.setSignedElements((String) it.next());
- }
- } else {
- while (it.hasNext()) {
- wpd.setEncryptedElements((String) it.next());
- }
- }
- }
-
- /**
- * Populate parts to sign and/or encrypt with the message tokens.
- *
- * @param sep
- * The data describing the parts
- * @param wpd
- * The WSS4J data to initialize
- */
- private static void processSignedEncryptedParts(SignedEncryptedParts sep,
- WSS4JPolicyData wpd) {
- Iterator it = sep.getHeaders().iterator();
- if (sep.isSignedParts()) {
- wpd.setSignBody(sep.isBody());
- while (it.hasNext()) {
- Header header = (Header) it.next();
- wpd.setSignedParts(header.getNamespace(), header.getName());
- }
- } else {
- wpd.setEncryptBody(sep.isBody());
- while (it.hasNext()) {
- Header header = (Header) it.next();
- wpd.setEncryptedParts(header.getNamespace(), header.getName());
- }
- }
- }
-
- /**
- * Evaluate policy data that is common to all bindings.
- *
- * @param binding
- * The common binding data
- * @param wpd
- * The WSS4J data to initialize
- */
- private static void binding(Binding binding, WSS4JPolicyData wpd) {
- wpd.setLayout(binding.getLayout().getValue());
- wpd.setIncludeTimestamp(binding.isIncludeTimestamp());
- }
-
- /**
- * Evaluate policy data that is common to symmetric and asymmetric bindings.
- *
- * @param binding
- * The symmetric/asymmetric binding data
- * @param wpd
- * The WSS4J data to initialize
- */
- private static void symmAsymmBinding(
- SymmetricAsymmetricBindingBase binding, WSS4JPolicyData wpd) {
- wpd.setEntireHeaderAndBodySignatures(binding
- .isEntireHeaderAndBodySignatures());
- wpd.setProtectionOrder(binding.getProtectionOrder());
- wpd.setSignatureProtection(binding.isSignatureProtection());
- wpd.setTokenProtection(binding.isTokenProtection());
- }
-
- /**
- * Evaluate policy data that is specific to symmetric binding.
- *
- * @param binding
- * The symmetric binding data
- * @param wpd
- * The WSS4J data to initialize
- */
- private static void symmetricBinding(SymmetricBinding binding,
- WSS4JPolicyData wpd) throws WSSPolicyException {
- PolicyEngineData ped = binding.getProtectionToken();
- AlgorithmSuite suite = binding.getAlgorithmSuite();
- if (ped != null) {
- wpd.setProtectionToken(
- ((ProtectionToken) ped).getProtectionToken(), suite);
- } else {
- ped = binding.getEncryptionToken();
- PolicyEngineData ped1 = binding.getSignatureToken();
- if (ped == null && ped1 == null) {
- // this is an error - throw something
- }
- wpd.setEncryptionToken(
- ((EncryptionToken) ped).getEncryptionToken(), suite);
- wpd.setSignatureToken(((SignatureToken) ped).getSignatureToken(),
- suite);
- }
- }
-
- /**
- * Evaluate policy data that is specific to asymmetric binding.
- *
- * @param binding
- * The asymmetric binding data
- * @param wpd
- * The WSS4J data to initialize
- */
- private static void asymmetricBinding(AsymmetricBinding binding,
- WSS4JPolicyData wpd) throws WSSPolicyException {
- PolicyEngineData ped = binding.getRecipientToken();
- PolicyEngineData ped1 = binding.getInitiatorToken();
- if (ped == null && ped1 == null) {
- // this is an error - throw something
- }
- AlgorithmSuite suite = binding.getAlgorithmSuite();
- wpd.setRecipientToken(((RecipientToken) ped).getRecipientToken(),
- suite);
- wpd
- .setInitiatorToken(((InitiatorToken) ped1).getInitiatorToken(),
- suite);
- }
+ /**
+ * Compile the parsed security data into one Policy data block.
+ *
+ * This methods loops over all top level Policy Engine data elements,
+ * extracts the parsed parameters and sets them into a single data block.
+ * During this processing the method prepares the parameters in a format
+ * that is ready for processing by the WSS4J functions.
+ *
+ * <p/>
+ *
+ * The WSS4J policy enabled handler takes this data block to control the
+ * setup of the security header.
+ *
+ * @param topLevelPeds
+ * The list of the top level Policy Engine data
+ * @return The compile Poilcy data block.
+ * @throws WSSPolicyException
+ */
+ public static WSS4JPolicyData build(ArrayList topLevelPeds)
+ throws WSSPolicyException {
+ Iterator topLevelPEDIterator = topLevelPeds.iterator();
+ WSS4JPolicyData wpd = new WSS4JPolicyData();
+ while (topLevelPEDIterator.hasNext()) {
+ PolicyEngineData ped = (PolicyEngineData) topLevelPEDIterator
+ .next();
+ if (ped instanceof Binding) {
+ if (ped instanceof SymmetricBinding) {
+ processSymmetricPolicyBinding((SymmetricBinding) ped, wpd);
+ } else {
+ processAsymmetricPolicyBinding((AsymmetricBinding) ped, wpd);
+ }
+ /*
+ * Don't change the order of Wss11 / Wss10 instance checks
+ * because Wss11 extends Wss10 - thus first check Wss11.
+ */
+ } else if (ped instanceof Wss11) {
+ processWSS11((Wss11) ped, wpd);
+ } else if (ped instanceof Wss10) {
+ processWSS10((Wss10) ped, wpd);
+ } else if (ped instanceof SignedEncryptedElements) {
+ processSignedEncryptedElements((SignedEncryptedElements) ped,
+ wpd);
+ } else if (ped instanceof SignedEncryptedParts) {
+ processSignedEncryptedParts((SignedEncryptedParts) ped, wpd);
+ } else if (ped instanceof SupportingToken) {
+ processSupportingToken((SupportingToken) ped, wpd);
+ } else {
+ System.out.println("Unknown top level PED found: "
+ + ped.getClass().getName());
+ }
+ }
+ return wpd;
+ }
+
+ /**
+ * Evaluate the symmetric policy binding data.
+ *
+ * @param binding
+ * The binding data
+ * @param wpd
+ * The WSS4J data to initialize
+ * @throws WSSPolicyException
+ */
+ private static void processSymmetricPolicyBinding(
+ SymmetricBinding symmBinding, WSS4JPolicyData wpd)
+ throws WSSPolicyException {
+ wpd.setSymmetricBinding(true);
+ binding(symmBinding, wpd);
+ symmAsymmBinding(symmBinding, wpd);
+ symmetricBinding(symmBinding, wpd);
+ }
+
+ private static void processWSS10(Wss10 wss10, WSS4JPolicyData wpd) {
+ System.out
+ .println("Top level PED found: " + wss10.getClass().getName());
+ // TODO
+ // throw new UnsupportedOperationException("TODO");
+ }
+
+ /**
+ * Evaluate the asymmetric policy binding data.
+ *
+ * @param binding
+ * The binding data
+ * @param wpd
+ * The WSS4J data to initialize
+ * @throws WSSPolicyException
+ */
+ private static void processAsymmetricPolicyBinding(
+ AsymmetricBinding binding, WSS4JPolicyData wpd)
+ throws WSSPolicyException {
+ wpd.setSymmetricBinding(false);
+ binding(binding, wpd);
+ symmAsymmBinding(binding, wpd);
+ asymmetricBinding(binding, wpd);
+ }
+
+ private static void processWSS11(Wss11 wss11, WSS4JPolicyData wpd) {
+ wpd.setSignatureConfirmation(wss11.isRequireSignatureConfirmation());
+ }
+
+ /**
+ * Populate elements to sign and/or encrypt with the message tokens.
+ *
+ * @param sep
+ * The data describing the elements (XPath)
+ * @param wpd
+ * The WSS4J data to initialize
+ */
+ private static void processSignedEncryptedElements(
+ SignedEncryptedElements see, WSS4JPolicyData wpd) {
+ Iterator it = see.getXPathExpressions().iterator();
+ if (see.isSignedElements()) {
+ while (it.hasNext()) {
+ wpd.setSignedElements((String) it.next());
+ }
+ } else {
+ while (it.hasNext()) {
+ wpd.setEncryptedElements((String) it.next());
+ }
+ }
+ }
+
+ /**
+ * Populate parts to sign and/or encrypt with the message tokens.
+ *
+ * @param sep
+ * The data describing the parts
+ * @param wpd
+ * The WSS4J data to initialize
+ */
+ private static void processSignedEncryptedParts(SignedEncryptedParts sep,
+ WSS4JPolicyData wpd) {
+ Iterator it = sep.getHeaders().iterator();
+ if (sep.isSignedParts()) {
+ wpd.setSignBody(sep.isBody());
+ while (it.hasNext()) {
+ Header header = (Header) it.next();
+ wpd.setSignedParts(header.getNamespace(), header.getName());
+ }
+ } else {
+ wpd.setEncryptBody(sep.isBody());
+ while (it.hasNext()) {
+ Header header = (Header) it.next();
+ wpd.setEncryptedParts(header.getNamespace(), header.getName());
+ }
+ }
+ }
+
+ /**
+ * Evaluate policy data that is common to all bindings.
+ *
+ * @param binding
+ * The common binding data
+ * @param wpd
+ * The WSS4J data to initialize
+ */
+ private static void binding(Binding binding, WSS4JPolicyData wpd) {
+ wpd.setLayout(binding.getLayout().getValue());
+ wpd.setIncludeTimestamp(binding.isIncludeTimestamp());
+ }
+
+ /**
+ * Evaluate policy data that is common to symmetric and asymmetric bindings.
+ *
+ * @param binding
+ * The symmetric/asymmetric binding data
+ * @param wpd
+ * The WSS4J data to initialize
+ */
+ private static void symmAsymmBinding(
+ SymmetricAsymmetricBindingBase binding, WSS4JPolicyData wpd) {
+ wpd.setEntireHeaderAndBodySignatures(binding
+ .isEntireHeaderAndBodySignatures());
+ wpd.setProtectionOrder(binding.getProtectionOrder());
+ wpd.setSignatureProtection(binding.isSignatureProtection());
+ wpd.setTokenProtection(binding.isTokenProtection());
+ }
+
+ /**
+ * Evaluate policy data that is specific to symmetric binding.
+ *
+ * @param binding
+ * The symmetric binding data
+ * @param wpd
+ * The WSS4J data to initialize
+ */
+ private static void symmetricBinding(SymmetricBinding binding,
+ WSS4JPolicyData wpd) throws WSSPolicyException {
+ PolicyEngineData ped = binding.getProtectionToken();
+ AlgorithmSuite suite = binding.getAlgorithmSuite();
+ if (ped != null) {
+ wpd.setProtectionToken(
+ ((ProtectionToken) ped).getProtectionToken(), suite);
+ } else {
+ ped = binding.getEncryptionToken();
+ PolicyEngineData ped1 = binding.getSignatureToken();
+ if (ped == null && ped1 == null) {
+ // this is an error - throw something
+ }
+ wpd.setEncryptionToken(
+ ((EncryptionToken) ped).getEncryptionToken(), suite);
+ wpd.setSignatureToken(((SignatureToken) ped).getSignatureToken(),
+ suite);
+ }
+ }
+
+ /**
+ * Evaluate policy data that is specific to asymmetric binding.
+ *
+ * @param binding
+ * The asymmetric binding data
+ * @param wpd
+ * The WSS4J data to initialize
+ */
+ private static void asymmetricBinding(AsymmetricBinding binding,
+ WSS4JPolicyData wpd) throws WSSPolicyException {
+ PolicyEngineData ped = binding.getRecipientToken();
+ PolicyEngineData ped1 = binding.getInitiatorToken();
+ if (ped == null && ped1 == null) {
+ // this is an error - throw something
+ }
+ AlgorithmSuite suite = binding.getAlgorithmSuite();
+ wpd
+ .setRecipientToken(((RecipientToken) ped).getRecipientToken(),
+ suite);
+ wpd.setInitiatorToken(((InitiatorToken) ped1).getInitiatorToken(),
+ suite);
+ }
+
+ private static void processSupportingToken(SupportingToken token,
+ WSS4JPolicyData wpd) throws WSSPolicyException {
+ wpd.setSupportingToken(token);
+ }
}
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/policy/WSS4JPolicyData.java
URL: http://svn.apache.org/viewcvs/webservices/wss4j/trunk/src/org/apache/ws/security/policy/WSS4JPolicyData.java?rev=375011&r1=375010&r2=375011&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/policy/WSS4JPolicyData.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/policy/WSS4JPolicyData.java Sun Feb 5 04:12:03 2006
@@ -20,483 +20,582 @@
* @author Werner Dittmann (werner@apache.org)
*/
import java.util.ArrayList;
+import java.util.Iterator;
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.WSEncryptionPart;
import org.apache.ws.security.policy.model.AlgorithmSuite;
+import org.apache.ws.security.policy.model.Header;
+import org.apache.ws.security.policy.model.SignedEncryptedElements;
+import org.apache.ws.security.policy.model.SignedEncryptedParts;
+import org.apache.ws.security.policy.model.SupportingToken;
import org.apache.ws.security.policy.model.Token;
import org.apache.ws.security.policy.model.X509Token;
public class WSS4JPolicyData {
- /*
- * Global settings for overall security processing
- */
- private boolean symmetricBinding;
-
- private String layout;
-
- private boolean includeTimestamp;
-
- private boolean entireHeaderAndBodySignatures;
-
- private String protectionOrder;
-
- private boolean signatureProtection;
-
- private boolean tokenProtection;
-
- private boolean signatureConfirmation;
-
- /*
- * Message tokens for symmetrical binding
- */
- private WSS4JPolicyToken encryptionToken;
-
- private WSS4JPolicyToken signatureToken;
-
- /*
- * Message tokens for asymmetrical binding
- */
- private WSS4JPolicyToken recipientToken; // used to encrypt data to receipient
-
- private WSS4JPolicyToken initiatorToken; // used to sign data by initiator
-
- /*
- * Which parts or elements of the message to sign/encrypt with
- * the messagen tokens. Parts or elements to sign/encrypt with
- * supporting tokens are stored together with the tokens (see
- * WSS4JPolicyToken).
- */
- private boolean signBody;
-
- private boolean encryptBody;
-
- private ArrayList signedParts;
-
- private ArrayList signedElements;
-
- private ArrayList encryptedParts;
-
- private ArrayList encryptedElements;
-
- /**
- * @return Returns the symmetricBinding.
- */
- public boolean isSymmetricBinding() {
- return symmetricBinding;
- }
-
- /**
- * @param symmetricBinding The symmetricBinding to set.
- */
- public void setSymmetricBinding(boolean symmetricBinding) {
- this.symmetricBinding = symmetricBinding;
- }
-
- /**
- * @return Returns the entireHeaderAndBodySignatures.
- */
- public boolean isEntireHeaderAndBodySignatures() {
- return entireHeaderAndBodySignatures;
- }
-
- /**
- * @param entireHeaderAndBodySignatures
- * The entireHeaderAndBodySignatures to set.
- */
- public void setEntireHeaderAndBodySignatures(
- boolean entireHeaderAndBodySignatures) {
- this.entireHeaderAndBodySignatures = entireHeaderAndBodySignatures;
- }
-
- /**
- * @return Returns the includeTimestamp.
- */
- public boolean isIncludeTimestamp() {
- return includeTimestamp;
- }
-
- /**
- * @param includeTimestamp
- * The includeTimestamp to set.
- */
- public void setIncludeTimestamp(boolean includeTimestamp) {
- this.includeTimestamp = includeTimestamp;
- }
-
- /**
- * @return Returns the layout.
- */
- public String getLayout() {
- return layout;
- }
-
- /**
- * @param layout
- * The layout to set.
- */
- public void setLayout(String layout) {
- this.layout = layout;
- }
-
- /**
- * @return Returns the protectionOrder.
- */
- public String getProtectionOrder() {
- return protectionOrder;
- }
-
- /**
- * @param protectionOrder
- * The protectionOrder to set.
- */
- public void setProtectionOrder(String protectionOrder) {
- this.protectionOrder = protectionOrder;
- }
-
- /**
- * @return Returns the signatureProtection.
- */
- public boolean isSignatureProtection() {
- return signatureProtection;
- }
-
- /**
- * @param signatureProtection
- * The signatureProtection to set.
- */
- public void setSignatureProtection(boolean signatureProtection) {
- this.signatureProtection = signatureProtection;
- }
-
- /**
- * @return Returns the tokenProtection.
- */
- public boolean isTokenProtection() {
- return tokenProtection;
- }
-
- /**
- * @param tokenProtection
- * The tokenProtection to set.
- */
- public void setTokenProtection(boolean tokenProtection) {
- this.tokenProtection = tokenProtection;
- }
-
- /**
- * @return Returns the signatureConfirmation.
- */
- public boolean isSignatureConfirmation() {
- return signatureConfirmation;
- }
-
- /**
- * @param signatureConfirmation The signatureConfirmation to set.
- */
- public void setSignatureConfirmation(boolean signatureConfirmation) {
- this.signatureConfirmation = signatureConfirmation;
- }
-
- /**
- * Return the encryption token data.
- *
- * The returned token data may be empty.
- *
- * @return Returns the encryptionToken.
- */
- public WSS4JPolicyToken getEncryptionToken() {
- if (encryptionToken == null) {
- encryptionToken = new WSS4JPolicyToken();
- }
- return encryptionToken;
- }
-
- /**
- * Sets the parameters for the encryption token according to parsed policy.
- *
- * The encryption token is specific to the symmetric binding.
- *
- * @param encryptionToken
- * The encryptionToken to set.
- */
- public void setEncryptionToken(Token encToken, AlgorithmSuite suite)
- throws WSSPolicyException {
- if (encToken instanceof X509Token) {
- if (encryptionToken == null) {
- encryptionToken = new WSS4JPolicyToken();
- }
- encryptionToken.encAlgorithm = suite.getEncryption();
- encryptionToken.tokenType = WSS4JPolicyToken.X509Token;
- encryptionToken.encTransportAlgorithm = suite
- .getAsymmetricKeyWrap();
- X509Token tok = (X509Token) encToken;
- if (tok.isRequireIssuerSerialReference()) {
- encryptionToken.encKeyIdentifier = WSConstants.ISSUER_SERIAL;
- } else if (tok.isRequireThumbprintReference()) {
- encryptionToken.encKeyIdentifier = WSConstants.THUMBPRINT_IDENTIFIER;
- } else if (tok.isRequireEmbeddedTokenReference()) {
- encryptionToken.encKeyIdentifier = WSConstants.BST_DIRECT_REFERENCE;
- } else {
- throw new WSSPolicyException(
- "Unknown key reference specifier for X509Token");
-
- }
- }
- }
-
- /**
- * Sets the parameters for the protection token according to parsed policy.
- *
- * The protection token is specific to the symmetric binding.
- *
- * @param protectionToken
- * The protectionToken to set.
- */
- public void setProtectionToken(Token protectionToken, AlgorithmSuite suite)
- throws WSSPolicyException {
- setEncryptionToken(protectionToken, suite);
- setSignatureToken(protectionToken, suite);
- }
-
- /**
- * Return the signature token data.
- *
- * The returned token data may be empty.
- *
- * @return Returns the signatureToken.
- */
- public WSS4JPolicyToken getSignatureToken() {
- if (signatureToken == null) {
- signatureToken = new WSS4JPolicyToken();
- }
- return signatureToken;
- }
-
- /**
- * Sets the parameters for the signature token according to parsed policy.
- *
- * The signature token is specific to the symmetric binding.
- *
- * @param signatureToken
- * The signatureToken to set.
- */
- public void setSignatureToken(Token sigToken, AlgorithmSuite suite)
- throws WSSPolicyException {
- if (sigToken instanceof X509Token) {
- if (signatureToken == null) {
- signatureToken = new WSS4JPolicyToken();
- }
- signatureToken.sigAlgorithm = suite.getAsymmetricSignature();
- signatureToken.tokenType = WSS4JPolicyToken.X509Token;
- X509Token tok = (X509Token) sigToken;
- if (tok.isRequireIssuerSerialReference()) {
- signatureToken.encKeyIdentifier = WSConstants.ISSUER_SERIAL;
- } else if (tok.isRequireThumbprintReference()) {
- signatureToken.encKeyIdentifier = WSConstants.THUMBPRINT_IDENTIFIER;
- } else if (tok.isRequireEmbeddedTokenReference()) {
- signatureToken.encKeyIdentifier = WSConstants.BST_DIRECT_REFERENCE;
- } else {
- throw new WSSPolicyException(
- "Unknown key reference specifier for X509Token");
-
- }
- }
- }
-
- /**
- * Return the initiator token data.
- *
- * The returned token data may be empty.
- *
- * @return Returns the initiatorToken.
- */
- public WSS4JPolicyToken getInitiatorToken() {
- if (initiatorToken == null) {
- initiatorToken = new WSS4JPolicyToken();
- }
- return initiatorToken;
- }
-
- /**
- * Sets the parameters for the initiator token according to parsed policy.
- *
- * The initiator token is specific to the symmetric binding. The message
- * initiator uses this token to sign its data. Thus this method initializes
- * the signature relevant parts of the WSS4JPolicyToken data.
- *
- * @param initiatorToken
- * The initiatorToken to set.
- */
- public void setInitiatorToken(Token iniToken, AlgorithmSuite suite)
- throws WSSPolicyException {
- if (iniToken instanceof X509Token) {
- if (initiatorToken == null) {
- initiatorToken = new WSS4JPolicyToken();
- }
- initiatorToken.sigAlgorithm = suite.getAsymmetricSignature();
- initiatorToken.tokenType = WSS4JPolicyToken.X509Token;
- X509Token tok = (X509Token) iniToken;
- if (tok.isRequireIssuerSerialReference()) {
- initiatorToken.sigKeyIdentifier = WSConstants.ISSUER_SERIAL;
- } else if (tok.isRequireThumbprintReference()) {
- initiatorToken.sigKeyIdentifier = WSConstants.THUMBPRINT_IDENTIFIER;
- } else if (tok.isRequireEmbeddedTokenReference()) {
- initiatorToken.sigKeyIdentifier = WSConstants.BST_DIRECT_REFERENCE;
- } else {
- throw new WSSPolicyException(
- "Unknown key reference specifier for X509Token");
-
- }
- }
- }
-
- /**
- * Return the recipient token data.
- *
- * The returned token data may be empty.
- *
- * @return Returns the recipientToken.
- */
- public WSS4JPolicyToken getRecipientToken() {
- if (recipientToken == null) {
- recipientToken = new WSS4JPolicyToken();
- }
- return recipientToken;
- }
-
- /**
- * Sets the parameters for the initiator token according to parsed policy.
- *
- * The initiator token is specific to the symmetric binding. The message
- * initiator uses this token to encrypt data sent to the reipient. Thus this
- * method initializes the encryption relevant parts of the WSS4JPolicyToken data.
- *
- * @param recipientToken
- * The recipientToken to set.
- */
- public void setRecipientToken(Token recToken, AlgorithmSuite suite)
- throws WSSPolicyException {
- if (recToken instanceof X509Token) {
- if (recipientToken == null) {
- recipientToken = new WSS4JPolicyToken();
- }
- recipientToken.tokenType = WSS4JPolicyToken.X509Token;
- recipientToken.encAlgorithm = suite.getEncryption();
- recipientToken.encTransportAlgorithm = suite.getAsymmetricKeyWrap();
- X509Token tok = (X509Token) recToken;
- if (tok.isRequireIssuerSerialReference()) {
- recipientToken.encKeyIdentifier = WSConstants.ISSUER_SERIAL;
- } else if (tok.isRequireThumbprintReference()) {
- recipientToken.encKeyIdentifier = WSConstants.THUMBPRINT_IDENTIFIER;
- } else if (tok.isRequireEmbeddedTokenReference()) {
- recipientToken.encKeyIdentifier = WSConstants.BST_DIRECT_REFERENCE;
- } else {
- throw new WSSPolicyException(
- "Unknown key reference specifier for X509Token");
-
- }
- }
- }
-
- /**
- * @return Returns the encryptedElements.
- */
- public ArrayList getEncryptedElements() {
- return encryptedElements;
- }
-
- /**
- * @param encElement The encrypted Element (XPath) to set.
- */
- public void setEncryptedElements(String encElement) {
- if (encryptedElements == null) {
- encryptedElements = new ArrayList();
- }
- encryptedElements.add(encElement);
- }
-
- /**
- * @return Returns the encryptedParts.
- */
- public ArrayList getEncryptedParts() {
- return encryptedParts;
- }
-
- /**
- * @param namespace The namespace of the part.
- * @param element The part's element name.
- */
- public void setEncryptedParts(String namespace, String element) {
- if (encryptedParts == null) {
- encryptedParts = new ArrayList();
- }
- WSEncryptionPart wep = new WSEncryptionPart(element, namespace, "Content");
- encryptedParts.add(wep);
- }
-
- /**
- * @return Returns the encryptBody.
- */
- public boolean isEncryptBody() {
- return encryptBody;
- }
-
- /**
- * @param encryptBody The encryptBody to set.
- */
- public void setEncryptBody(boolean encryptBody) {
- this.encryptBody = encryptBody;
- }
-
- /**
- * @return Returns the signBody.
- */
- public boolean isSignBody() {
- return signBody;
- }
-
- /**
- * @param signBody The signBody to set.
- */
- public void setSignBody(boolean signBody) {
- this.signBody = signBody;
- }
-
- /**
- * @return Returns the signedElements.
- */
- public ArrayList getSignedElements() {
- return signedElements;
- }
-
- /**
- * @param sigElement The signed Element (XPath) to set.
- */
- public void setSignedElements(String sigElement) {
- if (signedElements == null) {
- signedElements = new ArrayList();
- }
- signedElements.add(sigElement);
- }
-
- /**
- * @return Returns the signedParts.
- */
- public ArrayList getSignedParts() {
- return signedParts;
- }
-
- /**
- * @param namespace The namespace of the part.
- * @param element The part's element name.
- */
- public void setSignedParts(String namespace, String element) {
- if (signedParts == null) {
- signedParts = new ArrayList();
- }
- WSEncryptionPart wep = new WSEncryptionPart(element, namespace, "Content");
- signedParts.add(wep);
- }
+ /*
+ * Global settings for overall security processing
+ */
+ private boolean symmetricBinding;
+
+ private String layout;
+
+ private boolean includeTimestamp;
+
+ private boolean entireHeaderAndBodySignatures;
+
+ private String protectionOrder;
+
+ private boolean signatureProtection;
+
+ private boolean tokenProtection;
+
+ private boolean signatureConfirmation;
+
+ /*
+ * Message tokens for symmetrical binding
+ */
+ private WSS4JPolicyToken encryptionToken;
+
+ private WSS4JPolicyToken signatureToken;
+
+ /*
+ * Message tokens for asymmetrical binding
+ */
+ private WSS4JPolicyToken recipientToken; // used to encrypt data to
+
+ // receipient
+
+ private WSS4JPolicyToken initiatorToken; // used to sign data by
+
+ // initiator
+
+ /*
+ * Which parts or elements of the message to sign/encrypt with the messagen
+ * tokens. Parts or elements to sign/encrypt with supporting tokens are
+ * stored together with the tokens (see WSS4JPolicyToken).
+ */
+ private boolean signBody;
+
+ private boolean encryptBody;
+
+ private ArrayList signedParts;
+
+ private ArrayList signedElements;
+
+ private ArrayList encryptedParts;
+
+ private ArrayList encryptedElements;
+
+ /*
+ * Holds the supporting tokens elements
+ */
+ private WSS4JSupportingToken supportingToken;
+
+ private WSS4JSupportingToken signedSupportingToken;
+
+ private WSS4JSupportingToken endorsingSupportingToken;
+
+ private WSS4JSupportingToken signedEndorsingSupportingToken;
+
+ /**
+ * @return Returns the symmetricBinding.
+ */
+ public boolean isSymmetricBinding() {
+ return symmetricBinding;
+ }
+
+ /**
+ * @param symmetricBinding
+ * The symmetricBinding to set.
+ */
+ public void setSymmetricBinding(boolean symmetricBinding) {
+ this.symmetricBinding = symmetricBinding;
+ }
+
+ /**
+ * @return Returns the entireHeaderAndBodySignatures.
+ */
+ public boolean isEntireHeaderAndBodySignatures() {
+ return entireHeaderAndBodySignatures;
+ }
+
+ /**
+ * @param entireHeaderAndBodySignatures
+ * The entireHeaderAndBodySignatures to set.
+ */
+ public void setEntireHeaderAndBodySignatures(
+ boolean entireHeaderAndBodySignatures) {
+ this.entireHeaderAndBodySignatures = entireHeaderAndBodySignatures;
+ }
+
+ /**
+ * @return Returns the includeTimestamp.
+ */
+ public boolean isIncludeTimestamp() {
+ return includeTimestamp;
+ }
+
+ /**
+ * @param includeTimestamp
+ * The includeTimestamp to set.
+ */
+ public void setIncludeTimestamp(boolean includeTimestamp) {
+ this.includeTimestamp = includeTimestamp;
+ }
+
+ /**
+ * @return Returns the layout.
+ */
+ public String getLayout() {
+ return layout;
+ }
+
+ /**
+ * @param layout
+ * The layout to set.
+ */
+ public void setLayout(String layout) {
+ this.layout = layout;
+ }
+
+ /**
+ * @return Returns the protectionOrder.
+ */
+ public String getProtectionOrder() {
+ return protectionOrder;
+ }
+
+ /**
+ * @param protectionOrder
+ * The protectionOrder to set.
+ */
+ public void setProtectionOrder(String protectionOrder) {
+ this.protectionOrder = protectionOrder;
+ }
+
+ /**
+ * @return Returns the signatureProtection.
+ */
+ public boolean isSignatureProtection() {
+ return signatureProtection;
+ }
+
+ /**
+ * @param signatureProtection
+ * The signatureProtection to set.
+ */
+ public void setSignatureProtection(boolean signatureProtection) {
+ this.signatureProtection = signatureProtection;
+ }
+
+ /**
+ * @return Returns the tokenProtection.
+ */
+ public boolean isTokenProtection() {
+ return tokenProtection;
+ }
+
+ /**
+ * @param tokenProtection
+ * The tokenProtection to set.
+ */
+ public void setTokenProtection(boolean tokenProtection) {
+ this.tokenProtection = tokenProtection;
+ }
+
+ /**
+ * @return Returns the signatureConfirmation.
+ */
+ public boolean isSignatureConfirmation() {
+ return signatureConfirmation;
+ }
+
+ /**
+ * @param signatureConfirmation
+ * The signatureConfirmation to set.
+ */
+ public void setSignatureConfirmation(boolean signatureConfirmation) {
+ this.signatureConfirmation = signatureConfirmation;
+ }
+
+ /**
+ * Return the encryption token data.
+ *
+ * The returned token data may be empty.
+ *
+ * @return Returns the encryptionToken.
+ */
+ public WSS4JPolicyToken getEncryptionToken() {
+ if (encryptionToken == null) {
+ encryptionToken = new WSS4JPolicyToken();
+ }
+ return encryptionToken;
+ }
+
+ /**
+ * Sets the parameters for the encryption token according to parsed policy.
+ *
+ * The encryption token is specific to the symmetric binding.
+ *
+ * @param encryptionToken
+ * The encryptionToken to set.
+ */
+ public void setEncryptionToken(Token encToken, AlgorithmSuite suite)
+ throws WSSPolicyException {
+ if (encToken instanceof X509Token) {
+ if (encryptionToken == null) {
+ encryptionToken = new WSS4JPolicyToken();
+ }
+ initializeWSS4JPolicyToken(encryptionToken, (X509Token) encToken,
+ suite);
+ }
+ }
+
+ /**
+ * Sets the parameters for the protection token according to parsed policy.
+ *
+ * The protection token is specific to the symmetric binding.
+ *
+ * @param protectionToken
+ * The protectionToken to set.
+ */
+ public void setProtectionToken(Token protectionToken, AlgorithmSuite suite)
+ throws WSSPolicyException {
+ setEncryptionToken(protectionToken, suite);
+ setSignatureToken(protectionToken, suite);
+ }
+
+ /**
+ * Return the signature token data.
+ *
+ * The returned token data may be empty.
+ *
+ * @return Returns the signatureToken.
+ */
+ public WSS4JPolicyToken getSignatureToken() {
+ if (signatureToken == null) {
+ signatureToken = new WSS4JPolicyToken();
+ }
+ return signatureToken;
+ }
+
+ /**
+ * Sets the parameters for the signature token according to parsed policy.
+ *
+ * The signature token is specific to the symmetric binding.
+ *
+ * @param signatureToken
+ * The signatureToken to set.
+ */
+ public void setSignatureToken(Token sigToken, AlgorithmSuite suite)
+ throws WSSPolicyException {
+ if (sigToken instanceof X509Token) {
+ if (signatureToken == null) {
+ signatureToken = new WSS4JPolicyToken();
+ }
+ initializeWSS4JPolicyToken(signatureToken, (X509Token) sigToken,
+ suite);
+ }
+ }
+
+ /**
+ * Return the initiator token data.
+ *
+ * The returned token data may be empty.
+ *
+ * @return Returns the initiatorToken.
+ */
+ public WSS4JPolicyToken getInitiatorToken() {
+ if (initiatorToken == null) {
+ initiatorToken = new WSS4JPolicyToken();
+ }
+ return initiatorToken;
+ }
+
+ /**
+ * Sets the parameters for the initiator token according to parsed policy.
+ *
+ * The initiator token is specific to the symmetric binding. The message
+ * initiator uses this token to sign its data. Thus this method initializes
+ * the signature relevant parts of the WSS4JPolicyToken data.
+ *
+ * @param initiatorToken
+ * The initiatorToken to set.
+ */
+ public void setInitiatorToken(Token iniToken, AlgorithmSuite suite)
+ throws WSSPolicyException {
+ if (iniToken instanceof X509Token) {
+ if (initiatorToken == null) {
+ initiatorToken = new WSS4JPolicyToken();
+ }
+ initializeWSS4JPolicyToken(initiatorToken, (X509Token) iniToken,
+ suite);
+ }
+ }
+
+ /**
+ * Return the recipient token data.
+ *
+ * The returned token data may be empty.
+ *
+ * @return Returns the recipientToken.
+ */
+ public WSS4JPolicyToken getRecipientToken() {
+ if (recipientToken == null) {
+ recipientToken = new WSS4JPolicyToken();
+ }
+ return recipientToken;
+ }
+
+ /**
+ * Sets the parameters for the initiator token according to parsed policy.
+ *
+ * The initiator token is specific to the symmetric binding. The message
+ * initiator uses this token to encrypt data sent to the reipient. Thus this
+ * method initializes the encryption relevant parts of the WSS4JPolicyToken
+ * data.
+ *
+ * @param recipientToken
+ * The recipientToken to set.
+ */
+ public void setRecipientToken(Token recToken, AlgorithmSuite suite)
+ throws WSSPolicyException {
+ if (recToken instanceof X509Token) {
+ if (recipientToken == null) {
+ recipientToken = new WSS4JPolicyToken();
+ }
+ initializeWSS4JPolicyToken(recipientToken, (X509Token) recToken,
+ suite);
+ }
+ }
+
+ /**
+ * @return Returns the encryptedElements.
+ */
+ public ArrayList getEncryptedElements() {
+ return encryptedElements;
+ }
+
+ /**
+ * @param encElement
+ * The encrypted Element (XPath) to set.
+ */
+ public void setEncryptedElements(String encElement) {
+ if (encryptedElements == null) {
+ encryptedElements = new ArrayList();
+ }
+ encryptedElements.add(encElement);
+ }
+
+ /**
+ * @return Returns the encryptedParts.
+ */
+ public ArrayList getEncryptedParts() {
+ return encryptedParts;
+ }
+
+ /**
+ * @param namespace
+ * The namespace of the part.
+ * @param element
+ * The part's element name.
+ */
+ public void setEncryptedParts(String namespace, String element) {
+ if (encryptedParts == null) {
+ encryptedParts = new ArrayList();
+ }
+ WSEncryptionPart wep = new WSEncryptionPart(element, namespace,
+ "Content");
+ encryptedParts.add(wep);
+ }
+
+ /**
+ * @return Returns the encryptBody.
+ */
+ public boolean isEncryptBody() {
+ return encryptBody;
+ }
+
+ /**
+ * @param encryptBody
+ * The encryptBody to set.
+ */
+ public void setEncryptBody(boolean encryptBody) {
+ this.encryptBody = encryptBody;
+ }
+
+ /**
+ * @return Returns the signBody.
+ */
+ public boolean isSignBody() {
+ return signBody;
+ }
+
+ /**
+ * @param signBody
+ * The signBody to set.
+ */
+ public void setSignBody(boolean signBody) {
+ this.signBody = signBody;
+ }
+
+ /**
+ * @return Returns the signedElements.
+ */
+ public ArrayList getSignedElements() {
+ return signedElements;
+ }
+
+ /**
+ * @param sigElement
+ * The signed Element (XPath) to set.
+ */
+ public void setSignedElements(String sigElement) {
+ if (signedElements == null) {
+ signedElements = new ArrayList();
+ }
+ signedElements.add(sigElement);
+ }
+
+ /**
+ * @return Returns the signedParts.
+ */
+ public ArrayList getSignedParts() {
+ return signedParts;
+ }
+
+ /**
+ * @param namespace
+ * The namespace of the part.
+ * @param element
+ * The part's element name.
+ */
+ public void setSignedParts(String namespace, String element) {
+ if (signedParts == null) {
+ signedParts = new ArrayList();
+ }
+ WSEncryptionPart wep = new WSEncryptionPart(element, namespace,
+ "Content");
+ signedParts.add(wep);
+ }
+
+ public void setSupportingToken(SupportingToken suppToken)
+ throws WSSPolicyException {
+
+ Iterator it = null;
+ WSS4JSupportingToken wst = new WSS4JSupportingToken();
+
+ /*
+ * Get and store the parts to sign of the supporting token
+ */
+ SignedEncryptedParts sep = suppToken.getSignedParts();
+ if (sep != null) {
+ it = sep.getHeaders().iterator();
+ if (wst.sigParts == null) {
+ wst.sigParts = new ArrayList();
+ }
+ while (it.hasNext()) {
+ Header header = (Header) it.next();
+ wst.sigParts.add(new WSEncryptionPart(header.getName(), header
+ .getNamespace(), "Content"));
+ }
+ }
+ /*
+ * Get and store the parts to encrypt of the supporting token
+ */
+ sep = suppToken.getEncryptedParts();
+ if (sep != null) {
+ it = sep.getHeaders().iterator();
+ if (wst.encParts == null) {
+ wst.encParts = new ArrayList();
+ }
+ while (it.hasNext()) {
+ Header header = (Header) it.next();
+ wst.encParts.add(new WSEncryptionPart(header.getName(), header
+ .getNamespace(), "Content"));
+ }
+ }
+
+ /*
+ * Get and store the elements (XPath) to sign of the supporting token
+ */
+ SignedEncryptedElements see = suppToken.getSignedElements();
+ if (see != null) {
+ it = see.getXPathExpressions().iterator();
+ if (wst.sigElements == null) {
+ wst.sigElements = new ArrayList();
+ }
+ while (it.hasNext()) {
+ wst.sigElements.add((String) it.next());
+ }
+ }
+ /*
+ * Get and store the elements (XPath) to encrypt of the supporting token
+ */
+ see = suppToken.getEncryptedElements();
+ if (see != null) {
+ it = see.getXPathExpressions().iterator();
+ if (wst.encElements == null) {
+ wst.encElements = new ArrayList();
+ }
+ while (it.hasNext()) {
+ wst.encElements.add((String) it.next());
+ }
+ }
+ AlgorithmSuite suite = suppToken.getAlgorithmSuite();
+
+ /*
+ * Iterator over all tokens, initialize their data structure, and store
+ * them in the support token data structure.
+ */
+ it = suppToken.getToken().iterator();
+ while (it.hasNext()) {
+ if (wst.supportTokens == null) {
+ wst.supportTokens = new ArrayList();
+ }
+
+ Token tok = (Token) it.next();
+ if (tok instanceof X509Token) {
+ WSS4JPolicyToken wpt = new WSS4JPolicyToken();
+ wst.supportTokens.add(wpt);
+ initializeWSS4JPolicyToken(wpt, (X509Token) tok, suite);
+ }
+ }
+ /*
+ * The supporting token is parsed and initialized, set it according to
+ * its type.
+ */
+ wst.tokenType = suppToken.getType();
+ if (wst.tokenType == Constants.SUPPORTING_TOKEN_SUPPORTING) {
+ supportingToken = wst;
+ } else if (wst.tokenType == Constants.SUPPORTING_TOKEN_SIGNED) {
+ signedSupportingToken = wst;
+ } else if (wst.tokenType == Constants.SUPPORTING_TOKEN_ENDORSING) {
+ endorsingSupportingToken = wst;
+ } else if (wst.tokenType == Constants.SUPPORTING_TOKEN_SIGNED_ENDORSING) {
+ signedEndorsingSupportingToken = wst;
+ }
+ }
+
+ private static void initializeWSS4JPolicyToken(WSS4JPolicyToken tok,
+ X509Token x509Tok, AlgorithmSuite suite) throws WSSPolicyException {
+ tok.tokenType = WSS4JPolicyToken.X509Token;
+ tok.encAlgorithm = suite.getEncryption();
+ tok.sigAlgorithm = suite.getAsymmetricSignature();
+ tok.encTransportAlgorithm = suite.getAsymmetricKeyWrap();
+ if (x509Tok.isRequireIssuerSerialReference()) {
+ tok.keyIdentifier = WSConstants.ISSUER_SERIAL;
+ } else if (x509Tok.isRequireThumbprintReference()) {
+ tok.keyIdentifier = WSConstants.THUMBPRINT_IDENTIFIER;
+ } else if (x509Tok.isRequireEmbeddedTokenReference()) {
+ tok.keyIdentifier = WSConstants.BST_DIRECT_REFERENCE;
+ } else {
+ throw new WSSPolicyException(
+ "Unknown key reference specifier for X509Token");
+
+ }
+ }
+
}
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/policy/WSS4JPolicyToken.java
URL: http://svn.apache.org/viewcvs/webservices/wss4j/trunk/src/org/apache/ws/security/policy/WSS4JPolicyToken.java?rev=375011&r1=375010&r2=375011&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/policy/WSS4JPolicyToken.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/policy/WSS4JPolicyToken.java Sun Feb 5 04:12:03 2006
@@ -37,11 +37,9 @@
int tokenType;
- int sigKeyIdentifier;
-
String sigAlgorithm;
- int encKeyIdentifier;
+ int keyIdentifier;
String encAlgorithm;
@@ -79,8 +77,8 @@
/**
* @return Returns the encKeyIdentifier.
*/
- public int getEncKeyIdentifier() {
- return encKeyIdentifier;
+ public int getKeyIdentifier() {
+ return keyIdentifier;
}
/**
@@ -109,13 +107,6 @@
*/
public ArrayList getSigElements() {
return sigElements;
- }
-
- /**
- * @return Returns the sigKeyIdentifier.
- */
- public int getSigKeyIdentifier() {
- return sigKeyIdentifier;
}
/**
Added: webservices/wss4j/trunk/src/org/apache/ws/security/policy/WSS4JSupportingToken.java
URL: http://svn.apache.org/viewcvs/webservices/wss4j/trunk/src/org/apache/ws/security/policy/WSS4JSupportingToken.java?rev=375011&view=auto
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/policy/WSS4JSupportingToken.java (added)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/policy/WSS4JSupportingToken.java Sun Feb 5 04:12:03 2006
@@ -0,0 +1,43 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ws.security.policy;
+
+import java.util.ArrayList;
+
+/**
+ *
+ * This class holds data and parameters for a supporting token.
+ *
+ * The data is not declared as private to provide direct access from
+ * other classes in this package.
+ *
+ * @author Werner Dittmann (werner@apache.org)
+ */
+
+public class WSS4JSupportingToken {
+ int tokenType;
+
+ ArrayList supportTokens;
+
+ ArrayList sigParts;
+
+ ArrayList sigElements;
+
+ ArrayList encParts;
+
+ ArrayList encElements;
+}
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/policy/model/SupportingToken.java
URL: http://svn.apache.org/viewcvs/webservices/wss4j/trunk/src/org/apache/ws/security/policy/model/SupportingToken.java?rev=375011&r1=375010&r2=375011&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/policy/model/SupportingToken.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/policy/model/SupportingToken.java Sun Feb 5 04:12:03 2006
@@ -151,7 +151,4 @@
public void setToken(Token tok) throws WSSPolicyException {
this.addToken(tok);
}
-
-
-
}
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/policy/parser/WSSPolicyProcessor.java
URL: http://svn.apache.org/viewcvs/webservices/wss4j/trunk/src/org/apache/ws/security/policy/parser/WSSPolicyProcessor.java?rev=375011&r1=375010&r2=375011&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/policy/parser/WSSPolicyProcessor.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/policy/parser/WSSPolicyProcessor.java Sun Feb 5 04:12:03 2006
@@ -32,12 +32,17 @@
import org.apache.ws.policy.XorCompositeAssertion;
import org.apache.ws.policy.util.PolicyFactory;
import org.apache.ws.policy.util.PolicyReader;
+import org.apache.ws.security.policy.Constants;
import org.apache.ws.security.policy.WSSPolicyException;
import org.apache.ws.security.policy.model.PolicyEngineData;
import org.apache.ws.security.policy.model.RootPolicyEngineData;
import org.apache.ws.security.policy.parser.processors.AsymmetricBindingProcessor;
import org.apache.ws.security.policy.parser.processors.EncryptedPartsElementsProcessor;
+import org.apache.ws.security.policy.parser.processors.EndorsingSupportingTokensProcessor;
+import org.apache.ws.security.policy.parser.processors.SignedEndorsingSupportingTokensProcessor;
import org.apache.ws.security.policy.parser.processors.SignedPartsElementsProcessor;
+import org.apache.ws.security.policy.parser.processors.SignedSupportingTokensProcessor;
+import org.apache.ws.security.policy.parser.processors.SupportingTokensProcessor;
import org.apache.ws.security.policy.parser.processors.SymmetricBindingProcessor;
import org.apache.ws.security.policy.parser.processors.Wss10Processor;
import org.apache.ws.security.policy.parser.processors.Wss11Processor;
@@ -104,6 +109,23 @@
spt.setProcessTokenMethod(new Wss11Processor());
topLevel.setChildToken(spt);
+ spt = SecurityPolicy.supportingTokens.copy();
+ spt.setProcessTokenMethod(new SupportingTokensProcessor());
+ topLevel.setChildToken(spt);
+
+ spt = SecurityPolicy.signedSupportingTokens.copy();
+ spt.setProcessTokenMethod(new SignedSupportingTokensProcessor());
+ topLevel.setChildToken(spt);
+
+ spt = SecurityPolicy.endorsingSupportingTokens.copy();
+ spt.setProcessTokenMethod(new EndorsingSupportingTokensProcessor());
+ topLevel.setChildToken(spt);
+
+ spt = SecurityPolicy.signedEndorsingSupportingTokens.copy();
+ spt.setProcessTokenMethod(new SignedEndorsingSupportingTokensProcessor());
+ topLevel.setChildToken(spt);
+
+
/*
* Now get the initial PolicyEngineData, initialize it and put it onto
* the PED stack.
@@ -123,7 +145,7 @@
return true;
}
- public void go(String[] args) {
+ public boolean go(String[] args) {
merged = null;
for (int i = 0; i < args.length; i++) {
@@ -151,8 +173,10 @@
}
if (processPolicy(merged)) {
log.debug("Security Policy sucessfully parsed");
+ return true;
} else {
log.debug("Security Policy not sucessfully parsed");
+ return false;
}
}
@@ -216,7 +240,7 @@
*/
PrimitiveAssertion pa = (PrimitiveAssertion) assertion;
if (!(pa.getName().getNamespaceURI()
- .equals("http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"))) {
+ .equals(Constants.SP_NS))) {
log.debug("Got a unexpected assertion: "
+ pa.getName().getLocalPart());
continue;
@@ -283,16 +307,15 @@
try {
- if(spt.getTokenType() == SecurityPolicyToken.COMPLEX_TOKEN && secProcessorContext.getAction() == SecurityProcessorContext.START) {
- secProcessorContext.pushPolicyEngineData(PolicyEngineData.copy(pa.getName()));
- }
if (spt == null) {
- log.debug("Security token: '" + tokenName
+ log.error("Security token: '" + tokenName
+ "' unknown in context of '"
+ currentToken.getTokenName());
return false;
}
-
+ if(spt.getTokenType() == SecurityPolicyToken.COMPLEX_TOKEN && secProcessorContext.getAction() == SecurityProcessorContext.START) {
+ secProcessorContext.pushPolicyEngineData(PolicyEngineData.copy(pa.getName()));
+ }
ret = spt.invokeProcessTokenMethod(secProcessorContext);
} catch (IllegalArgumentException e) {
@@ -317,7 +340,7 @@
.readCurrentSecurityToken();
if (currentToken == null) {
secProcessorContext.popSecurityToken();
- log.debug("Abort transaction because of unknown token: '"
+ log.error("Abort transaction because of unknown token: '"
+ pa.getName().getLocalPart() + "'");
return;
}
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/policy/parser/processors/AsymmetricBindingProcessor.java
URL: http://svn.apache.org/viewcvs/webservices/wss4j/trunk/src/org/apache/ws/security/policy/parser/processors/AsymmetricBindingProcessor.java?rev=375011&r1=375010&r2=375011&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/policy/parser/processors/AsymmetricBindingProcessor.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/policy/parser/processors/AsymmetricBindingProcessor.java Sun Feb 5 04:12:03 2006
@@ -70,21 +70,21 @@
tmpSpt.setProcessTokenMethod(new LayoutProcessor());
spt.setChildToken(tmpSpt);
- tmpSpt = SecurityPolicy.supportingTokens.copy();
- tmpSpt.setProcessTokenMethod(new SupportingTokensProcessor());
- spt.setChildToken(tmpSpt);
-
- tmpSpt = SecurityPolicy.signedSupportingTokens.copy();
- tmpSpt.setProcessTokenMethod(new SignedSupportingTokensProcessor());
- spt.setChildToken(tmpSpt);
-
- tmpSpt = SecurityPolicy.endorsingSupportingTokens.copy();
- tmpSpt.setProcessTokenMethod(new EndorsingSupportingTokensProcessor());
- spt.setChildToken(tmpSpt);
-
- tmpSpt = SecurityPolicy.signedEndorsingSupportingTokens.copy();
- tmpSpt.setProcessTokenMethod(new SignedEndorsingSupportingTokensProcessor());
- spt.setChildToken(tmpSpt);
+// tmpSpt = SecurityPolicy.supportingTokens.copy();
+// tmpSpt.setProcessTokenMethod(new SupportingTokensProcessor());
+// spt.setChildToken(tmpSpt);
+//
+// tmpSpt = SecurityPolicy.signedSupportingTokens.copy();
+// tmpSpt.setProcessTokenMethod(new SignedSupportingTokensProcessor());
+// spt.setChildToken(tmpSpt);
+//
+// tmpSpt = SecurityPolicy.endorsingSupportingTokens.copy();
+// tmpSpt.setProcessTokenMethod(new EndorsingSupportingTokensProcessor());
+// spt.setChildToken(tmpSpt);
+//
+// tmpSpt = SecurityPolicy.signedEndorsingSupportingTokens.copy();
+// tmpSpt.setProcessTokenMethod(new SignedEndorsingSupportingTokensProcessor());
+// spt.setChildToken(tmpSpt);
tmpSpt = SecurityPolicy.includeTimestamp.copy();
tmpSpt.setProcessTokenMethod(this);
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/policy/parser/processors/SymmetricBindingProcessor.java
URL: http://svn.apache.org/viewcvs/webservices/wss4j/trunk/src/org/apache/ws/security/policy/parser/processors/SymmetricBindingProcessor.java?rev=375011&r1=375010&r2=375011&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/policy/parser/processors/SymmetricBindingProcessor.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/policy/parser/processors/SymmetricBindingProcessor.java Sun Feb 5 04:12:03 2006
@@ -74,21 +74,21 @@
tmpSpt.setProcessTokenMethod(new LayoutProcessor());
spt.setChildToken(tmpSpt);
- tmpSpt = SecurityPolicy.supportingTokens.copy();
- tmpSpt.setProcessTokenMethod(new SupportingTokensProcessor());
- spt.setChildToken(tmpSpt);
-
- tmpSpt = SecurityPolicy.signedSupportingTokens.copy();
- tmpSpt.setProcessTokenMethod(new SignedSupportingTokensProcessor());
- spt.setChildToken(tmpSpt);
-
- tmpSpt = SecurityPolicy.endorsingSupportingTokens.copy();
- tmpSpt.setProcessTokenMethod(new EndorsingSupportingTokensProcessor());
- spt.setChildToken(tmpSpt);
-
- tmpSpt = SecurityPolicy.signedEndorsingSupportingTokens.copy();
- tmpSpt.setProcessTokenMethod(new SignedEndorsingSupportingTokensProcessor());
- spt.setChildToken(tmpSpt);
+// tmpSpt = SecurityPolicy.supportingTokens.copy();
+// tmpSpt.setProcessTokenMethod(new SupportingTokensProcessor());
+// spt.setChildToken(tmpSpt);
+//
+// tmpSpt = SecurityPolicy.signedSupportingTokens.copy();
+// tmpSpt.setProcessTokenMethod(new SignedSupportingTokensProcessor());
+// spt.setChildToken(tmpSpt);
+//
+// tmpSpt = SecurityPolicy.endorsingSupportingTokens.copy();
+// tmpSpt.setProcessTokenMethod(new EndorsingSupportingTokensProcessor());
+// spt.setChildToken(tmpSpt);
+//
+// tmpSpt = SecurityPolicy.signedEndorsingSupportingTokens.copy();
+// tmpSpt.setProcessTokenMethod(new SignedEndorsingSupportingTokensProcessor());
+// spt.setChildToken(tmpSpt);
tmpSpt = SecurityPolicy.includeTimestamp.copy();
tmpSpt.setProcessTokenMethod(this);
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org