You are viewing a plain text version of this content. The canonical link for it is here.
Posted to axis-cvs@ws.apache.org by ru...@apache.org on 2006/01/24 10:14:27 UTC
svn commit: r371870 [4/4] - in
/webservices/axis2/trunk/java/modules/security: ./
src/org/apache/axis2/security/
src/org/apache/axis2/security/handler/config/ src/org/apache/ws/
src/org/apache/ws/security/ src/org/apache/ws/security/policy/ src/org/apa...
Added: webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy/parser/processors/Wss11Processor.java
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy/parser/processors/Wss11Processor.java?rev=371870&view=auto
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy/parser/processors/Wss11Processor.java (added)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy/parser/processors/Wss11Processor.java Tue Jan 24 01:13:40 2006
@@ -0,0 +1,189 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.ws.security.policy.parser.processors;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.ws.policy.PrimitiveAssertion;
+import org.apache.ws.security.policy.model.Wss11;
+import org.apache.ws.security.policy.parser.SecurityPolicy;
+import org.apache.ws.security.policy.parser.SecurityPolicyToken;
+import org.apache.ws.security.policy.parser.SecurityProcessorContext;
+
+
+/**
+ * @author Werner Dittmann (werner@apache.org)
+ *
+ */
+public class Wss11Processor {
+
+ private Log log = LogFactory.getLog(getClass());
+
+ private boolean initializedWss11 = false;
+
+ /**
+ * Intialize the Wss11 complex token.
+ *
+ * This method creates a copy of the Wss11 token and sets the handler object
+ * to the copy. Then it creates copies of the child tokens that are allowed
+ * for Wss10. These tokens are:
+ *
+ * These copies are also initialized with the handler object and then set as
+ * child tokens of Wss11.
+ *
+ * <p/> The handler object that must contain the methods
+ * <code>doWss10</code>.
+ *
+ * @param spt
+ * The token that will hold the child tokens.
+ * @throws NoSuchMethodException
+ */
+ public void initializeWss11(SecurityPolicyToken spt)
+ throws NoSuchMethodException {
+ SecurityPolicyToken tmpSpt = SecurityPolicy.mustSupportRefKeyIdentifier
+ .copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.mustSupportRefIssuerSerial.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.mustSupportRefExternalUri.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.mustSupportRefEmbeddedToken.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.mustSupportRefThumbprint.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.mustSupportRefEncryptedKey.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.requireSignatureConfirmation.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+ }
+
+ public Object doWss11(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+
+ SecurityPolicyToken spt = spc.readCurrentSecurityToken();
+
+ switch (spc.getAction()) {
+
+ case SecurityProcessorContext.START:
+ if (!initializedWss11) {
+ try {
+ initializeWss11(spt);
+ initializedWss11 = true;
+ } catch (NoSuchMethodException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ return new Boolean(false);
+ }
+ }
+ PrimitiveAssertion pa = spc.getAssertion();
+ String text = pa.getStrValue();
+ if (text != null) {
+ text = text.trim();
+ log.debug("Value: '" + text.toString() + "'");
+ }
+ case SecurityProcessorContext.COMMIT:
+ break;
+ case SecurityProcessorContext.ABORT:
+ break;
+ }
+ return new Boolean(true);
+ }
+
+ public Object doMustSupportRefKeyIdentifier(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ if(spc.getAction() == SecurityProcessorContext.COMMIT) {
+ ((Wss11)spc.readCurrentPolicyEngineData()).setMustSupportRefKeyIdentifier(true);
+ }
+ return new Boolean(true);
+ }
+
+ public Object doMustSupportRefIssuerSerial(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ if(spc.getAction() == SecurityProcessorContext.COMMIT) {
+ ((Wss11)spc.readCurrentPolicyEngineData()).setMustSupportRefIssuerSerial(true);
+ }
+ return new Boolean(true);
+ }
+
+ public Object doMustSupportRefExternalURI(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ if(spc.getAction() == SecurityProcessorContext.COMMIT) {
+ ((Wss11)spc.readCurrentPolicyEngineData()).setMustSupportRefExternalURI(true);
+ }
+ return new Boolean(true);
+ }
+
+ public Object doMustSupportRefEmbeddedToken(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ if(spc.getAction() == SecurityProcessorContext.COMMIT) {
+ ((Wss11)spc.readCurrentPolicyEngineData()).setMustSupportRefEmbeddedToken(true);
+ }
+ return new Boolean(true);
+ }
+
+ public Object doMustSupportRefThumbprint(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ if(spc.getAction() == SecurityProcessorContext.COMMIT) {
+ ((Wss11)spc.readCurrentPolicyEngineData()).setMustSupportRefThumbprint(true);
+ }
+ return new Boolean(true);
+ }
+
+ public Object doMustSupportRefEncryptedKey(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ if(spc.getAction() == SecurityProcessorContext.COMMIT) {
+ ((Wss11)spc.readCurrentPolicyEngineData()).setMustSupportRefEncryptedKey(true);
+ }
+ return new Boolean(true);
+ }
+
+ public Object doRequireSignatureConfirmation(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ if(spc.getAction() == SecurityProcessorContext.COMMIT) {
+ ((Wss11)spc.readCurrentPolicyEngineData()).setRequireSignatureConfirmation(true);
+ }
+ return new Boolean(true);
+ }
+}
Added: webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy/parser/processors/X509TokenProcessor.java
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy/parser/processors/X509TokenProcessor.java?rev=371870&view=auto
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy/parser/processors/X509TokenProcessor.java (added)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy/parser/processors/X509TokenProcessor.java Tue Jan 24 01:13:40 2006
@@ -0,0 +1,243 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.ws.security.policy.parser.processors;
+
+import javax.xml.namespace.QName;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.ws.policy.PrimitiveAssertion;
+import org.apache.ws.security.policy.Constants;
+import org.apache.ws.security.policy.WSSPolicyException;
+import org.apache.ws.security.policy.model.TokenWrapper;
+import org.apache.ws.security.policy.model.X509Token;
+import org.apache.ws.security.policy.parser.SecurityPolicy;
+import org.apache.ws.security.policy.parser.SecurityPolicyToken;
+import org.apache.ws.security.policy.parser.SecurityProcessorContext;
+
+
+/**
+ * @author Werner Dittmann (werner@apache.org)
+ */
+public class X509TokenProcessor {
+
+ private Log log = LogFactory.getLog(getClass());
+
+ private boolean initializedX509Token = false;
+
+ /**
+ * Intialize the X509 complex token.
+ *
+ * This method creates a copy of the X509Token token and sets the handler
+ * object to the copy. Then it creates copies of the child tokens that are
+ * allowed for X509Token. These tokens are:
+ *
+ * These copies are also initialized with the handler object and then set as
+ * child tokens of X509Token.
+ *
+ * <p/> The handler object that must contain the methods
+ * <code>doX509Token</code>.
+ *
+ * @param spt
+ * The token that will hold the child tokens.
+ * @throws NoSuchMethodException
+ */
+ private void initializeX509Token(SecurityPolicyToken spt)
+ throws NoSuchMethodException {
+
+ SecurityPolicyToken tmpSpt = SecurityPolicy.requireKeyIdentifierReference
+ .copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.requireIssuerSerialReference.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.requireEmbeddedTokenReference.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.requireThumbprintReference.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.wssX509V1Token10.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.wssX509V3Token10.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.wssX509Pkcs7Token10.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.wssX509PkiPathV1Token10.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.wssX509V1Token11.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.wssX509V3Token11.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.wssX509Pkcs7Token11.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+
+ tmpSpt = SecurityPolicy.wssX509PkiPathV1Token11.copy();
+ tmpSpt.setProcessTokenMethod(this);
+ spt.setChildToken(tmpSpt);
+ }
+
+ public Object doX509Token(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+
+ SecurityPolicyToken spt = spc.readCurrentSecurityToken();
+
+ switch (spc.getAction()) {
+
+ case SecurityProcessorContext.START:
+ if (!initializedX509Token) {
+ try {
+ initializeX509Token(spt);
+ X509Token token = (X509Token)spc.readCurrentPolicyEngineData();
+ //Get the includeToken attr info
+ String includetokenUri = spc.getAssertion().getAttribute(
+ new QName(Constants.SP_NS,
+ Constants.ATTR_INCLUDE_TOKEN));
+ try {
+ if(includetokenUri != null) { //since its optional
+ token.setInclusion(includetokenUri);
+ }
+ ((TokenWrapper)spc.readPreviousPolicyEngineData()).setToken(token);
+ } catch (WSSPolicyException e) {
+ // TODO Throw this out
+ e.printStackTrace();
+ }
+ initializedX509Token = true;
+ } catch (NoSuchMethodException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ return new Boolean(false);
+ }
+ }
+ PrimitiveAssertion pa = spc.getAssertion();
+ String text = pa.getStrValue();
+ if (text != null) {
+ text = text.trim();
+ log.debug("Value: '" + text.toString() + "'");
+ }
+ case SecurityProcessorContext.COMMIT:
+ break;
+ case SecurityProcessorContext.ABORT:
+ break;
+ }
+ return new Boolean(true);
+ }
+
+ public Object doRequireKeyIdentifierReference(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ return new Boolean(true);
+ }
+
+ public Object doRequireIssuerSerialReference(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ return new Boolean(true);
+ }
+
+ public Object doRequireEmbeddedTokenReference(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ return new Boolean(true);
+ }
+
+ public Object doRequireThumbprintReference(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ return new Boolean(true);
+ }
+
+ public Object doWssX509V1Token10(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ return new Boolean(true);
+ }
+
+ public Object doWssX509V3Token10(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ return new Boolean(true);
+ }
+
+ public Object doWssX509Pkcs7Token10(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ return new Boolean(true);
+ }
+
+ public Object doWssX509PkiPathV1Token10(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ return new Boolean(true);
+ }
+
+ public Object doWssX509V1Token11(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ return new Boolean(true);
+ }
+
+ public Object doWssX509V3Token11(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ return new Boolean(true);
+ }
+
+ public Object doWssX509Pkcs7Token11(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ return new Boolean(true);
+ }
+
+ public Object doWssX509PkiPathV1Token11(SecurityProcessorContext spc) {
+ log.debug("Processing "
+ + spc.readCurrentSecurityToken().getTokenName() + ": "
+ + SecurityProcessorContext.ACTION_NAMES[spc.getAction()]);
+ return new Boolean(true);
+ }
+
+}
Added: webservices/axis2/trunk/java/modules/security/test-resources/policy/SecurityPolicyBindings.xml
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/security/test-resources/policy/SecurityPolicyBindings.xml?rev=371870&view=auto
==============================================================================
--- webservices/axis2/trunk/java/modules/security/test-resources/policy/SecurityPolicyBindings.xml (added)
+++ webservices/axis2/trunk/java/modules/security/test-resources/policy/SecurityPolicyBindings.xml Tue Jan 24 01:13:40 2006
@@ -0,0 +1,50 @@
+
+<!-- Example Endpoint Policy -->
+<wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
+ xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"
+ xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
+<sp:AsymmetricBinding>
+ <wsp:Policy>
+ <sp:RecipientToken>
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always" />
+ </wsp:Policy> </sp:RecipientToken>
+ <sp:InitiatorToken>
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always" />
+ </wsp:Policy>
+ </sp:InitiatorToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic256 />
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Strict />
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp />
+ <sp:EncryptBeforeSigning />
+ <sp:EncryptSignature />
+ <sp:ProtectTokens />
+ <sp:SignedSupportingTokens>
+ <wsp:Policy>
+ <sp:UsernameToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Once" />
+ </wsp:Policy>
+ </sp:SignedSupportingTokens>
+ <sp:SignedEndorsingSupportingTokens>
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Once" />
+ </wsp:Policy>
+ </sp:SignedEndorsingSupportingTokens>
+ </wsp:Policy>
+ </sp:AsymmetricBinding>
+ <sp:Wss11>
+ <wsp:Policy>
+ <sp:RequireSignatureConfirmation />
+ </wsp:Policy>
+ </sp:Wss11>
+ </wsp:Policy>
+
+
\ No newline at end of file
Added: webservices/axis2/trunk/java/modules/security/test-resources/policy/SecurityPolicyBindingsSymm.xml
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/security/test-resources/policy/SecurityPolicyBindingsSymm.xml?rev=371870&view=auto
==============================================================================
--- webservices/axis2/trunk/java/modules/security/test-resources/policy/SecurityPolicyBindingsSymm.xml (added)
+++ webservices/axis2/trunk/java/modules/security/test-resources/policy/SecurityPolicyBindingsSymm.xml Tue Jan 24 01:13:40 2006
@@ -0,0 +1,43 @@
+<!-- Example Endpoint Policy -->
+<wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
+ xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"
+ xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
+<sp:SymmetricBinding>
+<wsp:Policy>
+<sp:ProtectionToken>
+<wsp:Policy>
+<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always"/>
+</wsp:Policy>
+</sp:ProtectionToken>
+<sp:AlgorithmSuite>
+<wsp:Policy>
+<sp:Basic256 />
+</wsp:Policy>
+</sp:AlgorithmSuite>
+<sp:Layout>
+<wsp:Policy>
+<sp:Strict />
+</wsp:Policy>
+</sp:Layout>
+<sp:IncludeTimestamp />
+<sp:EncryptBeforeSigning />
+<sp:EncryptSignature />
+<sp:ProtectTokens />
+<sp:SignedSupportingTokens>
+<wsp:Policy>
+<sp:UsernameToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Once" />
+</wsp:Policy>
+</sp:SignedSupportingTokens>
+<!--<sp:SignedEndorsingSupportingTokens>
+<wsp:Policy>
+<sp:X509V3Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/IncludeToken/Once" />
+</wsp:Policy>
+</sp:SignedEndorsingSupportingTokens> -->
+</wsp:Policy>
+</sp:SymmetricBinding>
+<sp:Wss11>
+<wsp:Policy>
+<sp:RequireSignatureConfirmation />
+</wsp:Policy>
+</sp:Wss11>
+</wsp:Policy>
Added: webservices/axis2/trunk/java/modules/security/test-resources/policy/SecurityPolicyMsg.xml
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/security/test-resources/policy/SecurityPolicyMsg.xml?rev=371870&view=auto
==============================================================================
--- webservices/axis2/trunk/java/modules/security/test-resources/policy/SecurityPolicyMsg.xml (added)
+++ webservices/axis2/trunk/java/modules/security/test-resources/policy/SecurityPolicyMsg.xml Tue Jan 24 01:13:40 2006
@@ -0,0 +1,19 @@
+<!-- Example Endpoint Policy -->
+<wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
+ xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"
+ xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
+
+ <!-- Example Message Policy -->
+
+ <sp:SignedParts>
+ <sp:Header Name="Header1" Namespace="uri:namespace_1" />
+ <sp:Header Name="Header2" Namespace="uri:namespace_2" />
+ <sp:Body/>
+ </sp:SignedParts>
+ <sp:EncryptedParts>
+ <sp:Header Name="Header2" Namespace="uri:namespace_2" />
+ <sp:Body/>
+ </sp:EncryptedParts>
+
+ </wsp:Policy>
+
\ No newline at end of file
Added: webservices/axis2/trunk/java/modules/security/test/org/apache/ws/security/policy/parser/WSSPolicyProcessorTest.java
URL: http://svn.apache.org/viewcvs/webservices/axis2/trunk/java/modules/security/test/org/apache/ws/security/policy/parser/WSSPolicyProcessorTest.java?rev=371870&view=auto
==============================================================================
--- webservices/axis2/trunk/java/modules/security/test/org/apache/ws/security/policy/parser/WSSPolicyProcessorTest.java (added)
+++ webservices/axis2/trunk/java/modules/security/test/org/apache/ws/security/policy/parser/WSSPolicyProcessorTest.java Tue Jan 24 01:13:40 2006
@@ -0,0 +1,92 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ws.security.policy.parser;
+
+import java.util.ArrayList;
+import java.util.Iterator;
+
+import junit.framework.TestCase;
+
+import org.apache.ws.security.policy.Constants;
+import org.apache.ws.security.policy.model.PolicyEngineData;
+import org.apache.ws.security.policy.model.RootPolicyEngineData;
+import org.apache.ws.security.policy.model.SignedEncryptedParts;
+import org.apache.ws.security.policy.model.SymmetricBinding;
+import org.apache.ws.security.policy.model.Wss11;
+
+public class WSSPolicyProcessorTest extends TestCase {
+
+ public WSSPolicyProcessorTest(String name) {
+ super(name);
+ }
+
+ public void testSymmetricBinding() {
+ try {
+ WSSPolicyProcessor processor = new WSSPolicyProcessor();
+ if (!processor.setup()) {
+ return;
+ }
+ String[] files = new String[2];
+ files[0] = "test-resources/policy/SecurityPolicyBindingsSymm.xml";
+ files[1] = "test-resources/policy/SecurityPolicyMsg.xml";
+ processor.go(files);
+
+ RootPolicyEngineData rootPolicyEngineData = (RootPolicyEngineData)processor.secProcessorContext.getPedStack().get(0);
+ assertNotNull("RootPolicyEngineData missing", rootPolicyEngineData);
+
+ ArrayList peds = rootPolicyEngineData.getTopLevelPEDs();
+ assertEquals("Incrrect number of PolicyEngineData", 4, peds.size());
+
+ Iterator pedIter = peds.iterator();
+ boolean symmBindingfound = false, wss11found = false, signedPartsFound = false, encryptedPartsFound = false;
+ while (pedIter.hasNext()) {
+ PolicyEngineData ped = (PolicyEngineData) pedIter.next();
+ if(ped instanceof SymmetricBinding) {
+ symmBindingfound = true;
+ SymmetricBinding symmetricBinding = (SymmetricBinding)ped;
+ assertEquals("Incorrect layout",Constants.LAYOUT_STRICT ,symmetricBinding.getLayout().getValue());
+ } else if(ped instanceof Wss11) {
+ wss11found = true;
+ Wss11 wss11 = (Wss11)ped;
+ assertEquals("Signature confirmation must be true", true,
+ wss11.isRequireSignatureConfirmation());
+ } else if(ped instanceof SignedEncryptedParts) {
+ SignedEncryptedParts parts = (SignedEncryptedParts)ped;
+ if(parts.isSignedParts()) {
+ signedPartsFound = true;
+ assertEquals(
+ "Incorrect number of headers in SignedParts",
+ 2, parts.getHeaders().size());
+ } else {
+ encryptedPartsFound = true;
+ assertEquals(
+ "Incorrect number of headers in EncryptedParts",
+ 1, parts.getHeaders().size());
+ }
+ }
+ }
+ assertTrue("SignedParts missing", signedPartsFound);
+ assertTrue("EncryptedParts missing", encryptedPartsFound);
+ assertTrue("SymmetricBinding missing", symmBindingfound);
+ assertTrue("Wss11 missing", wss11found);
+
+ } catch (NoSuchMethodException e) {
+ e.printStackTrace();
+ fail(e.getMessage());
+ }
+ }
+}