You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by gi...@apache.org on 2011/12/04 21:33:12 UTC
svn commit: r1210203 [9/16] - in
/webservices/wss4j/branches/swssf/rampart-policy: ./
src/main/java/META-INF/ src/main/java/org/apache/ws/secpolicy/
src/main/java/org/apache/ws/secpolicy/builders/
src/main/java/org/apache/ws/secpolicy/model/ src/main/j...
Modified: webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SecurityContextToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SecurityContextToken.java?rev=1210203&r1=1210202&r2=1210203&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SecurityContextToken.java (original)
+++ webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SecurityContextToken.java Sun Dec 4 20:33:05 2011
@@ -1,96 +1,126 @@
-/*
- * Copyright 2004,2005 The Apache Software Foundation.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
-
package org.apache.ws.secpolicy.model;
-import org.apache.neethi.PolicyComponent;
-import org.apache.ws.secpolicy.SP11Constants;
-import org.apache.ws.secpolicy.SP12Constants;
+import org.apache.neethi.Assertion;
+import org.apache.neethi.Policy;
import org.apache.ws.secpolicy.SPConstants;
+import org.w3c.dom.Element;
import javax.xml.namespace.QName;
-import javax.xml.stream.XMLStreamException;
-import javax.xml.stream.XMLStreamWriter;
+import java.util.Iterator;
+import java.util.List;
/**
- * Model class of SecurityContextToken assertion
+ * @author $Author$
+ * @version $Revision$ $Date$
*/
-public class SecurityContextToken extends Token {
+public class SecurityContextToken extends AbstractToken {
- boolean requireExternalUriRef;
-
- boolean sc10SecurityContextToken;
-
- public SecurityContextToken(int version) {
- setVersion(version);
- }
-
- /**
- * @return Returns the requireExternalUriRef.
- */
- public boolean isRequireExternalUriRef() {
- return requireExternalUriRef;
- }
-
- /**
- * @param requireExternalUriRef The requireExternalUriRef to set.
- */
- public void setRequireExternalUriRef(boolean requireExternalUriRef) {
- this.requireExternalUriRef = requireExternalUriRef;
- }
-
- /**
- * @return Returns the sc10SecurityContextToken.
- */
- public boolean isSc10SecurityContextToken() {
- return sc10SecurityContextToken;
- }
+ private boolean requireExternalUriReference;
+ private boolean sc13SecurityContextToken;
+ private boolean sc10SecurityContextToken;
- /**
- * @param sc10SecurityContextToken The sc10SecurityContextToken to set.
- */
- public void setSc10SecurityContextToken(boolean sc10SecurityContextToken) {
- this.sc10SecurityContextToken = sc10SecurityContextToken;
+ public SecurityContextToken(SPConstants.SPVersion version, SPConstants.IncludeTokenType includeTokenType,
+ Element issuer, String issuerName, Element claims, Policy nestedPolicy) {
+ super(version, includeTokenType, issuer, issuerName, claims, nestedPolicy);
+
+ parseNestedSecurityContextTokenPolicy(nestedPolicy, this);
}
- /* (non-Javadoc)
- * @see org.apache.neethi.Assertion#getName()
- */
public QName getName() {
- if ( version == SPConstants.SP_V12) {
- return SP12Constants.SECURITY_CONTEXT_TOKEN;
- } else {
- return SP11Constants.SECURITY_CONTEXT_TOKEN;
- }
- }
-
- /* (non-Javadoc)
- * @see org.apache.neethi.Assertion#normalize()
- */
- public PolicyComponent normalize() {
- // TODO TODO Sanka
- throw new UnsupportedOperationException("TODO Sanka");
- }
-
- /* (non-Javadoc)
- * @see org.apache.neethi.PolicyComponent#serialize(javax.xml.stream.XMLStreamWriter)
- */
- public void serialize(XMLStreamWriter writer) throws XMLStreamException {
- // TODO TODO Sanka
- throw new UnsupportedOperationException("TODO Sanka");
+ return getVersion().getSPConstants().getSecurityContextToken();
+ }
+
+ @Override
+ protected AbstractSecurityAssertion cloneAssertion(Policy nestedPolicy) {
+ return new SecurityContextToken(getVersion(), getIncludeTokenType(), getIssuer(), getIssuerName(), getClaims(), nestedPolicy);
+ }
+
+ protected void parseNestedSecurityContextTokenPolicy(Policy nestedPolicy, SecurityContextToken securityContextToken) {
+ Iterator<List<Assertion>> alternatives = nestedPolicy.getAlternatives();
+ //we just process the first alternative
+ //this means that if we have a compact policy only the first alternative is visible
+ //in contrary to a normalized policy where just one alternative exists
+ if (alternatives.hasNext()) {
+ List<Assertion> assertions = alternatives.next();
+ for (int i = 0; i < assertions.size(); i++) {
+ Assertion assertion = assertions.get(i);
+ String assertionName = assertion.getName().getLocalPart();
+ String assertionNamespace = assertion.getName().getNamespaceURI();
+ DerivedKeys derivedKeys = DerivedKeys.lookUp(assertionName);
+ if (derivedKeys != null) {
+ if (securityContextToken.getDerivedKeys() != null) {
+ throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
+ }
+ securityContextToken.setDerivedKeys(derivedKeys);
+ continue;
+ }
+ if (getVersion().getSPConstants().getRequireExternalUriReference().getLocalPart().equals(assertionName)
+ && getVersion().getSPConstants().getRequireExternalUriReference().getNamespaceURI().equals(assertionNamespace)) {
+ if (securityContextToken.isRequireExternalUriReference()) {
+ throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
+ }
+ securityContextToken.setRequireExternalUriReference(true);
+ continue;
+ }
+ if (getVersion().getSPConstants().getSc13SecurityContextToken().getLocalPart().equals(assertionName)
+ && getVersion().getSPConstants().getSc13SecurityContextToken().getNamespaceURI().equals(assertionNamespace)) {
+ if (securityContextToken.isSc13SecurityContextToken()) {
+ throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
+ }
+ securityContextToken.setSc13SecurityContextToken(true);
+ continue;
+ }
+ if (getVersion().getSPConstants().getSc10SecurityContextToken().getLocalPart().equals(assertionName)
+ && getVersion().getSPConstants().getSc10SecurityContextToken().getNamespaceURI().equals(assertionNamespace)) {
+ if (securityContextToken.isSc10SecurityContextToken()) {
+ throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
+ }
+ securityContextToken.setSc10SecurityContextToken(true);
+ continue;
+ }
+ }
+ }
+ }
+
+ public boolean isRequireExternalUriReference() {
+ return requireExternalUriReference;
+ }
+
+ protected void setRequireExternalUriReference(boolean requireExternalUriReference) {
+ this.requireExternalUriReference = requireExternalUriReference;
}
+ public boolean isSc13SecurityContextToken() {
+ return sc13SecurityContextToken;
+ }
+
+ protected void setSc13SecurityContextToken(boolean sc13SecurityContextToken) {
+ this.sc13SecurityContextToken = sc13SecurityContextToken;
+ }
+
+ public boolean isSc10SecurityContextToken() {
+ return sc10SecurityContextToken;
+ }
+
+ protected void setSc10SecurityContextToken(boolean sc10SecurityContextToken) {
+ this.sc10SecurityContextToken = sc10SecurityContextToken;
+ }
}
Propchange: webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SecurityContextToken.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Modified: webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignatureToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignatureToken.java?rev=1210203&r1=1210202&r2=1210203&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignatureToken.java (original)
+++ webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignatureToken.java Sun Dec 4 20:33:05 2011
@@ -1,120 +1,44 @@
-/*
- * Copyright 2004,2005 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+ * http://www.apache.org/licenses/LICENSE-2.0
*
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
-
package org.apache.ws.secpolicy.model;
-import javax.xml.namespace.QName;
-import javax.xml.stream.XMLStreamException;
-import javax.xml.stream.XMLStreamWriter;
-
-import org.apache.ws.secpolicy.SP11Constants;
-import org.apache.ws.secpolicy.SP12Constants;
+import org.apache.neethi.Policy;
import org.apache.ws.secpolicy.SPConstants;
-public class SignatureToken extends AbstractSecurityAssertion implements TokenWrapper {
-
- private Token signatureToken;
-
- public SignatureToken(int version){
- setVersion(version);
- }
-
- /**
- * @return Returns the signatureToken.
- */
- public Token getSignatureToken() {
- return signatureToken;
- }
+import javax.xml.namespace.QName;
- /**
- * @param signatureToken The signatureToken to set.
- */
- public void setSignatureToken(Token signatureToken) {
- this.signatureToken = signatureToken;
- }
+/**
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public class SignatureToken extends AbstractTokenWrapper {
- public void setToken(Token tok) {
- this.setSignatureToken(tok);
+ public SignatureToken(SPConstants.SPVersion version, Policy nestedPolicy) {
+ super(version, nestedPolicy);
}
public QName getName() {
- if ( version == SPConstants.SP_V12 ) {
- return SP12Constants.SIGNATURE_TOKEN;
- } else {
- return SP11Constants.SIGNATURE_TOKEN;
- }
+ return getVersion().getSPConstants().getSignatureToken();
}
- public void serialize(XMLStreamWriter writer) throws XMLStreamException {
-
- String localname = getName().getLocalPart();
- String namespaceURI = getName().getNamespaceURI();
-
- String prefix;
- String writerPrefix = writer.getPrefix(namespaceURI);
-
- if (writerPrefix == null) {
- prefix = getName().getPrefix();
- writer.setPrefix(prefix, namespaceURI);
-
- } else {
- prefix = writerPrefix;
- }
-
- // <sp:SignatureToken>
- writer.writeStartElement(prefix, localname, namespaceURI);
-
- if (writerPrefix == null) {
- // xmlns:sp=".."
- writer.writeNamespace(prefix, namespaceURI);
- }
-
-
- String wspNamespaceURI = SPConstants.POLICY.getNamespaceURI();
-
- String wspPrefix;
-
- String wspWriterPrefix = writer.getPrefix(wspNamespaceURI);
-
- if (wspWriterPrefix == null) {
- wspPrefix = SPConstants.POLICY.getPrefix();
- writer.setPrefix(wspPrefix, wspNamespaceURI);
-
- } else {
- wspPrefix = wspWriterPrefix;
- }
-
- // <wsp:Policy>
- writer.writeStartElement(wspPrefix, SPConstants.POLICY.getLocalPart(), wspNamespaceURI);
-
- if (wspWriterPrefix == null) {
- // xmlns:wsp=".."
- writer.writeNamespace(wspPrefix, wspNamespaceURI);
- }
-
- if (signatureToken == null) {
- throw new RuntimeException("EncryptionToken is not set");
- }
-
- signatureToken.serialize(writer);
-
- // </wsp:Policy>
- writer.writeEndElement();
-
- // </sp:SignatureToken>
- writer.writeEndElement();
+ @Override
+ protected AbstractSecurityAssertion cloneAssertion(Policy nestedPolicy) {
+ return new SignatureToken(getVersion(), nestedPolicy);
}
}
Propchange: webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignatureToken.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Copied: webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignedElements.java (from r1197660, axis/axis2/java/rampart/trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignedEncryptedElements.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignedElements.java?p2=webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignedElements.java&p1=axis/axis2/java/rampart/trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignedEncryptedElements.java&r1=1197660&r2=1210203&rev=1210203&view=diff
==============================================================================
--- axis/axis2/java/rampart/trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignedEncryptedElements.java (original)
+++ webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignedElements.java Sun Dec 4 20:33:05 2011
@@ -1,158 +1,45 @@
-/*
- * Copyright 2004,2005 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+ * http://www.apache.org/licenses/LICENSE-2.0
*
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
-
package org.apache.ws.secpolicy.model;
-import java.util.ArrayList;
-import java.util.Iterator;
-import java.util.HashMap;
-
-import javax.xml.namespace.QName;
-import javax.xml.stream.XMLStreamException;
-import javax.xml.stream.XMLStreamWriter;
-
-import org.apache.neethi.PolicyComponent;
-import org.apache.ws.secpolicy.SP11Constants;
-import org.apache.ws.secpolicy.SP12Constants;
+import org.apache.neethi.Policy;
import org.apache.ws.secpolicy.SPConstants;
-public class SignedEncryptedElements extends AbstractSecurityAssertion {
-
- private ArrayList xPathExpressions = new ArrayList();
-
- private HashMap declaredNamespaces = new HashMap();
-
- private String xPathVersion;
-
- /**
- * Just a flag to identify whether this holds sign element info or encr
- * elements info
- */
- private boolean signedElemets;
-
- public SignedEncryptedElements(boolean signedElements, int version) {
- this.signedElemets = signedElements;
- setVersion(version);
- }
-
- /**
- * @return Returns the xPathExpressions.
- */
- public ArrayList getXPathExpressions() {
- return xPathExpressions;
- }
-
- public void addXPathExpression(String expr) {
- this.xPathExpressions.add(expr);
- }
-
- /**
- * @return Returns the xPathVersion.
- */
- public String getXPathVersion() {
- return xPathVersion;
- }
-
- /**
- * @param pathVersion
- * The xPathVersion to set.
- */
- public void setXPathVersion(String pathVersion) {
- xPathVersion = pathVersion;
- }
-
- /**
- * @return Returns the signedElemets.
- */
- public boolean isSignedElemets() {
- return signedElemets;
- }
-
- public HashMap getDeclaredNamespaces () {
- return declaredNamespaces;
- }
-
- public void addDeclaredNamespaces(String uri, String prefix ) {
- declaredNamespaces.put(prefix, uri);
- }
-
- public void serialize(XMLStreamWriter writer) throws XMLStreamException {
-
- String localName = getName().getLocalPart();
- String namespaceURI = getName().getNamespaceURI();
-
- String prefix = writer.getPrefix(namespaceURI);
+import javax.xml.namespace.QName;
+import java.util.List;
- if (prefix == null) {
- prefix = getName().getPrefix();
- writer.setPrefix(prefix, namespaceURI);
- }
-
- // <sp:SignedElements> | <sp:EncryptedElements>
- writer.writeStartElement(prefix, localName, namespaceURI);
-
- // xmlns:sp=".."
- writer.writeNamespace(prefix, namespaceURI);
-
- if (xPathVersion != null) {
- writer.writeAttribute(prefix, namespaceURI, SPConstants.XPATH_VERSION, xPathVersion);
- }
-
- String xpathExpression;
-
- for (Iterator iterator = xPathExpressions.iterator(); iterator
- .hasNext();) {
- xpathExpression = (String) iterator.next();
- // <sp:XPath ..>
- writer.writeStartElement(prefix, SPConstants.XPATH_EXPR, namespaceURI);
-
- Iterator<String> namespaces = declaredNamespaces.keySet().iterator();
-
- while(namespaces.hasNext()) {
- final String declaredPrefix = namespaces.next();
- final String declaredNamespaceURI = (String) declaredNamespaces.get(declaredPrefix);
- writer.writeNamespace(declaredPrefix,declaredNamespaceURI);
- }
-
- writer.writeCharacters(xpathExpression);
- writer.writeEndElement();
- }
+/**
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public class SignedElements extends RequiredElements {
- // </sp:SignedElements> | </sp:EncryptedElements>
- writer.writeEndElement();
+ public SignedElements(SPConstants.SPVersion version, String xPathVersion, List<XPath> xPaths) {
+ super(version, xPathVersion, xPaths);
}
public QName getName() {
- if (signedElemets) {
- if (version == SPConstants.SP_V12) {
- return SP12Constants.SIGNED_ELEMENTS;
- } else {
- return SP11Constants.SIGNED_ELEMENTS;
- }
-
- }
-
- if (version == SPConstants.SP_V12) {
- return SP12Constants.ENCRYPTED_ELEMENTS;
- } else {
- return SP11Constants.ENCRYPTED_ELEMENTS;
- }
+ return getVersion().getSPConstants().getSignedElements();
}
- public PolicyComponent normalize() {
- return this;
+ @Override
+ protected AbstractSecurityAssertion cloneAssertion(Policy nestedPolicy) {
+ return new SignedElements(getVersion(), getXPathVersion(), getXPaths());
}
}
Propchange: webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignedElements.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Copied: webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignedParts.java (from r1197660, axis/axis2/java/rampart/trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignedEncryptedParts.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignedParts.java?p2=webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignedParts.java&p1=axis/axis2/java/rampart/trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignedEncryptedParts.java&r1=1197660&r2=1210203&rev=1210203&view=diff
==============================================================================
--- axis/axis2/java/rampart/trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignedEncryptedParts.java (original)
+++ webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignedParts.java Sun Dec 4 20:33:05 2011
@@ -1,174 +1,110 @@
-/*
- * Copyright 2004,2005 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+ * http://www.apache.org/licenses/LICENSE-2.0
*
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
-
package org.apache.ws.secpolicy.model;
-import java.util.ArrayList;
-import java.util.Iterator;
+import org.apache.neethi.Constants;
+import org.apache.neethi.Policy;
+import org.apache.ws.secpolicy.SPConstants;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamException;
import javax.xml.stream.XMLStreamWriter;
+import java.util.List;
-import org.apache.neethi.PolicyComponent;
-import org.apache.ws.secpolicy.SP11Constants;
-import org.apache.ws.secpolicy.SP12Constants;
-import org.apache.ws.secpolicy.SPConstants;
-
-public class SignedEncryptedParts extends AbstractSecurityAssertion {
+/**
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public class SignedParts extends RequiredParts {
private boolean body;
-
- private boolean attachments;
-
- private ArrayList headers = new ArrayList();
-
- private boolean signedParts;
-
+ private Attachments attachments;
private boolean signAllHeaders;
- public boolean isSignAllHeaders() {
- return signAllHeaders;
- }
+ public SignedParts(SPConstants.SPVersion version, boolean body, Attachments attachments, List<Header> headers, boolean signAllHeaders) {
+ super(version, headers);
- public void setSignAllHeaders(boolean signAllHeaders) {
+ this.body = body;
+ this.attachments = attachments;
this.signAllHeaders = signAllHeaders;
}
-
- public SignedEncryptedParts(boolean signedParts, int version) {
- this.signedParts = signedParts;
- setVersion(version);
+
+ public QName getName() {
+ return getVersion().getSPConstants().getSignedParts();
+ }
+
+ public void serialize(XMLStreamWriter writer) throws XMLStreamException {
+ writer.writeStartElement(getName().getPrefix(), getName().getLocalPart(), getName().getNamespaceURI());
+ writer.writeNamespace(getName().getPrefix(), getName().getNamespaceURI());
+ if (!isNormalized() && isOptional()) {
+ writer.writeAttribute(Constants.ATTR_WSP, writer.getNamespaceContext().getNamespaceURI(Constants.ATTR_WSP), Constants.ATTR_OPTIONAL, "true");
+ }
+ if (isIgnorable()) {
+ writer.writeAttribute(Constants.ATTR_WSP, writer.getNamespaceContext().getNamespaceURI(Constants.ATTR_WSP), Constants.ATTR_IGNORABLE, "true");
+ }
+ if (isBody()) {
+ final QName body = getVersion().getSPConstants().getBody();
+ writer.writeEmptyElement(body.getPrefix(), body.getLocalPart(), body.getNamespaceURI());
+ }
+ for (int i = 0; i < getHeaders().size(); i++) {
+ Header header = getHeaders().get(i);
+ final QName headerName = getVersion().getSPConstants().getHeader();
+ writer.writeEmptyElement(headerName.getPrefix(), headerName.getLocalPart(), headerName.getNamespaceURI());
+ if (header.getName() != null) {
+ writer.writeAttribute(SPConstants.NAME, header.getName());
+ }
+ writer.writeAttribute(SPConstants.NAMESPACE, header.getNamespace());
+ }
+ if (getAttachments() != null) {
+ getAttachments().serialize(writer);
+ }
+ writer.writeEndElement();
+ }
+
+ @Override
+ protected AbstractSecurityAssertion cloneAssertion(Policy nestedPolicy) {
+ return new SignedParts(getVersion(), isBody(),
+ getAttachments() == null ? null : (Attachments) getAttachments().clone(nestedPolicy),
+ getHeaders(), isSignAllHeaders());
}
- /**
- * @return Returns the body.
- */
public boolean isBody() {
return body;
}
- /**
- * @param body The body to set.
- */
- public void setBody(boolean body) {
+ protected void setBody(boolean body) {
this.body = body;
}
-
- /**
- * @return Returns the attachments.
- */
- public boolean isAttachments() {
+
+ public Attachments getAttachments() {
return attachments;
}
- /**
- * @param attachments The attachments to set.
- */
- public void setAttachments(boolean attachments) {
+ protected void setAttachments(Attachments attachments) {
this.attachments = attachments;
}
- /**
- * @return Returns the headers.
- */
- public ArrayList getHeaders() {
- return this.headers;
- }
-
- /**
- * @param headers The headers to set.
- */
- public void addHeader(Header header) {
- this.headers.add(header);
- }
-
- /**
- * @return Returns the signedParts.
- */
- public boolean isSignedParts() {
- return signedParts;
- }
-
- public QName getName() {
- if (signedParts) {
- if ( version == SPConstants.SP_V12) {
- return SP12Constants.SIGNED_PARTS;
- } else {
- return SP11Constants.SIGNED_PARTS;
- }
- }
-
- if ( version == SPConstants.SP_V12) {
- return SP12Constants.ENCRYPTED_PARTS;
- } else {
- return SP11Constants.ENCRYPTED_PARTS;
- }
-
+ public boolean isSignAllHeaders() {
+ return signAllHeaders;
}
- public PolicyComponent normalize() {
- return this;
+ protected void setSignAllHeaders(boolean signAllHeaders) {
+ this.signAllHeaders = signAllHeaders;
}
-
- public void serialize(XMLStreamWriter writer) throws XMLStreamException {
- String localName = getName().getLocalPart();
- String namespaceURI = getName().getNamespaceURI();
-
- String prefix = writer.getPrefix(namespaceURI);
-
- if (prefix == null) {
- prefix = getName().getPrefix();
- writer.setPrefix(prefix, namespaceURI);
- }
-
- // <sp:SignedParts> | <sp:EncryptedParts>
- writer.writeStartElement(prefix, localName, namespaceURI);
-
- // xmlns:sp=".."
- writer.writeNamespace(prefix, namespaceURI);
-
- if (isBody()) {
- // <sp:Body />
- writer.writeStartElement(prefix, SPConstants.BODY, namespaceURI);
- writer.writeEndElement();
- }
-
- Header header;
- for (Iterator iterator = headers.iterator(); iterator.hasNext();) {
- header = (Header) iterator.next();
- // <sp:Header Name=".." Namespace=".." />
- writer.writeStartElement(prefix, SPConstants.HEADER, namespaceURI);
- // Name attribute is optional
- if (header.getName() != null) {
- writer.writeAttribute("Name", header.getName());
- }
- writer.writeAttribute("Namespace", header.getNamespace());
-
- writer.writeEndElement();
- }
-
- if (isAttachments() && version == SPConstants.SP_V12) {
- // <sp:Attachments />
- writer.writeStartElement(prefix, SPConstants.ATTACHMENTS, namespaceURI);
- writer.writeEndElement();
- }
-
- // </sp:SignedParts> | </sp:EncryptedParts>
- writer.writeEndElement();
- }
-
-
}
Propchange: webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignedParts.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Copied: webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SpnegoContextToken.java (from r1197660, axis/axis2/java/rampart/trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/X509Token.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SpnegoContextToken.java?p2=webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SpnegoContextToken.java&p1=axis/axis2/java/rampart/trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/X509Token.java&r1=1197660&r2=1210203&rev=1210203&view=diff
==============================================================================
--- axis/axis2/java/rampart/trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/X509Token.java (original)
+++ webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SpnegoContextToken.java Sun Dec 4 20:33:05 2011
@@ -1,228 +1,126 @@
-/*
- * Copyright 2004,2005 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+ * http://www.apache.org/licenses/LICENSE-2.0
*
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
-
package org.apache.ws.secpolicy.model;
-import javax.xml.namespace.QName;
-import javax.xml.stream.XMLStreamException;
-import javax.xml.stream.XMLStreamWriter;
-
-import org.apache.neethi.PolicyComponent;
-import org.apache.ws.secpolicy.Constants;
-import org.apache.ws.secpolicy.SP11Constants;
-import org.apache.ws.secpolicy.SP12Constants;
+import org.apache.neethi.Assertion;
+import org.apache.neethi.Policy;
import org.apache.ws.secpolicy.SPConstants;
+import org.w3c.dom.Element;
-public class X509Token extends Token {
-
- private boolean requireKeyIdentifierReference;
-
- private boolean requireIssuerSerialReference;
-
- private boolean requireEmbeddedTokenReference;
-
- private boolean requireThumbprintReference;
-
- private String tokenVersionAndType = Constants.WSS_X509_V3_TOKEN10;
-
- private String encryptionUser;
-
- private String userCertAlias;
-
- public String getEncryptionUser() {
- return encryptionUser;
- }
-
- public void setEncryptionUser(String encryptionUser) {
- this.encryptionUser = encryptionUser;
- }
-
- public String getUserCertAlias() {
- return userCertAlias;
- }
-
- public void setUserCertAlias(String userCertAlias) {
- this.userCertAlias = userCertAlias;
- }
-
- public X509Token(int version) {
- setVersion(version);
- }
-
- /**
- * @return Returns the requireEmbeddedTokenReference.
- */
- public boolean isRequireEmbeddedTokenReference() {
- return requireEmbeddedTokenReference;
- }
-
- /**
- * @param requireEmbeddedTokenReference The requireEmbeddedTokenReference to set.
- */
- public void setRequireEmbeddedTokenReference(
- boolean requireEmbeddedTokenReference) {
- this.requireEmbeddedTokenReference = requireEmbeddedTokenReference;
- }
-
- /**
- * @return Returns the requireIssuerSerialReference.
- */
- public boolean isRequireIssuerSerialReference() {
- return requireIssuerSerialReference;
- }
-
- /**
- * @param requireIssuerSerialReference The requireIssuerSerialReference to set.
- */
- public void setRequireIssuerSerialReference(boolean requireIssuerSerialReference) {
- this.requireIssuerSerialReference = requireIssuerSerialReference;
- }
-
- /**
- * @return Returns the requireKeyIdentifierReference.
- */
- public boolean isRequireKeyIdentifierReference() {
- return requireKeyIdentifierReference;
- }
-
- /**
- * @param requireKeyIdentifierReference The requireKeyIdentifierReference to set.
- */
- public void setRequireKeyIdentifierReference(
- boolean requireKeyIdentifierReference) {
- this.requireKeyIdentifierReference = requireKeyIdentifierReference;
- }
+import javax.xml.namespace.QName;
+import java.util.Iterator;
+import java.util.List;
- /**
- * @return Returns the requireThumbprintReference.
- */
- public boolean isRequireThumbprintReference() {
- return requireThumbprintReference;
- }
+/**
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public class SpnegoContextToken extends AbstractToken {
- /**
- * @param requireThumbprintReference The requireThumbprintReference to set.
- */
- public void setRequireThumbprintReference(boolean requireThumbprintReference) {
- this.requireThumbprintReference = requireThumbprintReference;
- }
+ private boolean mustNotSendCancel;
+ private boolean mustNotSendAmend;
+ private boolean mustNotSendRenew;
- /**
- * @return Returns the tokenVersionAndType.
- */
- public String getTokenVersionAndType() {
- return tokenVersionAndType;
- }
+ public SpnegoContextToken(SPConstants.SPVersion version, SPConstants.IncludeTokenType includeTokenType,
+ Element issuer, String issuerName, Element claims, Policy nestedPolicy) {
+ super(version, includeTokenType, issuer, issuerName, claims, nestedPolicy);
- /**
- * @param tokenVersionAndType The tokenVersionAndType to set.
- */
- public void setTokenVersionAndType(String tokenVersionAndType) {
- this.tokenVersionAndType = tokenVersionAndType;
+ parseNestedPolicy(nestedPolicy, this);
}
public QName getName() {
- if ( version == SPConstants.SP_V12) {
- return SP12Constants.X509_TOKEN;
- } else {
- return SP11Constants.X509_TOKEN;
- }
+ return getVersion().getSPConstants().getSpnegoContextToken();
}
- public PolicyComponent normalize() {
- throw new UnsupportedOperationException();
+ @Override
+ protected AbstractSecurityAssertion cloneAssertion(Policy nestedPolicy) {
+ return new SpnegoContextToken(getVersion(), getIncludeTokenType(), getIssuer(), getIssuerName(), getClaims(), nestedPolicy);
+ }
+
+ protected void parseNestedPolicy(Policy nestedPolicy, SpnegoContextToken spnegoContextToken) {
+ Iterator<List<Assertion>> alternatives = nestedPolicy.getAlternatives();
+ //we just process the first alternative
+ //this means that if we have a compact policy only the first alternative is visible
+ //in contrary to a normalized policy where just one alternative exists
+ if (alternatives.hasNext()) {
+ List<Assertion> assertions = alternatives.next();
+ for (int i = 0; i < assertions.size(); i++) {
+ Assertion assertion = assertions.get(i);
+ String assertionName = assertion.getName().getLocalPart();
+ String assertionNamespace = assertion.getName().getNamespaceURI();
+ DerivedKeys derivedKeys = DerivedKeys.lookUp(assertionName);
+ if (derivedKeys != null) {
+ if (spnegoContextToken.getDerivedKeys() != null) {
+ throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
+ }
+ spnegoContextToken.setDerivedKeys(derivedKeys);
+ continue;
+ }
+ if (getVersion().getSPConstants().getMustNotSendCancel().getLocalPart().equals(assertionName)
+ && getVersion().getSPConstants().getMustNotSendCancel().getNamespaceURI().equals(assertionNamespace)) {
+ if (spnegoContextToken.isMustNotSendCancel()) {
+ throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
+ }
+ spnegoContextToken.setMustNotSendCancel(true);
+ continue;
+ }
+ if (getVersion().getSPConstants().getMustNotSendAmend().getLocalPart().equals(assertionName)
+ && getVersion().getSPConstants().getMustNotSendAmend().getNamespaceURI().equals(assertionNamespace)) {
+ if (spnegoContextToken.isMustNotSendAmend()) {
+ throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
+ }
+ spnegoContextToken.setMustNotSendAmend(true);
+ continue;
+ }
+ if (getVersion().getSPConstants().getMustNotSendRenew().getLocalPart().equals(assertionName)
+ && getVersion().getSPConstants().getMustNotSendRenew().getNamespaceURI().equals(assertionNamespace)) {
+ if (spnegoContextToken.isMustNotSendRenew()) {
+ throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
+ }
+ spnegoContextToken.setMustNotSendRenew(true);
+ continue;
+ }
+ }
+ }
+ }
+
+ public boolean isMustNotSendCancel() {
+ return mustNotSendCancel;
+ }
+
+ protected void setMustNotSendCancel(boolean mustNotSendCancel) {
+ this.mustNotSendCancel = mustNotSendCancel;
+ }
+
+ public boolean isMustNotSendAmend() {
+ return mustNotSendAmend;
+ }
+
+ protected void setMustNotSendAmend(boolean mustNotSendAmend) {
+ this.mustNotSendAmend = mustNotSendAmend;
}
- public void serialize(XMLStreamWriter writer) throws XMLStreamException {
- String localName = getName().getLocalPart();
- String namespaceURI = getName().getNamespaceURI();
-
- String prefix = writer.getPrefix(namespaceURI);
+ public boolean isMustNotSendRenew() {
+ return mustNotSendRenew;
+ }
- if (prefix == null) {
- prefix = getName().getPrefix();
- writer.setPrefix(prefix, namespaceURI);
- }
-
- // <sp:X509Token>
- writer.writeStartElement(prefix, localName, namespaceURI);
-
- String inclusion;
-
- if (version == SPConstants.SP_V12) {
- inclusion = SP12Constants.getAttributeValueFromInclusion(getInclusion());
- } else {
- inclusion = SP11Constants.getAttributeValueFromInclusion(getInclusion());
- }
-
- if (inclusion != null) {
- writer.writeAttribute(prefix, namespaceURI, SPConstants.ATTR_INCLUDE_TOKEN , inclusion);
- }
-
-
- String pPrefix = writer.getPrefix(SPConstants.POLICY.getNamespaceURI());
- if (pPrefix == null) {
- pPrefix = SPConstants.POLICY.getPrefix();
- writer.setPrefix(pPrefix, SPConstants.POLICY.getNamespaceURI());
- }
-
- // <wsp:Policy>
- writer.writeStartElement(pPrefix, SPConstants.POLICY.getLocalPart(), SPConstants.POLICY.getNamespaceURI());
-
- if (isRequireKeyIdentifierReference()) {
- // <sp:RequireKeyIdentifierReference />
- writer.writeStartElement(prefix, SPConstants.REQUIRE_KEY_IDENTIFIRE_REFERENCE, namespaceURI);
- writer.writeEndElement();
- }
-
- if (isRequireIssuerSerialReference()) {
- // <sp:RequireIssuerSerialReference />
- writer.writeStartElement(prefix, SPConstants.REQUIRE_ISSUER_SERIAL_REFERENCE, namespaceURI);
- writer.writeEndElement();
- }
-
- if (isRequireEmbeddedTokenReference()) {
- // <sp:RequireEmbeddedTokenReference />
- writer.writeStartElement(prefix, SPConstants.REQUIRE_EMBEDDED_TOKEN_REFERENCE, namespaceURI);
- writer.writeEndElement();
- }
-
- if (isRequireThumbprintReference()) {
- // <sp:RequireThumbprintReference />
- writer.writeStartElement(prefix, SPConstants.REQUIRE_THUMBPRINT_REFERENCE, namespaceURI);
- writer.writeEndElement();
- }
-
- if (tokenVersionAndType != null) {
- // <sp:WssX509V1Token10 /> | ..
- writer.writeStartElement(prefix, tokenVersionAndType, namespaceURI);
- writer.writeEndElement();
- }
-
- if(isDerivedKeys()) {
- // <sp:RequireDerivedKeys/>
- writer.writeStartElement(prefix, SPConstants.REQUIRE_DERIVED_KEYS, namespaceURI);
- writer.writeEndElement();
- }
-
- // </wsp:Policy>
- writer.writeEndElement();
-
- // </sp:X509Token>
- writer.writeEndElement();
+ protected void setMustNotSendRenew(boolean mustNotSendRenew) {
+ this.mustNotSendRenew = mustNotSendRenew;
}
-
}
Propchange: webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SpnegoContextToken.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SupportingTokenType.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SupportingTokenType.java?rev=1210203&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SupportingTokenType.java (added)
+++ webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SupportingTokenType.java Sun Dec 4 20:33:05 2011
@@ -0,0 +1,30 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.ws.secpolicy.model;
+
+import javax.xml.namespace.QName;
+
+/**
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public interface SupportingTokenType {
+
+ QName getName();
+}
Propchange: webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SupportingTokenType.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Copied: webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SupportingTokens.java (from r1197660, axis/axis2/java/rampart/trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SupportingToken.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SupportingTokens.java?p2=webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SupportingTokens.java&p1=axis/axis2/java/rampart/trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SupportingToken.java&r1=1197660&r2=1210203&rev=1210203&view=diff
==============================================================================
--- axis/axis2/java/rampart/trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SupportingToken.java (original)
+++ webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SupportingTokens.java Sun Dec 4 20:33:05 2011
@@ -1,336 +1,192 @@
-/*
- * Copyright 2004,2005 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+ * http://www.apache.org/licenses/LICENSE-2.0
*
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
-
package org.apache.ws.secpolicy.model;
-import java.util.ArrayList;
-import java.util.Iterator;
+import org.apache.neethi.Assertion;
+import org.apache.neethi.Policy;
+import org.apache.neethi.PolicyComponent;
+import org.apache.neethi.PolicyContainingAssertion;
+import org.apache.ws.secpolicy.SPConstants;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamException;
import javax.xml.stream.XMLStreamWriter;
+import java.util.ArrayList;
+import java.util.Iterator;
+import java.util.List;
-import org.apache.neethi.PolicyComponent;
-import org.apache.ws.secpolicy.SP11Constants;
-import org.apache.ws.secpolicy.SP12Constants;
-import org.apache.ws.secpolicy.SPConstants;
-
-public class SupportingToken extends AbstractSecurityAssertion implements
- AlgorithmWrapper, TokenWrapper {
-
- /**
- * Type of SupportingToken
- *
- * @see SupportingToken#SUPPORTING
- * @see SupportingToken#ENDORSING
- * @see SupportingToken#SIGNED
- * @see SupportingToken#SIGNED_ENDORSING
- */
- private int type;
+/**
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public class SupportingTokens extends AbstractSecurityAssertion implements PolicyContainingAssertion {
+ private Policy nestedPolicy;
+ private SupportingTokenType supportingTokenType;
+ private List<AbstractToken> tokens = new ArrayList<AbstractToken>();
private AlgorithmSuite algorithmSuite;
+ private SignedParts signedParts;
+ private SignedElements signedElements;
+ private EncryptedParts encryptedParts;
+ private EncryptedElements encryptedElements;
- private ArrayList tokens = new ArrayList();
-
- private SignedEncryptedElements signedElements;
-
- private SignedEncryptedElements encryptedElements;
+ public SupportingTokens(SPConstants.SPVersion version, SupportingTokenType supportingTokenType, Policy nestedPolicy) {
+ super(version);
+ this.nestedPolicy = nestedPolicy;
+ this.supportingTokenType = supportingTokenType;
- private SignedEncryptedParts signedParts;
-
- private SignedEncryptedParts encryptedParts;
-
- private boolean signedElementsOptional;
-
- private boolean encryptedElementsOptional;
-
- private boolean signedPartsOptional;
-
- private boolean encryptedPartsOptional;
-
- public SupportingToken(int type, int version ) {
- this.type = type;
- setVersion(version);
+ parseNestedPolicy(nestedPolicy, this);
}
-
- /**
- * @return Returns the algorithmSuite.
- */
- public AlgorithmSuite getAlgorithmSuite() {
- return algorithmSuite;
+
+ public Policy getPolicy() {
+ return nestedPolicy;
}
- /**
- * @param algorithmSuite
- * The algorithmSuite to set.
- */
- public void setAlgorithmSuite(AlgorithmSuite algorithmSuite) {
- this.algorithmSuite = algorithmSuite;
+ public QName getName() {
+ return getSupportingTokenType().getName();
}
- /**
- * @return Returns the token.
- */
- public ArrayList getTokens() {
- return tokens;
+ public void serialize(XMLStreamWriter writer) throws XMLStreamException {
+ super.serialize(writer, getPolicy());
}
- /**
- * @param token
- * The token to set.
- */
- public void addToken(Token token) {
- this.tokens.add(token);
+ public PolicyComponent normalize() {
+ return super.normalize(getPolicy());
}
- /**
- * @return Returns the type.
- */
- public int getTokenType() {
- return type;
- }
-
- /**
- * @param type
- * The type to set.
- */
- public void setTokenType(int type) {
- this.type = type;
- }
-
- /**
- * @return Returns the encryptedElements.
- */
- public SignedEncryptedElements getEncryptedElements() {
- return encryptedElements;
+ @Override
+ protected AbstractSecurityAssertion cloneAssertion(Policy nestedPolicy) {
+ return new SupportingTokens(getVersion(), getSupportingTokenType(), nestedPolicy);
+ }
+
+ protected void parseNestedPolicy(Policy nestedPolicy, SupportingTokens supportingTokens) {
+ Iterator<List<Assertion>> alternatives = nestedPolicy.getAlternatives();
+ //we just process the first alternative
+ //this means that if we have a compact policy only the first alternative is visible
+ //in contrary to a normalized policy where just one alternative exists
+ if (alternatives.hasNext()) {
+ List<Assertion> assertions = alternatives.next();
+ for (int i = 0; i < assertions.size(); i++) {
+ Assertion assertion = assertions.get(i);
+ String assertionName = assertion.getName().getLocalPart();
+ String assertionNamespace = assertion.getName().getNamespaceURI();
+ if (assertion instanceof AbstractToken) {
+ supportingTokens.addToken((AbstractToken) assertion);
+ continue;
+ }
+ if (getVersion().getSPConstants().getAlgorithmSuite().getLocalPart().equals(assertionName)
+ && getVersion().getSPConstants().getAlgorithmSuite().getNamespaceURI().equals(assertionNamespace)) {
+ if (supportingTokens.getAlgorithmSuite() != null) {
+ throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
+ }
+ supportingTokens.setAlgorithmSuite((AlgorithmSuite) assertion);
+ continue;
+ }
+ if (getVersion().getSPConstants().getSignedParts().getLocalPart().equals(assertionName)
+ && getVersion().getSPConstants().getSignedParts().getNamespaceURI().equals(assertionNamespace)) {
+ if (supportingTokens.getSignedParts() != null) {
+ throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
+ }
+ supportingTokens.setSignedParts((SignedParts) assertion);
+ continue;
+ }
+ if (getVersion().getSPConstants().getSignedElements().getLocalPart().equals(assertionName)
+ && getVersion().getSPConstants().getSignedElements().getNamespaceURI().equals(assertionNamespace)) {
+ if (supportingTokens.getSignedElements() != null) {
+ throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
+ }
+ supportingTokens.setSignedElements((SignedElements) assertion);
+ continue;
+ }
+ if (getVersion().getSPConstants().getEncryptedParts().getLocalPart().equals(assertionName)
+ && getVersion().getSPConstants().getEncryptedParts().getNamespaceURI().equals(assertionNamespace)) {
+ if (supportingTokens.getEncryptedParts() != null) {
+ throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
+ }
+ supportingTokens.setEncryptedParts((EncryptedParts) assertion);
+ continue;
+ }
+ if (getVersion().getSPConstants().getEncryptedElements().getLocalPart().equals(assertionName)
+ && getVersion().getSPConstants().getEncryptedElements().getNamespaceURI().equals(assertionNamespace)) {
+ if (supportingTokens.getEncryptedElements() != null) {
+ throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
+ }
+ supportingTokens.setEncryptedElements((EncryptedElements) assertion);
+ continue;
+ }
+ }
+ }
+ }
+
+ public SupportingTokenType getSupportingTokenType() {
+ return supportingTokenType;
}
- /**
- * @param encryptedElements
- * The encryptedElements to set.
- */
- public void setEncryptedElements(SignedEncryptedElements encryptedElements) {
- this.encryptedElements = encryptedElements;
+ protected void setSupportingTokenType(SupportingTokenType supportingTokenType) {
+ this.supportingTokenType = supportingTokenType;
}
- /**
- * @return Returns the encryptedParts.
- */
- public SignedEncryptedParts getEncryptedParts() {
- return encryptedParts;
+ public List<AbstractToken> getTokens() {
+ return tokens;
}
- /**
- * @param encryptedParts
- * The encryptedParts to set.
- */
- public void setEncryptedParts(SignedEncryptedParts encryptedParts) {
- this.encryptedParts = encryptedParts;
+ public void addToken(AbstractToken token) {
+ this.tokens.add(token);
}
- /**
- * @return Returns the signedElements.
- */
- public SignedEncryptedElements getSignedElements() {
- return signedElements;
+ public AlgorithmSuite getAlgorithmSuite() {
+ return algorithmSuite;
}
- /**
- * @param signedElements
- * The signedElements to set.
- */
- public void setSignedElements(SignedEncryptedElements signedElements) {
- this.signedElements = signedElements;
+ protected void setAlgorithmSuite(AlgorithmSuite algorithmSuite) {
+ this.algorithmSuite = algorithmSuite;
}
- /**
- * @return Returns the signedParts.
- */
- public SignedEncryptedParts getSignedParts() {
+ public SignedParts getSignedParts() {
return signedParts;
}
- /**
- * @param signedParts
- * The signedParts to set.
- */
- public void setSignedParts(SignedEncryptedParts signedParts) {
+ protected void setSignedParts(SignedParts signedParts) {
this.signedParts = signedParts;
}
- /*
- * (non-Javadoc)
- *
- * @see org.apache.ws.security.policy.TokenWrapper#setToken(org.apache.ws.security.policy.Token)
- */
- public void setToken(Token tok) {
- this.addToken(tok);
- }
-
- public boolean isSignedElementsOptional() {
- return signedElementsOptional;
- }
-
- public void setSignedElementsOptional(boolean signedElementsOptional) {
- this.signedElementsOptional = signedElementsOptional;
- }
-
- public boolean isEncryptedElementsOptional() {
- return encryptedElementsOptional;
- }
-
- public void setEncryptedElementsOptional(boolean encryptedElementsOptional) {
- this.encryptedElementsOptional = encryptedElementsOptional;
- }
-
- public boolean isSignedPartsOptional() {
- return signedPartsOptional;
- }
-
- public void setSignedPartsOptional(boolean signedPartsOptional) {
- this.signedPartsOptional = signedPartsOptional;
- }
-
- public boolean isEncryptedPartsOptional() {
- return encryptedPartsOptional;
- }
-
- public void setEncryptedPartsOptional(boolean encryptedPartsOptional) {
- this.encryptedPartsOptional = encryptedPartsOptional;
- }
-
- public QName getName() {
- //TODO Should we refactor this class ?? with a SuppotingTokenBase and sub classes
- switch (type) {
- case SPConstants.SUPPORTING_TOKEN_SUPPORTING:
- return version == SPConstants.SP_V12 ? SP12Constants.SUPPORTING_TOKENS :
- SP11Constants.SUPPORTING_TOKENS;
- case SPConstants.SUPPORTING_TOKEN_SIGNED:
- return version == SPConstants.SP_V12 ? SP12Constants.SIGNED_SUPPORTING_TOKENS :
- SP11Constants.SIGNED_SUPPORTING_TOKENS;
- case SPConstants.SUPPORTING_TOKEN_ENDORSING:
- return version == SPConstants.SP_V12 ? SP12Constants.ENDORSING_SUPPORTING_TOKENS :
- SP11Constants.ENDORSING_SUPPORTING_TOKENS;
- case SPConstants.SUPPORTING_TOKEN_SIGNED_ENDORSING:
- return version == SPConstants.SP_V12 ? SP12Constants.SIGNED_ENDORSING_SUPPORTING_TOKENS:
- SP11Constants.SIGNED_ENDORSING_SUPPORTING_TOKENS;
- case SPConstants.SUPPORTING_TOKEN_ENCRYPTED:
- return SP12Constants.ENCRYPTED_SUPPORTING_TOKENS;
-
- case SPConstants.SUPPORTING_TOKEN_SIGNED_ENCRYPTED:
- return SP12Constants.SIGNED_ENCRYPTED_SUPPORTING_TOKENS;
-
- case SPConstants.SUPPORTING_TOKEN_ENDORSING_ENCRYPTED:
- return SP12Constants.ENDORSING_ENCRYPTED_SUPPORTING_TOKENS;
-
- case SPConstants.SUPPORTING_TOKEN_SIGNED_ENDORSING_ENCRYPTED:
- return SP12Constants.SIGNED_ENDORSING_ENCRYPTED_SUPPORTING_TOKENS;
- default:
- return null;
- }
- }
-
- /**
- * @return true if the supporting token should be encrypted
- */
-
- public boolean isEncryptedToken() {
-
- switch (type) {
- case SPConstants.SUPPORTING_TOKEN_SUPPORTING:
- return false;
- case SPConstants.SUPPORTING_TOKEN_SIGNED:
- return false;
- case SPConstants.SUPPORTING_TOKEN_ENDORSING:
- return false;
- case SPConstants.SUPPORTING_TOKEN_SIGNED_ENDORSING:
- return false;
- case SPConstants.SUPPORTING_TOKEN_ENCRYPTED:
- return true;
- case SPConstants.SUPPORTING_TOKEN_SIGNED_ENCRYPTED:
- return true;
- case SPConstants.SUPPORTING_TOKEN_ENDORSING_ENCRYPTED:
- return true;
- case SPConstants.SUPPORTING_TOKEN_SIGNED_ENDORSING_ENCRYPTED:
- return true;
- default:
- return false;
- }
-
-
+ public SignedElements getSignedElements() {
+ return signedElements;
}
- public PolicyComponent normalize() {
- return this;
+ protected void setSignedElements(SignedElements signedElements) {
+ this.signedElements = signedElements;
}
- public short getType() {
- return org.apache.neethi.Constants.TYPE_ASSERTION;
+ public EncryptedParts getEncryptedParts() {
+ return encryptedParts;
}
- public void serialize(XMLStreamWriter writer) throws XMLStreamException {
- String namespaceURI = getName().getNamespaceURI();
-
- String prefix = writer.getPrefix(namespaceURI);
- if (prefix == null) {
- prefix = getName().getPrefix();
- writer.setPrefix(prefix, namespaceURI);
- }
-
- String localname = getName().getLocalPart();
-
- // <sp:SupportingToken>
- writer.writeStartElement(prefix, localname, namespaceURI);
-
- // xmlns:sp=".."
- writer.writeNamespace(prefix, namespaceURI);
-
- String pPrefix = writer.getPrefix(SPConstants.POLICY.getNamespaceURI());
- if (pPrefix == null) {
- pPrefix = SPConstants.POLICY.getPrefix();
- writer.setPrefix(pPrefix, SPConstants.POLICY.getNamespaceURI());
- }
- // <wsp:Policy>
- writer.writeStartElement(pPrefix, SPConstants.POLICY.getLocalPart(),
- SPConstants.POLICY.getNamespaceURI());
-
- Token token;
- for (Iterator iterator = getTokens().iterator(); iterator.hasNext();) {
- // [Token Assertion] +
- token = (Token) iterator.next();
- token.serialize(writer);
- }
+ protected void setEncryptedParts(EncryptedParts encryptedParts) {
+ this.encryptedParts = encryptedParts;
+ }
-
- if (signedParts != null) {
- signedParts.serialize(writer);
-
- } else if (signedElements != null) {
- signedElements.serialize(writer);
-
- } else if (encryptedParts != null) {
- encryptedParts.serialize(writer);
-
- } else if (encryptedElements != null) {
- encryptedElements.serialize(writer);
- }
- // </wsp:Policy>
- writer.writeEndElement();
+ public EncryptedElements getEncryptedElements() {
+ return encryptedElements;
+ }
- writer.writeEndElement();
- // </sp:SupportingToken>
+ protected void setEncryptedElements(EncryptedElements encryptedElements) {
+ this.encryptedElements = encryptedElements;
}
}
Propchange: webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SupportingTokens.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Modified: webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SymmetricBinding.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SymmetricBinding.java?rev=1210203&r1=1210202&r2=1210203&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SymmetricBinding.java (original)
+++ webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SymmetricBinding.java Sun Dec 4 20:33:05 2011
@@ -1,241 +1,118 @@
-/*
- * Copyright 2004,2005 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+ * http://www.apache.org/licenses/LICENSE-2.0
*
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
-
package org.apache.ws.secpolicy.model;
-import java.util.Iterator;
-import java.util.List;
-
-import javax.xml.namespace.QName;
-import javax.xml.stream.XMLStreamException;
-import javax.xml.stream.XMLStreamWriter;
-
-import org.apache.neethi.All;
-import org.apache.neethi.ExactlyOne;
+import org.apache.neethi.Assertion;
import org.apache.neethi.Policy;
-import org.apache.neethi.PolicyComponent;
-import org.apache.ws.secpolicy.SP11Constants;
-import org.apache.ws.secpolicy.SP12Constants;
import org.apache.ws.secpolicy.SPConstants;
-public class SymmetricBinding extends SymmetricAsymmetricBindingBase {
+import javax.xml.namespace.QName;
+import java.util.Iterator;
+import java.util.List;
+
+/**
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public class SymmetricBinding extends AbstractSymmetricAsymmetricBinding {
private EncryptionToken encryptionToken;
-
private SignatureToken signatureToken;
-
private ProtectionToken protectionToken;
-
- public SymmetricBinding(int version) {
- super(version);
- }
-
- /**
- * @return Returns the encryptionToken.
- */
- public EncryptionToken getEncryptionToken() {
- return encryptionToken;
+
+ public SymmetricBinding(SPConstants.SPVersion version, Policy nestedPolicy) {
+ super(version, nestedPolicy);
+
+ parseNestedPolicy(nestedPolicy, this);
}
- /**
- * @param encryptionToken The encryptionToken to set.
- */
- public void setEncryptionToken(EncryptionToken encryptionToken) {
- if(this.protectionToken != null) {
-// throw new WSSPolicyException("Cannot use an EncryptionToken in a " +
-// "SymmetricBinding when there is a ProtectionToken");
+ public QName getName() {
+ return getVersion().getSPConstants().getSymmetricBinding();
+ }
+
+ @Override
+ protected AbstractSecurityAssertion cloneAssertion(Policy nestedPolicy) {
+ return new SymmetricBinding(getVersion(), nestedPolicy);
+ }
+
+ protected void parseNestedPolicy(Policy nestedPolicy, SymmetricBinding symmetricBinding) {
+ Iterator<List<Assertion>> alternatives = nestedPolicy.getAlternatives();
+ //we just process the first alternative
+ //this means that if we have a compact policy only the first alternative is visible
+ //in contrary to a normalized policy where just one alternative exists
+ if (alternatives.hasNext()) {
+ List<Assertion> assertions = alternatives.next();
+ for (int i = 0; i < assertions.size(); i++) {
+ Assertion assertion = assertions.get(i);
+ String assertionName = assertion.getName().getLocalPart();
+ String assertionNamespace = assertion.getName().getNamespaceURI();
+ if (getVersion().getSPConstants().getEncryptionToken().getLocalPart().equals(assertionName)
+ && getVersion().getSPConstants().getEncryptionToken().getNamespaceURI().equals(assertionNamespace)) {
+ if (symmetricBinding.getEncryptionToken() != null || symmetricBinding.getProtectionToken() != null) {
+ throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
+ }
+ symmetricBinding.setEncryptionToken((EncryptionToken) assertion);
+ continue;
+ }
+ if (getVersion().getSPConstants().getSignatureToken().getLocalPart().equals(assertionName)
+ && getVersion().getSPConstants().getSignatureToken().getNamespaceURI().equals(assertionNamespace)) {
+ if (symmetricBinding.getSignatureToken() != null || symmetricBinding.getProtectionToken() != null) {
+ throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
+ }
+ symmetricBinding.setSignatureToken((SignatureToken) assertion);
+ continue;
+ }
+ if (getVersion().getSPConstants().getProtectionToken().getLocalPart().equals(assertionName)
+ && getVersion().getSPConstants().getProtectionToken().getNamespaceURI().equals(assertionNamespace)) {
+ if (symmetricBinding.getProtectionToken() != null
+ || symmetricBinding.getEncryptionToken() != null
+ || symmetricBinding.getSignatureToken() != null) {
+ throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
+ }
+ symmetricBinding.setProtectionToken((ProtectionToken) assertion);
+ continue;
+ }
+ }
}
- this.encryptionToken = encryptionToken;
}
- /**
- * @return Returns the protectionToken.
- */
- public ProtectionToken getProtectionToken() {
- return protectionToken;
+ public EncryptionToken getEncryptionToken() {
+ return encryptionToken;
}
- /**
- * @param protectionToken The protectionToken to set.
- */
- public void setProtectionToken(ProtectionToken protectionToken) {
- if(this.encryptionToken != null || this.signatureToken != null) {
-// throw new WSSPolicyException("Cannot use a ProtectionToken in a " +
-// "SymmetricBinding when there is a SignatureToken or an" +
-// "EncryptionToken");
- }
- this.protectionToken = protectionToken;
+ protected void setEncryptionToken(EncryptionToken encryptionToken) {
+ this.encryptionToken = encryptionToken;
}
- /**
- * @return Returns the signatureToken.
- */
public SignatureToken getSignatureToken() {
return signatureToken;
}
- /**
- * @param signatureToken The signatureToken to set.
- */
- public void setSignatureToken(SignatureToken signatureToken) {
- if(this.protectionToken != null) {
-// throw new WSSPolicyException("Cannot use a SignatureToken in a " +
-// "SymmetricBinding when there is a ProtectionToken");
- }
+ protected void setSignatureToken(SignatureToken signatureToken) {
this.signatureToken = signatureToken;
}
-
- public QName getName() {
- if ( version == SPConstants.SP_V12) {
- return SP12Constants.SYMMETRIC_BINDING;
- } else {
- return SP11Constants.SYMMETRIC_BINDING;
- }
-
- }
- public PolicyComponent normalize() {
- if (isNormalized()) {
- return this;
- }
-
- AlgorithmSuite algorithmSuite = getAlgorithmSuite();
- List configurations = algorithmSuite.getConfigurations();
-
- Policy policy = new Policy();
- ExactlyOne exactlyOne = new ExactlyOne();
-
- All wrapper;
- SymmetricBinding symmetricBinding;
-
- for (Iterator iterator = configurations.iterator(); iterator.hasNext();) {
- wrapper = new All();
- symmetricBinding = new SymmetricBinding(this.version);
-
- algorithmSuite = (AlgorithmSuite) iterator.next();
- symmetricBinding.setAlgorithmSuite(algorithmSuite);
-
- symmetricBinding.setEncryptionToken(getEncryptionToken());
- symmetricBinding.setEntireHeadersAndBodySignatures(isEntireHeadersAndBodySignatures());
- symmetricBinding.setIncludeTimestamp(isIncludeTimestamp());
- symmetricBinding.setLayout(getLayout());
- symmetricBinding.setProtectionOrder(getProtectionOrder());
- symmetricBinding.setProtectionToken(getProtectionToken());
- symmetricBinding.setSignatureProtection(isSignatureProtection());
- symmetricBinding.setSignatureToken(getSignatureToken());
- symmetricBinding.setSignedEndorsingSupportingTokens(getSignedEndorsingSupportingTokens());
- symmetricBinding.setSignedSupportingToken(getSignedSupportingToken());
- symmetricBinding.setTokenProtection(isTokenProtection());
-
- symmetricBinding.setNormalized(true);
- wrapper.addPolicyComponent(symmetricBinding);
- exactlyOne.addPolicyComponent(wrapper);
- }
-
- policy.addPolicyComponent(exactlyOne);
- return policy;
- }
-
- public void serialize(XMLStreamWriter writer) throws XMLStreamException {
-
- String localname = getName().getLocalPart();
- String namespaceURI = getName().getNamespaceURI();
-
- String prefix;
- String writerPrefix = writer.getPrefix(namespaceURI);
-
- if (writerPrefix == null) {
- prefix = getName().getPrefix();
- writer.setPrefix(prefix, namespaceURI);
- } else {
- prefix = writerPrefix;
- }
+ public ProtectionToken getProtectionToken() {
+ return protectionToken;
+ }
- // <sp:SymmetricBinding>
- writer.writeStartElement(prefix, localname, namespaceURI);
-
- // xmlns:sp=".."
- writer.writeNamespace(prefix, namespaceURI);
-
- String policyLocalName = SPConstants.POLICY.getLocalPart();
- String policyNamespaceURI = SPConstants.POLICY.getNamespaceURI();
-
- String wspPrefix;
-
- String wspWriterPrefix = writer.getPrefix(policyNamespaceURI);
- if (wspWriterPrefix == null) {
- wspPrefix = SPConstants.POLICY.getPrefix();
- writer.setPrefix(wspPrefix, policyNamespaceURI);
-
- } else {
- wspPrefix = wspWriterPrefix;
- }
- // <wsp:Policy>
- writer.writeStartElement(wspPrefix, policyLocalName, policyNamespaceURI);
-
- if (encryptionToken != null) {
- encryptionToken.serialize(writer);
-
- } else if ( protectionToken != null) {
- protectionToken.serialize(writer);
-
- } else {
- throw new RuntimeException("Either EncryptionToken or ProtectionToken must be set");
- }
-
- AlgorithmSuite algorithmSuite = getAlgorithmSuite();
-
- if (algorithmSuite == null) {
- throw new RuntimeException("AlgorithmSuite must be set");
- }
- // <sp:AlgorithmSuite />
- algorithmSuite.serialize(writer);
-
- Layout layout = getLayout();
- if (layout != null) {
- // <sp:Layout />
- layout.serialize(writer);
- }
-
- if (isIncludeTimestamp()) {
- // <sp:IncludeTimestamp />
- writer.writeStartElement(prefix, SPConstants.INCLUDE_TIMESTAMP, namespaceURI);
- writer.writeEndElement();
- }
-
- if (SPConstants.ENCRYPT_BEFORE_SIGNING.equals(getProtectionOrder())) {
- // <sp:EncryptBeforeSigning />
- writer.writeStartElement(prefix, SPConstants.ENCRYPT_BEFORE_SIGNING, namespaceURI);
- writer.writeEndElement();
- }
-
- if (isSignatureProtection()) {
- // <sp:EncryptSignature />
- writer.writeStartElement(prefix, SPConstants.ENCRYPT_SIGNATURE , namespaceURI);
- writer.writeEndElement();
- }
-
- if(isEntireHeadersAndBodySignatures()) {
- writer.writeEmptyElement(prefix, SPConstants.ONLY_SIGN_ENTIRE_HEADERS_AND_BODY, namespaceURI);
- }
- // </wsp:Policy>
- writer.writeEndElement();
-
- // </sp:SymmetricBinding>
- writer.writeEndElement();
-
+ protected void setProtectionToken(ProtectionToken protectionToken) {
+ this.protectionToken = protectionToken;
}
}
Propchange: webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SymmetricBinding.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision