You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by gi...@apache.org on 2011/09/18 15:51:36 UTC
svn commit: r1172285 [15/48] - in /webservices/wss4j/branches/swssf: ./
cxf-integration/ cxf-integration/src/ cxf-integration/src/main/
cxf-integration/src/main/java/ cxf-integration/src/main/java/org/
cxf-integration/src/main/java/org/swssf/ cxf-integ...
Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/OutboundWSSec.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/OutboundWSSec.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/OutboundWSSec.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/OutboundWSSec.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,158 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.ext;
+
+import org.swssf.impl.DocumentContextImpl;
+import org.swssf.impl.OutputProcessorChainImpl;
+import org.swssf.impl.XMLSecurityStreamWriter;
+import org.swssf.impl.processor.output.*;
+import org.swssf.securityEvent.SecurityEvent;
+import org.swssf.securityEvent.SecurityEventListener;
+
+import javax.xml.stream.XMLStreamWriter;
+import java.io.OutputStream;
+import java.util.List;
+
+/**
+ * Outbound Streaming-WebService-Security
+ * An instance of this class can be retrieved over the WSSec class
+ *
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public class OutboundWSSec {
+
+ private SecurityProperties securityProperties;
+
+ public OutboundWSSec(SecurityProperties securityProperties) {
+ this.securityProperties = securityProperties;
+ }
+
+ /**
+ * This method is the entry point for the incoming security-engine.
+ * Hand over the original XMLStreamReader and use the returned one for further processing
+ *
+ * @param outputStream The original outputStream
+ * @return A new XMLStreamWriter which does transparently the security processing.
+ * @throws WSSecurityException thrown when a Security failure occurs
+ */
+ public XMLStreamWriter processOutMessage(OutputStream outputStream, String encoding, List<SecurityEvent> requestSecurityEvents) throws WSSecurityException {
+ return processOutMessage(outputStream, encoding, requestSecurityEvents, null);
+ }
+
+ /**
+ * This method is the entry point for the incoming security-engine.
+ * Hand over the original XMLStreamReader and use the returned one for further processing
+ *
+ * @param outputStream The original outputStream
+ * @return A new XMLStreamWriter which does transparently the security processing.
+ * @throws WSSecurityException thrown when a Security failure occurs
+ */
+ public XMLStreamWriter processOutMessage(OutputStream outputStream, String encoding, List<SecurityEvent> requestSecurityEvents, SecurityEventListener securityEventListener) throws WSSecurityException {
+
+ final SecurityContextImpl securityContextImpl = new SecurityContextImpl();
+ securityContextImpl.putList(SecurityEvent.class, requestSecurityEvents);
+ securityContextImpl.setSecurityEventListener(securityEventListener);
+ final DocumentContextImpl documentContext = new DocumentContextImpl();
+ documentContext.setEncoding(encoding);
+
+ OutputProcessorChainImpl processorChain = new OutputProcessorChainImpl(securityContextImpl, documentContext);
+ processorChain.addProcessor(new SecurityHeaderOutputProcessor(securityProperties, null));
+ //todo some combinations are not possible atm: eg Action.SIGNATURE and Action.USERNAMETOKEN_SIGNED
+ //todo they use the same signaure parts
+ for (int i = 0; i < securityProperties.getOutAction().length; i++) {
+ Constants.Action action = securityProperties.getOutAction()[i];
+ switch (action) {
+ case TIMESTAMP: {
+ processorChain.addProcessor(new TimestampOutputProcessor(securityProperties, action));
+ break;
+ }
+ case SIGNATURE: {
+ processorChain.addProcessor(new BinarySecurityTokenOutputProcessor(securityProperties, action));
+ SignatureOutputProcessor signatureOutputProcessor = new SignatureOutputProcessor(securityProperties, action);
+ processorChain.addProcessor(signatureOutputProcessor);
+ processorChain.addProcessor(new SignatureEndingOutputProcessor(securityProperties, action, signatureOutputProcessor));
+ break;
+ }
+ case ENCRYPT: {
+ processorChain.addProcessor(new BinarySecurityTokenOutputProcessor(securityProperties, action));
+ processorChain.addProcessor(new EncryptedKeyOutputProcessor(securityProperties, action));
+ processorChain.addProcessor(new EncryptOutputProcessor(securityProperties, action));
+ processorChain.addProcessor(new EncryptEndingOutputProcessor(securityProperties, action));
+ break;
+ }
+ case USERNAMETOKEN: {
+ UsernameTokenOutputProcessor usernameTokenOutputProcessor = new UsernameTokenOutputProcessor(securityProperties, action);
+ processorChain.addProcessor(usernameTokenOutputProcessor);
+ break;
+ }
+ case USERNAMETOKEN_SIGNED: {
+ processorChain.addProcessor(new UsernameTokenOutputProcessor(securityProperties, action));
+ SignatureOutputProcessor signatureOutputProcessor = new SignatureOutputProcessor(securityProperties, action);
+ processorChain.addProcessor(signatureOutputProcessor);
+ processorChain.addProcessor(new SignatureEndingOutputProcessor(securityProperties, action, signatureOutputProcessor));
+ break;
+ }
+ case SIGNATURE_CONFIRMATION: {
+ SignatureConfirmationOutputProcessor signatureConfirmationOutputProcessor = new SignatureConfirmationOutputProcessor(securityProperties, action);
+ processorChain.addProcessor(signatureConfirmationOutputProcessor);
+ break;
+ }
+ case SIGNATURE_WITH_DERIVED_KEY: {
+ processorChain.addProcessor(new BinarySecurityTokenOutputProcessor(securityProperties, action));
+ if (securityProperties.getDerivedKeyTokenReference() == Constants.DerivedKeyTokenReference.EncryptedKey) {
+ processorChain.addProcessor(new EncryptedKeyOutputProcessor(securityProperties, action));
+ } else if (securityProperties.getDerivedKeyTokenReference() == Constants.DerivedKeyTokenReference.SecurityContextToken) {
+ processorChain.addProcessor(new SecurityContextTokenOutputProcessor(securityProperties, action));
+ }
+ processorChain.addProcessor(new DerivedKeyTokenOutputProcessor(securityProperties, action));
+ SignatureOutputProcessor signatureOutputProcessor = new SignatureOutputProcessor(securityProperties, action);
+ processorChain.addProcessor(signatureOutputProcessor);
+ processorChain.addProcessor(new SignatureEndingOutputProcessor(securityProperties, action, signatureOutputProcessor));
+ break;
+ }
+ case ENCRYPT_WITH_DERIVED_KEY: {
+ processorChain.addProcessor(new BinarySecurityTokenOutputProcessor(securityProperties, action));
+ if (securityProperties.getDerivedKeyTokenReference() == Constants.DerivedKeyTokenReference.EncryptedKey) {
+ processorChain.addProcessor(new EncryptedKeyOutputProcessor(securityProperties, action));
+ } else if (securityProperties.getDerivedKeyTokenReference() == Constants.DerivedKeyTokenReference.SecurityContextToken) {
+ processorChain.addProcessor(new SecurityContextTokenOutputProcessor(securityProperties, action));
+ }
+ processorChain.addProcessor(new DerivedKeyTokenOutputProcessor(securityProperties, action));
+ processorChain.addProcessor(new EncryptOutputProcessor(securityProperties, action));
+ processorChain.addProcessor(new EncryptEndingOutputProcessor(securityProperties, action));
+ break;
+ }
+ case SAML_TOKEN_SIGNED: {
+ processorChain.addProcessor(new SAMLTokenOutputProcessor(securityProperties, action));
+ SignatureOutputProcessor signatureOutputProcessor = new SignatureOutputProcessor(securityProperties, action);
+ processorChain.addProcessor(signatureOutputProcessor);
+ processorChain.addProcessor(new SignatureEndingOutputProcessor(securityProperties, action, signatureOutputProcessor));
+ break;
+ }
+ case SAML_TOKEN_UNSIGNED: {
+ processorChain.addProcessor(new SAMLTokenOutputProcessor(securityProperties, action));
+ }
+ }
+ }
+
+ processorChain.addProcessor(new FinalOutputProcessor(outputStream, encoding, securityProperties, null));
+ return new XMLSecurityStreamWriter(processorChain);
+ }
+}
Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/OutboundWSSec.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/OutputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/OutputProcessor.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/OutputProcessor.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/OutputProcessor.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,72 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.ext;
+
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.events.XMLEvent;
+import java.util.Set;
+
+/**
+ * This is the Interface which every OutputProcessor must implement.
+ *
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public interface OutputProcessor {
+
+ /**
+ * This OutputProcessor will be added before the processors in this set
+ *
+ * @return The set with the named OutputProcessor
+ */
+ Set<Object> getBeforeProcessors();
+
+ /**
+ * This OutputProcessor will be added after the processors in this set
+ *
+ * @return The set with the named OutputProcessor
+ */
+ Set<Object> getAfterProcessors();
+
+ /**
+ * The Phase in which this OutputProcessor should be applied
+ *
+ * @return The Phase
+ */
+ Constants.Phase getPhase();
+
+ /**
+ * Will be called from the framework for every XMLEvent
+ *
+ * @param xmlEvent The next XMLEvent to process
+ * @param outputProcessorChain
+ * @throws XMLStreamException thrown when a streaming error occurs
+ * @throws WSSecurityException thrown when a Security failure occurs
+ */
+ void processNextEvent(XMLEvent xmlEvent, OutputProcessorChain outputProcessorChain) throws XMLStreamException, WSSecurityException;
+
+ /**
+ * Will be called when the whole document is processed.
+ *
+ * @param outputProcessorChain
+ * @throws XMLStreamException thrown when a streaming error occurs
+ * @throws WSSecurityException thrown when a Security failure occurs
+ */
+ void doFinal(OutputProcessorChain outputProcessorChain) throws XMLStreamException, WSSecurityException;
+}
Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/OutputProcessor.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/OutputProcessorChain.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/OutputProcessorChain.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/OutputProcessorChain.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/OutputProcessorChain.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,89 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.ext;
+
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.events.XMLEvent;
+import java.util.List;
+
+/**
+ * The OutputProcessorChain manages the OutputProcessors and controls the XMLEvent flow
+ *
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public interface OutputProcessorChain extends ProcessorChain {
+
+ /**
+ * Adds an OutputProcessor to the chain. The place where it
+ * will be applied can be controlled through the Phase,
+ * getBeforeProcessors and getAfterProcessors. @see Interface OutputProcessor
+ *
+ * @param outputProcessor The OutputProcessor which should be placed in the chain
+ */
+ public void addProcessor(OutputProcessor outputProcessor);
+
+ /**
+ * Removes the specified OutputProcessor from this chain.
+ *
+ * @param outputProcessor to remove
+ */
+ public void removeProcessor(OutputProcessor outputProcessor);
+
+ /**
+ * Returns a list with the active processors.
+ *
+ * @return List<InputProcessor>
+ */
+ public List<OutputProcessor> getProcessors();
+
+ /**
+ * The actual processed document's security context
+ *
+ * @return The SecurityContext
+ */
+ public SecurityContext getSecurityContext();
+
+ /**
+ * The actual processed document's document context
+ *
+ * @return The DocumentContext
+ */
+ public DocumentContext getDocumentContext();
+
+ /**
+ * Create a new SubChain. The XMLEvents will be only be processed from the given OutputProcessor to the end.
+ * All earlier OutputProcessors don't get these events. In other words the chain will be splitted in two parts.
+ *
+ * @param outputProcessor The OutputProcessor position the XMLEvents should be processed over this SubChain.
+ * @return A new OutputProcessorChain
+ * @throws XMLStreamException thrown when a streaming error occurs
+ * @throws WSSecurityException thrown when a Security failure occurs
+ */
+ public OutputProcessorChain createSubChain(OutputProcessor outputProcessor) throws XMLStreamException, WSSecurityException;
+
+ /**
+ * Forwards the XMLEvent to the next processor in the chain.
+ *
+ * @param xmlEvent The XMLEvent which should be forwarded to the next processor
+ * @throws XMLStreamException thrown when a streaming error occurs
+ * @throws WSSecurityException thrown when a Security failure occurs
+ */
+ public void processEvent(XMLEvent xmlEvent) throws XMLStreamException, WSSecurityException;
+}
\ No newline at end of file
Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/OutputProcessorChain.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/ParseException.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/ParseException.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/ParseException.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/ParseException.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,44 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.ext;
+
+/**
+ * Exception for the self made XML parsing.
+ * This self made parsing is ugly and will be replaced in future.
+ *
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public class ParseException extends Exception {
+
+ public ParseException() {
+ }
+
+ public ParseException(String message) {
+ super(message);
+ }
+
+ public ParseException(String message, Throwable cause) {
+ super(message, cause);
+ }
+
+ public ParseException(Throwable cause) {
+ super(cause);
+ }
+}
Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/ParseException.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/Parseable.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/Parseable.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/Parseable.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/Parseable.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,44 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.ext;
+
+import javax.xml.stream.events.XMLEvent;
+
+/**
+ * Parseable interface to parse and validate xml
+ *
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public interface Parseable {
+
+ /**
+ * @param xmlEvent The XMLEvent to parse
+ * @return true when current Element is finished
+ * @throws ParseException in the case of an unexpected element
+ */
+ public boolean parseXMLEvent(XMLEvent xmlEvent) throws ParseException;
+
+ /**
+ * Validates the XML-Object structure
+ *
+ * @throws ParseException thrown when the the object-structure is invalid
+ */
+ public void validate() throws ParseException;
+}
Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/Parseable.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/ProcessorChain.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/ProcessorChain.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/ProcessorChain.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/ProcessorChain.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,43 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.ext;
+
+import javax.xml.stream.XMLStreamException;
+
+/**
+ * Basic interface for Output- and Input-Processor chains
+ *
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public interface ProcessorChain {
+
+ /**
+ * resets the chain so that the next event will go again to the first processor in the chain.
+ */
+ public void reset();
+
+ /**
+ * Will finally be called when the whole document is processed
+ *
+ * @throws XMLStreamException thrown when a streaming error occurs
+ * @throws WSSecurityException thrown when a Security failure occurs
+ */
+ public void doFinal() throws XMLStreamException, WSSecurityException;
+}
Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/ProcessorChain.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurePart.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurePart.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurePart.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurePart.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,146 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.ext;
+
+import java.util.EnumSet;
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * Class to describe which and how an element must be secured
+ *
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public class SecurePart {
+
+ public enum Modifier {
+ Element("http://www.w3.org/2001/04/xmlenc#Element"),
+ Content("http://www.w3.org/2001/04/xmlenc#Content");
+
+ private String modifier;
+
+ Modifier(String modifier) {
+ this.modifier = modifier;
+ }
+
+ public String getModifier() {
+ return this.modifier;
+ }
+
+ private static final Map<String, Modifier> modifierMap = new HashMap<String, Modifier>();
+
+ static {
+ for (Modifier modifier : EnumSet.allOf(Modifier.class)) {
+ modifierMap.put(modifier.getModifier(), modifier);
+ }
+ }
+
+ public static Modifier getModifier(String modifier) {
+ return modifierMap.get(modifier);
+ }
+ }
+
+ private String name;
+ private String namespace;
+ private Modifier modifier;
+ private String idToSign;
+ private String idToReference;
+
+ public SecurePart(String name, String namespace, Modifier modifier) {
+ this.name = name;
+ this.namespace = namespace;
+ this.modifier = modifier;
+ }
+
+ public SecurePart(String name, String namespace, Modifier modifier, String idToSign) {
+ this.name = name;
+ this.namespace = namespace;
+ this.modifier = modifier;
+ this.idToSign = idToSign;
+ }
+
+ public SecurePart(String name, String namespace, Modifier modifier, String idToSign, String idToReference) {
+ this.name = name;
+ this.namespace = namespace;
+ this.modifier = modifier;
+ this.idToSign = idToSign;
+ this.idToReference = idToReference;
+ }
+
+ /**
+ * The name of the element to be secured
+ *
+ * @return The Element-Local-Name
+ */
+ public String getName() {
+ return name;
+ }
+
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ /**
+ * The namespace of the element to be secured
+ *
+ * @return The Element Namespace
+ */
+ public String getNamespace() {
+ return namespace;
+ }
+
+ public void setNamespace(String namespace) {
+ this.namespace = namespace;
+ }
+
+ /**
+ * The Modifier: Element or Content
+ *
+ * @return The String "Element" or "Content"
+ */
+ public Modifier getModifier() {
+ return modifier;
+ }
+
+ public void setModifier(Modifier modifier) {
+ this.modifier = modifier;
+ }
+
+ /**
+ * The id of the Element
+ *
+ * @return The id
+ */
+ public String getIdToSign() {
+ return idToSign;
+ }
+
+ public void setIdToSign(String idToSign) {
+ this.idToSign = idToSign;
+ }
+
+ public String getIdToReference() {
+ return idToReference;
+ }
+
+ public void setIdToReference(String idToReference) {
+ this.idToReference = idToReference;
+ }
+}
Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurePart.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityContext.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityContext.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityContext.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityContext.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,76 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.ext;
+
+import org.swssf.securityEvent.SecurityEvent;
+import org.swssf.securityEvent.SecurityEventListener;
+
+import java.util.List;
+
+/**
+ * The document security context
+ *
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public interface SecurityContext {
+
+ public <T> void put(String key, T value);
+
+ public <T> T get(String key);
+
+ public <T> T remove(String key);
+
+ public <T extends List> void putList(Class key, T value);
+
+ public <T> void putAsList(Class key, T value);
+
+ public <T> List<T> getAsList(Class key);
+
+ /**
+ * Register a new SecurityTokenProvider.
+ *
+ * @param id A unique id
+ * @param securityTokenProvider The actual SecurityTokenProvider to register.
+ */
+ public void registerSecurityTokenProvider(String id, SecurityTokenProvider securityTokenProvider);
+
+ /**
+ * Returns a registered SecurityTokenProvider with the given id or null if not found
+ *
+ * @param id The SecurityTokenProvider's id
+ * @return The SecurityTokenProvider
+ */
+ public SecurityTokenProvider getSecurityTokenProvider(String id);
+
+ /**
+ * Registers a SecurityEventListener to receive Security-Events
+ *
+ * @param securityEventListener The SecurityEventListener
+ */
+ public void setSecurityEventListener(SecurityEventListener securityEventListener);
+
+ /**
+ * Registers a SecurityEvent which will be forwarded to the registered SecurityEventListener
+ *
+ * @param securityEvent The security event for the SecurityEventListener
+ * @throws WSSecurityException when the event will not be accepted (e.g. policy-violation)
+ */
+ public void registerSecurityEvent(SecurityEvent securityEvent) throws WSSecurityException;
+}
Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityContext.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityContextImpl.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityContextImpl.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityContextImpl.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityContextImpl.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,104 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.ext;
+
+import org.swssf.securityEvent.SecurityEvent;
+import org.swssf.securityEvent.SecurityEventListener;
+
+import java.util.*;
+
+/**
+ * Concrete security context implementation
+ *
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public class SecurityContextImpl implements SecurityContext {
+
+ private Map<String, SecurityTokenProvider> secretTokenProviders = new HashMap<String, SecurityTokenProvider>();
+
+ private SecurityEventListener securityEventListener;
+
+ @SuppressWarnings("unchecked")
+ private Map content = Collections.synchronizedMap(new HashMap());
+
+ @SuppressWarnings("unchecked")
+ public <T> void put(String key, T value) {
+ content.put(key, value);
+ }
+
+ @SuppressWarnings("unchecked")
+ public <T> T get(String key) {
+ return (T) content.get(key);
+ }
+
+ @SuppressWarnings("unchecked")
+ public <T> T remove(String key) {
+ return (T) content.remove(key);
+ }
+
+ @SuppressWarnings("unchecked")
+ public <T extends List> void putList(Class key, T value) {
+ if (value == null) {
+ return;
+ }
+ List<T> entry = (List<T>) content.get(key);
+ if (entry == null) {
+ entry = new ArrayList<T>();
+ content.put(key, entry);
+ }
+ entry.addAll(value);
+ }
+
+ @SuppressWarnings("unchecked")
+ public <T> void putAsList(Class key, T value) {
+ List<T> entry = (List<T>) content.get(key);
+ if (entry == null) {
+ entry = new ArrayList<T>();
+ content.put(key, entry);
+ }
+ entry.add(value);
+ }
+
+ @SuppressWarnings("unchecked")
+ public <T> List<T> getAsList(Class key) {
+ return (List<T>) content.get(key);
+ }
+
+ public void registerSecurityTokenProvider(String id, SecurityTokenProvider securityTokenProvider) {
+ if (id == null) {
+ throw new IllegalArgumentException("Id must not be null");
+ }
+ secretTokenProviders.put(id, securityTokenProvider);
+ }
+
+ public SecurityTokenProvider getSecurityTokenProvider(String id) {
+ return secretTokenProviders.get(id);
+ }
+
+ public void setSecurityEventListener(SecurityEventListener securityEventListener) {
+ this.securityEventListener = securityEventListener;
+ }
+
+ public synchronized void registerSecurityEvent(SecurityEvent securityEvent) throws WSSecurityException {
+ if (securityEventListener != null) {
+ securityEventListener.registerSecurityEvent(securityEvent);
+ }
+ }
+}
Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityContextImpl.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityProperties.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityProperties.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityProperties.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityProperties.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,638 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.ext;
+
+import org.swssf.crypto.Crypto;
+import org.swssf.crypto.CryptoBase;
+
+import javax.security.auth.callback.CallbackHandler;
+import java.net.URL;
+import java.security.KeyStore;
+import java.security.cert.X509Certificate;
+import java.util.LinkedList;
+import java.util.List;
+
+/**
+ * Main configuration class to supply keys etc.
+ * This class is subject to change in the future.
+ * Probably we will allow to configure the framework per WSDL
+ *
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public class SecurityProperties {
+
+ private List<InputProcessor> inputProcessorList = new LinkedList<InputProcessor>();
+
+ /**
+ * Add an additional, non standard, InputProcessor to the chain
+ *
+ * @param inputProcessor The InputProcessor to add
+ */
+ public void addInputProcessor(InputProcessor inputProcessor) {
+ this.inputProcessorList.add(inputProcessor);
+ }
+
+ /**
+ * Returns the currently registered additional InputProcessors
+ *
+ * @return the List with the InputProcessors
+ */
+ public List<InputProcessor> getInputProcessorList() {
+ return inputProcessorList;
+ }
+
+ private Class<? extends CryptoBase> decryptionCryptoClass;
+ private KeyStore decryptionKeyStore;
+ private CallbackHandler callbackHandler;
+
+ /**
+ * Returns the decryption keystore
+ *
+ * @return A keystore for decryption operation
+ */
+ public KeyStore getDecryptionKeyStore() {
+ return decryptionKeyStore;
+ }
+
+ /**
+ * loads a java keystore from the given url for decrypt operations
+ *
+ * @param url The URL to the keystore
+ * @param keyStorePassword The keyStorePassword
+ * @throws Exception thrown if something goes wrong while loading the keystore
+ */
+ public void loadDecryptionKeystore(URL url, char[] keyStorePassword) throws Exception {
+ KeyStore keyStore = KeyStore.getInstance("jks");
+ keyStore.load(url.openStream(), keyStorePassword);
+ this.decryptionKeyStore = keyStore;
+ }
+
+ /**
+ * Returns the decryption crypto class
+ *
+ * @return
+ */
+ public Class<? extends CryptoBase> getDecryptionCryptoClass() {
+ if (decryptionCryptoClass != null) {
+ return decryptionCryptoClass;
+ }
+ decryptionCryptoClass = org.swssf.crypto.Merlin.class;
+ return decryptionCryptoClass;
+ }
+
+ /**
+ * Sets a custom decryption class
+ *
+ * @param decryptionCryptoClass
+ */
+ public void setDecryptionCryptoClass(Class<? extends CryptoBase> decryptionCryptoClass) {
+ this.decryptionCryptoClass = decryptionCryptoClass;
+ }
+
+ private Crypto cachedDecryptionCrypto;
+ private KeyStore cachedDecryptionKeyStore;
+
+ /**
+ * returns the decryptionCrypto for the key-management
+ *
+ * @return A Crypto instance
+ * @throws WSSecurityException thrown if something goes wrong
+ */
+ public Crypto getDecryptionCrypto() throws WSSecurityException {
+
+ if (this.getDecryptionKeyStore() == null) {
+ throw new WSSConfigurationException(WSSecurityException.ErrorCode.FAILURE, "decryptionKeyStoreNotSet");
+ }
+
+ if (this.getDecryptionKeyStore() == cachedDecryptionKeyStore) {
+ return cachedDecryptionCrypto;
+ }
+
+ Class<? extends CryptoBase> decryptionCryptoClass = this.getDecryptionCryptoClass();
+
+ try {
+ CryptoBase decryptionCrypto = decryptionCryptoClass.newInstance();
+ decryptionCrypto.setKeyStore(this.getDecryptionKeyStore());
+ cachedDecryptionCrypto = decryptionCrypto;
+ cachedDecryptionKeyStore = this.getDecryptionKeyStore();
+ return decryptionCrypto;
+ } catch (Exception e) {
+ throw new WSSConfigurationException(WSSecurityException.ErrorCode.FAILURE, "decryptionCryptoFailure", e);
+ }
+ }
+
+ /**
+ * returns the password callback handler
+ *
+ * @return
+ */
+ public CallbackHandler getCallbackHandler() {
+ return callbackHandler;
+ }
+
+ /**
+ * sets the password callback handler
+ *
+ * @param callbackHandler
+ */
+ public void setCallbackHandler(CallbackHandler callbackHandler) {
+ this.callbackHandler = callbackHandler;
+ }
+
+ private Constants.Action[] outAction;
+
+ private Class<? extends CryptoBase> encryptionCryptoClass;
+ private KeyStore encryptionKeyStore;
+ private String encryptionUser;
+ private X509Certificate encryptionUseThisCertificate;
+ private Constants.KeyIdentifierType encryptionKeyIdentifierType;
+ private String encryptionSymAlgorithm;
+ private String encryptionKeyTransportAlgorithm;
+ private List<SecurePart> encryptionParts = new LinkedList<SecurePart>();
+
+ /**
+ * Returns the encryption keystore
+ *
+ * @return A keystore for encryption operation
+ */
+ public KeyStore getEncryptionKeyStore() {
+ return encryptionKeyStore;
+ }
+
+ /**
+ * loads a java keystore from the given url for encrypt operations
+ *
+ * @param url The URL to the keystore
+ * @param keyStorePassword The keyStorePassword
+ * @throws Exception thrown if something goes wrong while loading the keystore
+ */
+ public void loadEncryptionKeystore(URL url, char[] keyStorePassword) throws Exception {
+ KeyStore keyStore = KeyStore.getInstance("jks");
+ keyStore.load(url.openStream(), keyStorePassword);
+ this.encryptionKeyStore = keyStore;
+ }
+
+ /**
+ * Returns the encryption crypto class
+ *
+ * @return
+ */
+ public Class<? extends CryptoBase> getEncryptionCryptoClass() {
+ if (encryptionCryptoClass != null) {
+ return encryptionCryptoClass;
+ }
+ encryptionCryptoClass = org.swssf.crypto.Merlin.class;
+ return encryptionCryptoClass;
+ }
+
+ /**
+ * Sets a custom encryption class
+ *
+ * @param encryptionCryptoClass
+ */
+ public void setEncryptionCryptoClass(Class<? extends CryptoBase> encryptionCryptoClass) {
+ this.encryptionCryptoClass = encryptionCryptoClass;
+ }
+
+ private Crypto cachedEncryptionCrypto;
+ private KeyStore cachedEncryptionKeyStore;
+
+ /**
+ * returns the encryptionCrypto for the key-management
+ *
+ * @return A Crypto instance
+ * @throws WSSecurityException thrown if something goes wrong
+ */
+ public Crypto getEncryptionCrypto() throws WSSecurityException {
+
+ if (this.getEncryptionKeyStore() == null) {
+ throw new WSSConfigurationException(WSSecurityException.ErrorCode.FAILURE, "encryptionKeyStoreNotSet");
+ }
+
+ if (this.getEncryptionKeyStore() == cachedEncryptionKeyStore) {
+ return cachedEncryptionCrypto;
+ }
+
+ Class<? extends CryptoBase> encryptionCryptoClass = this.getEncryptionCryptoClass();
+
+ try {
+ CryptoBase encryptionCrypto = encryptionCryptoClass.newInstance();
+ encryptionCrypto.setKeyStore(this.getEncryptionKeyStore());
+ cachedEncryptionCrypto = encryptionCrypto;
+ cachedEncryptionKeyStore = this.getEncryptionKeyStore();
+ return encryptionCrypto;
+ } catch (Exception e) {
+ throw new WSSConfigurationException(WSSecurityException.ErrorCode.FAILURE, "encryptionCryptoFailure", e);
+ }
+ }
+
+ /**
+ * Adds a part which must be encrypted by the framework
+ *
+ * @param securePart
+ */
+ public void addEncryptionPart(SecurePart securePart) {
+ encryptionParts.add(securePart);
+ }
+
+ /**
+ * Returns the encryption parts which are actually set
+ *
+ * @return A List of SecurePart's
+ */
+ public List<SecurePart> getEncryptionSecureParts() {
+ return encryptionParts;
+ }
+
+ /**
+ * Returns the Encryption-Algo
+ *
+ * @return the Encryption-Algo as String
+ */
+ public String getEncryptionSymAlgorithm() {
+ return encryptionSymAlgorithm;
+ }
+
+ /**
+ * Specifies the encryption algorithm
+ *
+ * @param encryptionSymAlgorithm The algo to use for encryption
+ */
+ public void setEncryptionSymAlgorithm(String encryptionSymAlgorithm) {
+ this.encryptionSymAlgorithm = encryptionSymAlgorithm;
+ }
+
+ /**
+ * Returns the encryption key transport algorithm
+ *
+ * @return the key transport algorithm as string
+ */
+ public String getEncryptionKeyTransportAlgorithm() {
+ return encryptionKeyTransportAlgorithm;
+ }
+
+ /**
+ * Specifies the encryption key transport algorithm
+ *
+ * @param encryptionKeyTransportAlgorithm
+ * the encryption key transport algorithm as string
+ */
+ public void setEncryptionKeyTransportAlgorithm(String encryptionKeyTransportAlgorithm) {
+ this.encryptionKeyTransportAlgorithm = encryptionKeyTransportAlgorithm;
+ }
+
+ public X509Certificate getEncryptionUseThisCertificate() {
+ return encryptionUseThisCertificate;
+ }
+
+ public void setEncryptionUseThisCertificate(X509Certificate encryptionUseThisCertificate) {
+ this.encryptionUseThisCertificate = encryptionUseThisCertificate;
+ }
+
+ /**
+ * Returns the alias for the encryption key in the keystore
+ *
+ * @return the alias for the encryption key in the keystore as string
+ */
+ public String getEncryptionUser() {
+ return encryptionUser;
+ }
+
+ /**
+ * Specifies the the alias for the encryption key in the keystore
+ *
+ * @param encryptionUser the the alias for the encryption key in the keystore as string
+ */
+ public void setEncryptionUser(String encryptionUser) {
+ this.encryptionUser = encryptionUser;
+ }
+
+ /**
+ * returns the KeyIdentifierType which will be used in the secured document
+ *
+ * @return The KeyIdentifierType
+ */
+ public Constants.KeyIdentifierType getEncryptionKeyIdentifierType() {
+ return encryptionKeyIdentifierType;
+ }
+
+ /**
+ * Specifies the KeyIdentifierType to use in the secured document
+ *
+ * @param encryptionKeyIdentifierType
+ */
+ public void setEncryptionKeyIdentifierType(Constants.KeyIdentifierType encryptionKeyIdentifierType) {
+ this.encryptionKeyIdentifierType = encryptionKeyIdentifierType;
+ }
+
+ private List<SecurePart> signatureParts = new LinkedList<SecurePart>();
+ private String signatureAlgorithm;
+ private String signatureDigestAlgorithm;
+ private String signatureCanonicalizationAlgorithm;
+ private Class<? extends CryptoBase> signatureCryptoClass;
+ private KeyStore signatureKeyStore;
+ private String signatureUser;
+ private Constants.KeyIdentifierType signatureKeyIdentifierType;
+ private boolean useSingleCert = true;
+
+ public void addSignaturePart(SecurePart securePart) {
+ signatureParts.add(securePart);
+ }
+
+ public List<SecurePart> getSignatureSecureParts() {
+ return signatureParts;
+ }
+
+ public String getSignatureAlgorithm() {
+ return signatureAlgorithm;
+ }
+
+ public void setSignatureAlgorithm(String signatureAlgorithm) {
+ this.signatureAlgorithm = signatureAlgorithm;
+ }
+
+ public String getSignatureDigestAlgorithm() {
+ return signatureDigestAlgorithm;
+ }
+
+ public void setSignatureDigestAlgorithm(String signatureDigestAlgorithm) {
+ this.signatureDigestAlgorithm = signatureDigestAlgorithm;
+ }
+
+ public void setSignatureUser(String signatureUser) {
+ this.signatureUser = signatureUser;
+ }
+
+ public String getSignatureUser() {
+ return signatureUser;
+ }
+
+ public KeyStore getSignatureKeyStore() {
+ return signatureKeyStore;
+ }
+
+ public void loadSignatureKeyStore(URL url, char[] keyStorePassword) throws Exception {
+ KeyStore keyStore = KeyStore.getInstance("jks");
+ keyStore.load(url.openStream(), keyStorePassword);
+ this.signatureKeyStore = keyStore;
+ }
+
+ public Class<? extends CryptoBase> getSignatureCryptoClass() {
+ if (signatureCryptoClass != null) {
+ return signatureCryptoClass;
+ }
+ signatureCryptoClass = org.swssf.crypto.Merlin.class;
+ return signatureCryptoClass;
+ }
+
+ public void setSignatureCryptoClass(Class<? extends CryptoBase> signatureCryptoClass) {
+ this.signatureCryptoClass = signatureCryptoClass;
+ }
+
+ private Crypto cachedSignatureCrypto;
+ private Class<? extends CryptoBase> cachedSignatureCryptoClass;
+ private KeyStore cachedSignatureKeyStore;
+
+ public Crypto getSignatureCrypto() throws WSSecurityException {
+
+ if (this.getSignatureKeyStore() == null) {
+ throw new WSSConfigurationException(WSSecurityException.ErrorCode.FAILURE, "signatureKeyStoreNotSet");
+ }
+
+ if (this.getSignatureKeyStore() == cachedSignatureKeyStore) {
+ return cachedSignatureCrypto;
+ }
+
+ Class<? extends CryptoBase> signatureCryptoClass = this.getSignatureCryptoClass();
+
+ try {
+ CryptoBase signatureCrypto = signatureCryptoClass.newInstance();
+ signatureCrypto.setKeyStore(this.getSignatureKeyStore());
+ cachedSignatureCrypto = signatureCrypto;
+ cachedSignatureCryptoClass = signatureCryptoClass;
+ cachedSignatureKeyStore = this.getSignatureKeyStore();
+ return signatureCrypto;
+ } catch (Exception e) {
+ throw new WSSConfigurationException(WSSecurityException.ErrorCode.FAILURE, "signatureCryptoFailure", e);
+ }
+ }
+
+ public Constants.KeyIdentifierType getSignatureKeyIdentifierType() {
+ return signatureKeyIdentifierType;
+ }
+
+ public void setSignatureKeyIdentifierType(Constants.KeyIdentifierType signatureKeyIdentifierType) {
+ this.signatureKeyIdentifierType = signatureKeyIdentifierType;
+ }
+
+ public boolean isUseSingleCert() {
+ return useSingleCert;
+ }
+
+ public void setUseSingleCert(boolean useSingleCert) {
+ this.useSingleCert = useSingleCert;
+ }
+
+ private Integer timestampTTL = 300;
+
+ public Integer getTimestampTTL() {
+ return timestampTTL;
+ }
+
+ public void setTimestampTTL(Integer timestampTTL) {
+ this.timestampTTL = timestampTTL;
+ }
+
+ /**
+ * Returns the actual set actions
+ *
+ * @return The Actions in applied order
+ */
+ public Constants.Action[] getOutAction() {
+ return outAction;
+ }
+
+ /**
+ * Specifies how to secure the document eg. Timestamp, Signature, Encrypt
+ *
+ * @param outAction
+ */
+ public void setOutAction(Constants.Action[] outAction) {
+ this.outAction = outAction;
+ }
+
+ public String getSignatureCanonicalizationAlgorithm() {
+ return signatureCanonicalizationAlgorithm;
+ }
+
+ public void setSignatureCanonicalizationAlgorithm(String signatureCanonicalizationAlgorithm) {
+ this.signatureCanonicalizationAlgorithm = signatureCanonicalizationAlgorithm;
+ }
+
+ private Class<? extends CryptoBase> signatureVerificationCryptoClass;
+ private KeyStore signatureVerificationKeyStore;
+
+ public KeyStore getSignatureVerificationKeyStore() {
+ return signatureVerificationKeyStore;
+ }
+
+ public void loadSignatureVerificationKeystore(URL url, char[] keyStorePassword) throws Exception {
+ KeyStore keyStore = KeyStore.getInstance("jks");
+ keyStore.load(url.openStream(), keyStorePassword);
+ this.signatureVerificationKeyStore = keyStore;
+ }
+
+ public Class<? extends CryptoBase> getSignatureVerificationCryptoClass() {
+ if (signatureVerificationCryptoClass != null) {
+ return signatureVerificationCryptoClass;
+ }
+ signatureVerificationCryptoClass = org.swssf.crypto.Merlin.class;
+ return signatureVerificationCryptoClass;
+ }
+
+ public void setSignatureVerificationCryptoClass(Class<? extends CryptoBase> signatureVerificationCryptoClass) {
+ this.signatureVerificationCryptoClass = signatureVerificationCryptoClass;
+ }
+
+ private Crypto cachedSignatureVerificationCrypto;
+ private KeyStore cachedSignatureVerificationKeyStore;
+
+ public Crypto getSignatureVerificationCrypto() throws WSSecurityException {
+
+ if (this.getSignatureVerificationKeyStore() == null) {
+ throw new WSSConfigurationException(WSSecurityException.ErrorCode.FAILURE, "signatureVerificationKeyStoreNotSet");
+ }
+
+ if (this.getSignatureVerificationKeyStore() == cachedSignatureVerificationKeyStore) {
+ return cachedSignatureVerificationCrypto;
+ }
+
+ Class<? extends CryptoBase> signatureVerificationCryptoClass = this.getSignatureVerificationCryptoClass();
+
+ try {
+ CryptoBase signatureVerificationCrypto = signatureVerificationCryptoClass.newInstance();
+ signatureVerificationCrypto.setKeyStore(this.getSignatureVerificationKeyStore());
+ cachedSignatureVerificationCrypto = signatureVerificationCrypto;
+ cachedSignatureVerificationKeyStore = this.getSignatureVerificationKeyStore();
+ return signatureVerificationCrypto;
+ } catch (Exception e) {
+ throw new WSSConfigurationException(WSSecurityException.ErrorCode.FAILURE, "signatureVerificationCryptoFailure", e);
+ }
+ }
+
+ private boolean strictTimestampCheck = true;
+
+ public boolean isStrictTimestampCheck() {
+ return strictTimestampCheck;
+ }
+
+ public void setStrictTimestampCheck(boolean strictTimestampCheck) {
+ this.strictTimestampCheck = strictTimestampCheck;
+ }
+
+ private boolean skipDocumentEvents = false;
+
+ /**
+ * Returns if the framework is skipping document-events
+ *
+ * @return true if document-events will be skipped, false otherwise
+ */
+ public boolean isSkipDocumentEvents() {
+ return skipDocumentEvents;
+ }
+
+ /**
+ * specifies if the framework should forward Document-Events or not
+ *
+ * @param skipDocumentEvents set to true when document events should be discarded, false otherwise
+ */
+ public void setSkipDocumentEvents(boolean skipDocumentEvents) {
+ this.skipDocumentEvents = skipDocumentEvents;
+ }
+
+ private String tokenUser;
+ private Constants.UsernameTokenPasswordType usernameTokenPasswordType;
+
+ public String getTokenUser() {
+ return tokenUser;
+ }
+
+ public void setTokenUser(String tokenUser) {
+ this.tokenUser = tokenUser;
+ }
+
+ public Constants.UsernameTokenPasswordType getUsernameTokenPasswordType() {
+ return usernameTokenPasswordType;
+ }
+
+ public void setUsernameTokenPasswordType(Constants.UsernameTokenPasswordType usernameTokenPasswordType) {
+ this.usernameTokenPasswordType = usernameTokenPasswordType;
+ }
+
+ private boolean enableSignatureConfirmationVerification = false;
+
+ public boolean isEnableSignatureConfirmationVerification() {
+ return enableSignatureConfirmationVerification;
+ }
+
+ public void setEnableSignatureConfirmationVerification(boolean enableSignatureConfirmationVerification) {
+ this.enableSignatureConfirmationVerification = enableSignatureConfirmationVerification;
+ }
+
+ private boolean useReqSigCertForEncryption = false;
+
+ public boolean isUseReqSigCertForEncryption() {
+ return useReqSigCertForEncryption;
+ }
+
+ public void setUseReqSigCertForEncryption(boolean useReqSigCertForEncryption) {
+ this.useReqSigCertForEncryption = useReqSigCertForEncryption;
+ }
+
+ private String actor;
+
+ public String getActor() {
+ return actor;
+ }
+
+ public void setActor(String actor) {
+ this.actor = actor;
+ }
+
+
+ private Constants.KeyIdentifierType derivedKeyKeyIdentifierType;
+ private Constants.DerivedKeyTokenReference derivedKeyTokenReference;
+
+ public Constants.KeyIdentifierType getDerivedKeyKeyIdentifierType() {
+ return derivedKeyKeyIdentifierType;
+ }
+
+ public void setDerivedKeyKeyIdentifierType(Constants.KeyIdentifierType derivedKeyKeyIdentifierType) {
+ this.derivedKeyKeyIdentifierType = derivedKeyKeyIdentifierType;
+ }
+
+ public Constants.DerivedKeyTokenReference getDerivedKeyTokenReference() {
+ return derivedKeyTokenReference;
+ }
+
+ public void setDerivedKeyTokenReference(Constants.DerivedKeyTokenReference derivedKeyTokenReference) {
+ this.derivedKeyTokenReference = derivedKeyTokenReference;
+ }
+}
Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityProperties.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityToken.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityToken.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityToken.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,109 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.ext;
+
+import java.security.Key;
+import java.security.PublicKey;
+import java.security.cert.X509Certificate;
+
+/**
+ * This class represents the different token types which can occur in WS-Security
+ * <p/>
+ * Sometimes it isn't known (@see EncryptedKeyInputProcessor) which kind of Token(Asymmetric, Symmetric)
+ * we have at creation time. So we use a generic interface for both types.
+ *
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public interface SecurityToken {
+
+ /**
+ * Returns the token id aka wsu:Id
+ *
+ * @return The id
+ */
+ public String getId();
+
+ /**
+ * Returns the responsible processor for this token
+ *
+ * @return
+ */
+ public Object getProcessor();
+
+ /**
+ * Returns the token type
+ *
+ * @return true if asymmetric token, false if symmetric token
+ */
+ public boolean isAsymmetric();
+
+ /**
+ * Returns the secret key
+ *
+ * @param algorithmURI for the requested key
+ * @return The requested key for the specified algorithmURI, or null if no matching key is found
+ * @throws WSSecurityException if the key can't be loaded
+ */
+ public Key getSecretKey(String algorithmURI, Constants.KeyUsage keyUsage) throws WSSecurityException;
+
+ /**
+ * Returns the public key if one exist for this token type
+ *
+ * @return The Public-Key for asymmetric algorithms
+ * @throws WSSecurityException if the key can't be loaded
+ */
+ public PublicKey getPublicKey(Constants.KeyUsage keyUsage) throws WSSecurityException;
+
+ /**
+ * Returns the certificate chain if one exists for this token type
+ *
+ * @return The certificate chain
+ * @throws WSSecurityException if the certificates can't be retrieved
+ */
+ public X509Certificate[] getX509Certificates() throws WSSecurityException;
+
+ /**
+ * Verifies the key if applicable
+ *
+ * @throws WSSecurityException if the key couldn't be verified or the key isn't valid
+ */
+ public void verify() throws WSSecurityException;
+
+ /**
+ * Returns the key wrapping token
+ *
+ * @return The wrapping SecurityToken
+ */
+ public SecurityToken getKeyWrappingToken();
+
+ /**
+ * Returns the Key wrapping token's algorithm
+ *
+ * @return the KeyWrappingToken algorithm
+ */
+ public String getKeyWrappingTokenAlgorithm();
+
+ /**
+ * Returns the KeyIdentifierType
+ *
+ * @return the KeyIdentifierType
+ */
+ public Constants.TokenType getTokenType();
+}
Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityToken.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityTokenProvider.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityTokenProvider.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityTokenProvider.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityTokenProvider.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,41 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.ext;
+
+import org.swssf.crypto.Crypto;
+
+/**
+ * A SecurityTokenProvider is a object which provides a Token for cryptographic operations
+ *
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public interface SecurityTokenProvider {
+
+ /**
+ * Returns the represented SecurityToken of this object
+ *
+ * @param crypto The Crypto to use to restore the Token
+ * @return The SecurityToken
+ * @throws WSSecurityException if the token couldn't be loaded
+ */
+ public SecurityToken getSecurityToken(Crypto crypto) throws WSSecurityException;
+
+ public String getId();
+}
Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityTokenProvider.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/Transformer.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/Transformer.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/Transformer.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/Transformer.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,31 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.ext;
+
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.events.XMLEvent;
+
+/**
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public interface Transformer {
+
+ public void transform(XMLEvent xmlEvent) throws XMLStreamException;
+}
Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/Transformer.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/UncheckedWSSecurityException.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/UncheckedWSSecurityException.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/UncheckedWSSecurityException.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/UncheckedWSSecurityException.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,40 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.ext;
+
+/**
+ * Unchecked Exception to mark uncaught-exceptions in threads
+ *
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public class UncheckedWSSecurityException extends RuntimeException {
+
+ public UncheckedWSSecurityException(String message) {
+ super(message);
+ }
+
+ public UncheckedWSSecurityException(String message, Throwable cause) {
+ super(message, cause);
+ }
+
+ public UncheckedWSSecurityException(Throwable cause) {
+ super(cause);
+ }
+}
Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/UncheckedWSSecurityException.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/Utils.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/Utils.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/Utils.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/Utils.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,277 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.ext;
+
+import org.apache.commons.codec.binary.Base64;
+import org.swssf.config.TransformerAlgorithmMapper;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.xml.namespace.QName;
+import javax.xml.stream.events.Attribute;
+import javax.xml.stream.events.Namespace;
+import javax.xml.stream.events.StartElement;
+import javax.xml.stream.events.XMLEvent;
+import java.io.IOException;
+import java.io.OutputStream;
+import java.io.UnsupportedEncodingException;
+import java.lang.reflect.Constructor;
+import java.lang.reflect.InvocationTargetException;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.util.Deque;
+import java.util.Iterator;
+import java.util.LinkedList;
+import java.util.List;
+
+/**
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public class Utils {
+
+ private Utils() {
+ }
+
+ /**
+ * Returns the Id reference without the leading #
+ *
+ * @param reference The reference on which to drop the #
+ * @return The reference without a leading #
+ */
+ public static String dropReferenceMarker(String reference) {
+ if (reference.startsWith("#")) {
+ return reference.substring(1);
+ }
+ return reference;
+ }
+
+ /**
+ * Returns the XMLEvent type in String form
+ *
+ * @param xmlEvent
+ * @return The XMLEvent type as string representation
+ */
+ public static String getXMLEventAsString(XMLEvent xmlEvent) {
+ int eventType = xmlEvent.getEventType();
+
+ switch (eventType) {
+ case XMLEvent.START_ELEMENT:
+ return "START_ELEMENT";
+ case XMLEvent.END_ELEMENT:
+ return "END_ELEMENT";
+ case XMLEvent.PROCESSING_INSTRUCTION:
+ return "PROCESSING_INSTRUCTION";
+ case XMLEvent.CHARACTERS:
+ return "CHARACTERS";
+ case XMLEvent.COMMENT:
+ return "COMMENT";
+ case XMLEvent.START_DOCUMENT:
+ return "START_DOCUMENT";
+ case XMLEvent.END_DOCUMENT:
+ return "END_DOCUMENT";
+ case XMLEvent.ATTRIBUTE:
+ return "ATTRIBUTE";
+ case XMLEvent.DTD:
+ return "DTD";
+ case XMLEvent.NAMESPACE:
+ return "NAMESPACE";
+ default:
+ throw new IllegalArgumentException("Illegal XMLEvent received: " + eventType);
+ }
+ }
+
+ /**
+ * Executes the Callback handling. Typically used to fetch passwords
+ *
+ * @param callbackHandler
+ * @param callback
+ * @throws WSSecurityException if the callback couldn't be executed
+ */
+ public static void doPasswordCallback(CallbackHandler callbackHandler, Callback callback) throws WSSecurityException {
+ if (callbackHandler == null) {
+ throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noCallback");
+ }
+ try {
+ callbackHandler.handle(new Callback[]{callback});
+ } catch (IOException e) {
+ throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noPassword", e);
+ } catch (UnsupportedCallbackException e) {
+ throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noPassword", e);
+ }
+ }
+
+ /**
+ * Try to get the secret key from a CallbackHandler implementation
+ *
+ * @param cb a CallbackHandler implementation
+ * @return An array of bytes corresponding to the secret key (can be null)
+ * @throws WSSecurityException
+ */
+ public static void doSecretKeyCallback(CallbackHandler callbackHandler, Callback callback, String id) throws WSSecurityException {
+ if (callbackHandler != null) {
+ try {
+ callbackHandler.handle(new Callback[]{callback});
+ } catch (IOException e) {
+ throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noPassword", e);
+ } catch (UnsupportedCallbackException e) {
+ throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noPassword", e);
+ }
+ }
+ }
+
+ public static Class loadClass(String className) throws ClassNotFoundException {
+ return Thread.currentThread().getContextClassLoader().loadClass(className);
+ }
+
+ public static String doPasswordDigest(byte[] nonce, String created, String password) throws WSSecurityException {
+ try {
+ byte[] b1 = nonce != null ? nonce : new byte[0];
+ byte[] b2 = created != null ? created.getBytes("UTF-8") : new byte[0];
+ byte[] b3 = password.getBytes("UTF-8");
+ byte[] b4 = new byte[b1.length + b2.length + b3.length];
+ int offset = 0;
+ System.arraycopy(b1, 0, b4, offset, b1.length);
+ offset += b1.length;
+
+ System.arraycopy(b2, 0, b4, offset, b2.length);
+ offset += b2.length;
+
+ System.arraycopy(b3, 0, b4, offset, b3.length);
+
+ MessageDigest sha = MessageDigest.getInstance("SHA-1");
+ sha.reset();
+ sha.update(b4);
+ return new String(Base64.encodeBase64(sha.digest()));
+ } catch (NoSuchAlgorithmException e) {
+ throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noSHA1availabe", e);
+ } catch (UnsupportedEncodingException e) {
+ throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e);
+ }
+ }
+
+ @SuppressWarnings("unchecked")
+ public static XMLEvent createXMLEventNS(XMLEvent xmlEvent, Deque<List<ComparableNamespace>> nsStack, Deque<List<ComparableAttribute>> attrStack) {
+ if (xmlEvent.isStartElement()) {
+ StartElement startElement = xmlEvent.asStartElement();
+ QName startElementName = startElement.getName();
+
+ List<String> prefixList = new LinkedList<String>();
+ prefixList.add(startElementName.getPrefix());
+
+ List<ComparableNamespace> comparableNamespaceList = new LinkedList<ComparableNamespace>();
+
+ ComparableNamespace curElementNamespace = new ComparableNamespace(startElementName.getPrefix(), startElementName.getNamespaceURI());
+ comparableNamespaceList.add(curElementNamespace);
+
+ @SuppressWarnings("unchecked")
+ Iterator<Namespace> namespaceIterator = startElement.getNamespaces();
+ while (namespaceIterator.hasNext()) {
+ Namespace namespace = namespaceIterator.next();
+ String prefix = namespace.getPrefix();
+
+ if ((prefix == null || prefix.length() == 0) && (namespace.getNamespaceURI() == null || namespace.getNamespaceURI().length() == 0)) {
+ continue;
+ }
+
+ if (!prefixList.contains(prefix)) {
+ prefixList.add(prefix);
+ ComparableNamespace tmpNameSpace = new ComparableNamespace(prefix, namespace.getNamespaceURI());
+ comparableNamespaceList.add(tmpNameSpace);
+ }
+ }
+
+ List<ComparableAttribute> comparableAttributeList = new LinkedList<ComparableAttribute>();
+
+ @SuppressWarnings("unchecked")
+ Iterator<Attribute> attributeIterator = startElement.getAttributes();
+ while (attributeIterator.hasNext()) {
+ Attribute attribute = attributeIterator.next();
+ String prefix = attribute.getName().getPrefix();
+
+ if (prefix != null && prefix.length() == 0 && attribute.getName().getNamespaceURI().length() == 0) {
+ continue;
+ }
+ if (!"xml".equals(prefix)) {
+ if (!"".equals(prefix)) {
+ //does an attribute have an namespace?
+ if (!prefixList.contains(prefix)) {
+ prefixList.add(prefix);
+ ComparableNamespace tmpNameSpace = new ComparableNamespace(prefix, attribute.getName().getNamespaceURI());
+ comparableNamespaceList.add(tmpNameSpace);
+ }
+ continue;
+ }
+ }
+ //add all attrs with xml - prefix (eg. xml:lang) to attr list:
+ comparableAttributeList.add(new ComparableAttribute(attribute.getName(), attribute.getValue()));
+ }
+
+ nsStack.push(comparableNamespaceList);
+ attrStack.push(comparableAttributeList);
+
+ return new XMLEventNS(xmlEvent, nsStack.toArray(new List[nsStack.size()]), attrStack.toArray(new List[attrStack.size()]));
+ } else if (xmlEvent.isEndElement()) {
+ XMLEventNS xmlEventNS = new XMLEventNS(xmlEvent, nsStack.toArray(new List[nsStack.size()]), attrStack.toArray(new List[attrStack.size()]));
+ nsStack.pop();
+ attrStack.pop();
+ return xmlEventNS;
+ }
+ return xmlEvent;
+ }
+
+ public static boolean isResponsibleActorOrRole(StartElement startElement, String soapVersionNamespace, String responsibleActor) {
+ QName actorRole;
+ if (Constants.NS_SOAP11.equals(soapVersionNamespace)) {
+ actorRole = Constants.ATT_soap11_Actor;
+ } else {
+ actorRole = Constants.ATT_soap12_Role;
+ }
+
+ String actor = null;
+ @SuppressWarnings("unchecked")
+ Iterator<Attribute> attributeIterator = startElement.getAttributes();
+ while (attributeIterator.hasNext()) {
+ Attribute next = attributeIterator.next();
+ if (actorRole.equals(next.getName())) {
+ actor = next.getValue();
+ }
+ }
+
+ if (responsibleActor == null) {
+ return actor == null;
+ } else {
+ return responsibleActor.equals(actor);
+ }
+ }
+
+ public static Transformer getTransformer(Object methodParameter1, Object methodParameter2, String algorithm) throws WSSecurityException, InstantiationException, IllegalAccessException, InvocationTargetException, NoSuchMethodException {
+ Class<Transformer> transformerClass = TransformerAlgorithmMapper.getTransformerClass(algorithm);
+ Transformer childTransformer;
+ try {
+ Constructor<Transformer> constructor = transformerClass.getConstructor(Transformer.class);
+ childTransformer = constructor.newInstance(methodParameter1);
+ } catch (NoSuchMethodException e) {
+ Constructor<Transformer> constructor = transformerClass.getConstructor(String.class, OutputStream.class);
+ childTransformer = constructor.newInstance(methodParameter1, methodParameter2);
+ }
+ return childTransformer;
+ }
+}
Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/Utils.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision