You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-dev@axis.apache.org by sa...@apache.org on 2006/09/12 11:23:26 UTC
svn commit: r442539 [2/4] - in
/webservices/axis2/trunk/java/modules/security: src/META-INF/services/
src/org/apache/rampart/ src/org/apache/ws/security/policy/
src/org/apache/ws/security/policy1/
src/org/apache/ws/security/policy1/extension/ src/org/a...
Added: webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/SignedEncryptedParts.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/SignedEncryptedParts.java?view=auto&rev=442539
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/SignedEncryptedParts.java (added)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/SignedEncryptedParts.java Tue Sep 12 02:23:24 2006
@@ -0,0 +1,70 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ws.security.policy1.model;
+
+import java.util.ArrayList;
+
+public class SignedEncryptedParts extends PolicyEngineData {
+
+ private boolean body;
+
+ private ArrayList headers = new ArrayList();
+
+ private boolean signedParts;
+
+ public SignedEncryptedParts(boolean signedParts) {
+ this.signedParts = signedParts;
+ }
+
+ /**
+ * @return Returns the body.
+ */
+ public boolean isBody() {
+ return body;
+ }
+
+ /**
+ * @param body The body to set.
+ */
+ public void setBody(boolean body) {
+ this.body = body;
+ }
+
+ /**
+ * @return Returns the headers.
+ */
+ public ArrayList getHeaders() {
+ return this.headers;
+ }
+
+ /**
+ * @param headers The headers to set.
+ */
+ public void addHeader(Header header) {
+ this.headers.add(header);
+ }
+
+ /**
+ * @return Returns the signedParts.
+ */
+ public boolean isSignedParts() {
+ return signedParts;
+ }
+
+
+
+}
Added: webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/SupportingToken.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/SupportingToken.java?view=auto&rev=442539
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/SupportingToken.java (added)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/SupportingToken.java Tue Sep 12 02:23:24 2006
@@ -0,0 +1,157 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ws.security.policy1.model;
+
+import org.apache.ws.security.policy1.WSSPolicyException;
+
+import java.util.ArrayList;
+
+public class SupportingToken extends PolicyEngineData implements AlgorithmWrapper, TokenWrapper {
+
+ /**
+ * Type of SupportingToken
+ * @see SupportingToken#SUPPORTING
+ * @see SupportingToken#ENDORSING
+ * @see SupportingToken#SIGNED
+ * @see SupportingToken#SIGNED_ENDORSING
+ */
+ private int type;
+
+ private AlgorithmSuite algorithmSuite;
+
+ private ArrayList tokens = new ArrayList();
+
+ private SignedEncryptedElements signedElements;
+
+ private SignedEncryptedElements encryptedElements;
+
+ private SignedEncryptedParts signedParts;
+
+ private SignedEncryptedParts encryptedParts;
+
+ public SupportingToken(int type) {
+ this.type = type;
+ }
+
+ /**
+ * @return Returns the algorithmSuite.
+ */
+ public AlgorithmSuite getAlgorithmSuite() {
+ return algorithmSuite;
+ }
+
+ /**
+ * @param algorithmSuite The algorithmSuite to set.
+ */
+ public void setAlgorithmSuite(AlgorithmSuite algorithmSuite) {
+ this.algorithmSuite = algorithmSuite;
+ }
+
+ /**
+ * @return Returns the token.
+ */
+ public ArrayList getTokens() {
+ return tokens;
+ }
+
+ /**
+ * @param token The token to set.
+ */
+ public void addToken(Token token) {
+ this.tokens.add(token);
+ }
+
+ /**
+ * @return Returns the type.
+ */
+ public int getType() {
+ return type;
+ }
+
+ /**
+ * @param type The type to set.
+ */
+ public void setType(int type) {
+ this.type = type;
+ }
+
+ /**
+ * @return Returns the encryptedElements.
+ */
+ public SignedEncryptedElements getEncryptedElements() {
+ return encryptedElements;
+ }
+
+ /**
+ * @param encryptedElements The encryptedElements to set.
+ */
+ public void setEncryptedElements(SignedEncryptedElements encryptedElements) {
+ this.encryptedElements = encryptedElements;
+ }
+
+ /**
+ * @return Returns the encryptedParts.
+ */
+ public SignedEncryptedParts getEncryptedParts() {
+ return encryptedParts;
+ }
+
+ /**
+ * @param encryptedParts The encryptedParts to set.
+ */
+ public void setEncryptedParts(SignedEncryptedParts encryptedParts) {
+ this.encryptedParts = encryptedParts;
+ }
+
+ /**
+ * @return Returns the signedElements.
+ */
+ public SignedEncryptedElements getSignedElements() {
+ return signedElements;
+ }
+
+ /**
+ * @param signedElements The signedElements to set.
+ */
+ public void setSignedElements(SignedEncryptedElements signedElements) {
+ this.signedElements = signedElements;
+ }
+
+ /**
+ * @return Returns the signedParts.
+ */
+ public SignedEncryptedParts getSignedParts() {
+ return signedParts;
+ }
+
+ /**
+ * @param signedParts The signedParts to set.
+ */
+ public void setSignedParts(SignedEncryptedParts signedParts) {
+ this.signedParts = signedParts;
+ }
+
+ /* (non-Javadoc)
+ * @see org.apache.ws.security.policy.TokenWrapper#setToken(org.apache.ws.security.policy.Token)
+ */
+ public void setToken(Token tok) throws WSSPolicyException {
+ this.addToken(tok);
+ }
+
+
+
+}
Added: webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/SymmetricAsymmetricBindingBase.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/SymmetricAsymmetricBindingBase.java?view=auto&rev=442539
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/SymmetricAsymmetricBindingBase.java (added)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/SymmetricAsymmetricBindingBase.java Tue Sep 12 02:23:24 2006
@@ -0,0 +1,98 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ws.security.policy1.model;
+
+import org.apache.ws.security.policy1.Constants;
+import org.apache.ws.security.policy1.WSSPolicyException;
+
+public class SymmetricAsymmetricBindingBase extends Binding {
+
+ private String protectionOrder = Constants.SIGN_BEFORE_ENCRYPTING;
+
+ private boolean signatureProtection;
+
+ private boolean tokenProtection;
+
+ private boolean entireHeaderAndBodySignatures;
+
+ /**
+ * @return Returns the entireHeaderAndBodySignatures.
+ */
+ public boolean isEntireHeaderAndBodySignatures() {
+ return entireHeaderAndBodySignatures;
+ }
+
+ /**
+ * @param entireHeaderAndBodySignatures The entireHeaderAndBodySignatures to set.
+ */
+ public void setEntireHeaderAndBodySignatures(
+ boolean entireHeaderAndBodySignatures) {
+ this.entireHeaderAndBodySignatures = entireHeaderAndBodySignatures;
+ }
+
+ /**
+ * @return Returns the protectionOrder.
+ */
+ public String getProtectionOrder() {
+ return protectionOrder;
+ }
+
+ /**
+ * @param protectionOrder The protectionOrder to set.
+ */
+ public void setProtectionOrder(String protectionOrder)
+ throws WSSPolicyException {
+ if(Constants.ENCRYPT_BEFORE_SIGNING.equals(protectionOrder) ||
+ Constants.SIGN_BEFORE_ENCRYPTING.equals(protectionOrder)) {
+ this.protectionOrder = protectionOrder;
+ } else {
+ throw new WSSPolicyException("Incorrect protection order value : "
+ + protectionOrder);
+ }
+ }
+
+ /**
+ * @return Returns the signatureProtection.
+ */
+ public boolean isSignatureProtection() {
+ return signatureProtection;
+ }
+
+ /**
+ * @param signatureProtection The signatureProtection to set.
+ */
+ public void setSignatureProtection(boolean signatureProtection) {
+ this.signatureProtection = signatureProtection;
+ }
+
+ /**
+ * @return Returns the tokenProtection.
+ */
+ public boolean isTokenProtection() {
+ return tokenProtection;
+ }
+
+ /**
+ * @param tokenProtection The tokenProtection to set.
+ */
+ public void setTokenProtection(boolean tokenProtection) {
+ this.tokenProtection = tokenProtection;
+ }
+
+
+
+}
Added: webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/SymmetricBinding.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/SymmetricBinding.java?view=auto&rev=442539
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/SymmetricBinding.java (added)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/SymmetricBinding.java Tue Sep 12 02:23:24 2006
@@ -0,0 +1,85 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ws.security.policy1.model;
+
+import org.apache.ws.security.policy1.WSSPolicyException;
+
+public class SymmetricBinding extends SymmetricAsymmetricBindingBase {
+
+ private EncryptionToken encryptionToken;
+
+ private SignatureToken signatureToken;
+
+ private ProtectionToken protectionToken;
+
+ /**
+ * @return Returns the encryptionToken.
+ */
+ public EncryptionToken getEncryptionToken() {
+ return encryptionToken;
+ }
+
+ /**
+ * @param encryptionToken The encryptionToken to set.
+ */
+ public void setEncryptionToken(EncryptionToken encryptionToken) throws WSSPolicyException {
+ if(this.protectionToken != null) {
+ throw new WSSPolicyException("Cannot use an EncryptionToken in a " +
+ "SymmetricBinding when there is a ProtectionToken");
+ }
+ this.encryptionToken = encryptionToken;
+ }
+
+ /**
+ * @return Returns the protectionToken.
+ */
+ public ProtectionToken getProtectionToken() {
+ return protectionToken;
+ }
+
+ /**
+ * @param protectionToken The protectionToken to set.
+ */
+ public void setProtectionToken(ProtectionToken protectionToken) throws WSSPolicyException {
+ if(this.encryptionToken != null || this.signatureToken != null) {
+ throw new WSSPolicyException("Cannot use a ProtectionToken in a " +
+ "SymmetricBinding when there is a SignatureToken or an" +
+ "EncryptionToken");
+ }
+ this.protectionToken = protectionToken;
+ }
+
+ /**
+ * @return Returns the signatureToken.
+ */
+ public SignatureToken getSignatureToken() {
+ return signatureToken;
+ }
+
+ /**
+ * @param signatureToken The signatureToken to set.
+ */
+ public void setSignatureToken(SignatureToken signatureToken) throws WSSPolicyException {
+ if(this.protectionToken != null) {
+ throw new WSSPolicyException("Cannot use a SignatureToken in a " +
+ "SymmetricBinding when there is a ProtectionToken");
+ }
+ this.signatureToken = signatureToken;
+ }
+
+
+}
Added: webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/Token.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/Token.java?view=auto&rev=442539
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/Token.java (added)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/Token.java Tue Sep 12 02:23:24 2006
@@ -0,0 +1,69 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ws.security.policy1.model;
+
+import org.apache.ws.security.policy1.Constants;
+import org.apache.ws.security.policy1.WSSPolicyException;
+
+public class Token extends PolicyEngineData {
+
+ /**
+ * Inclusiong property of a TokenAssertion
+ */
+ private String inclusion = Constants.INCLUDE_ALWAYS;
+
+ /**
+ * Whether to derive keys or not
+ */
+ private boolean derivedKeys;
+
+ /**
+ * @return Returns the inclusion.
+ */
+ public String getInclusion() {
+ return inclusion;
+ }
+
+ /**
+ * @param inclusion The inclusion to set.
+ */
+ public void setInclusion(String inclusion) throws WSSPolicyException {
+ if(Constants.INCLUDE_ALWAYS.equals(inclusion) ||
+ Constants.INCLUDE_ALWAYS_TO_RECIPIENT.equals(inclusion) ||
+ Constants.INCLUDE_NEVER.equals(inclusion) ||
+ Constants.INCLUDE_ONCE.equals(inclusion)) {
+ this.inclusion = inclusion;
+ } else {
+ throw new WSSPolicyException("Incorrect inclusion value: " + inclusion);
+ }
+ }
+
+ /**
+ * @return Returns the derivedKeys.
+ */
+ public boolean isDerivedKeys() {
+ return derivedKeys;
+ }
+
+ /**
+ * @param derivedKeys The derivedKeys to set.
+ */
+ public void setDerivedKeys(boolean derivedKeys) {
+ this.derivedKeys = derivedKeys;
+ }
+
+}
\ No newline at end of file
Added: webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/TokenWrapper.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/TokenWrapper.java?view=auto&rev=442539
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/TokenWrapper.java (added)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/TokenWrapper.java Tue Sep 12 02:23:24 2006
@@ -0,0 +1,24 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ws.security.policy1.model;
+
+import org.apache.ws.security.policy1.WSSPolicyException;
+
+public interface TokenWrapper {
+
+ public void setToken(Token tok) throws WSSPolicyException;
+}
Added: webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/TransportBinding.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/TransportBinding.java?view=auto&rev=442539
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/TransportBinding.java (added)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/TransportBinding.java Tue Sep 12 02:23:24 2006
@@ -0,0 +1,37 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ws.security.policy1.model;
+
+public class TransportBinding extends Binding {
+
+ private Token transportToken;
+
+ /**
+ * @return Returns the transportToken.
+ */
+ public Token getTransportToken() {
+ return transportToken;
+ }
+
+ /**
+ * @param transportToken The transportToken to set.
+ */
+ public void setTransportToken(Token transportToken) {
+ this.transportToken = transportToken;
+ }
+
+}
Added: webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/TransportToken.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/TransportToken.java?view=auto&rev=442539
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/TransportToken.java (added)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/TransportToken.java Tue Sep 12 02:23:24 2006
@@ -0,0 +1,38 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ws.security.policy1.model;
+
+
+public class TransportToken extends PolicyEngineData {
+
+ private Token transportToken;
+
+
+ /**
+ * @return Returns the transportToken.
+ */
+ public Token getTransportToken() {
+ return transportToken;
+ }
+
+ /**
+ * @param transportToken The transportToken to set.
+ */
+ public void setTransportToken(Token transportToken) {
+ this.transportToken = transportToken;
+ }
+}
Added: webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/UsernameToken.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/UsernameToken.java?view=auto&rev=442539
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/UsernameToken.java (added)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/UsernameToken.java Tue Sep 12 02:23:24 2006
@@ -0,0 +1,38 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ws.security.policy1.model;
+
+public class UsernameToken extends Token {
+
+ private boolean useUTProfile11;
+
+ /**
+ * @return Returns the useUTProfile11.
+ */
+ public boolean isUseUTProfile11() {
+ return useUTProfile11;
+ }
+
+ /**
+ * @param useUTProfile11 The useUTProfile11 to set.
+ */
+ public void setUseUTProfile11(boolean useUTProfile11) {
+ this.useUTProfile11 = useUTProfile11;
+ }
+
+
+}
Added: webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/Wss10.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/Wss10.java?view=auto&rev=442539
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/Wss10.java (added)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/Wss10.java Tue Sep 12 02:23:24 2006
@@ -0,0 +1,75 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ws.security.policy1.model;
+
+public class Wss10 extends PolicyEngineData {
+
+ private boolean mustSupportRefKeyIdentifier;
+ private boolean MustSupportRefIssuerSerial;
+ private boolean MustSupportRefExternalURI;
+ private boolean MustSupportRefEmbeddedToken;
+
+ /**
+ * @return Returns the mustSupportRefEmbeddedToken.
+ */
+ public boolean isMustSupportRefEmbeddedToken() {
+ return MustSupportRefEmbeddedToken;
+ }
+ /**
+ * @param mustSupportRefEmbeddedToken The mustSupportRefEmbeddedToken to set.
+ */
+ public void setMustSupportRefEmbeddedToken(boolean mustSupportRefEmbeddedToken) {
+ MustSupportRefEmbeddedToken = mustSupportRefEmbeddedToken;
+ }
+ /**
+ * @return Returns the mustSupportRefExternalURI.
+ */
+ public boolean isMustSupportRefExternalURI() {
+ return MustSupportRefExternalURI;
+ }
+ /**
+ * @param mustSupportRefExternalURI The mustSupportRefExternalURI to set.
+ */
+ public void setMustSupportRefExternalURI(boolean mustSupportRefExternalURI) {
+ MustSupportRefExternalURI = mustSupportRefExternalURI;
+ }
+ /**
+ * @return Returns the mustSupportRefIssuerSerial.
+ */
+ public boolean isMustSupportRefIssuerSerial() {
+ return MustSupportRefIssuerSerial;
+ }
+ /**
+ * @param mustSupportRefIssuerSerial The mustSupportRefIssuerSerial to set.
+ */
+ public void setMustSupportRefIssuerSerial(boolean mustSupportRefIssuerSerial) {
+ MustSupportRefIssuerSerial = mustSupportRefIssuerSerial;
+ }
+ /**
+ * @return Returns the mustSupportRefKeyIdentifier.
+ */
+ public boolean isMustSupportRefKeyIdentifier() {
+ return mustSupportRefKeyIdentifier;
+ }
+ /**
+ * @param mustSupportRefKeyIdentifier The mustSupportRefKeyIdentifier to set.
+ */
+ public void setMustSupportRefKeyIdentifier(boolean mustSupportRefKeyIdentifier) {
+ this.mustSupportRefKeyIdentifier = mustSupportRefKeyIdentifier;
+ }
+
+}
Added: webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/Wss11.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/Wss11.java?view=auto&rev=442539
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/Wss11.java (added)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/Wss11.java Tue Sep 12 02:23:24 2006
@@ -0,0 +1,63 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ws.security.policy1.model;
+
+public class Wss11 extends Wss10 {
+
+ private boolean MustSupportRefThumbprint;
+ private boolean MustSupportRefEncryptedKey;
+ private boolean RequireSignatureConfirmation;
+
+ /**
+ * @return Returns the mustSupportRefEncryptedKey.
+ */
+ public boolean isMustSupportRefEncryptedKey() {
+ return MustSupportRefEncryptedKey;
+ }
+ /**
+ * @param mustSupportRefEncryptedKey The mustSupportRefEncryptedKey to set.
+ */
+ public void setMustSupportRefEncryptedKey(boolean mustSupportRefEncryptedKey) {
+ MustSupportRefEncryptedKey = mustSupportRefEncryptedKey;
+ }
+ /**
+ * @return Returns the mustSupportRefThumbprint.
+ */
+ public boolean isMustSupportRefThumbprint() {
+ return MustSupportRefThumbprint;
+ }
+ /**
+ * @param mustSupportRefThumbprint The mustSupportRefThumbprint to set.
+ */
+ public void setMustSupportRefThumbprint(boolean mustSupportRefThumbprint) {
+ MustSupportRefThumbprint = mustSupportRefThumbprint;
+ }
+ /**
+ * @return Returns the requireSignatureConfirmation.
+ */
+ public boolean isRequireSignatureConfirmation() {
+ return RequireSignatureConfirmation;
+ }
+ /**
+ * @param requireSignatureConfirmation The requireSignatureConfirmation to set.
+ */
+ public void setRequireSignatureConfirmation(boolean requireSignatureConfirmation) {
+ RequireSignatureConfirmation = requireSignatureConfirmation;
+ }
+
+
+}
Added: webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/X509Token.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/X509Token.java?view=auto&rev=442539
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/X509Token.java (added)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/model/X509Token.java Tue Sep 12 02:23:24 2006
@@ -0,0 +1,104 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ws.security.policy1.model;
+
+public class X509Token extends Token {
+
+ private boolean requireKeyIdentifierReference;
+
+ private boolean requireIssuerSerialReference;
+
+ private boolean requireEmbeddedTokenReference;
+
+ private boolean requireThumbprintReference;
+
+ private String tokenVersionAndType;
+
+ /**
+ * @return Returns the requireEmbeddedTokenReference.
+ */
+ public boolean isRequireEmbeddedTokenReference() {
+ return requireEmbeddedTokenReference;
+ }
+
+ /**
+ * @param requireEmbeddedTokenReference The requireEmbeddedTokenReference to set.
+ */
+ public void setRequireEmbeddedTokenReference(
+ boolean requireEmbeddedTokenReference) {
+ this.requireEmbeddedTokenReference = requireEmbeddedTokenReference;
+ }
+
+ /**
+ * @return Returns the requireIssuerSerialReference.
+ */
+ public boolean isRequireIssuerSerialReference() {
+ return requireIssuerSerialReference;
+ }
+
+ /**
+ * @param requireIssuerSerialReference The requireIssuerSerialReference to set.
+ */
+ public void setRequireIssuerSerialReference(boolean requireIssuerSerialReference) {
+ this.requireIssuerSerialReference = requireIssuerSerialReference;
+ }
+
+ /**
+ * @return Returns the requireKeyIdentifierReference.
+ */
+ public boolean isRequireKeyIdentifierReference() {
+ return requireKeyIdentifierReference;
+ }
+
+ /**
+ * @param requireKeyIdentifierReference The requireKeyIdentifierReference to set.
+ */
+ public void setRequireKeyIdentifierReference(
+ boolean requireKeyIdentifierReference) {
+ this.requireKeyIdentifierReference = requireKeyIdentifierReference;
+ }
+
+ /**
+ * @return Returns the requireThumbprintReference.
+ */
+ public boolean isRequireThumbprintReference() {
+ return requireThumbprintReference;
+ }
+
+ /**
+ * @param requireThumbprintReference The requireThumbprintReference to set.
+ */
+ public void setRequireThumbprintReference(boolean requireThumbprintReference) {
+ this.requireThumbprintReference = requireThumbprintReference;
+ }
+
+ /**
+ * @return Returns the tokenVersionAndType.
+ */
+ public String getTokenVersionAndType() {
+ return tokenVersionAndType;
+ }
+
+ /**
+ * @param tokenVersionAndType The tokenVersionAndType to set.
+ */
+ public void setTokenVersionAndType(String tokenVersionAndType) {
+ this.tokenVersionAndType = tokenVersionAndType;
+ }
+
+
+}
Added: webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/parser/SecurityPolicy.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/parser/SecurityPolicy.java?view=auto&rev=442539
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/parser/SecurityPolicy.java (added)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/parser/SecurityPolicy.java Tue Sep 12 02:23:24 2006
@@ -0,0 +1,412 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.ws.security.policy1.parser;
+
+public class SecurityPolicy {
+
+ public static final SecurityPolicyToken signedParts = new SecurityPolicyToken("SignedParts",
+ SecurityPolicyToken.COMPLEX_TOKEN, null);
+
+ public static final SecurityPolicyToken header = new SecurityPolicyToken("Header",
+ SecurityPolicyToken.SIMPLE_TOKEN, new String[] { "Name",
+ "Namespace" });
+
+ public static final SecurityPolicyToken body = new SecurityPolicyToken("Body",
+ SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken signedElements = new SecurityPolicyToken(
+ "SignedElements", SecurityPolicyToken.COMPLEX_TOKEN,
+ new String[] { "XPathVersion" });
+
+ public static final SecurityPolicyToken xPath = new SecurityPolicyToken(
+ "XPath",
+ SecurityPolicyToken.SIMPLE_TOKEN | SecurityPolicyToken.WITH_CONTENT,
+ null);
+
+ public static final SecurityPolicyToken encryptedParts = new SecurityPolicyToken(
+ "EncryptedParts", SecurityPolicyToken.COMPLEX_TOKEN, null);
+
+ public static final SecurityPolicyToken encryptedElements = new SecurityPolicyToken(
+ "EncryptedElements", SecurityPolicyToken.COMPLEX_TOKEN,
+ new String[] { "XPathVersion" });
+
+ public static final SecurityPolicyToken requiredElements = new SecurityPolicyToken(
+ "RequiredElements", SecurityPolicyToken.COMPLEX_TOKEN,
+ new String[] { "XPathVersion" });
+
+ public static final SecurityPolicyToken usernameToken = new SecurityPolicyToken(
+ "UsernameToken", SecurityPolicyToken.COMPLEX_TOKEN,
+ new String[] { "IncludeToken" });
+
+ public static final SecurityPolicyToken wssUsernameToken10 = new SecurityPolicyToken(
+ "WssUsernameToken10", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken wssUsernameToken11 = new SecurityPolicyToken(
+ "WssUsernameToken11", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken issuedToken = new SecurityPolicyToken("IssuedToken",
+ SecurityPolicyToken.COMPLEX_TOKEN, new String[] { "IncludeToken" });
+
+ public static final SecurityPolicyToken issuer = new SecurityPolicyToken(
+ "Issuer",
+ SecurityPolicyToken.SIMPLE_TOKEN | SecurityPolicyToken.WITH_CONTENT,
+ null);
+
+ public static final SecurityPolicyToken requestSecurityTokenTemplate = new SecurityPolicyToken(
+ "RequestSecurityTokenTemplate", SecurityPolicyToken.COMPLEX_TOKEN
+ | SecurityPolicyToken.WITH_CONTENT,
+ new String[] { "TrustVersion" });
+
+ public static final SecurityPolicyToken requireDerivedKeys = new SecurityPolicyToken(
+ "RequireDerivedKeys", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken requireExternalReference = new SecurityPolicyToken(
+ "RequireExternalReference", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken requireInternalReference = new SecurityPolicyToken(
+ "RequireInternalReference", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken x509Token = new SecurityPolicyToken("X509Token",
+ SecurityPolicyToken.COMPLEX_TOKEN, new String[] { "IncludeToken" });
+
+ public static final SecurityPolicyToken requireKeyIdentifierReference = new SecurityPolicyToken(
+ "RequireKeyIdentifierReference", SecurityPolicyToken.SIMPLE_TOKEN,
+ null);
+
+ public static final SecurityPolicyToken requireIssuerSerialReference = new SecurityPolicyToken(
+ "RequireIssuerSerialReference", SecurityPolicyToken.SIMPLE_TOKEN,
+ null);
+
+ public static final SecurityPolicyToken requireEmbeddedTokenReference = new SecurityPolicyToken(
+ "RequireEmbeddedTokenReference", SecurityPolicyToken.SIMPLE_TOKEN,
+ null);
+
+ public static final SecurityPolicyToken requireThumbprintReference = new SecurityPolicyToken(
+ "RequireThumbprintReference", SecurityPolicyToken.SIMPLE_TOKEN,
+ null);
+
+ public static final SecurityPolicyToken wssX509V1Token10 = new SecurityPolicyToken(
+ "WssX509V1Token10", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken wssX509V3Token10 = new SecurityPolicyToken(
+ "WssX509V3Token10", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken wssX509Pkcs7Token10 = new SecurityPolicyToken(
+ "WssX509Pkcs7Token10", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken wssX509PkiPathV1Token10 = new SecurityPolicyToken(
+ "WssX509PkiPathV1Token10", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken wssX509V1Token11 = new SecurityPolicyToken(
+ "WssX509V1Token11", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken wssX509V3Token11 = new SecurityPolicyToken(
+ "WssX509V3Token11", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken wssX509Pkcs7Token11 = new SecurityPolicyToken(
+ "WssX509Pkcs7Token11", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken wssX509PkiPathV1Token11 = new SecurityPolicyToken(
+ "WssX509PkiPathV1Token11", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken kerberosToken = new SecurityPolicyToken(
+ "KerberosToken", SecurityPolicyToken.COMPLEX_TOKEN,
+ new String[] { "IncludeToken" });
+
+ // requireDerivedKeys already defined for issuedToken
+ // requireKeyIdentifierReference already defined for x509Token
+ public static final SecurityPolicyToken wssKerberosV5ApReqToken11 = new SecurityPolicyToken(
+ "WssKerberosV5ApReqToken11", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken wssGssKerberosV5ApReqToken11 = new SecurityPolicyToken(
+ "WssGssKerberosV5ApReqToken11", SecurityPolicyToken.SIMPLE_TOKEN,
+ null);
+
+ public static final SecurityPolicyToken spnegoContextToken = new SecurityPolicyToken(
+ "SpnegoContextToken", SecurityPolicyToken.COMPLEX_TOKEN,
+ new String[] { "IncludeToken" });
+
+ // issuer already defined for issuedToken
+ // requireDerivedKeys already defined for issuedToken
+
+ public static final SecurityPolicyToken securityContextToken = new SecurityPolicyToken(
+ "SecurityContextToken", SecurityPolicyToken.COMPLEX_TOKEN,
+ new String[] { "IncludeToken" });
+
+ // requireDerivedKeys already defined for issuedToken
+ public static final SecurityPolicyToken requireExternalUriReference = new SecurityPolicyToken(
+ "RequireExternalUriReference", SecurityPolicyToken.SIMPLE_TOKEN,
+ null);
+
+ public static final SecurityPolicyToken sc10SecurityContextToken = new SecurityPolicyToken(
+ "SC10SecurityContextToken", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken secureConversationToken = new SecurityPolicyToken(
+ "SecureConversationToken", SecurityPolicyToken.COMPLEX_TOKEN,
+ new String[] { "IncludeToken" });
+
+ // issuer already defined for issuedToken
+ // requireDerivedKeys already defined for issuedToken
+ // requireExternalUriReference is already defined for SecurityContextToken
+ // sc10SecurityContextToken is already defined for SecurityContextToken
+ public static final SecurityPolicyToken bootstrapPolicy = new SecurityPolicyToken(
+ "BootstrapPolicy", SecurityPolicyToken.COMPLEX_TOKEN, null);
+
+ public static final SecurityPolicyToken samlToken = new SecurityPolicyToken("SamlToken",
+ SecurityPolicyToken.COMPLEX_TOKEN, new String[] { "IncludeToken" });
+
+ // requireDerivedKeys already defined for issuedToken
+ // requireKeyIdentifierReference already defined for x509Token
+ public static final SecurityPolicyToken wssSamlV10Token10 = new SecurityPolicyToken(
+ "WssSamlV10Token10", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken wssSamlV11Token10 = new SecurityPolicyToken(
+ "WssSamlV11Token10", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken wssSamlV10Token11 = new SecurityPolicyToken(
+ "WssSamlV10Token11", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken wssSamlV11Token11 = new SecurityPolicyToken(
+ "WssSamlV11Token11", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken wssSamlV20Token11 = new SecurityPolicyToken(
+ "WssSamlV20Token11", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken relToken = new SecurityPolicyToken("RelToken",
+ SecurityPolicyToken.COMPLEX_TOKEN, new String[] { "IncludeToken" });
+
+ // requireDerivedKeys already defined for issuedToken
+ // requireKeyIdentifierReference already defined for x509Token
+ public static final SecurityPolicyToken wssRelV10Token10 = new SecurityPolicyToken(
+ "WssRelV10Token10", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken wssRelV20Token10 = new SecurityPolicyToken(
+ "WssRelV20Token10", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken wssRelV10Token11 = new SecurityPolicyToken(
+ "WssRelV10Token11", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken wssRelV20Token11 = new SecurityPolicyToken(
+ "WssRelV20Token11", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken httpsToken = new SecurityPolicyToken("HttpsToken",
+ SecurityPolicyToken.COMPLEX_TOKEN,
+ new String[] { "RequireClientCertificate" });
+
+ public static final SecurityPolicyToken algorithmSuite = new SecurityPolicyToken("AlgorithmSuite",
+ SecurityPolicyToken.COMPLEX_TOKEN, null);
+
+ public static final SecurityPolicyToken basic256 = new SecurityPolicyToken("Basic256",
+ SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken basic192 = new SecurityPolicyToken("Basic192",
+ SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken basic128 = new SecurityPolicyToken("Basic128",
+ SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken tripleDes = new SecurityPolicyToken("TripleDes",
+ SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken basic256Rsa15 = new SecurityPolicyToken(
+ "Basic256Rsa15", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken basic192Rsa15 = new SecurityPolicyToken(
+ "Basic192Rsa15", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken basic128Rsa15 = new SecurityPolicyToken(
+ "Basic128Rsa15", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken tripleDesRsa15 = new SecurityPolicyToken(
+ "TripleDesRsa15", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken basic256Sha256 = new SecurityPolicyToken(
+ "Basic256Sha256", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken basic192Sha256 = new SecurityPolicyToken(
+ "Basic192Sha256", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken basic128Sha256 = new SecurityPolicyToken(
+ "Basic128Sha256", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken tripleDesSha256 = new SecurityPolicyToken(
+ "TripleDesSha256", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken basic256Sha256Rsa15 = new SecurityPolicyToken(
+ "Basic256Sha256Rsa15", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken basic192Sha256Rsa15 = new SecurityPolicyToken(
+ "Basic192Sha256Rsa15", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken basic128Sha256Rsa15 = new SecurityPolicyToken(
+ "Basic128Sha256Rsa15", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken tripleDesSha256Rsa15 = new SecurityPolicyToken(
+ "TripleDesSha256Rsa15", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken inclusiveC14N = new SecurityPolicyToken(
+ "InclusiveC14N", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken soapNormalization10 = new SecurityPolicyToken(
+ "SoapNormalization10", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken strTransform10 = new SecurityPolicyToken(
+ "StrTransform10", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken xPath10 = new SecurityPolicyToken("XPath10",
+ SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken xPathFilter20 = new SecurityPolicyToken(
+ "XPathFilter20", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken layout = new SecurityPolicyToken("Layout",
+ SecurityPolicyToken.COMPLEX_TOKEN, null);
+
+ public static final SecurityPolicyToken strict = new SecurityPolicyToken("Strict",
+ SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken lax = new SecurityPolicyToken("Lax",
+ SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken laxTsFirst = new SecurityPolicyToken("LaxTsFirst",
+ SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken laxTsLast = new SecurityPolicyToken("LaxTsLast",
+ SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken transportBinding = new SecurityPolicyToken(
+ "TransportBinding", SecurityPolicyToken.COMPLEX_TOKEN, null);
+
+ public static final SecurityPolicyToken transportToken = new SecurityPolicyToken(
+ "TransportToken", SecurityPolicyToken.COMPLEX_TOKEN, null);
+
+ // algorithmSuite and layout see above
+ public static final SecurityPolicyToken includeTimestamp = new SecurityPolicyToken(
+ "IncludeTimestamp", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken symmetricBinding = new SecurityPolicyToken(
+ "SymmetricBinding", SecurityPolicyToken.COMPLEX_TOKEN, null);
+
+ public static final SecurityPolicyToken encryptionToken = new SecurityPolicyToken(
+ "EncryptionToken", SecurityPolicyToken.COMPLEX_TOKEN, null);
+
+ public static final SecurityPolicyToken signatureToken = new SecurityPolicyToken(
+ "SignatureToken", SecurityPolicyToken.COMPLEX_TOKEN, null);
+
+ public static final SecurityPolicyToken protectionToken = new SecurityPolicyToken(
+ "ProtectionToken", SecurityPolicyToken.COMPLEX_TOKEN, null);
+
+ // algorithmSuite and layout see above
+ // includeTimestamp already defined for transport binding
+ public static final SecurityPolicyToken encryptBeforeSigning = new SecurityPolicyToken(
+ "EncryptBeforeSigning", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken encryptSignature = new SecurityPolicyToken(
+ "EncryptSignature", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken protectTokens = new SecurityPolicyToken(
+ "ProtectTokens", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken onlySignEntireHeadersAndBody = new SecurityPolicyToken(
+ "OnlySignEntireHeadersAndBody", SecurityPolicyToken.SIMPLE_TOKEN,
+ null);
+
+ public static final SecurityPolicyToken asymmetricBinding = new SecurityPolicyToken(
+ "AsymmetricBinding", SecurityPolicyToken.COMPLEX_TOKEN, null);
+
+ public static final SecurityPolicyToken initiatorToken = new SecurityPolicyToken(
+ "InitiatorToken", SecurityPolicyToken.COMPLEX_TOKEN, null);
+
+ public static final SecurityPolicyToken recipientToken = new SecurityPolicyToken(
+ "RecipientToken", SecurityPolicyToken.COMPLEX_TOKEN, null);
+
+ // all other tokens for asymmetric already defined above
+
+ public static final SecurityPolicyToken supportingTokens = new SecurityPolicyToken(
+ "SupportingTokens", SecurityPolicyToken.COMPLEX_TOKEN, null);
+
+ public static final SecurityPolicyToken signedSupportingTokens = new SecurityPolicyToken(
+ "SignedSupportingTokens", SecurityPolicyToken.COMPLEX_TOKEN, null);
+
+ public static final SecurityPolicyToken endorsingSupportingTokens = new SecurityPolicyToken(
+ "EndorsingSupportingTokens", SecurityPolicyToken.COMPLEX_TOKEN,
+ null);
+
+ public static final SecurityPolicyToken signedEndorsingSupportingTokens = new SecurityPolicyToken(
+ "SignedEndorsingSupportingTokens",
+ SecurityPolicyToken.COMPLEX_TOKEN, null);
+
+ public static final SecurityPolicyToken wss10 = new SecurityPolicyToken("Wss10",
+ SecurityPolicyToken.COMPLEX_TOKEN, null);
+
+ public static final SecurityPolicyToken mustSupportRefKeyIdentifier = new SecurityPolicyToken(
+ "MustSupportRefKeyIdentifier", SecurityPolicyToken.SIMPLE_TOKEN,
+ null);
+
+ public static final SecurityPolicyToken mustSupportRefIssuerSerial = new SecurityPolicyToken(
+ "MustSupportRefIssuerSerial", SecurityPolicyToken.SIMPLE_TOKEN,
+ null);
+
+ public static final SecurityPolicyToken mustSupportRefExternalUri = new SecurityPolicyToken(
+ "MustSupportRefExternalURI", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken mustSupportRefEmbeddedToken = new SecurityPolicyToken(
+ "MustSupportRefEmbeddedToken", SecurityPolicyToken.SIMPLE_TOKEN,
+ null);
+
+ public static final SecurityPolicyToken wss11 = new SecurityPolicyToken("Wss11",
+ SecurityPolicyToken.COMPLEX_TOKEN, null);
+
+ // all from wss10
+ public static final SecurityPolicyToken mustSupportRefThumbprint = new SecurityPolicyToken(
+ "MustSupportRefThumbprint", SecurityPolicyToken.SIMPLE_TOKEN,
+ null);
+
+ public static final SecurityPolicyToken mustSupportRefEncryptedKey = new SecurityPolicyToken(
+ "MustSupportRefEncryptedKey", SecurityPolicyToken.SIMPLE_TOKEN,
+ null);
+
+ public static final SecurityPolicyToken requireSignatureConfirmation = new SecurityPolicyToken(
+ "RequireSignatureConfirmation", SecurityPolicyToken.SIMPLE_TOKEN,
+ null);
+
+ public static final SecurityPolicyToken trust10 = new SecurityPolicyToken("Trust10",
+ SecurityPolicyToken.COMPLEX_TOKEN, null);
+
+ public static final SecurityPolicyToken mustSupportClientChallenge = new SecurityPolicyToken(
+ "MustSupportClientChallenge", SecurityPolicyToken.SIMPLE_TOKEN,
+ null);
+
+ public static final SecurityPolicyToken mustSupportServerChallenge = new SecurityPolicyToken(
+ "MustSupportServerChallenge", SecurityPolicyToken.SIMPLE_TOKEN,
+ null);
+
+ public static final SecurityPolicyToken requireClientEntropy = new SecurityPolicyToken(
+ "RequireClientEntropy", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken requireServerEntropy = new SecurityPolicyToken(
+ "RequireServerEntropy", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final SecurityPolicyToken mustSupportIssuedTokens = new SecurityPolicyToken(
+ "MustSupportIssuedTokens", SecurityPolicyToken.SIMPLE_TOKEN, null);
+
+ public static final String includeNever = "http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never";
+
+ public static final String includeOnce = "http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Once";
+
+ public static final String includeAlways = "http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always";
+
+}
Added: webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/parser/SecurityPolicyToken.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/parser/SecurityPolicyToken.java?view=auto&rev=442539
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/parser/SecurityPolicyToken.java (added)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/parser/SecurityPolicyToken.java Tue Sep 12 02:23:24 2006
@@ -0,0 +1,239 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.ws.security.policy1.parser;
+
+import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Method;
+import java.util.ArrayList;
+import java.util.Iterator;
+
+public class SecurityPolicyToken {
+
+ /**
+ * The following values describe the type of the security token. A complex
+ * token starts a transaction because it contains nested tokens. A simple
+ * token does not contain nested tokens but stands allone an defines a
+ * simple assertion or property.
+ *
+ * If Content is set then this token contains additional text content, e.g.
+ * XPath expressions.
+ */
+ public static final int COMPLEX_TOKEN = 1;
+
+ public static final int SIMPLE_TOKEN = 2;
+
+ public static final int WITH_CONTENT = 100;
+
+ private String tokenName;
+
+ private int tokenType = 0;
+
+ // private boolean supported = false;
+
+ private String[] attributes = null;
+
+ private Object handler = null;
+
+ private Method processTokenMethod = null;
+
+ private ArrayList childTokens = null;
+
+ /**
+ * Create a SecurityPolicyToken data structure.
+ *
+ * @param token
+ * The name of the token, equals to to local name of the XML
+ * element
+ * @param type
+ * Type of the token. Either complex or simple. Can have a flag
+ * if the token containes some data.
+ * @param attribs
+ * The names of allowed attributes on this token
+ * @param h
+ * The handler object that implements the processing method. The
+ * name of a processing method is constructed by prepending a
+ * "do" to the token name
+ * @throws SecurityException
+ * @throws NoSuchMethodException
+ */
+ public SecurityPolicyToken(String token, int type, String[] attribs,
+ Object h) throws SecurityException, NoSuchMethodException {
+ this(token, type, attribs);
+
+ setProcessTokenMethod(h);
+ }
+
+ /**
+ * Create a SecurityPolicyToken data structure.
+ *
+ * @param token
+ * The name of the token, equals to to local name of the XML
+ * element
+ * @param type
+ * Type of the token. Either complex or simple. Can have a flag
+ * if the token containes some data.
+ * @param attribs
+ * The names of allowed attributes on this token processing
+ * method is constructed by prepending a "do" to the token name
+ */
+ public SecurityPolicyToken(String token, int type, String[] attribs) {
+ tokenName = token;
+ tokenType = type;
+ attributes = attribs;
+
+ if (tokenType == COMPLEX_TOKEN) {
+ childTokens = new ArrayList();
+ }
+ }
+
+ /**
+ * @return Returns the attributes.
+ */
+ public String[] getAttributes() {
+ return attributes;
+ }
+
+ /**
+ * Set the method which processes this security token.
+ *
+ * @param h
+ * The handler object that implements the processing method. The
+ * name of a processing method is constructed by prepending a
+ * "do" to the token name.
+ *
+ * @throws NoSuchMethodException
+ */
+ public void setProcessTokenMethod(Object h) throws NoSuchMethodException {
+
+ if (h == null) {
+ return;
+ }
+ handler = h;
+ Class handlerCls = h.getClass();
+ Class[] parameters = new Class[] { SecurityProcessorContext.class };
+
+ processTokenMethod = handlerCls.getDeclaredMethod("do" + tokenName,
+ parameters);
+ }
+
+ /**
+ * Invoke the processing method for this token.
+ *
+ * @param spc
+ * The SecurityProcessContext handed over to the processing
+ * method
+ * @return True if the token is processed successfully
+ * @throws IllegalArgumentException
+ * @throws IllegalAccessException
+ * @throws InvocationTargetException
+ */
+ public boolean invokeProcessTokenMethod(SecurityProcessorContext spc)
+ throws IllegalArgumentException, IllegalAccessException,
+ InvocationTargetException {
+
+ if (processTokenMethod == null) {
+ return false;
+ }
+ Object[] parameter = new Object[] { spc };
+ Object ret = processTokenMethod.invoke(handler, parameter);
+ Boolean bool;
+ if (ret instanceof Boolean) {
+ bool = (Boolean) ret;
+ return bool.booleanValue();
+ }
+ return false;
+ }
+
+ /**
+ * @return Returns the tokenName.
+ */
+ public String getTokenName() {
+ return tokenName;
+ }
+
+ /**
+ * Add a Child token to this complex token.
+ *
+ * @param spt
+ * The child token to add to this Complex token
+ */
+ public void setChildToken(SecurityPolicyToken spt) {
+ childTokens.add(spt);
+ }
+
+ /**
+ * Gets a named child token,
+ *
+ * @param sptName
+ * The token name to check for
+ * @return the SecurityPolicyToken if this token contains the named token as
+ * child token, null otherwise.
+ */
+ public SecurityPolicyToken getChildToken(String sptName) {
+ Iterator it = childTokens.iterator();
+ while (it.hasNext()) {
+ SecurityPolicyToken tmpSpt = (SecurityPolicyToken) it.next();
+ if (sptName.equals(tmpSpt.getTokenName())) {
+ return tmpSpt;
+ }
+ }
+ return null;
+ }
+
+ /**
+ * Remove a named child token,
+ *
+ * @param sptName
+ * The token name to remove
+ */
+ public void removeChildToken(String sptName) {
+ Iterator it = childTokens.iterator();
+ while (it.hasNext()) {
+ SecurityPolicyToken tmpSpt = (SecurityPolicyToken) it.next();
+ if (sptName.equals(tmpSpt.getTokenName())) {
+ childTokens.remove(tmpSpt);
+ return;
+ }
+ }
+ }
+
+ /**
+ * Copy this SecurityPolicyToken and return the copy.
+ *
+ * Produce a copy of this SPT. The imutable fields (token name, token type,
+ * and attributes) are copied by reference. The child tokens are copied by
+ * value thus they can be modified. The handler object and the associated
+ * processing method are not copied and must be intialized.
+ *
+ * @return A new SecurityPolicyToken
+ */
+ public SecurityPolicyToken copy() {
+ SecurityPolicyToken spt = new SecurityPolicyToken(tokenName, tokenType,
+ attributes);
+ if (childTokens != null) {
+ Iterator it = childTokens.iterator();
+ while (it.hasNext()) {
+ SecurityPolicyToken tmpSpt = (SecurityPolicyToken) it.next();
+ spt.setChildToken(tmpSpt);
+ }
+ }
+ return spt;
+ }
+
+ public int getTokenType() {
+ return this.tokenType;
+ }
+}
Added: webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/parser/SecurityProcessorContext.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/parser/SecurityProcessorContext.java?view=auto&rev=442539
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/parser/SecurityProcessorContext.java (added)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/parser/SecurityProcessorContext.java Tue Sep 12 02:23:24 2006
@@ -0,0 +1,218 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.ws.security.policy1.parser;
+
+import org.apache.ws.policy.PrimitiveAssertion;
+import org.apache.ws.security.policy1.model.PolicyEngineData;
+import org.apache.ws.security.policy1.model.RootPolicyEngineData;
+
+import java.util.ArrayList;
+
+public class SecurityProcessorContext {
+
+ public static final int NONE = 0;
+ public static final int START = 1;
+ public static final int COMMIT = 2;
+ public static final int ABORT = 3;
+
+ public static final String[] ACTION_NAMES = new String[]{"NONE", "START", "COMMIT", "ABORT"};
+
+ private ArrayList tokenStack = new ArrayList();
+
+ private int tokenStackPointer = 0;
+
+ private PrimitiveAssertion assertion = null;
+
+ private ArrayList pedStack = new ArrayList();
+
+ private int pedStackPointer = 0;
+ private int action = NONE;
+
+ public SecurityProcessorContext() {
+ }
+
+ /**
+ * Gets the action to perform in the processing method.
+ *
+ * @return The action
+ */
+ public int getAction() {
+ return action;
+ }
+
+ /**
+ * Sets to action to perform in the processing method.
+ *
+ * @param act The actio to set. Either NONE, START, COMMIT, or ABORT
+ */
+ public void setAction(int act) {
+ this.action = act;
+ }
+ /**
+ * Get the current assertion that is being processed.
+ *
+ * This is always a PrimitiveAssertion.
+ *
+ * @return The current assertion.
+ */
+ public PrimitiveAssertion getAssertion() {
+ return assertion;
+ }
+
+ /**
+ * Set the current assertion that is being processed.
+ *
+ * This is always a primitive assertion.
+ *
+ * @param asrt The assertion to set
+ */
+ public void setAssertion(PrimitiveAssertion asrt) {
+ this.assertion = asrt;
+ }
+
+ /**
+ * Push a SecurityPolicyToken onto the token stack.
+ *
+ * The pushed token becomes the current token. The current token is the
+ * starting point for further parsing.
+ *
+ * @param spt
+ * The SecurityPolicyToken to push on the stack
+ */
+ public void pushSecurityToken(SecurityPolicyToken spt) {
+ tokenStack.add(tokenStackPointer, spt);
+ tokenStackPointer++;
+ }
+
+ /**
+ * Pop a SecurityPolicyToken from the token stack.
+ *
+ * If the stack contains at least one token the method pops the topmost
+ * token from the stack and returns it. If the stack is empty the method
+ * returns a <code>null</code>.
+ *
+ * @return The topmost SecurityPolicyToken or null if the stack is empty.
+ */
+ public SecurityPolicyToken popSecurityToken() {
+ if (tokenStackPointer > 0) {
+ tokenStackPointer--;
+ return (SecurityPolicyToken) tokenStack.get(tokenStackPointer);
+ } else {
+ return null;
+ }
+ }
+
+ /**
+ * Reads and returns the current SecurityPolicyToken.
+ *
+ * If the stack contains at least one token the method reads the topmost
+ * token from the stack and returns it. If the stack is empty the method
+ * returns a <code>null</code>. The method does not remove the token from
+ * the stack.
+ *
+ * @return The topmost SecurityPolicyToken or null if the stack is empty.
+ */
+ public SecurityPolicyToken readCurrentSecurityToken() {
+ if (tokenStackPointer > 0) {
+ return (SecurityPolicyToken) tokenStack.get(tokenStackPointer - 1);
+ } else {
+ return null;
+ }
+ }
+
+ /**
+ * Push a PolicyEngineData onto the PED stack.
+ *
+ * The pushed PED becomes the current PED. The current PED is the
+ * starting point for further processing.
+ *
+ * @param ped
+ * The PolicyEngineData to push on the stack
+ */
+ public void pushPolicyEngineData(PolicyEngineData ped) {
+ pedStack.add(pedStackPointer, ped);
+ pedStackPointer++;
+ }
+
+ /**
+ * Pop a PolicyEngineData from the PED stack.
+ *
+ * If the stack contains at least one PolicyEngineData the method pops the topmost
+ * PolicyEngineData from the stack and returns it. If the stack is empty the method
+ * returns a <code>null</code>.
+ *
+ * @return The topmost PolicyEngineData or null if the stack is empty.
+ */
+ public PolicyEngineData popPolicyEngineData() {
+ if (pedStackPointer > 0) {
+ pedStackPointer--;
+ return (PolicyEngineData) pedStack.get(pedStackPointer);
+ } else {
+ return null;
+ }
+ }
+
+ /**
+ * Reads and returns the current PolicyEngineData.
+ *
+ * If the stack contains at least one PolicyEngineData the method reads the topmost
+ * PolicyEngineData from the stack and returns it. If the stack is empty the method
+ * returns a <code>null</code>. The method does not remove the PolicyEngineData from
+ * the stack.
+ *
+ * @return The topmost PolicyEngineData or null if the stack is empty.
+ */
+ public PolicyEngineData readCurrentPolicyEngineData() {
+ if (pedStackPointer > 0) {
+ return (PolicyEngineData) pedStack.get(pedStackPointer - 1);
+ } else {
+ return null;
+ }
+ }
+
+ public PolicyEngineData readPreviousPolicyEngineData() {
+ if (pedStackPointer > 1) {
+ return (PolicyEngineData) pedStack.get(pedStackPointer - 2);
+ } else {
+ return null;
+ }
+ }
+
+
+ public PolicyEngineData commitPolicyEngineData() {
+ if (pedStackPointer > 2) {
+ pedStackPointer--;
+ PolicyEngineData ped = (PolicyEngineData) pedStack.get(pedStackPointer);
+ return ped;
+ } else if(pedStackPointer == 2) {
+ RootPolicyEngineData rootData = (RootPolicyEngineData)this.pedStack.get(0);
+ rootData.addTopLevelPED(readCurrentPolicyEngineData());
+ pedStackPointer--;
+ return (PolicyEngineData) pedStack.get(pedStackPointer);
+ } else {
+ return null;
+ }
+ }
+
+ /**
+ * @return Returns the pedStack.
+ */
+ public ArrayList getPedStack() {
+ return pedStack;
+ }
+
+
+}
Added: webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/parser/WSSPolicyProcessor.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/parser/WSSPolicyProcessor.java?view=auto&rev=442539
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/parser/WSSPolicyProcessor.java (added)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/ws/security/policy1/parser/WSSPolicyProcessor.java Tue Sep 12 02:23:24 2006
@@ -0,0 +1,409 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ws.security.policy1.parser;
+
+import org.apache.axis2.namespace.Constants;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.ws.policy.All;
+import org.apache.ws.policy.Assertion;
+import org.apache.ws.policy.Policy;
+import org.apache.ws.policy.PrimitiveAssertion;
+import org.apache.ws.policy.ExactlyOne;
+import org.apache.ws.policy.util.PolicyFactory;
+import org.apache.ws.policy.util.PolicyReader;
+import org.apache.ws.security.policy1.WSSPolicyException;
+import org.apache.ws.security.policy1.model.PolicyEngineData;
+import org.apache.ws.security.policy1.model.RootPolicyEngineData;
+import org.apache.ws.security.policy1.parser.processors.AsymmetricBindingProcessor;
+import org.apache.ws.security.policy1.parser.processors.EncryptedPartsElementsProcessor;
+import org.apache.ws.security.policy1.parser.processors.EndorsingSupportingTokensProcessor;
+import org.apache.ws.security.policy1.parser.processors.SignedEndorsingSupportingTokensProcessor;
+import org.apache.ws.security.policy1.parser.processors.SignedPartsElementsProcessor;
+import org.apache.ws.security.policy1.parser.processors.SignedSupportingTokensProcessor;
+import org.apache.ws.security.policy1.parser.processors.SupportingTokensProcessor;
+import org.apache.ws.security.policy1.parser.processors.SymmetricBindingProcessor;
+import org.apache.ws.security.policy1.parser.processors.TransportBindingProcessor;
+import org.apache.ws.security.policy1.parser.processors.Wss10Processor;
+import org.apache.ws.security.policy1.parser.processors.Wss11Processor;
+
+import java.io.FileInputStream;
+import java.io.FileNotFoundException;
+import java.io.IOException;
+import java.lang.reflect.InvocationTargetException;
+import java.util.Iterator;
+import java.util.List;
+
+
+public class WSSPolicyProcessor {
+
+ private static final Log log = LogFactory.getLog(WSSPolicyProcessor.class);
+
+ FileInputStream fis = null;
+
+ PolicyReader prdr = null;
+
+ Policy merged = null;
+
+ SecurityPolicyToken topLevel = new SecurityPolicyToken("_TopLevel_",
+ SecurityPolicyToken.COMPLEX_TOKEN, null);
+
+ SecurityProcessorContext secProcessorContext = null;
+
+ public boolean setup() throws NoSuchMethodException {
+ prdr = PolicyFactory.getPolicyReader(PolicyFactory.OM_POLICY_READER);
+
+ /*
+ * Initialize the top level security policy token.
+ */
+ SecurityPolicyToken spt = null;
+
+ SignedPartsElementsProcessor spep = new SignedPartsElementsProcessor();
+ spt = SecurityPolicy.signedParts.copy();
+ spt.setProcessTokenMethod(spep);
+ topLevel.setChildToken(spt);
+
+ spt = SecurityPolicy.signedElements.copy();
+ spt.setProcessTokenMethod(spep);
+ topLevel.setChildToken(spt);
+
+ EncryptedPartsElementsProcessor epep = new EncryptedPartsElementsProcessor();
+ spt = SecurityPolicy.encryptedParts.copy();
+ spt.setProcessTokenMethod(epep);
+ topLevel.setChildToken(spt);
+
+ spt = SecurityPolicy.encryptedElements.copy();
+ spt.setProcessTokenMethod(epep);
+ topLevel.setChildToken(spt);
+
+ spt = SecurityPolicy.asymmetricBinding.copy();
+ spt.setProcessTokenMethod(new AsymmetricBindingProcessor());
+ topLevel.setChildToken(spt);
+
+ spt = SecurityPolicy.symmetricBinding.copy();
+ spt.setProcessTokenMethod(new SymmetricBindingProcessor());
+ topLevel.setChildToken(spt);
+
+ spt = SecurityPolicy.transportBinding.copy();
+ spt.setProcessTokenMethod(new TransportBindingProcessor());
+ topLevel.setChildToken(spt);
+
+ spt = SecurityPolicy.wss10.copy();
+ spt.setProcessTokenMethod(new Wss10Processor());
+ topLevel.setChildToken(spt);
+
+ spt = SecurityPolicy.wss11.copy();
+ spt.setProcessTokenMethod(new Wss11Processor());
+ topLevel.setChildToken(spt);
+
+ spt = SecurityPolicy.supportingTokens.copy();
+ spt.setProcessTokenMethod(new SupportingTokensProcessor());
+ topLevel.setChildToken(spt);
+
+ spt = SecurityPolicy.endorsingSupportingTokens.copy();
+ spt.setProcessTokenMethod(new EndorsingSupportingTokensProcessor());
+ topLevel.setChildToken(spt);
+
+ spt = SecurityPolicy.signedSupportingTokens.copy();
+ spt.setProcessTokenMethod(new SignedSupportingTokensProcessor());
+ topLevel.setChildToken(spt);
+
+ spt = SecurityPolicy.signedEndorsingSupportingTokens.copy();
+ spt.setProcessTokenMethod(new SignedEndorsingSupportingTokensProcessor());
+ topLevel.setChildToken(spt);
+
+ /*
+ * Now get the initial PolicyEngineData, initialize it and put it onto
+ * the PED stack.
+ */
+ PolicyEngineData ped = new RootPolicyEngineData();
+ ped.initializeWithDefaults();
+
+ /*
+ * Now get a context and push the top level token onto the token stack.
+ * The top level token is a special token that acts as anchor to start
+ * parsing.
+ */
+ secProcessorContext = new SecurityProcessorContext();
+ secProcessorContext.pushSecurityToken(topLevel);
+ secProcessorContext.pushPolicyEngineData(ped);
+
+ return true;
+ }
+
+ void go(String[] args) {
+
+ merged = null;
+ for (int i = 0; i < args.length; i++) {
+ try {
+ fis = new FileInputStream(args[i]);
+ } catch (FileNotFoundException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+
+ Policy newPolicy = prdr.readPolicy(fis);
+ newPolicy = (Policy) newPolicy.normalize();
+
+ if (merged == null) {
+ merged = newPolicy;
+ } else {
+ merged = (Policy) merged.merge(newPolicy);
+ merged = (Policy) merged.normalize();
+ }
+ try {
+ fis.close();
+ } catch (IOException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ }
+
+ if (processPolicy(merged)) {
+ log.debug("Security Policy sucessfully parsed");
+ } else {
+ log.debug("Security Policy not sucessfully parsed");
+ }
+ }
+
+ /**
+ * This method takes a normalized policy object, processes it and returns
+ * true if all assertion can be fulfilled.
+ *
+ * Each policy must be nromalized accordig to the WS Policy framework
+ * specification. Therefore a policy has one child (wsp:ExactlyOne) that is
+ * a XorCompositeAssertion. This child may contain one or more other terms
+ * (alternatives). To match the policy one of these terms (alternatives)
+ * must match. If none of the contained terms match this policy cannot be
+ * enforced.
+ *
+ * @param policy
+ * The policy to process
+ * @return True if this policy can be enforced by the policy enforcement
+ * implmentation
+ */
+ public boolean processPolicy(Policy policy) {
+
+ if (!policy.isNormalized()) {
+ policy = (Policy) policy.normalize();
+ }
+
+ ExactlyOne xor = (ExactlyOne) policy.getTerms()
+ .get(0);
+ List listOfPolicyAlternatives = xor.getTerms();
+
+ boolean success = false;
+ int numberOfAlternatives = listOfPolicyAlternatives.size();
+
+ for (int i = 0; !success && i < numberOfAlternatives; i++) {
+ All aPolicyAlternative = (All) listOfPolicyAlternatives
+ .get(i);
+
+ List listOfAssertions = aPolicyAlternative.getTerms();
+
+ Iterator iterator = listOfAssertions.iterator();
+ /*
+ * Loop over all assertions in this alternative. If all assertions
+ * can be fulfilled then we choose this alternative and signal a
+ * success.
+ */
+ boolean all = true;
+ while (all && iterator.hasNext()) {
+ Assertion assertion = (Assertion) iterator.next();
+
+ /*
+ * At this point we expect PrimitiveAssertions only.
+ */
+ if (!(assertion instanceof PrimitiveAssertion)) {
+ log.debug("Got a unexpected assertion type: "
+ + assertion.getClass().getName());
+ continue;
+ }
+ /*
+ * We need to pick only the primitive assertions which contain a
+ * WSSecurityPolicy policy assertion. For that we'll check the
+ * namespace of the primitive assertion
+ */
+ PrimitiveAssertion pa = (PrimitiveAssertion) assertion;
+ if (!(pa.getName().getNamespaceURI()
+ .equals(Constants.URI_SECURITYPOLICY))) {
+ log.debug("Got a unexpected assertion: "
+ + pa.getName().getLocalPart());
+ continue;
+ }
+ all = processPrimitiveAssertion((PrimitiveAssertion) assertion);
+ }
+ /*
+ * copy the status of assertion processing. If all is true then this
+ * alternative is "success"ful
+ */
+ success = all;
+ }
+ return success;
+ }
+
+ boolean processPrimitiveAssertion(PrimitiveAssertion pa) {
+ boolean commit = true;
+
+ commit = startPolicyTransaction(pa);
+
+ List terms = pa.getTerms();
+ if (commit && terms.size() > 0) {
+ for (int i = 0; commit && i < terms.size(); i++) {
+ Assertion assertion = (Assertion) pa.getTerms().get(i);
+ if (assertion instanceof Policy) {
+ commit = processPolicy((Policy) assertion);
+ } else if (assertion instanceof PrimitiveAssertion) {
+ commit = processPrimitiveAssertion((PrimitiveAssertion) assertion);
+ }
+ }
+ }
+ if (commit) {
+ commitPolicyTransaction(pa);
+ } else {
+ abortPolicyTransaction(pa);
+ }
+ return commit;
+ }
+
+ public boolean startPolicyTransaction(PrimitiveAssertion pa) {
+
+ String tokenName = pa.getName().getLocalPart();
+
+ SecurityPolicyToken spt = null;
+
+ /*
+ * Get the current security token from the context and check if the
+ * current token supports/contains this assertion as token. If yes set
+ * this token as current token (push onto stack), set the assertion into
+ * context and call the processing method for this token.
+ */
+ SecurityPolicyToken currentToken = secProcessorContext
+ .readCurrentSecurityToken();
+ if (currentToken == null) {
+ log.error("Internal error on token stack - No current token");
+ System.exit(1);
+ }
+ spt = currentToken.getChildToken(tokenName);
+ secProcessorContext.pushSecurityToken(spt);
+ secProcessorContext.setAssertion(pa);
+ secProcessorContext.setAction(SecurityProcessorContext.START);
+
+ boolean ret = false;
+
+ try {
+
+ if (spt == null) {
+ log.debug("Security token: '" + tokenName
+ + "' unknown in context of '"
+ + currentToken.getTokenName());
+ return false;
+ }
+
+ if(spt.getTokenType() == SecurityPolicyToken.COMPLEX_TOKEN && secProcessorContext.getAction() == SecurityProcessorContext.START) {
+ secProcessorContext.pushPolicyEngineData(PolicyEngineData.copy(pa.getName()));
+ }
+
+
+ ret = spt.invokeProcessTokenMethod(secProcessorContext);
+
+ } catch (IllegalArgumentException e) {
+ log.error(e.getMessage(), e);
+ } catch (IllegalAccessException e) {
+ log.error(e.getMessage(), e);
+ } catch (InvocationTargetException e) {
+ log.error(e.getMessage(), e);
+ } catch (WSSPolicyException e) {
+ e.printStackTrace();
+ } finally {
+ secProcessorContext.setAction(SecurityProcessorContext.NONE);
+ }
+ return ret;
+ }
+
+ public void abortPolicyTransaction(PrimitiveAssertion pa) {
+ SecurityPolicyToken currentToken = secProcessorContext
+ .readCurrentSecurityToken();
+ if (currentToken == null) {
+ secProcessorContext.popSecurityToken();
+ log.debug("Abort transaction because of unknown token: '"
+ + pa.getName().getLocalPart() + "'");
+ return;
+ }
+ secProcessorContext.setAssertion(pa);
+ secProcessorContext.setAction(SecurityProcessorContext.ABORT);
+ try {
+ currentToken.invokeProcessTokenMethod(secProcessorContext);
+ } catch (IllegalArgumentException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ } catch (IllegalAccessException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ } catch (InvocationTargetException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ } finally {
+ secProcessorContext.setAction(SecurityProcessorContext.NONE);
+ secProcessorContext.popSecurityToken();
+ secProcessorContext.popPolicyEngineData();
+
+ }
+ }
+
+ public void commitPolicyTransaction(PrimitiveAssertion pa) {
+ SecurityPolicyToken currentToken = secProcessorContext
+ .readCurrentSecurityToken();
+ if (currentToken == null) {
+ log.error("Internal error on token stack - Commiting an unknown token: "
+ + pa.getName().getLocalPart() + "'");
+ System.exit(1);
+ }
+ secProcessorContext.setAssertion(pa);
+ secProcessorContext.setAction(SecurityProcessorContext.COMMIT);
+ try {
+ currentToken.invokeProcessTokenMethod(secProcessorContext);
+ } catch (IllegalArgumentException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ } catch (IllegalAccessException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ } catch (InvocationTargetException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ } finally {
+ secProcessorContext.setAction(SecurityProcessorContext.NONE);
+ secProcessorContext.popSecurityToken();
+ if(currentToken.getTokenType() == SecurityPolicyToken.COMPLEX_TOKEN) {
+ secProcessorContext.commitPolicyEngineData();
+ }
+ }
+ }
+
+ /**
+ * @return Returns the secProcessorContext.
+ */
+ public RootPolicyEngineData getRootPED() {
+ if(this.secProcessorContext != null && this.secProcessorContext.getAction() == SecurityProcessorContext.NONE) {
+ return (RootPolicyEngineData)secProcessorContext.getPedStack().get(0);
+ } else {
+ return null;
+ }
+ }
+
+}
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-cvs-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-cvs-help@ws.apache.org