You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by dk...@apache.org on 2008/07/09 22:11:48 UTC
svn commit: r675332 [4/6] - in /cxf/trunk:
common/common/src/main/java/org/apache/cxf/helpers/
rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/
rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/
rt/ws/security/src/m...
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/X509TokenBuilder.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/X509TokenBuilder.java?rev=675332&r1=674910&r2=675332&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/X509TokenBuilder.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/X509TokenBuilder.java Wed Jul 9 13:11:45 2008
@@ -1,65 +1,89 @@
-/*
- * Copyright 2001-2004 The Apache Software Foundation.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
-package org.apache.ws.secpolicy11.builders;
+package org.apache.cxf.ws.security.policy.builders;
+import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import javax.xml.namespace.QName;
-import org.apache.axiom.om.OMAttribute;
-import org.apache.axiom.om.OMElement;
+import org.w3c.dom.Element;
+
+import org.apache.cxf.helpers.DOMUtils;
+import org.apache.cxf.ws.policy.AssertionBuilder;
+import org.apache.cxf.ws.policy.PolicyAssertion;
+import org.apache.cxf.ws.policy.PolicyBuilder;
+import org.apache.cxf.ws.security.policy.SP11Constants;
+import org.apache.cxf.ws.security.policy.SP12Constants;
+import org.apache.cxf.ws.security.policy.SPConstants;
+import org.apache.cxf.ws.security.policy.model.X509Token;
import org.apache.neethi.Assertion;
-import org.apache.neethi.AssertionBuilderFactory;
import org.apache.neethi.Policy;
-import org.apache.neethi.PolicyEngine;
-import org.apache.neethi.builders.AssertionBuilder;
-import org.apache.ws.secpolicy.SP11Constants;
-import org.apache.ws.secpolicy.SPConstants;
-import org.apache.ws.secpolicy.model.X509Token;
public class X509TokenBuilder implements AssertionBuilder {
+ private static final List<QName> KNOWN_ELEMENTS
+ = Arrays.asList(SP11Constants.X509_TOKEN, SP12Constants.X509_TOKEN);
+
+
+ PolicyBuilder builder;
+ public X509TokenBuilder(PolicyBuilder b) {
+ builder = b;
+ }
- public Assertion build(OMElement element, AssertionBuilderFactory factory)
- throws IllegalArgumentException {
- X509Token x509Token = new X509Token(SPConstants.SP_V11);
-
- OMElement policyElement = element.getFirstElement();
-
- //Process token inclusion
- OMAttribute includeAttr = element.getAttribute(SP11Constants.INCLUDE_TOKEN);
+ public PolicyAssertion build(Element element)
+ throws IllegalArgumentException {
- if(includeAttr != null) {
- int inclusion = SP11Constants.getInclusionFromAttributeValue(includeAttr.getAttributeValue());
+ SPConstants consts = SP11Constants.SP_NS.equals(element.getNamespaceURI())
+ ? SP11Constants.INSTANCE : SP12Constants.INSTANCE;
+ X509Token x509Token = new X509Token(consts);
+
+ Element policyElement = DOMUtils.getFirstElement(element);
+
+ // Process token inclusion
+ String includeAttr = DOMUtils.getAttribute(element, consts.getIncludeToken());
+
+ if (includeAttr != null) {
+ SPConstants.IncludeTokenType inclusion
+ = consts.getInclusionFromAttributeValue(includeAttr);
x509Token.setInclusion(inclusion);
}
if (policyElement != null) {
-
- if (policyElement.getFirstChildWithName(SP11Constants.REQUIRE_DERIVED_KEYS) != null) {
+
+ if (DOMUtils.getFirstChildWithName(policyElement, consts.getRequiredDerivedKeys()) != null) {
x509Token.setDerivedKeys(true);
+ } else if (DOMUtils.getFirstChildWithName(policyElement,
+ SP12Constants.REQUIRE_IMPLIED_DERIVED_KEYS) != null) {
+ x509Token.setImpliedDerivedKeys(true);
+ } else if (DOMUtils.getFirstChildWithName(policyElement,
+ SP12Constants.REQUIRE_EXPLICIT_DERIVED_KEYS) != null) {
+ x509Token.setExplicitDerivedKeys(true);
}
-
- Policy policy = PolicyEngine.getPolicy(element.getFirstElement());
- policy = (Policy) policy.normalize(false);
- for (Iterator iterator = policy.getAlternatives(); iterator
- .hasNext();) {
- processAlternative((List) iterator.next(), x509Token);
-
+
+ Policy policy = builder.getPolicy(DOMUtils.getFirstElement(element));
+ policy = (Policy)policy.normalize(false);
+
+ for (Iterator iterator = policy.getAlternatives(); iterator.hasNext();) {
+ processAlternative((List)iterator.next(), x509Token, consts);
+
/*
* since there should be only one alternative
*/
@@ -69,54 +93,63 @@
return x509Token;
}
- private void processAlternative(List assertions, X509Token parent) {
- Assertion assertion;
+ private void processAlternative(List assertions, X509Token parent, SPConstants consts) {
+ Assertion assertion;
QName name;
for (Iterator iterator = assertions.iterator(); iterator.hasNext();) {
- assertion = (Assertion) iterator.next();
+ assertion = (Assertion)iterator.next();
name = assertion.getName();
+
+ if (!consts.getNamespace().equals(name.getNamespaceURI())) {
+ continue;
+ }
- if (SP11Constants.REQUIRE_KEY_IDENTIFIRE_REFERENCE.equals(name)) {
+ if (SPConstants.REQUIRE_KEY_IDENTIFIRE_REFERENCE.equals(name.getLocalPart())) {
parent.setRequireKeyIdentifierReference(true);
- } else if (SP11Constants.REQUIRE_ISSUER_SERIAL_REFERENCE.equals(name)) {
+ } else if (SPConstants.REQUIRE_ISSUER_SERIAL_REFERENCE.equals(name.getLocalPart())) {
parent.setRequireIssuerSerialReference(true);
- } else if (SP11Constants.REQUIRE_EMBEDDED_TOKEN_REFERENCE.equals(name)) {
+ } else if (SPConstants.REQUIRE_EMBEDDED_TOKEN_REFERENCE.equals(name.getLocalPart())) {
parent.setRequireEmbeddedTokenReference(true);
- } else if (SP11Constants.REQUIRE_THUMBPRINT_REFERENCE.equals(name)) {
+ } else if (SPConstants.REQUIRE_THUMBPRINT_REFERENCE.equals(name.getLocalPart())) {
parent.setRequireThumbprintReference(true);
- } else if (SP11Constants.WSS_X509_V1_TOKEN_10.equals(name)) {
+ } else if (SPConstants.WSS_X509_V1_TOKEN10.equals(name.getLocalPart())) {
parent.setTokenVersionAndType(SPConstants.WSS_X509_V1_TOKEN10);
- } else if (SP11Constants.WSS_X509_V1_TOKEN_11.equals(name)) {
+ } else if (SPConstants.WSS_X509_V1_TOKEN11.equals(name.getLocalPart())) {
parent.setTokenVersionAndType(SPConstants.WSS_X509_V1_TOKEN11);
- } else if (SP11Constants.WSS_X509_V3_TOKEN_10.equals(name)) {
+ } else if (SPConstants.WSS_X509_V3_TOKEN10.equals(name.getLocalPart())) {
parent.setTokenVersionAndType(SPConstants.WSS_X509_V3_TOKEN10);
- } else if (SP11Constants.WSS_X509_V3_TOKEN_11.equals(name)) {
+ } else if (SPConstants.WSS_X509_V3_TOKEN11.equals(name.getLocalPart())) {
parent.setTokenVersionAndType(SPConstants.WSS_X509_V3_TOKEN11);
- } else if (SP11Constants.WSS_X509_PKCS7_TOKEN_10.equals(name)) {
+ } else if (SPConstants.WSS_X509_PKCS7_TOKEN10.equals(name.getLocalPart())) {
parent.setTokenVersionAndType(SPConstants.WSS_X509_PKCS7_TOKEN10);
-
- } else if (SP11Constants.WSS_X509_PKCS7_TOKEN_11.equals(name)) {
+
+ } else if (SPConstants.WSS_X509_PKCS7_TOKEN11.equals(name.getLocalPart())) {
parent.setTokenVersionAndType(SPConstants.WSS_X509_PKCS7_TOKEN11);
- } else if (SP11Constants.WSS_X509_PKI_PATH_V1_TOKEN_10.equals(name)) {
+ } else if (SPConstants.WSS_X509_PKI_PATH_V1_TOKEN10.equals(name.getLocalPart())) {
parent.setTokenVersionAndType(SPConstants.WSS_X509_PKI_PATH_V1_TOKEN10);
-
- } else if (SP11Constants.WSS_X509_PKI_PATH_V1_TOKEN_11.equals(name)) {
+
+ } else if (SPConstants.WSS_X509_PKI_PATH_V1_TOKEN11.equals(name.getLocalPart())) {
parent.setTokenVersionAndType(SPConstants.WSS_X509_PKI_PATH_V1_TOKEN11);
}
}
}
- public QName[] getKnownElements() {
- return new QName[] {SP11Constants.X509_TOKEN};
+ public List<QName> getKnownElements() {
+ return KNOWN_ELEMENTS;
+ }
+
+ public PolicyAssertion buildCompatible(PolicyAssertion a, PolicyAssertion b) {
+ // TODO Auto-generated method stub
+ return null;
}
}
Propchange: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/
------------------------------------------------------------------------------
svn:mergeinfo =
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/AbstractConfigurableSecurityAssertion.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/AbstractConfigurableSecurityAssertion.java?rev=675332&r1=674910&r2=675332&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/AbstractConfigurableSecurityAssertion.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/AbstractConfigurableSecurityAssertion.java Wed Jul 9 13:11:45 2008
@@ -1,45 +1,53 @@
-/*
- * Copyright 2001-2004 The Apache Software Foundation.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
-package org.apache.ws.secpolicy.model;
+package org.apache.cxf.ws.security.policy.model;
import java.util.ArrayList;
import java.util.List;
+import org.apache.cxf.ws.security.policy.SPConstants;
import org.apache.neethi.Assertion;
public abstract class AbstractConfigurableSecurityAssertion extends AbstractSecurityAssertion {
+
+ protected List<Assertion> configurations;
- protected ArrayList configurations = null;
-
+ public AbstractConfigurableSecurityAssertion(SPConstants version) {
+ super(version);
+ }
+
public void addConfiguration(Assertion assertion) {
if (configurations == null) {
- configurations = new ArrayList();
+ configurations = new ArrayList<Assertion>();
}
configurations.add(assertion);
}
-
- public List getConfigurations() {
+
+ public List<Assertion> getConfigurations() {
return configurations;
}
-
+
public Assertion getDefaultAssertion() {
if (configurations != null) {
- return (Assertion) configurations.get(0);
+ return configurations.get(0);
}
return null;
}
-
+
}
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/AbstractSecurityAssertion.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/AbstractSecurityAssertion.java?rev=675332&r1=674910&r2=675332&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/AbstractSecurityAssertion.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/AbstractSecurityAssertion.java Wed Jul 9 13:11:45 2008
@@ -1,73 +1,77 @@
-/*
- * Copyright 2001-2004 The Apache Software Foundation.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
-package org.apache.ws.secpolicy.model;
+package org.apache.cxf.ws.security.policy.model;
-import org.apache.neethi.Assertion;
+import org.apache.cxf.ws.policy.AssertionInfoMap;
+import org.apache.cxf.ws.policy.PolicyAssertion;
+import org.apache.cxf.ws.security.policy.SPConstants;
+import org.apache.neethi.Policy;
import org.apache.neethi.PolicyComponent;
-import org.apache.ws.secpolicy.SP12Constants;
-import org.apache.ws.secpolicy.SPConstants;
-import org.apache.ws.secpolicy.SP12Constants;
-public abstract class AbstractSecurityAssertion implements Assertion {
+public abstract class AbstractSecurityAssertion implements PolicyAssertion {
+ protected final SPConstants constants;
private boolean isOptional;
+ private boolean normalized;
+
- private boolean normalized = false;
-
- protected int version;
+ public AbstractSecurityAssertion(SPConstants version) {
+ constants = version;
+ }
public boolean isOptional() {
return isOptional;
}
-
- public void setOptional(boolean isOptional) {
- this.isOptional = isOptional;
+
+ public void setOptional(boolean optional) {
+ this.isOptional = optional;
}
public short getType() {
return org.apache.neethi.Constants.TYPE_ASSERTION;
- }
-
+ }
+
public boolean equal(PolicyComponent policyComponent) {
throw new UnsupportedOperationException();
}
-
+
public void setNormalized(boolean normalized) {
this.normalized = normalized;
}
-
+
public boolean isNormalized() {
- return true;
+ return normalized;
}
public PolicyComponent normalize() {
-
+
/*
* TODO: Handling the isOptional:TRUE case
*/
return this;
- }
-
- public void setVersion(int version) {
- this.version = version;
}
-
- public int getVersion() {
- return version;
+
+ public boolean isAsserted(AssertionInfoMap aim) {
+ return false;
}
-
+ public Policy getPolicy() {
+ return null;
+ }
}
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/AlgorithmSuite.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/AlgorithmSuite.java?rev=675332&r1=674910&r2=675332&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/AlgorithmSuite.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/AlgorithmSuite.java Wed Jul 9 13:11:45 2008
@@ -1,32 +1,38 @@
-/*
- * Copyright 2004,2005 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+ * http://www.apache.org/licenses/LICENSE-2.0
*
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
-package org.apache.ws.secpolicy.model;
+package org.apache.cxf.ws.security.policy.model;
+
+import java.util.logging.Logger;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamException;
import javax.xml.stream.XMLStreamWriter;
+import org.apache.cxf.common.i18n.Message;
+import org.apache.cxf.common.logging.LogUtils;
+import org.apache.cxf.ws.security.policy.SPConstants;
+import org.apache.cxf.ws.security.policy.WSSPolicyException;
import org.apache.neethi.PolicyComponent;
-import org.apache.ws.secpolicy.SP11Constants;
-import org.apache.ws.secpolicy.SP12Constants;
-import org.apache.ws.secpolicy.SPConstants;
-import org.apache.ws.secpolicy.WSSPolicyException;
public class AlgorithmSuite extends AbstractConfigurableSecurityAssertion {
-
+ private static final Logger LOG = LogUtils.getL7dLogger(AlgorithmSuite.class);
+
private String algoSuiteString;
private String symmetricSignature = SPConstants.HMAC_SHA1;
@@ -50,11 +56,11 @@
private String asymmetricKeyWrap;
private String encryptionKeyDerivation;
-
+
private int encryptionDerivedKeyLength;
private String signatureKeyDerivation;
-
+
private int signatureDerivedKeyLength;
private int minimumSymmetricKeyLength;
@@ -66,217 +72,12 @@
private String strTransform;
private String xPath;
-
- public AlgorithmSuite (int version) {
- setVersion(version);
+
+ public AlgorithmSuite(SPConstants version) {
+ super(version);
}
- /**
- * Set the algorithm suite
- *
- * @param algoSuite
- * @throws WSSPolicyException
- * @see SPConstants#ALGO_SUITE_BASIC128
- * @see SPConstants#ALGO_SUITE_BASIC128_RSA15
- * @see SPConstants#ALGO_SUITE_BASIC128_SHA256
- * @see SPConstants#ALGO_SUITE_BASIC128_SHA256_RSA15
- * @see SPConstants#ALGO_SUITE_BASIC192
- * @see SPConstants#ALGO_SUITE_BASIC192_RSA15
- * @see SPConstants#ALGO_SUITE_BASIC192_SHA256
- * @see SPConstants#ALGO_SUITE_BASIC192_SHA256_RSA15
- * @see SPConstants#ALGO_SUITE_BASIC256
- * @see SPConstants#ALGO_SUITE_BASIC256_RSA15
- * @see SPConstants#ALGO_SUITE_BASIC256_SHA256
- * @see SPConstants#ALGO_SUITE_BASIC256_SHA256_RSA15
- * @see SPConstants#ALGO_SUITE_TRIPLE_DES
- * @see SPConstants#ALGO_SUITE_TRIPLE_DES_RSA15
- * @see SPConstants#ALGO_SUITE_TRIPLE_DES_SHA256
- * @see SPConstants#ALGO_SUITE_TRIPLE_DES_SHA256_RSA15
- */
- public void setAlgorithmSuite(String algoSuite) throws WSSPolicyException {
- setAlgoSuiteString(algoSuite);
- this.algoSuiteString = algoSuite;
- // TODO: Optimize this :-)
- if (SPConstants.ALGO_SUITE_BASIC256.equals(algoSuite)) {
- this.digest = SPConstants.SHA1;
- this.encryption = SPConstants.AES256;
- this.symmetricKeyWrap = SPConstants.KW_AES256;
- this.asymmetricKeyWrap = SPConstants.KW_RSA_OAEP;
- this.encryptionKeyDerivation = SPConstants.P_SHA1_L256;
- this.signatureKeyDerivation = SPConstants.P_SHA1_L192;
- this.encryptionDerivedKeyLength = 256;
- this.signatureDerivedKeyLength = 192;
- this.minimumSymmetricKeyLength = 256;
- this.encryptionDerivedKeyLength = 256;
- } else if (SPConstants.ALGO_SUITE_BASIC192.equals(algoSuite)) {
- this.digest = SPConstants.SHA1;
- this.encryption = SPConstants.AES192;
- this.symmetricKeyWrap = SPConstants.KW_AES192;
- this.asymmetricKeyWrap = SPConstants.KW_RSA_OAEP;
- this.encryptionKeyDerivation = SPConstants.P_SHA1_L192;
- this.signatureKeyDerivation = SPConstants.P_SHA1_L192;
- this.encryptionDerivedKeyLength = 192;
- this.signatureDerivedKeyLength = 192;
- this.minimumSymmetricKeyLength = 192;
- this.maximumSymmetricKeyLength = 192;
- } else if (SPConstants.ALGO_SUITE_BASIC128.equals(algoSuite)) {
- this.digest = SPConstants.SHA1;
- this.encryption = SPConstants.AES128;
- this.symmetricKeyWrap = SPConstants.KW_AES128;
- this.asymmetricKeyWrap = SPConstants.KW_RSA_OAEP;
- this.encryptionKeyDerivation = SPConstants.P_SHA1_L128;
- this.signatureKeyDerivation = SPConstants.P_SHA1_L128;
- this.encryptionDerivedKeyLength = 128;
- this.signatureDerivedKeyLength = 128;
- this.minimumSymmetricKeyLength = 128;
- this.maximumSymmetricKeyLength = 128;
- } else if (SPConstants.ALGO_SUITE_TRIPLE_DES.equals(algoSuite)) {
- this.digest = SPConstants.SHA1;
- this.encryption = SPConstants.TRIPLE_DES;
- this.symmetricKeyWrap = SPConstants.KW_TRIPLE_DES;
- this.asymmetricKeyWrap = SPConstants.KW_RSA_OAEP;
- this.encryptionKeyDerivation = SPConstants.P_SHA1_L192;
- this.signatureKeyDerivation = SPConstants.P_SHA1_L192;
- this.encryptionDerivedKeyLength = 192;
- this.signatureDerivedKeyLength = 192;
- this.minimumSymmetricKeyLength = 192;
- this.maximumSymmetricKeyLength = 192; //due to use of 3des
- } else if (SPConstants.ALGO_SUITE_BASIC256_RSA15.equals(algoSuite)) {
- this.digest = SPConstants.SHA1;
- this.encryption = SPConstants.AES256;
- this.symmetricKeyWrap = SPConstants.KW_AES256;
- this.asymmetricKeyWrap = SPConstants.KW_RSA15;
- this.encryptionKeyDerivation = SPConstants.P_SHA1_L256;
- this.signatureKeyDerivation = SPConstants.P_SHA1_L192;
- this.encryptionDerivedKeyLength = 256;
- this.signatureDerivedKeyLength = 192;
- this.minimumSymmetricKeyLength = 256;
- } else if (SPConstants.ALGO_SUITE_BASIC192_RSA15.equals(algoSuite)) {
- this.digest = SPConstants.SHA1;
- this.encryption = SPConstants.AES192;
- this.symmetricKeyWrap = SPConstants.KW_AES192;
- this.asymmetricKeyWrap = SPConstants.KW_RSA15;
- this.encryptionKeyDerivation = SPConstants.P_SHA1_L192;
- this.signatureKeyDerivation = SPConstants.P_SHA1_L192;
- this.encryptionDerivedKeyLength = 192;
- this.signatureDerivedKeyLength = 192;
- this.minimumSymmetricKeyLength = 192;
- this.maximumSymmetricKeyLength = 192;
- } else if (SPConstants.ALGO_SUITE_BASIC128_RSA15.equals(algoSuite)) {
- this.digest = SPConstants.SHA1;
- this.encryption = SPConstants.AES128;
- this.symmetricKeyWrap = SPConstants.KW_AES128;
- this.asymmetricKeyWrap = SPConstants.KW_RSA15;
- this.encryptionKeyDerivation = SPConstants.P_SHA1_L128;
- this.signatureKeyDerivation = SPConstants.P_SHA1_L128;
- this.encryptionDerivedKeyLength = 128;
- this.signatureDerivedKeyLength = 128;
- this.minimumSymmetricKeyLength = 128;
- this.maximumSymmetricKeyLength = 128;
- } else if (SPConstants.ALGO_SUITE_TRIPLE_DES_RSA15.equals(algoSuite)) {
- this.digest = SPConstants.SHA1;
- this.encryption = SPConstants.TRIPLE_DES;
- this.symmetricKeyWrap = SPConstants.KW_TRIPLE_DES;
- this.asymmetricKeyWrap = SPConstants.KW_RSA15;
- this.encryptionKeyDerivation = SPConstants.P_SHA1_L192;
- this.signatureKeyDerivation = SPConstants.P_SHA1_L192;
- this.encryptionDerivedKeyLength = 192;
- this.signatureDerivedKeyLength = 192;
- this.minimumSymmetricKeyLength = 192;
- this.maximumSymmetricKeyLength = 192; //due to use of 3des
- } else if (SPConstants.ALGO_SUITE_BASIC256_SHA256.equals(algoSuite)) {
- this.digest = SPConstants.SHA256;
- this.encryption = SPConstants.AES256;
- this.symmetricKeyWrap = SPConstants.KW_AES256;
- this.asymmetricKeyWrap = SPConstants.KW_RSA_OAEP;
- this.encryptionKeyDerivation = SPConstants.P_SHA1_L256;
- this.signatureKeyDerivation = SPConstants.P_SHA1_L192;
- this.encryptionDerivedKeyLength = 256;
- this.signatureDerivedKeyLength = 256;
- this.minimumSymmetricKeyLength = 256;
- } else if (SPConstants.ALGO_SUITE_BASIC192_SHA256.equals(algoSuite)) {
- this.digest = SPConstants.SHA256;
- this.encryption = SPConstants.AES192;
- this.symmetricKeyWrap = SPConstants.KW_AES192;
- this.asymmetricKeyWrap = SPConstants.KW_RSA_OAEP;
- this.encryptionKeyDerivation = SPConstants.P_SHA1_L192;
- this.signatureKeyDerivation = SPConstants.P_SHA1_L192;
- this.encryptionDerivedKeyLength = 192;
- this.signatureDerivedKeyLength = 192;
- this.minimumSymmetricKeyLength = 192;
- this.maximumSymmetricKeyLength = 192;
- } else if (SPConstants.ALGO_SUITE_BASIC128_SHA256.equals(algoSuite)) {
- this.digest = SPConstants.SHA256;
- this.encryption = SPConstants.AES128;
- this.symmetricKeyWrap = SPConstants.KW_AES128;
- this.asymmetricKeyWrap = SPConstants.KW_RSA_OAEP;
- this.encryptionKeyDerivation = SPConstants.P_SHA1_L128;
- this.signatureKeyDerivation = SPConstants.P_SHA1_L128;
- this.encryptionDerivedKeyLength = 128;
- this.signatureDerivedKeyLength = 128;
- this.minimumSymmetricKeyLength = 128;
- this.maximumSymmetricKeyLength = 128;
- } else if (SPConstants.ALGO_SUITE_TRIPLE_DES_SHA256.equals(algoSuite)) {
- this.digest = SPConstants.SHA256;
- this.encryption = SPConstants.TRIPLE_DES;
- this.symmetricKeyWrap = SPConstants.KW_TRIPLE_DES;
- this.asymmetricKeyWrap = SPConstants.KW_RSA_OAEP;
- this.encryptionKeyDerivation = SPConstants.P_SHA1_L192;
- this.signatureKeyDerivation = SPConstants.P_SHA1_L192;
- this.encryptionDerivedKeyLength = 192;
- this.signatureDerivedKeyLength = 192;
- this.minimumSymmetricKeyLength = 192;
- this.maximumSymmetricKeyLength = 192; //due to use of 3des
- } else if (SPConstants.ALGO_SUITE_BASIC256_SHA256_RSA15.equals(algoSuite)) {
- this.digest = SPConstants.SHA256;
- this.encryption = SPConstants.AES256;
- this.symmetricKeyWrap = SPConstants.KW_AES256;
- this.asymmetricKeyWrap = SPConstants.KW_RSA15;
- this.encryptionKeyDerivation = SPConstants.P_SHA1_L256;
- this.signatureKeyDerivation = SPConstants.P_SHA1_L192;
- this.encryptionDerivedKeyLength = 256;
- this.signatureDerivedKeyLength = 192;
- this.minimumSymmetricKeyLength = 256;
- } else if (SPConstants.ALGO_SUITE_BASIC192_SHA256_RSA15.equals(algoSuite)) {
- this.digest = SPConstants.SHA256;
- this.encryption = SPConstants.AES192;
- this.symmetricKeyWrap = SPConstants.KW_AES192;
- this.asymmetricKeyWrap = SPConstants.KW_RSA15;
- this.encryptionKeyDerivation = SPConstants.P_SHA1_L192;
- this.signatureKeyDerivation = SPConstants.P_SHA1_L192;
- this.encryptionDerivedKeyLength = 192;
- this.signatureDerivedKeyLength = 192;
- this.minimumSymmetricKeyLength = 192;
- this.maximumSymmetricKeyLength = 192;
- } else if (SPConstants.ALGO_SUITE_BASIC128_SHA256_RSA15.equals(algoSuite)) {
- this.digest = SPConstants.SHA256;
- this.encryption = SPConstants.AES128;
- this.symmetricKeyWrap = SPConstants.KW_AES128;
- this.asymmetricKeyWrap = SPConstants.KW_RSA15;
- this.encryptionKeyDerivation = SPConstants.P_SHA1_L128;
- this.signatureKeyDerivation = SPConstants.P_SHA1_L128;
- this.encryptionDerivedKeyLength = 128;
- this.signatureDerivedKeyLength = 128;
- this.minimumSymmetricKeyLength = 128;
- this.maximumSymmetricKeyLength = 192;
- } else if (SPConstants.ALGO_SUITE_TRIPLE_DES_SHA256_RSA15
- .equals(algoSuite)) {
- this.digest = SPConstants.SHA256;
- this.encryption = SPConstants.TRIPLE_DES;
- this.symmetricKeyWrap = SPConstants.KW_TRIPLE_DES;
- this.asymmetricKeyWrap = SPConstants.KW_RSA15;
- this.encryptionKeyDerivation = SPConstants.P_SHA1_L192;
- this.signatureKeyDerivation = SPConstants.P_SHA1_L192;
- this.encryptionDerivedKeyLength = 192;
- this.signatureDerivedKeyLength = 192;
- this.minimumSymmetricKeyLength = 192;
- this.maximumSymmetricKeyLength = 192; //due to use of 3des
- } else {
- throw new WSSPolicyException("Invalid algorithm suite : " +
- algoSuite);
- }
- }
/**
* @return Returns the asymmetricKeyWrap.
@@ -377,8 +178,7 @@
}
/**
- * @param c14n
- * The c14n to set.
+ * @param c14n The c14n to set.
*/
public void setC14n(String c14n) {
this.c14n = c14n;
@@ -392,8 +192,7 @@
}
/**
- * @param soapNormalization
- * The soapNormalization to set.
+ * @param soapNormalization The soapNormalization to set.
*/
public void setSoapNormalization(String soapNormalization) {
this.soapNormalization = soapNormalization;
@@ -407,8 +206,7 @@
}
/**
- * @param strTransform
- * The strTransform to set.
+ * @param strTransform The strTransform to set.
*/
public void setStrTransform(String strTransform) {
this.strTransform = strTransform;
@@ -422,8 +220,7 @@
}
/**
- * @param path
- * The xPath to set.
+ * @param path The xPath to set.
*/
public void setXPath(String path) {
xPath = path;
@@ -438,16 +235,11 @@
}
public QName getName() {
- if (version == SPConstants.SP_V12) {
- return SP12Constants.ALGORITHM_SUITE;
- } else {
- return SP11Constants.ALGORITHM_SUITE;
- }
+ return constants.getAlgorithmSuite();
}
public PolicyComponent normalize() {
- throw new UnsupportedOperationException(
- "AlgorithmSuite.normalize() is not supported");
+ throw new UnsupportedOperationException("AlgorithmSuite.normalize() is not supported");
}
public void serialize(XMLStreamWriter writer) throws XMLStreamException {
@@ -466,9 +258,9 @@
writer.writeNamespace(prefix, namespaceURI);
// <wsp:Policy>
- writer.writeStartElement(SPConstants.POLICY.getPrefix(), SPConstants.POLICY
- .getLocalPart(), SPConstants.POLICY.getNamespaceURI());
-
+ writer.writeStartElement(SPConstants.POLICY.getPrefix(), SPConstants.POLICY.getLocalPart(),
+ SPConstants.POLICY.getNamespaceURI());
+
//
writer.writeStartElement(prefix, getAlgoSuiteString(), namespaceURI);
writer.writeEndElement();
@@ -479,14 +271,12 @@
}
if (SPConstants.SNT.equals(getSoapNormalization())) {
- writer.writeStartElement(prefix, SPConstants.SOAP_NORMALIZATION_10,
- namespaceURI);
+ writer.writeStartElement(prefix, SPConstants.SOAP_NORMALIZATION_10, namespaceURI);
writer.writeEndElement();
}
if (SPConstants.STRT10.equals(getStrTransform())) {
- writer.writeStartElement(prefix, SPConstants.STR_TRANSFORM_10,
- namespaceURI);
+ writer.writeStartElement(prefix, SPConstants.STR_TRANSFORM_10, namespaceURI);
writer.writeEndElement();
}
@@ -496,18 +286,17 @@
}
if (SPConstants.XPATH20.equals(getXPath())) {
- writer.writeStartElement(prefix, SPConstants.XPATH_FILTER20,
- namespaceURI);
+ writer.writeStartElement(prefix, SPConstants.XPATH_FILTER20, namespaceURI);
writer.writeEndElement();
}
-
+
// </wsp:Policy>
writer.writeEndElement();
-
+
// </sp:AlgorithmSuite>
writer.writeEndElement();
}
-
+
public int getEncryptionDerivedKeyLength() {
return encryptionDerivedKeyLength;
}
@@ -519,4 +308,211 @@
public void setAsymmetricKeyWrap(String asymmetricKeyWrap) {
this.asymmetricKeyWrap = asymmetricKeyWrap;
}
+
+
+ /**
+ * Set the algorithm suite
+ *
+ * @param algoSuite
+ * @throws WSSPolicyException
+ * @see SPConstants#ALGO_SUITE_BASIC128
+ * @see SPConstants#ALGO_SUITE_BASIC128_RSA15
+ * @see SPConstants#ALGO_SUITE_BASIC128_SHA256
+ * @see SPConstants#ALGO_SUITE_BASIC128_SHA256_RSA15
+ * @see SPConstants#ALGO_SUITE_BASIC192
+ * @see SPConstants#ALGO_SUITE_BASIC192_RSA15
+ * @see SPConstants#ALGO_SUITE_BASIC192_SHA256
+ * @see SPConstants#ALGO_SUITE_BASIC192_SHA256_RSA15
+ * @see SPConstants#ALGO_SUITE_BASIC256
+ * @see SPConstants#ALGO_SUITE_BASIC256_RSA15
+ * @see SPConstants#ALGO_SUITE_BASIC256_SHA256
+ * @see SPConstants#ALGO_SUITE_BASIC256_SHA256_RSA15
+ * @see SPConstants#ALGO_SUITE_TRIPLE_DES
+ * @see SPConstants#ALGO_SUITE_TRIPLE_DES_RSA15
+ * @see SPConstants#ALGO_SUITE_TRIPLE_DES_SHA256
+ * @see SPConstants#ALGO_SUITE_TRIPLE_DES_SHA256_RSA15
+ */
+ //CHECKSTYLE:OFF
+ public void setAlgorithmSuite(String algoSuite) throws WSSPolicyException {
+ setAlgoSuiteString(algoSuite);
+ this.algoSuiteString = algoSuite;
+
+ // TODO: Optimize this :-)
+ if (SPConstants.ALGO_SUITE_BASIC256.equals(algoSuite)) {
+ this.digest = SPConstants.SHA1;
+ this.encryption = SPConstants.AES256;
+ this.symmetricKeyWrap = SPConstants.KW_AES256;
+ this.asymmetricKeyWrap = SPConstants.KW_RSA_OAEP;
+ this.encryptionKeyDerivation = SPConstants.P_SHA1_L256;
+ this.signatureKeyDerivation = SPConstants.P_SHA1_L192;
+ this.encryptionDerivedKeyLength = 256;
+ this.signatureDerivedKeyLength = 192;
+ this.minimumSymmetricKeyLength = 256;
+ this.encryptionDerivedKeyLength = 256;
+ } else if (SPConstants.ALGO_SUITE_BASIC192.equals(algoSuite)) {
+ this.digest = SPConstants.SHA1;
+ this.encryption = SPConstants.AES192;
+ this.symmetricKeyWrap = SPConstants.KW_AES192;
+ this.asymmetricKeyWrap = SPConstants.KW_RSA_OAEP;
+ this.encryptionKeyDerivation = SPConstants.P_SHA1_L192;
+ this.signatureKeyDerivation = SPConstants.P_SHA1_L192;
+ this.encryptionDerivedKeyLength = 192;
+ this.signatureDerivedKeyLength = 192;
+ this.minimumSymmetricKeyLength = 192;
+ this.maximumSymmetricKeyLength = 192;
+ } else if (SPConstants.ALGO_SUITE_BASIC128.equals(algoSuite)) {
+ this.digest = SPConstants.SHA1;
+ this.encryption = SPConstants.AES128;
+ this.symmetricKeyWrap = SPConstants.KW_AES128;
+ this.asymmetricKeyWrap = SPConstants.KW_RSA_OAEP;
+ this.encryptionKeyDerivation = SPConstants.P_SHA1_L128;
+ this.signatureKeyDerivation = SPConstants.P_SHA1_L128;
+ this.encryptionDerivedKeyLength = 128;
+ this.signatureDerivedKeyLength = 128;
+ this.minimumSymmetricKeyLength = 128;
+ this.maximumSymmetricKeyLength = 128;
+ } else if (SPConstants.ALGO_SUITE_TRIPLE_DES.equals(algoSuite)) {
+ this.digest = SPConstants.SHA1;
+ this.encryption = SPConstants.TRIPLE_DES;
+ this.symmetricKeyWrap = SPConstants.KW_TRIPLE_DES;
+ this.asymmetricKeyWrap = SPConstants.KW_RSA_OAEP;
+ this.encryptionKeyDerivation = SPConstants.P_SHA1_L192;
+ this.signatureKeyDerivation = SPConstants.P_SHA1_L192;
+ this.encryptionDerivedKeyLength = 192;
+ this.signatureDerivedKeyLength = 192;
+ this.minimumSymmetricKeyLength = 192;
+ this.maximumSymmetricKeyLength = 192; // due to use of 3des
+ } else if (SPConstants.ALGO_SUITE_BASIC256_RSA15.equals(algoSuite)) {
+ this.digest = SPConstants.SHA1;
+ this.encryption = SPConstants.AES256;
+ this.symmetricKeyWrap = SPConstants.KW_AES256;
+ this.asymmetricKeyWrap = SPConstants.KW_RSA15;
+ this.encryptionKeyDerivation = SPConstants.P_SHA1_L256;
+ this.signatureKeyDerivation = SPConstants.P_SHA1_L192;
+ this.encryptionDerivedKeyLength = 256;
+ this.signatureDerivedKeyLength = 192;
+ this.minimumSymmetricKeyLength = 256;
+ } else if (SPConstants.ALGO_SUITE_BASIC192_RSA15.equals(algoSuite)) {
+ this.digest = SPConstants.SHA1;
+ this.encryption = SPConstants.AES192;
+ this.symmetricKeyWrap = SPConstants.KW_AES192;
+ this.asymmetricKeyWrap = SPConstants.KW_RSA15;
+ this.encryptionKeyDerivation = SPConstants.P_SHA1_L192;
+ this.signatureKeyDerivation = SPConstants.P_SHA1_L192;
+ this.encryptionDerivedKeyLength = 192;
+ this.signatureDerivedKeyLength = 192;
+ this.minimumSymmetricKeyLength = 192;
+ this.maximumSymmetricKeyLength = 192;
+ } else if (SPConstants.ALGO_SUITE_BASIC128_RSA15.equals(algoSuite)) {
+ this.digest = SPConstants.SHA1;
+ this.encryption = SPConstants.AES128;
+ this.symmetricKeyWrap = SPConstants.KW_AES128;
+ this.asymmetricKeyWrap = SPConstants.KW_RSA15;
+ this.encryptionKeyDerivation = SPConstants.P_SHA1_L128;
+ this.signatureKeyDerivation = SPConstants.P_SHA1_L128;
+ this.encryptionDerivedKeyLength = 128;
+ this.signatureDerivedKeyLength = 128;
+ this.minimumSymmetricKeyLength = 128;
+ this.maximumSymmetricKeyLength = 128;
+ } else if (SPConstants.ALGO_SUITE_TRIPLE_DES_RSA15.equals(algoSuite)) {
+ this.digest = SPConstants.SHA1;
+ this.encryption = SPConstants.TRIPLE_DES;
+ this.symmetricKeyWrap = SPConstants.KW_TRIPLE_DES;
+ this.asymmetricKeyWrap = SPConstants.KW_RSA15;
+ this.encryptionKeyDerivation = SPConstants.P_SHA1_L192;
+ this.signatureKeyDerivation = SPConstants.P_SHA1_L192;
+ this.encryptionDerivedKeyLength = 192;
+ this.signatureDerivedKeyLength = 192;
+ this.minimumSymmetricKeyLength = 192;
+ this.maximumSymmetricKeyLength = 192; // due to use of 3des
+ } else if (SPConstants.ALGO_SUITE_BASIC256_SHA256.equals(algoSuite)) {
+ this.digest = SPConstants.SHA256;
+ this.encryption = SPConstants.AES256;
+ this.symmetricKeyWrap = SPConstants.KW_AES256;
+ this.asymmetricKeyWrap = SPConstants.KW_RSA_OAEP;
+ this.encryptionKeyDerivation = SPConstants.P_SHA1_L256;
+ this.signatureKeyDerivation = SPConstants.P_SHA1_L192;
+ this.encryptionDerivedKeyLength = 256;
+ this.signatureDerivedKeyLength = 256;
+ this.minimumSymmetricKeyLength = 256;
+ } else if (SPConstants.ALGO_SUITE_BASIC192_SHA256.equals(algoSuite)) {
+ this.digest = SPConstants.SHA256;
+ this.encryption = SPConstants.AES192;
+ this.symmetricKeyWrap = SPConstants.KW_AES192;
+ this.asymmetricKeyWrap = SPConstants.KW_RSA_OAEP;
+ this.encryptionKeyDerivation = SPConstants.P_SHA1_L192;
+ this.signatureKeyDerivation = SPConstants.P_SHA1_L192;
+ this.encryptionDerivedKeyLength = 192;
+ this.signatureDerivedKeyLength = 192;
+ this.minimumSymmetricKeyLength = 192;
+ this.maximumSymmetricKeyLength = 192;
+ } else if (SPConstants.ALGO_SUITE_BASIC128_SHA256.equals(algoSuite)) {
+ this.digest = SPConstants.SHA256;
+ this.encryption = SPConstants.AES128;
+ this.symmetricKeyWrap = SPConstants.KW_AES128;
+ this.asymmetricKeyWrap = SPConstants.KW_RSA_OAEP;
+ this.encryptionKeyDerivation = SPConstants.P_SHA1_L128;
+ this.signatureKeyDerivation = SPConstants.P_SHA1_L128;
+ this.encryptionDerivedKeyLength = 128;
+ this.signatureDerivedKeyLength = 128;
+ this.minimumSymmetricKeyLength = 128;
+ this.maximumSymmetricKeyLength = 128;
+ } else if (SPConstants.ALGO_SUITE_TRIPLE_DES_SHA256.equals(algoSuite)) {
+ this.digest = SPConstants.SHA256;
+ this.encryption = SPConstants.TRIPLE_DES;
+ this.symmetricKeyWrap = SPConstants.KW_TRIPLE_DES;
+ this.asymmetricKeyWrap = SPConstants.KW_RSA_OAEP;
+ this.encryptionKeyDerivation = SPConstants.P_SHA1_L192;
+ this.signatureKeyDerivation = SPConstants.P_SHA1_L192;
+ this.encryptionDerivedKeyLength = 192;
+ this.signatureDerivedKeyLength = 192;
+ this.minimumSymmetricKeyLength = 192;
+ this.maximumSymmetricKeyLength = 192; // due to use of 3des
+ } else if (SPConstants.ALGO_SUITE_BASIC256_SHA256_RSA15.equals(algoSuite)) {
+ this.digest = SPConstants.SHA256;
+ this.encryption = SPConstants.AES256;
+ this.symmetricKeyWrap = SPConstants.KW_AES256;
+ this.asymmetricKeyWrap = SPConstants.KW_RSA15;
+ this.encryptionKeyDerivation = SPConstants.P_SHA1_L256;
+ this.signatureKeyDerivation = SPConstants.P_SHA1_L192;
+ this.encryptionDerivedKeyLength = 256;
+ this.signatureDerivedKeyLength = 192;
+ this.minimumSymmetricKeyLength = 256;
+ } else if (SPConstants.ALGO_SUITE_BASIC192_SHA256_RSA15.equals(algoSuite)) {
+ this.digest = SPConstants.SHA256;
+ this.encryption = SPConstants.AES192;
+ this.symmetricKeyWrap = SPConstants.KW_AES192;
+ this.asymmetricKeyWrap = SPConstants.KW_RSA15;
+ this.encryptionKeyDerivation = SPConstants.P_SHA1_L192;
+ this.signatureKeyDerivation = SPConstants.P_SHA1_L192;
+ this.encryptionDerivedKeyLength = 192;
+ this.signatureDerivedKeyLength = 192;
+ this.minimumSymmetricKeyLength = 192;
+ this.maximumSymmetricKeyLength = 192;
+ } else if (SPConstants.ALGO_SUITE_BASIC128_SHA256_RSA15.equals(algoSuite)) {
+ this.digest = SPConstants.SHA256;
+ this.encryption = SPConstants.AES128;
+ this.symmetricKeyWrap = SPConstants.KW_AES128;
+ this.asymmetricKeyWrap = SPConstants.KW_RSA15;
+ this.encryptionKeyDerivation = SPConstants.P_SHA1_L128;
+ this.signatureKeyDerivation = SPConstants.P_SHA1_L128;
+ this.encryptionDerivedKeyLength = 128;
+ this.signatureDerivedKeyLength = 128;
+ this.minimumSymmetricKeyLength = 128;
+ this.maximumSymmetricKeyLength = 192;
+ } else if (SPConstants.ALGO_SUITE_TRIPLE_DES_SHA256_RSA15.equals(algoSuite)) {
+ this.digest = SPConstants.SHA256;
+ this.encryption = SPConstants.TRIPLE_DES;
+ this.symmetricKeyWrap = SPConstants.KW_TRIPLE_DES;
+ this.asymmetricKeyWrap = SPConstants.KW_RSA15;
+ this.encryptionKeyDerivation = SPConstants.P_SHA1_L192;
+ this.signatureKeyDerivation = SPConstants.P_SHA1_L192;
+ this.encryptionDerivedKeyLength = 192;
+ this.signatureDerivedKeyLength = 192;
+ this.minimumSymmetricKeyLength = 192;
+ this.maximumSymmetricKeyLength = 192; // due to use of 3des
+ } else {
+ throw new WSSPolicyException(new Message("INVALID_ALGORITHM", LOG, algoSuite));
+ }
+ }
}
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/AlgorithmWrapper.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/AlgorithmWrapper.java?rev=675332&r1=674910&r2=675332&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/AlgorithmWrapper.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/AlgorithmWrapper.java Wed Jul 9 13:11:45 2008
@@ -1,23 +1,25 @@
-/*
- * Copyright 2004,2005 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+ * http://www.apache.org/licenses/LICENSE-2.0
*
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
-
-package org.apache.ws.secpolicy.model;
+package org.apache.cxf.ws.security.policy.model;
public interface AlgorithmWrapper {
- public void setAlgorithmSuite(AlgorithmSuite algorithmSuite);
-
+ void setAlgorithmSuite(AlgorithmSuite algorithmSuite);
+
}
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/AsymmetricBinding.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/AsymmetricBinding.java?rev=675332&r1=674910&r2=675332&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/AsymmetricBinding.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/AsymmetricBinding.java Wed Jul 9 13:11:45 2008
@@ -1,20 +1,22 @@
-/*
- * Copyright 2004,2005 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+ * http://www.apache.org/licenses/LICENSE-2.0
*
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
-
-package org.apache.ws.secpolicy.model;
+package org.apache.cxf.ws.security.policy.model;
import java.util.Iterator;
import java.util.List;
@@ -23,21 +25,19 @@
import javax.xml.stream.XMLStreamException;
import javax.xml.stream.XMLStreamWriter;
+import org.apache.cxf.ws.security.policy.SPConstants;
import org.apache.neethi.All;
import org.apache.neethi.ExactlyOne;
import org.apache.neethi.Policy;
import org.apache.neethi.PolicyComponent;
-import org.apache.ws.secpolicy.SP11Constants;
-import org.apache.ws.secpolicy.SP12Constants;
-import org.apache.ws.secpolicy.SPConstants;
public class AsymmetricBinding extends SymmetricAsymmetricBindingBase {
private InitiatorToken initiatorToken;
private RecipientToken recipientToken;
-
- public AsymmetricBinding(int version) {
+
+ public AsymmetricBinding(SPConstants version) {
super(version);
}
@@ -49,8 +49,7 @@
}
/**
- * @param initiatorToken
- * The initiatorToken to set.
+ * @param initiatorToken The initiatorToken to set.
*/
public void setInitiatorToken(InitiatorToken initiatorToken) {
this.initiatorToken = initiatorToken;
@@ -64,19 +63,14 @@
}
/**
- * @param recipientToken
- * The recipientToken to set.
+ * @param recipientToken The recipientToken to set.
*/
public void setRecipientToken(RecipientToken recipientToken) {
this.recipientToken = recipientToken;
}
public QName getName() {
- if (version == SPConstants.SP_V12) {
- return SP12Constants.ASYMMETRIC_BINDING;
- } else {
- return SP11Constants.ASYMMETRIC_BINDING;
- }
+ return constants.getAsymmetricBinding();
}
public PolicyComponent normalize() {
@@ -98,20 +92,17 @@
for (Iterator iterator = configs.iterator(); iterator.hasNext();) {
wrapper = new All();
- asymmetricBinding = new AsymmetricBinding(this.version);
+ asymmetricBinding = new AsymmetricBinding(constants);
- asymmetricBinding.setAlgorithmSuite((AlgorithmSuite) iterator
- .next());
- asymmetricBinding
- .setEntireHeadersAndBodySignatures(isEntireHeadersAndBodySignatures());
+ asymmetricBinding.setAlgorithmSuite((AlgorithmSuite)iterator.next());
+ asymmetricBinding.setEntireHeadersAndBodySignatures(isEntireHeadersAndBodySignatures());
asymmetricBinding.setIncludeTimestamp(isIncludeTimestamp());
asymmetricBinding.setInitiatorToken(getInitiatorToken());
asymmetricBinding.setLayout(getLayout());
asymmetricBinding.setProtectionOrder(getProtectionOrder());
asymmetricBinding.setRecipientToken(getRecipientToken());
asymmetricBinding.setSignatureProtection(isSignatureProtection());
- asymmetricBinding
- .setSignedEndorsingSupportingTokens(getSignedEndorsingSupportingTokens());
+ asymmetricBinding.setSignedEndorsingSupportingTokens(getSignedEndorsingSupportingTokens());
asymmetricBinding.setTokenProtection(isTokenProtection());
asymmetricBinding.setNormalized(true);
@@ -127,7 +118,7 @@
String namespaceURI = getName().getNamespaceURI();
String prefix = writer.getPrefix(namespaceURI);
-
+
if (prefix == null) {
prefix = getName().getPrefix();
writer.setPrefix(prefix, namespaceURI);
@@ -144,8 +135,8 @@
}
// <wsp:Policy>
- writer.writeStartElement(pPrefix, SPConstants.POLICY.getLocalPart(),
- SPConstants.POLICY.getNamespaceURI());
+ writer.writeStartElement(pPrefix, SPConstants.POLICY.getLocalPart(), SPConstants.POLICY
+ .getNamespaceURI());
if (initiatorToken == null) {
throw new RuntimeException("InitiatorToken is not set");
@@ -181,38 +172,33 @@
if (isIncludeTimestamp()) {
// <sp:IncludeTimestamp>
- writer.writeStartElement(prefix, SPConstants.INCLUDE_TIMESTAMP,
- namespaceURI);
+ writer.writeStartElement(prefix, SPConstants.INCLUDE_TIMESTAMP, namespaceURI);
writer.writeEndElement();
// </sp:IncludeTimestamp>
}
if (SPConstants.ENCRYPT_BEFORE_SIGNING.equals(getProtectionOrder())) {
// <sp:EncryptBeforeSign />
- writer.writeStartElement(prefix, SPConstants.ENCRYPT_BEFORE_SIGNING,
- namespaceURI);
+ writer.writeStartElement(prefix, SPConstants.ENCRYPT_BEFORE_SIGNING, namespaceURI);
writer.writeEndElement();
}
if (isSignatureProtection()) {
// <sp:EncryptSignature />
// FIXME move the String constants to a QName
- writer.writeStartElement(prefix, SPConstants.ENCRYPT_SIGNATURE,
- namespaceURI);
+ writer.writeStartElement(prefix, SPConstants.ENCRYPT_SIGNATURE, namespaceURI);
writer.writeEndElement();
}
if (isTokenProtection()) {
// <sp:ProtectTokens />
- writer.writeStartElement(prefix, SPConstants.PROTECT_TOKENS,
- namespaceURI);
+ writer.writeStartElement(prefix, SPConstants.PROTECT_TOKENS, namespaceURI);
writer.writeEndElement();
}
if (isEntireHeadersAndBodySignatures()) {
// <sp:OnlySignEntireHeaderAndBody />
- writer.writeStartElement(prefix,
- SPConstants.ONLY_SIGN_ENTIRE_HEADERS_AND_BODY, namespaceURI);
+ writer.writeStartElement(prefix, SPConstants.ONLY_SIGN_ENTIRE_HEADERS_AND_BODY, namespaceURI);
writer.writeEndElement();
}
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/Binding.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/Binding.java?rev=675332&r1=674910&r2=675332&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/Binding.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/Binding.java Wed Jul 9 13:11:45 2008
@@ -1,20 +1,24 @@
-/*
- * Copyright 2004,2005 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+ * http://www.apache.org/licenses/LICENSE-2.0
*
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
+package org.apache.cxf.ws.security.policy.model;
-package org.apache.ws.secpolicy.model;
+import org.apache.cxf.ws.security.policy.SPConstants;
public abstract class Binding extends AbstractSecurityAssertion implements AlgorithmWrapper {
@@ -23,12 +27,12 @@
private Layout layout;
private SupportingToken signedSupportingToken;
private SupportingToken signedEndorsingSupportingTokens;
-
- public Binding (int version) {
- setVersion(version);
+
+ public Binding(SPConstants version) {
+ super(version);
layout = new Layout(version);
}
-
+
/**
* @return Returns the algorithmSuite.
*/
@@ -56,7 +60,7 @@
public void setIncludeTimestamp(boolean includeTimestamp) {
this.includeTimestamp = includeTimestamp;
}
-
+
/**
* @return Returns the layout.
*/
@@ -75,8 +79,7 @@
return signedEndorsingSupportingTokens;
}
- public void setSignedEndorsingSupportingTokens(
- SupportingToken signedEndorsingSupportingTokens) {
+ public void setSignedEndorsingSupportingTokens(SupportingToken signedEndorsingSupportingTokens) {
this.signedEndorsingSupportingTokens = signedEndorsingSupportingTokens;
}
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/ContentEncryptedElements.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/ContentEncryptedElements.java?rev=675332&r1=674910&r2=675332&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/ContentEncryptedElements.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/ContentEncryptedElements.java Wed Jul 9 13:11:45 2008
@@ -1,50 +1,53 @@
-/*
- * Copyright 2004,2005 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+ * http://www.apache.org/licenses/LICENSE-2.0
*
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
-
-package org.apache.ws.secpolicy.model;
+package org.apache.cxf.ws.security.policy.model;
import java.util.ArrayList;
-import java.util.Iterator;
import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamException;
import javax.xml.stream.XMLStreamWriter;
+import org.apache.cxf.ws.security.policy.SP12Constants;
+import org.apache.cxf.ws.security.policy.SPConstants;
import org.apache.neethi.PolicyComponent;
-import org.apache.ws.secpolicy.SP11Constants;
-import org.apache.ws.secpolicy.SP12Constants;
-import org.apache.ws.secpolicy.SPConstants;
public class ContentEncryptedElements extends AbstractSecurityAssertion {
- private ArrayList xPathExpressions = new ArrayList();
-
- private HashMap declaredNamespaces = new HashMap();
+ private List<String> xPathExpressions = new ArrayList<String>();
+
+ private Map<String, String> declaredNamespaces = new HashMap<String, String>();
private String xPathVersion;
- public ContentEncryptedElements(int version) {
- setVersion(version);
+ public ContentEncryptedElements(SPConstants version) {
+ super(version);
}
/**
* @return Returns the xPathExpressions.
*/
- public ArrayList getXPathExpressions() {
+ public List<String> getXPathExpressions() {
return xPathExpressions;
}
@@ -60,21 +63,20 @@
}
/**
- * @param pathVersion
- * The xPathVersion to set.
+ * @param pathVersion The xPathVersion to set.
*/
public void setXPathVersion(String pathVersion) {
xPathVersion = pathVersion;
}
-
- public HashMap getDeclaredNamespaces () {
+
+ public Map<String, String> getDeclaredNamespaces() {
return declaredNamespaces;
}
-
- public void addDeclaredNamespaces(String uri, String prefix ) {
+
+ public void addDeclaredNamespaces(String uri, String prefix) {
declaredNamespaces.put(prefix, uri);
}
-
+
public void serialize(XMLStreamWriter writer) throws XMLStreamException {
String localName = getName().getLocalPart();
@@ -90,9 +92,9 @@
prefix = writerPrefix;
}
- // <sp:ContentEncryptedElements>
+ // <sp:ContentEncryptedElements>
writer.writeStartElement(prefix, localName, namespaceURI);
-
+
// xmlns:sp=".."
writer.writeNamespace(prefix, namespaceURI);
@@ -107,16 +109,15 @@
String xpathExpression;
- for (Iterator iterator = xPathExpressions.iterator(); iterator
- .hasNext();) {
- xpathExpression = (String) iterator.next();
+ for (Iterator iterator = xPathExpressions.iterator(); iterator.hasNext();) {
+ xpathExpression = (String)iterator.next();
// <sp:XPath ..>
writer.writeStartElement(prefix, SPConstants.XPATH_EXPR, namespaceURI);
writer.writeCharacters(xpathExpression);
writer.writeEndElement();
}
- //</sp:ContentEncryptedElements>
+ // </sp:ContentEncryptedElements>
writer.writeEndElement();
}
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/EncryptionToken.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/EncryptionToken.java?rev=675332&r1=674910&r2=675332&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/EncryptionToken.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/EncryptionToken.java Wed Jul 9 13:11:45 2008
@@ -1,35 +1,35 @@
-/*
- * Copyright 2004,2005 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+ * http://www.apache.org/licenses/LICENSE-2.0
*
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
-
-package org.apache.ws.secpolicy.model;
+package org.apache.cxf.ws.security.policy.model;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamException;
import javax.xml.stream.XMLStreamWriter;
-import org.apache.ws.secpolicy.SP11Constants;
-import org.apache.ws.secpolicy.SP12Constants;
-import org.apache.ws.secpolicy.SPConstants;
+import org.apache.cxf.ws.security.policy.SPConstants;
public class EncryptionToken extends AbstractSecurityAssertion implements TokenWrapper {
private Token encryptionToken;
-
- public EncryptionToken(int version) {
- setVersion(version);
+
+ public EncryptionToken(SPConstants version) {
+ super(version);
}
/**
@@ -46,73 +46,67 @@
this.encryptionToken = encryptionToken;
}
- public void setToken(Token tok) {
+ public void setToken(Token tok) {
this.setEncryptionToken(tok);
}
public QName getName() {
- if (version == SPConstants.SP_V12) {
- return SP12Constants.ENCRYPTION_TOKEN;
- } else {
- return SP11Constants.ENCRYPTION_TOKEN;
- }
-
+ return constants.getEncryptionToken();
}
public void serialize(XMLStreamWriter writer) throws XMLStreamException {
String localname = getName().getLocalPart();
String namespaceURI = getName().getNamespaceURI();
String prefix;
-
+
String writerPrefix = writer.getPrefix(namespaceURI);
-
+
if (writerPrefix == null) {
prefix = getName().getPrefix();
writer.setPrefix(prefix, namespaceURI);
} else {
prefix = writerPrefix;
}
-
+
// <sp:EncryptionToken>
writer.writeStartElement(prefix, localname, namespaceURI);
-
+
if (writerPrefix == null) {
// xmlns:sp=".."
writer.writeNamespace(prefix, namespaceURI);
}
-
-
+
String wspNamespaceURI = SPConstants.POLICY.getNamespaceURI();
-
+
String wspPrefix;
-
+
String wspWriterPrefix = writer.getPrefix(wspNamespaceURI);
-
+
if (wspWriterPrefix == null) {
wspPrefix = SPConstants.POLICY.getPrefix();
writer.setPrefix(wspPrefix, wspNamespaceURI);
-
+
} else {
wspPrefix = wspWriterPrefix;
}
-
+
// <wsp:Policy>
writer.writeStartElement(wspPrefix, SPConstants.POLICY.getLocalPart(), wspNamespaceURI);
-
+
if (wspWriterPrefix == null) {
// xmlns:wsp=".."
writer.writeNamespace(wspPrefix, wspNamespaceURI);
}
-
+
if (encryptionToken == null) {
throw new RuntimeException("EncryptionToken is not set");
}
-
+
encryptionToken.serialize(writer);
-
+
// </wsp:Policy>
writer.writeEndElement();
-
+
// </sp:EncryptionToken>
writer.writeEndElement();
}
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/Header.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/Header.java?rev=675332&r1=674910&r2=675332&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/Header.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/Header.java Wed Jul 9 13:11:45 2008
@@ -1,49 +1,54 @@
-/*
- * Copyright 2004,2005 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+ * http://www.apache.org/licenses/LICENSE-2.0
*
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
-
-package org.apache.ws.secpolicy.model;
+package org.apache.cxf.ws.security.policy.model;
public class Header {
private String name;
private String namespace;
-
+
/**
* @return Returns the name.
*/
public String getName() {
return name;
}
+
/**
* @param name The name to set.
*/
public void setName(String name) {
this.name = name;
}
+
/**
* @return Returns the namespace.
*/
public String getNamespace() {
return namespace;
}
+
/**
* @param namespace The namespace to set.
*/
public void setNamespace(String namespace) {
this.namespace = namespace;
}
-
+
}
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/HttpsToken.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/HttpsToken.java?rev=675332&r1=674910&r2=675332&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/HttpsToken.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/HttpsToken.java Wed Jul 9 13:11:45 2008
@@ -1,43 +1,42 @@
-/*
- * Copyright 2004,2005 The Apache Software Foundation.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
-
-package org.apache.ws.secpolicy.model;
+package org.apache.cxf.ws.security.policy.model;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamException;
import javax.xml.stream.XMLStreamWriter;
+import org.apache.cxf.ws.security.policy.SPConstants;
import org.apache.neethi.PolicyComponent;
-import org.apache.ws.secpolicy.SP11Constants;
-import org.apache.ws.secpolicy.SPConstants;
-import org.apache.ws.secpolicy.SP12Constants;
/**
- *
* @author Ruchith Fernando (ruchith.fernando@gmail.com)
*/
public class HttpsToken extends Token {
- public HttpsToken(int version){
- setVersion(version);
+ private boolean requireClientCertificate;
+ private boolean httpBasicAuthentication;
+ private boolean httpDigestAuthentication;
+
+ public HttpsToken(SPConstants version) {
+ super(version);
}
-
- private boolean requireClientCertificate = false;
- private boolean httpBasicAuthentication = false;
- private boolean httpDigestAuthentication = false;
public boolean isRequireClientCertificate() {
return requireClientCertificate;
@@ -46,45 +45,37 @@
public void setRequireClientCertificate(boolean requireClientCertificate) {
this.requireClientCertificate = requireClientCertificate;
}
-
+
/**
* @return the httpBasicAuthentication
*/
- public boolean isHttpBasicAuthentication()
- {
+ public boolean isHttpBasicAuthentication() {
return httpBasicAuthentication;
}
/**
* @param httpBasicAuthentication the httpBasicAuthentication to set
*/
- public void setHttpBasicAuthentication(boolean httpBasicAuthentication)
- {
+ public void setHttpBasicAuthentication(boolean httpBasicAuthentication) {
this.httpBasicAuthentication = httpBasicAuthentication;
}
/**
* @return the httpDigestAuthentication
*/
- public boolean isHttpDigestAuthentication()
- {
+ public boolean isHttpDigestAuthentication() {
return httpDigestAuthentication;
}
/**
* @param httpDigestAuthentication the httpDigestAuthentication to set
*/
- public void setHttpDigestAuthentication(boolean httpDigestAuthentication)
- {
+ public void setHttpDigestAuthentication(boolean httpDigestAuthentication) {
this.httpDigestAuthentication = httpDigestAuthentication;
}
public QName getName() {
- if (version == SPConstants.SP_V12) {
- return SP12Constants.HTTPS_TOKEN;
- } else {
- return SP11Constants.HTTPS_TOKEN;
- }
+ return constants.getHttpsToken();
}
public PolicyComponent normalize() {
@@ -105,28 +96,29 @@
// <sp:HttpsToken
writer.writeStartElement(prefix, localname, namespaceURI);
+ if (constants.getVersion() == SPConstants.Version.SP_V12) {
- if (version == SPConstants.SP_V12) {
-
- if (isRequireClientCertificate() ||
- isHttpBasicAuthentication() ||
- isHttpDigestAuthentication()) {
+ if (isRequireClientCertificate() || isHttpBasicAuthentication() || isHttpDigestAuthentication()) {
// <wsp:Policy>
- writer.writeStartElement(SPConstants.POLICY.getPrefix(), SPConstants.POLICY.getLocalPart(), SPConstants.POLICY.getNamespaceURI());
-
+ writer.writeStartElement(SPConstants.POLICY.getPrefix(), SPConstants.POLICY.getLocalPart(),
+ SPConstants.POLICY.getNamespaceURI());
+
/*
- * The ws policy 1.2 specification states that only one of those should be present, although
- * a web server (say tomcat) could be normally configured to require both a client certificate and
- * a http user/pwd authentication. Nevertheless stick to the specification.
+ * The ws policy 1.2 specification states that only one of those should be present, although a
+ * web server (say tomcat) could be normally configured to require both a client certificate
+ * and a http user/pwd authentication. Nevertheless stick to the specification.
*/
- if(isHttpBasicAuthentication()) {
- writer.writeStartElement(prefix, SPConstants.HTTP_BASIC_AUTHENTICATION.getLocalPart(), namespaceURI);
+ if (isHttpBasicAuthentication()) {
+ writer.writeStartElement(prefix, SPConstants.HTTP_BASIC_AUTHENTICATION.getLocalPart(),
+ namespaceURI);
writer.writeEndElement();
- } else if(isHttpDigestAuthentication()) {
- writer.writeStartElement(prefix, SPConstants.HTTP_DIGEST_AUTHENTICATION.getLocalPart(), namespaceURI);
+ } else if (isHttpDigestAuthentication()) {
+ writer.writeStartElement(prefix, SPConstants.HTTP_DIGEST_AUTHENTICATION.getLocalPart(),
+ namespaceURI);
writer.writeEndElement();
- } else if(isRequireClientCertificate()) {
- writer.writeStartElement(prefix, SPConstants.REQUIRE_CLIENT_CERTIFICATE.getLocalPart(), namespaceURI);
+ } else if (isRequireClientCertificate()) {
+ writer.writeStartElement(prefix, SPConstants.REQUIRE_CLIENT_CERTIFICATE.getLocalPart(),
+ namespaceURI);
writer.writeEndElement();
}
// </wsp:Policy>
@@ -135,7 +127,7 @@
} else {
// RequireClientCertificate=".."
writer.writeAttribute(SPConstants.REQUIRE_CLIENT_CERTIFICATE.getLocalPart(), Boolean
- .toString(isRequireClientCertificate()));
+ .toString(isRequireClientCertificate()));
}
writer.writeEndElement();
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/InitiatorToken.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/InitiatorToken.java?rev=675332&r1=674910&r2=675332&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/InitiatorToken.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/InitiatorToken.java Wed Jul 9 13:11:45 2008
@@ -1,36 +1,36 @@
-/*
- * Copyright 2004,2005 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+ * http://www.apache.org/licenses/LICENSE-2.0
*
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
*/
-
-package org.apache.ws.secpolicy.model;
+package org.apache.cxf.ws.security.policy.model;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamException;
import javax.xml.stream.XMLStreamWriter;
+import org.apache.cxf.ws.security.policy.SPConstants;
import org.apache.neethi.PolicyComponent;
-import org.apache.ws.secpolicy.SP11Constants;
-import org.apache.ws.secpolicy.SPConstants;
-import org.apache.ws.secpolicy.SP12Constants;
public class InitiatorToken extends AbstractSecurityAssertion implements TokenWrapper {
-
+
private Token initiatorToken;
-
- public InitiatorToken(int version) {
- setVersion(version);
+
+ public InitiatorToken(SPConstants version) {
+ super(version);
}
/**
@@ -50,14 +50,9 @@
public void setToken(Token tok) {
this.setInitiatorToken(tok);
}
-
+
public QName getName() {
- if (version == SPConstants.SP_V12) {
- return SP12Constants.INITIATOR_TOKEN;
- } else {
- return SP11Constants.INITIATOR_TOKEN;
- }
-
+ return constants.getInitiatorToken();
}
public PolicyComponent normalize() {
@@ -74,28 +69,29 @@
prefix = getName().getPrefix();
writer.setPrefix(prefix, namespaceURI);
}
-
+
// <sp:InitiatorToken>
writer.writeStartElement(prefix, localName, namespaceURI);
-
+
String pPrefix = writer.getPrefix(SPConstants.POLICY.getNamespaceURI());
if (pPrefix == null) {
pPrefix = SPConstants.POLICY.getPrefix();
writer.setPrefix(pPrefix, SPConstants.POLICY.getNamespaceURI());
}
-
+
// <wsp:Policy>
- writer.writeStartElement(pPrefix, SPConstants.POLICY.getLocalPart(), SPConstants.POLICY.getNamespaceURI());
+ writer.writeStartElement(pPrefix, SPConstants.POLICY.getLocalPart(), SPConstants.POLICY
+ .getNamespaceURI());
Token token = getInitiatorToken();
if (token == null) {
throw new RuntimeException("InitiatorToken doesn't contain any token assertions");
}
token.serialize(writer);
-
+
// </wsp:Policy>
writer.writeEndElement();
-
+
// </sp:InitiatorToken>
writer.writeEndElement();
}