Package org.apache.cxf.ws.security.wss4j.policyhandlers

Class AbstractBindingBuilder

    • Method Detail

      • insertAfter

        protected void insertAfter​(Element child,
                           Element sib)

      • addDerivedKeyElement

        protected void addDerivedKeyElement​(Element el)

      • addEncryptedKeyElement

        protected void addEncryptedKeyElement​(Element el)

      • addSupportingElement

        protected void addSupportingElement​(Element el)

      • insertBeforeBottomUp

        protected void insertBeforeBottomUp​(Element el)

      • addTopDownElement

        protected void addTopDownElement​(Element el)

      • reshuffleTimestamp

        protected void reshuffleTimestamp()

      • handleUsernameTokenSupportingToken

        protected void handleUsernameTokenSupportingToken​(UsernameToken token,
                                                  boolean endorse,
                                                  boolean encryptedToken,
                                                  List<org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.SupportingToken> ret)
                                           throws WSSecurityException
        Throws:
        WSSecurityException

      • addSignatureParts

        protected void addSignatureParts​(List<org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.SupportingToken> tokenList,
                                 List<WSEncryptionPart> sigParts)

      • findIDFromSamlToken

        protected String findIDFromSamlToken​(Element samlToken)

      • getPassword

        protected String getPassword​(String userName,
                             org.apache.neethi.Assertion info,
                             int usage)

      • addWsuIdToElement

        public String addWsuIdToElement​(Element element)
        Generates a wsu:Id attribute for the provided Element and returns the attribute value or finds and returns the value of the attribute if it already exists.
        Parameters:
        element - the Element to check/create the attribute on
        Returns:
        the generated or discovered wsu:Id attribute value

      • getPartsAndElements

        public List<WSEncryptionPart> getPartsAndElements​(boolean sign,
                                                  boolean includeBody,
                                                  List<WSEncryptionPart> parts,
                                                  List<XPath> xpaths,
                                                  List<XPath> contentXpaths)
                                           throws SOAPException
        Identifies the portions of the message to be signed/encrypted.
        Parameters:
        sign - whether the matches are to be signed or encrypted
        includeBody - if the body should be included in the signature/encryption
        parts - any WSEncryptionParts to match for signature or encryption as specified by WS-SP signed parts or encrypted parts. Parts without a name match all elements with the provided namespace.
        xpaths - any XPath expressions to sign/encrypt matches
        contentXpaths - any XPath expressions to content encrypt
        Returns:
        a configured list of WSEncryptionParts suitable for processing by WSS4J
        Throws:
        SOAPException - if there is an error extracting SOAP content from the SAAJ model

      • getParts

        protected List<WSEncryptionPart> getParts​(boolean sign,
                                          boolean includeBody,
                                          List<WSEncryptionPart> parts,
                                          List<Element> found)
                                   throws SOAPException
        Identifies the portions of the message to be signed/encrypted.
        Parameters:
        sign - whether the matches are to be signed or encrypted
        includeBody - if the body should be included in the signature/encryption
        parts - any WSEncryptionParts to match for signature or encryption as specified by WS-SP signed parts or encrypted parts. Parts without a name match all elements with the provided namespace.
        found - a list of elements that have previously been tagged for signing/encryption. Populated with additional matches found by this method and used to prevent including the same element twice under the same operation.
        Returns:
        a configured list of WSEncryptionParts suitable for processing by WSS4J
        Throws:
        SOAPException - if there is an error extracting SOAP content from the SAAJ model

      • getElements

        protected List<WSEncryptionPart> getElements​(String encryptionModifier,
                                             List<XPath> xpaths,
                                             List<Element> found,
                                             boolean forceId)
                                      throws SOAPException
        Identifies the portions of the message to be signed/encrypted.
        Parameters:
        encryptionModifier - indicates the scope of the crypto operation over matched elements. Either "Content" or "Element".
        xpaths - any XPath expressions to sign/encrypt matches
        found - a list of elements that have previously been tagged for signing/encryption. Populated with additional matches found by this method and used to prevent including the same element twice under the same operation.
        forceId - force adding a wsu:Id onto the elements. Recommended for signatures.
        Returns:
        a configured list of WSEncryptionParts suitable for processing by WSS4J
        Throws:
        SOAPException - if there is an error extracting SOAP content from the SAAJ model

      • getUsername

        public static String getUsername​(List<WSHandlerResult> results)
        Scan through WSHandlerResult list for a Username token and return the username if a Username Token found
        Parameters:
        results -
        Returns:

      • doEndorsedSignatures

        protected void doEndorsedSignatures​(List<org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.SupportingToken> tokenList,
                                    boolean isTokenProtection,
                                    boolean isSigProtect)

      • doEndorse

        protected void doEndorse()

      • addSignatureConfirmation

        protected void addSignatureConfirmation​(List<WSEncryptionPart> sigParts)

      • handleEncryptedSignedHeaders

        public void handleEncryptedSignedHeaders​(List<WSEncryptionPart> encryptedParts,
                                         List<WSEncryptionPart> signedParts)
        Processes the parts to be signed and reconfigures those parts that have already been encrypted.
        Parameters:
        encryptedParts - the parts that have been encrypted
        signedParts - the parts that are to be signed
        Throws:
        IllegalArgumentException - if an element in signedParts contains a WSEncryptionPart with a null id value and the WSEncryptionPart name value is not "Token"

      • convertToEncryptionPart

        public WSEncryptionPart convertToEncryptionPart​(Element element)
        Convert a DOM Element into a WSEncryptionPart, adding a (wsu:)Id if there is not one already.
        Parameters:
        element - The DOM Element to convert
        Returns:
        The WSEncryptionPart representing the DOM Element argument

      • addSig

        protected void addSig​(byte[] val)

      • isExpandXopInclude

        public boolean isExpandXopInclude()