All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.apache.wss4j.dom.message.WSSecBase Maven / Gradle / Ivy

There is a newer version: 3.0.4
Show newest version
/**
 * Licensed to the Apache Software Foundation (ASF) under one
 * or more contributor license agreements. See the NOTICE file
 * distributed with this work for additional information
 * regarding copyright ownership. The ASF licenses this file
 * to you under the Apache License, Version 2.0 (the
 * "License"); you may not use this file except in compliance
 * with the License. You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing,
 * software distributed under the License is distributed on an
 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 * KIND, either express or implied. See the License for the
 * specific language governing permissions and limitations
 * under the License.
 */

package org.apache.wss4j.dom.message;

import org.apache.wss4j.common.WSEncryptionPart;
import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.WSDocInfo;
import org.apache.wss4j.dom.WsuIdAllocator;
import org.apache.wss4j.dom.callback.CallbackLookup;
import org.apache.wss4j.dom.callback.DOMCallbackLookup;
import org.apache.wss4j.dom.engine.WSSConfig;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

import javax.security.auth.callback.CallbackHandler;

import java.util.ArrayList;
import java.util.List;

/**
 * This is the base class for WS Security messages. It provides common functions
 * and fields used by the specific message classes such as sign, encrypt, and
 * username token.
 */
public class WSSecBase {
    protected String user;
    protected String password;
    protected int keyIdentifierType = WSConstants.ISSUER_SERIAL;
    protected CallbackLookup callbackLookup;
    protected CallbackHandler attachmentCallbackHandler;
    protected boolean storeBytesInAttachment;
    protected boolean expandXopInclude;
    protected boolean addWSUNamespace;

    private WsuIdAllocator idAllocator;
    private final List parts = new ArrayList<>();
    private final WSSecHeader securityHeader;
    private final Document doc;
    private WSDocInfo wsDocInfo;

    public WSSecBase(WSSecHeader securityHeader) {
        this.securityHeader = securityHeader;
        if (securityHeader != null && securityHeader.getSecurityHeaderElement() != null) {
            doc = securityHeader.getSecurityHeaderElement().getOwnerDocument();
        } else {
            doc = null;
        }

        // Explicitly add the WSU Namespace if we already have a different prefix
        addWSUNamespace = securityHeader.getWsuPrefix() != null && !WSConstants.WSU_PREFIX.equals(securityHeader.getWsuPrefix());
    }

    public WSSecBase(Document doc) {
        this.doc = doc;
        securityHeader = new WSSecHeader(doc);
    }

    protected Document getDocument() {
        return doc;
    }

    public WSSecHeader getSecurityHeader() {
        return securityHeader;
    }

    /**
     * @param callbackLookup The CallbackLookup object to retrieve elements
     */
    public void setCallbackLookup(CallbackLookup callbackLookup) {
        this.callbackLookup = callbackLookup;
    }

    /**
     * Get which parts of the message to encrypt/sign.
     */
    public List getParts() {
        return parts;
    }

    /**
     * Sets which key identifier to use.
     *
     * 

* * Defines the key identifier type to * use in the {@link WSSecSignature#prepare(Document, Crypto, WSSecHeader) method} or * the {@link WSSecEncrypt#prepare(Document, Crypto) method} function to * set up the key identification elements. * * @param keyIdType * @see WSConstants#ISSUER_SERIAL * @see WSConstants#BST_DIRECT_REFERENCE * @see WSConstants#X509_KEY_IDENTIFIER * @see WSConstants#THUMBPRINT_IDENTIFIER * @see WSConstants#SKI_KEY_IDENTIFIER * @see WSConstants#KEY_VALUE */ public void setKeyIdentifierType(int keyIdType) { keyIdentifierType = keyIdType; } /** * Gets the value of the keyIdentifierType. * * @return The keyIdentifyerType. * @see WSConstants#ISSUER_SERIAL * @see WSConstants#BST_DIRECT_REFERENCE * @see WSConstants#X509_KEY_IDENTIFIER * @see WSConstants#SKI_KEY_IDENTIFIER */ public int getKeyIdentifierType() { return keyIdentifierType; } public void setAttachmentCallbackHandler(CallbackHandler attachmentCallbackHandler) { this.attachmentCallbackHandler = attachmentCallbackHandler; } public void setStoreBytesInAttachment(boolean storeBytesInAttachment) { this.storeBytesInAttachment = storeBytesInAttachment; } /** * Looks up or adds a body id.

First try to locate the * wsu:Id in the SOAP body element. If one is found, the * value of the wsu:Id attribute is returned. Otherwise the * method generates a new wsu:Id and an appropriate value. * * @param doc The SOAP envelope as Document * @return The value of the wsu:Id attribute of the SOAP body * @throws Exception */ protected String setBodyID(Document doc) throws Exception { if (callbackLookup == null) { callbackLookup = new DOMCallbackLookup(doc); } Element bodyElement = callbackLookup.getSOAPBody(); if (bodyElement == null) { throw new Exception("SOAP Body Element node not found"); } return setWsuId(bodyElement); } protected String setWsuId(Element bodyElement) { String id = bodyElement.getAttributeNS(WSConstants.WSU_NS, "Id"); String newAttrNs = WSConstants.WSU_NS; String newAttrPrefix = WSConstants.WSU_PREFIX; if (id == null || id.length() == 0) { if (WSConstants.ENC_NS.equals(bodyElement.getNamespaceURI()) && (WSConstants.ENC_DATA_LN.equals(bodyElement.getLocalName()) || WSConstants.ENC_KEY_LN.equals(bodyElement.getLocalName())) ) { // If it is an XML-Enc derived element, it may already have an ID, // plus it is not schema valid to add an additional ID. id = bodyElement.getAttributeNS(null, "Id"); newAttrPrefix = WSConstants.ENC_PREFIX; newAttrNs = WSConstants.ENC_NS; } else if (WSConstants.SAML_NS.equals(bodyElement.getNamespaceURI()) && "Assertion".equals(bodyElement.getLocalName())) { id = bodyElement.getAttributeNS(null, "AssertionID"); } else if (WSConstants.SAML2_NS.equals(bodyElement.getNamespaceURI()) && "Assertion".equals(bodyElement.getLocalName())) { id = bodyElement.getAttributeNS(null, "ID"); } else if (WSConstants.SIG_NS.equals(bodyElement.getNamespaceURI()) && "KeyInfo".equals(bodyElement.getLocalName())) { id = bodyElement.getAttributeNS(null, "Id"); } } if (id == null || id.length() == 0) { id = getIdAllocator().createId("id-", bodyElement); String prefix = XMLUtils.setNamespace(bodyElement, newAttrNs, newAttrPrefix); bodyElement.setAttributeNS(newAttrNs, prefix + ":Id", id); } return id; } /** * Set the user and password info. * * Both information is used to get the user's private signing key. * * @param user * This is the user's alias name in the keystore that identifies * the private key to sign the document * @param password * The user's password to get the private signing key from the * keystore */ public void setUserInfo(String user, String password) { this.user = user; this.password = password; } public WsuIdAllocator getIdAllocator() { if (idAllocator != null) { return idAllocator; } return WSSConfig.DEFAULT_ID_ALLOCATOR; } public void setIdAllocator(WsuIdAllocator idAllocator) { this.idAllocator = idAllocator; } public boolean isExpandXopInclude() { return expandXopInclude; } public void setExpandXopInclude(boolean expandXopInclude) { this.expandXopInclude = expandXopInclude; } public WSDocInfo getWsDocInfo() { return wsDocInfo; } public void setWsDocInfo(WSDocInfo wsDocInfo) { this.wsDocInfo = wsDocInfo; } }





© 2015 - 2024 Weber Informatics LLC | Privacy Policy