Examples of BSPEnforcer

• org.apache.wss4j.dom.bsp.BSPEnforcer
  An class that enforces Basic Security Profile Rules

Examples of org.apache.wss4j.dom.bsp.BSPEnforcer

        UsernameToken receivedToken =
            (UsernameToken) actionResult.get(WSSecurityEngineResult.TAG_USERNAME_TOKEN);
        assertTrue(receivedToken != null);

        UsernameToken clone =
            new UsernameToken(receivedToken.getElement(), false, new BSPEnforcer());
        assertTrue(clone.equals(receivedToken));
        assertTrue(clone.hashCode() == receivedToken.hashCode());
    }

Examples of org.apache.wss4j.dom.bsp.BSPEnforcer

        return Collections.unmodifiableList(ignoredBSPRules);
    }

    public BSPEnforcer getBSPEnforcer() {
        if (disableBSPEnforcement) {
            return new BSPEnforcer(true);
        }
        return new BSPEnforcer(ignoredBSPRules);
    }

Examples of org.apache.wss4j.dom.bsp.BSPEnforcer

    public X509Certificate[] getKeyIdentifier(Crypto crypto) throws WSSecurityException {
        Element elem = getFirstElement();
        String value = elem.getAttributeNS(null, "ValueType");

        if (X509Security.X509_V3_TYPE.equals(value)) {
            X509Security token = new X509Security(elem, new BSPEnforcer(true));
            X509Certificate cert = token.getX509Certificate(crypto);
            return new X509Certificate[]{cert};
        } else if (SKI_URI.equals(value)) {
            X509Certificate cert = getX509SKIAlias(crypto);
            if (cert != null) {

Examples of org.apache.wss4j.dom.bsp.BSPEnforcer

        ns = ConversationConstants.getWSCNs(version);
        element =
            doc.createElementNS(ns, "wsc:" + ConversationConstants.DERIVED_KEY_TOKEN_LN);
        WSSecurityUtil.setNamespace(element, ns, ConversationConstants.WSC_PREFIX);
        bspEnforcer = new BSPEnforcer();
    }

Examples of org.apache.wss4j.dom.bsp.BSPEnforcer

        WSSecHeader secHeader = new WSSecHeader();
        secHeader.insertSecurityHeader(doc);
        builder.build(doc, secHeader);

        try {
            new UsernameToken(doc.getDocumentElement(), false, new BSPEnforcer());
            fail("Failure expected on an invalid security token");
        } catch (WSSecurityException ex) {
            assertTrue(ex.getErrorCode() == WSSecurityException.ErrorCode.INVALID_SECURITY_TOKEN);
            assertEquals("Bad element, expected \"{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken\" while got \"{http://schemas.xmlsoap.org/soap/envelope/}Envelope\"", ex.getMessage());
            QName faultCode = new QName(WSConstants.WSSE_NS, "InvalidSecurityToken");

Examples of org.apache.wss4j.dom.bsp.BSPEnforcer

            ref = secTok.getUnattachedReference();
        }

        if (ref != null) {
            SecurityTokenReference secRef =
                new SecurityTokenReference(cloneElement(ref), new BSPEnforcer());
            sig.setSecurityTokenReference(secRef);
            sig.setKeyIdentifierType(WSConstants.CUSTOM_KEY_IDENTIFIER);
        } else if (token instanceof UsernameToken) {
            sig.setCustomTokenId(secTok.getId());
            sig.setCustomTokenValueType(WSConstants.WSS_USERNAME_TOKEN_VALUE_TYPE);

Examples of org.apache.wss4j.dom.bsp.BSPEnforcer

        if ("SecurityContextToken".equals(childElement.getLocalName())) {
            SecurityContextToken sct = new SecurityContextToken(childElement);
            uri = sct.getIdentifier();
        } else {
            SecurityTokenReference ref =
                new SecurityTokenReference(childElement, new BSPEnforcer());
            uri = ref.getReference().getURI();
        }
        TokenStore store = (TokenStore)exchange.get(Endpoint.class).getEndpointInfo()
                .getProperty(TokenStore.class.getName());
        return store.getToken(uri);

Examples of org.apache.wss4j.dom.bsp.BSPEnforcer

                ref = securityToken.getUnattachedReference();
            }

            if (ref != null) {
                SecurityTokenReference secRef =
                    new SecurityTokenReference(cloneElement(ref), new BSPEnforcer());
                sig.setSecurityTokenReference(secRef);
                sig.setKeyIdentifierType(WSConstants.CUSTOM_KEY_IDENTIFIER);
            } else {
                int type = attached ? WSConstants.CUSTOM_SYMM_SIGNING
                    : WSConstants.CUSTOM_SYMM_SIGNING_DIRECT;

Examples of org.apache.wss4j.dom.bsp.BSPEnforcer

        try {
            boolean allowNamespaceQualifiedPasswordTypes =
                wssConfig.getAllowNamespaceQualifiedPasswordTypes();
            UsernameToken ut =
                new UsernameToken(usernameTokenElement, allowNamespaceQualifiedPasswordTypes,
                                  new BSPEnforcer());
            // The parsed principal is set independent whether validation is successful or not
            response.setPrincipal(new CustomTokenPrincipal(ut.getName()));
            if (ut.getPassword() == null) {
                return response;
            }

Examples of org.apache.wss4j.dom.bsp.BSPEnforcer

                        }

                        String tokenType = encrTok.getTokenType();
                        if (ref != null) {
                            SecurityTokenReference secRef =
                                new SecurityTokenReference(cloneElement(ref), new BSPEnforcer());
                            encr.setSecurityTokenReference(secRef);
                        } else if (WSConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType)
                            || WSConstants.SAML_NS.equals(tokenType)) {
                            encr.setCustomReferenceValue(WSConstants.WSS_SAML_KI_VALUE_TYPE);
                            encr.setKeyIdentifierType(WSConstants.CUSTOM_KEY_IDENTIFIER);