Examples of InputProcessorChain

Examples of org.apache.xml.security.stax.ext.InputProcessorChain

71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
    @Override
    public XMLSecEvent processNextEvent(InputProcessorChain inputProcessorChain)
            throws XMLStreamException, XMLSecurityException {

        //buffer all events until the end of the security header
        final InputProcessorChain subInputProcessorChain = inputProcessorChain.createSubChain(this);
        final InternalSecurityHeaderBufferProcessor internalSecurityHeaderBufferProcessor
                = new InternalSecurityHeaderBufferProcessor(getSecurityProperties());
        subInputProcessorChain.addProcessor(internalSecurityHeaderBufferProcessor);

        boolean responsibleSecurityHeaderFound = false;
        boolean timestampFound = false;

        XMLSecEvent xmlSecEvent;
        do {
            subInputProcessorChain.reset();
            xmlSecEvent = subInputProcessorChain.processHeaderEvent();
            eventCount++;

            switch (xmlSecEvent.getEventType()) {
                case XMLStreamConstants.START_ELEMENT:
                    XMLSecStartElement xmlSecStartElement = xmlSecEvent.asStartElement();
                    int documentLevel = xmlSecStartElement.getDocumentLevel();

                    if (documentLevel == 1) {
                        if (WSSUtils.getSOAPMessageVersionNamespace(xmlSecStartElement) == null) {
                            throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY, "notASOAPMessage");
                        }
                    } else if (documentLevel == 3
                            && xmlSecStartElement.getName().equals(WSSConstants.TAG_wsse_Security)
                            && WSSUtils.isInSOAPHeader(xmlSecStartElement)) {

                        if (!WSSUtils.isResponsibleActorOrRole(xmlSecStartElement,
                                ((WSSSecurityProperties) getSecurityProperties()).getActor())) {
                            continue;
                        }
                        responsibleSecurityHeaderFound = true;

                    } else if (documentLevel == 4 && responsibleSecurityHeaderFound
                            && WSSUtils.isInSecurityHeader(xmlSecStartElement,
                            ((WSSSecurityProperties) getSecurityProperties()).getActor())) {
                        startIndexForProcessor = eventCount - 1;
                    }
                    break;
                case XMLStreamConstants.END_ELEMENT:
                    XMLSecEndElement xmlSecEndElement = xmlSecEvent.asEndElement();
                    documentLevel = xmlSecEndElement.getDocumentLevel();
                    if (documentLevel == 3 && responsibleSecurityHeaderFound
                            && xmlSecEndElement.getName().equals(WSSConstants.TAG_wsse_Security)) {

                        return finalizeHeaderProcessing(
                                inputProcessorChain, subInputProcessorChain,
                                internalSecurityHeaderBufferProcessor, xmlSecEventList);

                    } else if (documentLevel == 4 && responsibleSecurityHeaderFound
                            && WSSUtils.isInSecurityHeader(xmlSecEndElement,
                            ((WSSSecurityProperties) getSecurityProperties()).getActor())) {
                        //we are in the security header and the depth is +1, so every child
                        //element should have a responsible handler:
                        engageSecurityHeaderHandler(subInputProcessorChain, getSecurityProperties(),
                                xmlSecEventList, startIndexForProcessor, xmlSecEndElement.getName());
                       
                        // Check for multiple timestamps
                        if (xmlSecEndElement.getName().equals(WSSConstants.TAG_wsu_Timestamp)) {
                            if (timestampFound) {
                                WSInboundSecurityContext context =
                                    (WSInboundSecurityContext)subInputProcessorChain.getSecurityContext();
                                context.handleBSPRule(BSPRule.R3227);
                            }
                            timestampFound = true;
                        }
                    }
View Full Code Here

Examples of org.apache.xml.security.stax.ext.InputProcessorChain

136
137
138
139
140
141
142
143
144
145
146
147
148
149
                            new InternalReplayProcessor(getSecurityProperties(), xmlSecEventList);
                    internalReplayProcessor.addBeforeProcessor(XMLSignatureReferenceVerifyInputProcessor.class.getName());
                    inputProcessorChain.addProcessor(internalReplayProcessor);

                    //...and let the SignatureVerificationProcessor process the buffered events (enveloped signature).
                    InputProcessorChain subInputProcessorChain = inputProcessorChain.createSubChain(this);
                    while (!xmlSecEventList.isEmpty()) {
                        subInputProcessorChain.reset();
                        subInputProcessorChain.processEvent();
                    }
                }
                break;
        }
View Full Code Here

Examples of org.apache.xml.security.stax.ext.InputProcessorChain

70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
    @Override
    public XMLSecEvent processNextEvent(InputProcessorChain inputProcessorChain)
            throws XMLStreamException, XMLSecurityException {

        //buffer all events until the end of the security header
        final InputProcessorChain subInputProcessorChain = inputProcessorChain.createSubChain(this);
        final InternalSecurityHeaderBufferProcessor internalSecurityHeaderBufferProcessor
                = new InternalSecurityHeaderBufferProcessor(getSecurityProperties());
        subInputProcessorChain.addProcessor(internalSecurityHeaderBufferProcessor);

        boolean responsibleSecurityHeaderFound = false;
        boolean timestampFound = false;

        XMLSecEvent xmlSecEvent;
        do {
            subInputProcessorChain.reset();
            xmlSecEvent = subInputProcessorChain.processHeaderEvent();

            switch (xmlSecEvent.getEventType()) {
                case XMLStreamConstants.START_ELEMENT:
                    XMLSecStartElement xmlSecStartElement = xmlSecEvent.asStartElement();
                    int documentLevel = xmlSecStartElement.getDocumentLevel();

                    if (documentLevel == 1) {
                        if (WSSUtils.getSOAPMessageVersionNamespace(xmlSecStartElement) == null) {
                            throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY, "notASOAPMessage");
                        }
                    } else if (documentLevel == 3
                            && xmlSecStartElement.getName().equals(WSSConstants.TAG_wsse_Security)
                            && WSSUtils.isInSOAPHeader(xmlSecStartElement)) {

                        if (!WSSUtils.isResponsibleActorOrRole(xmlSecStartElement,
                                ((WSSSecurityProperties) getSecurityProperties()).getActor())) {
                            continue;
                        }
                        responsibleSecurityHeaderFound = true;

                    } else if (documentLevel == 4 && responsibleSecurityHeaderFound
                            && WSSUtils.isInSecurityHeader(xmlSecStartElement,
                            ((WSSSecurityProperties) getSecurityProperties()).getActor())) {
                        startIndexForProcessor = xmlSecEventList.size() - 1;

                        //special handling for EncryptedData in the SecurityHeader. This way, if for example
                        // a token was encrypted we have the possibility to decrypt it before so that we
                        // are able to engage the appropriate processor for the token.
                        if (WSSConstants.TAG_xenc_EncryptedData.equals(xmlSecStartElement.getName())) {
                            engageSecurityHeaderHandler(subInputProcessorChain, getSecurityProperties(),
                                    xmlSecEventList, startIndexForProcessor, xmlSecStartElement.getName());
                        }
                    } else if (documentLevel == 5 && responsibleSecurityHeaderFound
                            && WSSUtils.isInSecurityHeader(xmlSecStartElement,
                            ((WSSSecurityProperties) getSecurityProperties()).getActor())
                            && WSSConstants.TAG_xenc_EncryptedData.equals(xmlSecStartElement.getName())) {
                        startIndexForProcessor = xmlSecEventList.size() - 1;

                        // Same goes as per EncryptedData above. This is when a child of a security header
                        // element is encrypted (e.g. EncryptedAssertion)
                        engageSecurityHeaderHandler(subInputProcessorChain, getSecurityProperties(),
                                xmlSecEventList, startIndexForProcessor, xmlSecStartElement.getName());
                    }
                    break;
                case XMLStreamConstants.END_ELEMENT:
                    XMLSecEndElement xmlSecEndElement = xmlSecEvent.asEndElement();
                    documentLevel = xmlSecEndElement.getDocumentLevel();
                    if (documentLevel == 3 && responsibleSecurityHeaderFound
                            && xmlSecEndElement.getName().equals(WSSConstants.TAG_wsse_Security)) {

                        return finalizeHeaderProcessing(
                                inputProcessorChain, subInputProcessorChain,
                                internalSecurityHeaderBufferProcessor, xmlSecEventList);

                    } else if (documentLevel == 4 && responsibleSecurityHeaderFound
                            && WSSUtils.isInSecurityHeader(xmlSecEndElement,
                            ((WSSSecurityProperties) getSecurityProperties()).getActor())) {
                        //we are in the security header and the depth is +1, so every child
                        //element should have a responsible handler with the exception of an EncryptedData SecurityHeader
                        //which is already handled in the above StartElement logic (@see comment above).
                        if (!WSSConstants.TAG_xenc_EncryptedData.equals(xmlSecEndElement.getName())) {
                            engageSecurityHeaderHandler(subInputProcessorChain, getSecurityProperties(),
                                    xmlSecEventList, startIndexForProcessor, xmlSecEndElement.getName());
                        }
                       
                        // Check for multiple timestamps
                        if (xmlSecEndElement.getName().equals(WSSConstants.TAG_wsu_Timestamp)) {
                            if (timestampFound) {
                                WSInboundSecurityContext context =
                                    (WSInboundSecurityContext)subInputProcessorChain.getSecurityContext();
                                context.handleBSPRule(BSPRule.R3227);
                            }
                            timestampFound = true;
                        }
                    }
View Full Code Here

Examples of org.apache.xml.security.stax.ext.InputProcessorChain

70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
    @Override
    public XMLSecEvent processNextEvent(InputProcessorChain inputProcessorChain)
            throws XMLStreamException, XMLSecurityException {

        //buffer all events until the end of the security header
        final InputProcessorChain subInputProcessorChain = inputProcessorChain.createSubChain(this);
        final InternalSecurityHeaderBufferProcessor internalSecurityHeaderBufferProcessor
                = new InternalSecurityHeaderBufferProcessor(getSecurityProperties());
        subInputProcessorChain.addProcessor(internalSecurityHeaderBufferProcessor);

        boolean responsibleSecurityHeaderFound = false;
        boolean timestampFound = false;

        XMLSecEvent xmlSecEvent;
        do {
            subInputProcessorChain.reset();
            xmlSecEvent = subInputProcessorChain.processHeaderEvent();

            switch (xmlSecEvent.getEventType()) {
                case XMLStreamConstants.START_ELEMENT:
                    XMLSecStartElement xmlSecStartElement = xmlSecEvent.asStartElement();
                    int documentLevel = xmlSecStartElement.getDocumentLevel();

                    if (documentLevel == 1) {
                        if (WSSUtils.getSOAPMessageVersionNamespace(xmlSecStartElement) == null) {
                            throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY, "notASOAPMessage");
                        }
                    } else if (documentLevel == 3
                            && xmlSecStartElement.getName().equals(WSSConstants.TAG_wsse_Security)
                            && WSSUtils.isInSOAPHeader(xmlSecStartElement)) {

                        if (!WSSUtils.isResponsibleActorOrRole(xmlSecStartElement,
                                ((WSSSecurityProperties) getSecurityProperties()).getActor())) {
                            continue;
                        }
                        responsibleSecurityHeaderFound = true;

                    } else if (documentLevel == 4 && responsibleSecurityHeaderFound
                            && WSSUtils.isInSecurityHeader(xmlSecStartElement,
                            ((WSSSecurityProperties) getSecurityProperties()).getActor())) {
                        startIndexForProcessor = xmlSecEventList.size() - 1;

                        //special handling for EncryptedData in the SecurityHeader. This way, if for example
                        // a token was encrypted we have the possibility to decrypt it before so that we
                        // are able to engage the appropriate processor for the token.
                        if (WSSConstants.TAG_xenc_EncryptedData.equals(xmlSecStartElement.getName())) {
                            engageSecurityHeaderHandler(subInputProcessorChain, getSecurityProperties(),
                                    xmlSecEventList, startIndexForProcessor, xmlSecStartElement.getName());
                        }
                    }
                    break;
                case XMLStreamConstants.END_ELEMENT:
                    XMLSecEndElement xmlSecEndElement = xmlSecEvent.asEndElement();
                    documentLevel = xmlSecEndElement.getDocumentLevel();
                    if (documentLevel == 3 && responsibleSecurityHeaderFound
                            && xmlSecEndElement.getName().equals(WSSConstants.TAG_wsse_Security)) {

                        return finalizeHeaderProcessing(
                                inputProcessorChain, subInputProcessorChain,
                                internalSecurityHeaderBufferProcessor, xmlSecEventList);

                    } else if (documentLevel == 4 && responsibleSecurityHeaderFound
                            && WSSUtils.isInSecurityHeader(xmlSecEndElement,
                            ((WSSSecurityProperties) getSecurityProperties()).getActor())) {
                        //we are in the security header and the depth is +1, so every child
                        //element should have a responsible handler with the exception of an EncryptedData SecurityHeader
                        //which is already handled in the above StartElement logic (@see comment above).
                        if (!WSSConstants.TAG_xenc_EncryptedData.equals(xmlSecEndElement.getName())) {
                            engageSecurityHeaderHandler(subInputProcessorChain, getSecurityProperties(),
                                    xmlSecEventList, startIndexForProcessor, xmlSecEndElement.getName());
                        }
                       
                        // Check for multiple timestamps
                        if (xmlSecEndElement.getName().equals(WSSConstants.TAG_wsu_Timestamp)) {
                            if (timestampFound) {
                                WSInboundSecurityContext context =
                                    (WSInboundSecurityContext)subInputProcessorChain.getSecurityContext();
                                context.handleBSPRule(BSPRule.R3227);
                            }
                            timestampFound = true;
                        }
                    }
View Full Code Here

Examples of org.apache.xml.security.stax.ext.InputProcessorChain

62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
    @Override
    public XMLSecEvent processNextEvent(InputProcessorChain inputProcessorChain)
            throws XMLStreamException, XMLSecurityException {

        //buffer all events until the end of the required actions
        final InputProcessorChain subInputProcessorChain = inputProcessorChain.createSubChain(this);
        final InternalBufferProcessor internalBufferProcessor
                = new InternalBufferProcessor(getSecurityProperties());
        subInputProcessorChain.addProcessor(internalBufferProcessor);

        boolean signatureElementFound = false;

        XMLSecEvent xmlSecEvent;
        do {
            subInputProcessorChain.reset();
            xmlSecEvent = subInputProcessorChain.processHeaderEvent();
            eventCount++;

            switch (xmlSecEvent.getEventType()) {
                case XMLStreamConstants.START_ELEMENT:
                    final XMLSecStartElement xmlSecStartElement = xmlSecEvent.asStartElement();

                    if (xmlSecStartElement.getName().equals(XMLSecurityConstants.TAG_dsig_Signature)) {
                        signatureElementFound = true;
                        startIndexForProcessor = eventCount - 1;
                    } else if (xmlSecStartElement.getName().equals(XMLSecurityConstants.TAG_xenc_EncryptedData)) {
                        XMLDecryptInputProcessor inputProcessor = new XMLDecryptInputProcessor(getSecurityProperties());
                        subInputProcessorChain.addProcessor(inputProcessor);

                        subInputProcessorChain.removeProcessor(internalBufferProcessor);
                        InternalReplayProcessor internalReplayProcessor = new InternalReplayProcessor(getSecurityProperties());
                        internalReplayProcessor.setPhase(XMLSecurityConstants.Phase.PROCESSING);
                        internalReplayProcessor.getAfterProcessors().clear();
                        internalReplayProcessor.getBeforeProcessors().clear();
                        internalReplayProcessor.addAfterProcessor(XMLDecryptInputProcessor.class.getName());
                        subInputProcessorChain.addProcessor(internalReplayProcessor);

                        AbstractInputProcessor abstractInputProcessor = new AbstractInputProcessor(getSecurityProperties()) {
                            @Override
                            public XMLSecEvent processNextHeaderEvent(InputProcessorChain inputProcessorChain) throws XMLStreamException, XMLSecurityException {
                                return null;
                            }

                            @Override
                            public XMLSecEvent processNextEvent(InputProcessorChain inputProcessorChain) throws XMLStreamException, XMLSecurityException {
                                inputProcessorChain.removeProcessor(this);
                                return xmlSecStartElement;
                            }
                        };
                        abstractInputProcessor.setPhase(XMLSecurityConstants.Phase.PREPROCESSING);
                        abstractInputProcessor.addBeforeProcessor(XMLSecurityInputProcessor.class.getName());
                        abstractInputProcessor.addAfterProcessor(XMLEventReaderInputProcessor.class.getName());
                        subInputProcessorChain.addProcessor(abstractInputProcessor);

                        //remove this processor from chain now. the next events will go directly to the other processors
                        subInputProcessorChain.removeProcessor(this);
                        //since we cloned the inputProcessor list we have to add the processors from
                        //the subChain to the main chain.
                        inputProcessorChain.getProcessors().clear();
                        inputProcessorChain.getProcessors().addAll(subInputProcessorChain.getProcessors());

                        //remove the last event which will be emitted in the temporary processor above:
                        xmlSecEventList.pollFirst();
                        //return first event now;
                        return xmlSecEventList.pollLast();
                    }
                    break;
                case XMLStreamConstants.END_ELEMENT:
                    XMLSecEndElement xmlSecEndElement = xmlSecEvent.asEndElement();
                    // Handle the signature
                    if (signatureElementFound
                            && xmlSecEndElement.getName().equals(XMLSecurityConstants.TAG_dsig_Signature)) {
                            XMLSignatureInputHandler inputHandler = new XMLSignatureInputHandler();
                            inputHandler.handle(subInputProcessorChain, getSecurityProperties(),
                                                xmlSecEventList, startIndexForProcessor);

                        subInputProcessorChain.removeProcessor(internalBufferProcessor);
                        subInputProcessorChain.addProcessor(
                                new InternalReplayProcessor(getSecurityProperties()));

                        //remove this processor from chain now. the next events will go directly to the other processors
                        subInputProcessorChain.removeProcessor(this);
                        //since we cloned the inputProcessor list we have to add the processors from
                        //the subChain to the main chain.
                        inputProcessorChain.getProcessors().clear();
                        inputProcessorChain.getProcessors().addAll(subInputProcessorChain.getProcessors());

                        //return first event now;
                        return xmlSecEventList.pollLast();
                    }
                    break;
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.