Package org.apache.ws.secpolicy.model

Examples of org.apache.ws.secpolicy.model.IssuedToken

34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
public class IssuedTokenBuilder implements AssertionBuilder {

    public Assertion build(OMElement element, AssertionBuilderFactory factory)
            throws IllegalArgumentException {
        IssuedToken issuedToken = new IssuedToken(SPConstants.SP_V12);

        OMAttribute  includeAttr = element.getAttribute(SP12Constants.INCLUDE_TOKEN);
        if(includeAttr != null) {
            int inclusion = SP12Constants.getInclusionFromAttributeValue(includeAttr.getAttributeValue());
            issuedToken.setInclusion(inclusion);
        }
        // Extract Issuer
        OMElement issuerElem = element.getFirstChildWithName(SP12Constants.ISSUER);
      
        if(issuerElem != null) {
            OMElement issuerEpr = issuerElem.getFirstChildWithName(new QName(AddressingConstants.Final.WSA_NAMESPACE,"Address"));
           
            //try the other addressing namespace
            if (issuerEpr == null) {
                issuerEpr = issuerElem.getFirstChildWithName(new QName(AddressingConstants.Submission.WSA_NAMESPACE,"Address"));
            }
           
            issuedToken.setIssuerEpr(issuerEpr);
        }
       
        //TODO check why this returns an Address element
        //iter = issuerElem.getChildrenWithLocalName("Metadata");
       
        if (issuerElem != null ) {
            OMElement issuerMex = issuerElem.getFirstChildWithName(new QName(AddressingConstants.Final.WSA_NAMESPACE,"Metadata"));
           
          //try the other addressing namespace
            if (issuerMex == null) {
                issuerMex = issuerElem.getFirstChildWithName(new QName(AddressingConstants.Submission.WSA_NAMESPACE,"Metadata"));
            }
                       
            issuedToken.setIssuerMex(issuerMex);
        }

        // Extract RSTTemplate
        OMElement rstTmplElem = element.getFirstChildWithName(SP12Constants.REQUEST_SECURITY_TOKEN_TEMPLATE);
        if (rstTmplElem != null) {
            issuedToken.setRstTemplate(rstTmplElem);
        }

        OMElement policyElement = element.getFirstChildWithName(org.apache.neethi.Constants.Q_ELEM_POLICY);

        if (policyElement != null) {
View Full Code Here
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
public class IssuedTokenBuilder implements AssertionBuilder {

    public Assertion build(OMElement element, AssertionBuilderFactory factory)
            throws IllegalArgumentException {
        IssuedToken issuedToken = new IssuedToken(SPConstants.SP_V11);

        OMAttribute  includeAttr = element.getAttribute(SP11Constants.INCLUDE_TOKEN);
        if(includeAttr != null) {
            issuedToken.setInclusion(SP11Constants.getInclusionFromAttributeValue(includeAttr.getAttributeValue()));
        }
        // Extract Issuer
        OMElement issuerElem = element.getFirstChildWithName(SP11Constants.ISSUER);
        if(issuerElem != null) {
            OMElement issuerEpr = issuerElem.getFirstChildWithName(new QName(AddressingConstants.Final.WSA_NAMESPACE,"Address"));
           
            //try the other addressing namespace
            if (issuerEpr == null) {
                issuerEpr = issuerElem.getFirstChildWithName(new QName(AddressingConstants.Submission.WSA_NAMESPACE,"Address"));
            }
           
            issuedToken.setIssuerEpr(issuerEpr);
        }
       
        //TODO check why this returns an Address element
        //iter = issuerElem.getChildrenWithLocalName("Metadata");
       
        if (issuerElem != null ) {
            OMElement issuerMex = issuerElem.getFirstChildWithName(new QName(AddressingConstants.Final.WSA_NAMESPACE,"Metadata"));
           
          //try the other addressing namespace
            if (issuerMex == null) {
                issuerMex = issuerElem.getFirstChildWithName(new QName(AddressingConstants.Submission.WSA_NAMESPACE,"Metadata"));
            }
                       
            issuedToken.setIssuerMex(issuerMex);
        }
       

        // Extract RSTTemplate
        OMElement rstTmplElem = element.getFirstChildWithName(SP11Constants.REQUEST_SECURITY_TOKEN_TEMPLATE);
        if (rstTmplElem != null) {
            issuedToken.setRstTemplate(rstTmplElem);
        }

        OMElement policyElement = element.getFirstChildWithName(org.apache.neethi.Constants.Q_ELEM_POLICY);

        if (policyElement != null) {
View Full Code Here
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
            if(sigTok instanceof IssuedToken) {
                log.debug("SignatureToken is an IssuedToken");
                if(rmd.getIssuedSignatureTokenId() == null) {
                    log.debug("No Issuedtoken found, requesting a new token");

                    IssuedToken issuedToken = (IssuedToken)sigTok;
                   
                    String id = RampartUtil.getIssuedToken(rmd,
                            issuedToken);
                    rmd.setIssuedSignatureTokenId(id);
                   
                }
               
            } else if(sigTok instanceof SecureConversationToken) {

                log.debug("SignatureToken is a SecureConversationToken");

                //TODO check for an existing token and use it
               
                String secConvTokenId = rmd.getSecConvTokenId();
               
                //The RSTR has to be secured with the cancelled token
                String action = msgContext.getOptions().getAction();
                boolean cancelReqResp = action.equals(RahasConstants.WST_NS_05_02 + RahasConstants.RSTR_ACTION_CANCEL_SCT) ||
                                           action.equals(RahasConstants.WST_NS_05_02 + RahasConstants.RSTR_ACTION_CANCEL_SCT) ||
                                           action.equals(RahasConstants.WST_NS_05_02 + RahasConstants.RST_ACTION_CANCEL_SCT) ||
                                           action.equals(RahasConstants.WST_NS_05_02 + RahasConstants.RST_ACTION_CANCEL_SCT);
               
                //In the case of the cancel req or resp we should mark the token as cancelled
                if(secConvTokenId != null && cancelReqResp) {
                    try {
                        rmd.getTokenStorage().getToken(secConvTokenId).setState(org.apache.rahas.Token.CANCELLED);
                        msgContext.setProperty(RampartMessageData.SCT_ID, secConvTokenId);
                       
                        //remove from the local map of contexts
                        String contextIdentifierKey = RampartUtil.getContextIdentifierKey(msgContext);
                        RampartUtil.getContextMap(msgContext).remove(contextIdentifierKey);
                    } catch (TrustException e) {
                        throw new RampartException("errorExtractingToken");
                    }
                }

                if (secConvTokenId == null
                    || (secConvTokenId != null &&
                        (!RampartUtil.isTokenValid(rmd, secConvTokenId) && !cancelReqResp))) {

                    log.debug("No SecureConversationToken found, requesting a new token");

                    SecureConversationToken secConvTok =
                                        (SecureConversationToken) sigTok;
                   
                    try {

                        String id = RampartUtil.getSecConvToken(rmd, secConvTok);
                        rmd.setSecConvTokenId(id);
                       
                    } catch (TrustException e) {
                        throw new RampartException("errorInObtainingSct", e);
                    }
                }
            }
           
            //If it was the ProtectionToken assertion then sigTok is the
            //same as encrTok
            if(sigTok.equals(encrTok) && sigTok instanceof IssuedToken) {

                log.debug("Symmetric binding uses a ProtectionToken, both" +
                            " SignatureToken and EncryptionToken are the same");

                rmd.setIssuedEncryptionTokenId(rmd.getIssuedEncryptionTokenId());
            } else {
                //Now we'll have to obtain the encryption token as well :-)
                //ASSUMPTION: SecureConversationToken is used as a
                //ProtectionToken therefore we only have to process a issued
                //token here

                log.debug("Obtaining the Encryption Token");

                if(rmd.getIssuedEncryptionTokenId() != null) {

                    log.debug("EncrytionToken not alredy set");

                    IssuedToken issuedToken = (IssuedToken)encrTok;
                       
                    String id = RampartUtil.getIssuedToken(rmd,
                            issuedToken);
                    rmd.setIssuedEncryptionTokenId(id);
View Full Code Here
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
                log.debug("SignatureToken is an IssuedToken");
               
                if(rmd.getIssuedSignatureTokenId() == null) {
                    log.debug("No Issuedtoken found, requesting a new token");
                   
                    IssuedToken issuedToken = (IssuedToken)sigTok;
                   
                    String id = RampartUtil.getIssuedToken(rmd,
                            issuedToken);
                    rmd.setIssuedSignatureTokenId(id);
                   
                   
                }
               
            } else if(sigTok instanceof SecureConversationToken) {
               
                log.debug("SignatureToken is a SecureConversationToken");
               
                //TODO check for an existing token and use it
               
                String secConvTokenId = rmd.getSecConvTokenId();
               
                //The RSTR has to be secured with the cancelled token
                String action = msgContext.getOptions().getAction();
                boolean cancelReqResp = action.equals(RahasConstants.WST_NS_05_02 + RahasConstants.RSTR_ACTION_CANCEL_SCT) ||
                                           action.equals(RahasConstants.WST_NS_05_02 + RahasConstants.RSTR_ACTION_CANCEL_SCT) ||
                                           action.equals(RahasConstants.WST_NS_05_02 + RahasConstants.RST_ACTION_CANCEL_SCT) ||
                                           action.equals(RahasConstants.WST_NS_05_02 + RahasConstants.RST_ACTION_CANCEL_SCT);
               
                //In the case of the cancel req or resp we should mark the token as cancelled
                if(secConvTokenId != null && cancelReqResp) {
                    try {
                        rmd.getTokenStorage().getToken(secConvTokenId).setState(org.apache.rahas.Token.CANCELLED);
                        msgContext.setProperty(RampartMessageData.SCT_ID, secConvTokenId);
                       
                        //remove from the local map of contexts
                        String contextIdentifierKey = RampartUtil.getContextIdentifierKey(msgContext);
                        RampartUtil.getContextMap(msgContext).remove(contextIdentifierKey);
                    } catch (TrustException e) {
                        throw new RampartException("errorExtractingToken");
                    }
                }
               
                if (secConvTokenId == null
                        || (secConvTokenId != null &&
                                (!RampartUtil.isTokenValid(rmd, secConvTokenId) && !cancelReqResp))) {
               
                    log.debug("No SecureConversationToken found, " +
                            "requesting a new token");
                   
                    SecureConversationToken secConvTok =
                                        (SecureConversationToken) sigTok;
                   
                    try {

                        String id = RampartUtil.getSecConvToken(rmd, secConvTok);
                        rmd.setSecConvTokenId(id);
                       
                    } catch (TrustException e) {
                        throw new RampartException("errorInObtainingSct", e);
                    }
                }
            }
           
            //If it was the ProtectionToken assertion then sigTok is the
            //same as encrTok
            if(sigTok.equals(encrTok) && sigTok instanceof IssuedToken) {
               
                log.debug("Symmetric binding uses a ProtectionToken, both" +
                        " SignatureToken and EncryptionToken are the same");
               
                rmd.setIssuedEncryptionTokenId(rmd.getIssuedEncryptionTokenId());
            } else {
                //Now we'll have to obtain the encryption token as well :-)
                //ASSUMPTION: SecureConversationToken is used as a
                //ProtectionToken therfore we only have to process a issued
                //token here
               
                log.debug("Obtaining the Encryption Token");
                if(rmd.getIssuedEncryptionTokenId() != null) {
                   
                    log.debug("EncrytionToken not alredy set");

                    IssuedToken issuedToken = (IssuedToken)encrTok;
                       
                    String id = RampartUtil.getIssuedToken(rmd,
                            issuedToken);
                    rmd.setIssuedEncryptionTokenId(id);
View Full Code Here
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
public class IssuedTokenBuilder implements AssertionBuilder {

    public Assertion build(OMElement element, AssertionBuilderFactory factory)
            throws IllegalArgumentException {
        IssuedToken issuedToken = new IssuedToken();

        OMAttribute  includeAttr = element.getAttribute(Constants.INCLUDE_TOKEN);
        if(includeAttr != null) {
            issuedToken.setInclusion(includeAttr.getAttributeValue());
        }
        // Extract Issuer
        OMElement issuerElem = element.getFirstChildWithName(Constants.ISSUER);
        if (issuerElem != null && issuerElem.getFirstElement() != null) {
            issuedToken.setIssuerEpr(issuerElem.getFirstElement());
        }

        // Extract RSTTemplate
        OMElement rstTmplElem = element.getFirstChildWithName(Constants.RST_TEMPLATE);
        if (rstTmplElem != null) {
            issuedToken.setRstTemplate(rstTmplElem);
        }

        OMElement policyElement = element.getFirstChildWithName(org.apache.neethi.Constants.Q_ELEM_POLICY);

        if (policyElement != null) {
View Full Code Here
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
                log.debug("SignatureToken is an IssuedToken");
               
                if(rmd.getIssuedSignatureTokenId() == null) {
                    log.debug("No Issuedtoken found, requesting a new token");
                   
                    IssuedToken issuedToken = (IssuedToken)sigTok;
                   
                    String id = RampartUtil.getIssuedToken(rmd,
                            issuedToken);
                    rmd.setIssuedSignatureTokenId(id);
                   
                }
               
            } else if(sigTok instanceof SecureConversationToken) {
               
                log.debug("SignatureToken is a SecureConversationToken");
               
                //TODO check for an existing token and use it
               
                String secConvTokenId = rmd.getSecConvTokenId();
               
                //The RSTR has to be secured with the cancelled token
                String action = msgContext.getOptions().getAction();
                boolean cancelReqResp = action.equals(RahasConstants.WST_NS_05_02 + RahasConstants.RSTR_ACTION_CANCEL_SCT) ||
                                           action.equals(RahasConstants.WST_NS_05_02 + RahasConstants.RSTR_ACTION_CANCEL_SCT) ||
                                           action.equals(RahasConstants.WST_NS_05_02 + RahasConstants.RST_ACTION_CANCEL_SCT) ||
                                           action.equals(RahasConstants.WST_NS_05_02 + RahasConstants.RST_ACTION_CANCEL_SCT);
               
                //In the case of the cancel req or resp we should mark the token as cancelled
                if(secConvTokenId != null && cancelReqResp) {
                    try {
                        rmd.getTokenStorage().getToken(secConvTokenId).setState(org.apache.rahas.Token.CANCELLED);
                        msgContext.setProperty(RampartMessageData.SCT_ID, secConvTokenId);
                       
                        //remove from the local map of contexts
                        String contextIdentifierKey = RampartUtil.getContextIdentifierKey(msgContext);
                        RampartUtil.getContextMap(msgContext).remove(contextIdentifierKey);
                    } catch (TrustException e) {
                        throw new RampartException("errorExtractingToken");
                    }
                }
               
                if (secConvTokenId == null
                        || (secConvTokenId != null &&
                                (!RampartUtil.isTokenValid(rmd, secConvTokenId) && !cancelReqResp))) {
               
                    log.debug("No SecureConversationToken found, " +
                            "requesting a new token");
                   
                    SecureConversationToken secConvTok =
                                        (SecureConversationToken) sigTok;
                   
                    try {

                        String id = RampartUtil.getSecConvToken(rmd, secConvTok);
                        rmd.setSecConvTokenId(id);
                       
                    } catch (TrustException e) {
                        throw new RampartException("errorInObtainingSct", e);
                    }
                }
            }
           
            //If it was the ProtectionToken assertion then sigTok is the
            //same as encrTok
            if(sigTok.equals(encrTok) && sigTok instanceof IssuedToken) {
               
                log.debug("Symmetric binding uses a ProtectionToken, both" +
                        " SignatureToken and EncryptionToken are the same");
               
                rmd.setIssuedEncryptionTokenId(rmd.getIssuedEncryptionTokenId());
            } else {
                //Now we'll have to obtain the encryption token as well :-)
                //ASSUMPTION: SecureConversationToken is used as a
                //ProtectionToken therefore we only have to process a issued
                //token here
               
                log.debug("Obtaining the Encryption Token");
                if(rmd.getIssuedEncryptionTokenId() != null) {
                   
                    log.debug("EncrytionToken not alredy set");

                    IssuedToken issuedToken = (IssuedToken)encrTok;
                       
                    String id = RampartUtil.getIssuedToken(rmd,
                            issuedToken);
                    rmd.setIssuedEncryptionTokenId(id);
View Full Code Here
TOP

Related Classes of org.apache.ws.secpolicy.model.IssuedToken

  • org.apache.rampart.builder.SymmetricBindingBuilder
  • org.apache.ws.secpolicy.builders.IssuedTokenBuilder
  • org.apache.ws.secpolicy11.builders.IssuedTokenBuilder
  • org.apache.ws.secpolicy12.builders.IssuedTokenBuilder
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.