org.apache.neethi.Assertion Java Examples
The following examples show how to use
org.apache.neethi.Assertion.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: IssuedTokenBuilder.java From steady with Apache License 2.0 | 6 votes |
|
private void processAlternative(List<Assertion> assertions, IssuedToken parent) {
QName name;
for (Assertion assertion : assertions) {
name = assertion.getName();
if (SPConstants.REQUIRE_DERIVED_KEYS.equals(name.getLocalPart())) {
parent.setDerivedKeys(true);
} else if (SPConstants.REQUIRE_EXTERNAL_REFERENCE.equals(name.getLocalPart())) {
parent.setRequireExternalReference(true);
} else if (SPConstants.REQUIRE_INTERNAL_REFERENCE.equals(name.getLocalPart())) {
parent.setRequireInternalReference(true);
}
}
}
Example #2
| Source File: ProtectionTokenBuilder.java From steady with Apache License 2.0 | 6 votes |
|
public Assertion build(Element element, AssertionBuilderFactory factory)
throws IllegalArgumentException {
SPConstants consts = SP11Constants.SP_NS.equals(element.getNamespaceURI())
? SP11Constants.INSTANCE : SP12Constants.INSTANCE;
ProtectionToken protectionToken = new ProtectionToken(consts, builder);
Policy policy = builder.getPolicy(DOMUtils.getFirstElement(element));
policy = policy.normalize(builder.getPolicyRegistry(), false);
for (Iterator<List<Assertion>> iterator = policy.getAlternatives(); iterator.hasNext();) {
processAlternative(iterator.next(), protectionToken);
break; // since there should be only one alternative ..
}
return protectionToken;
}
Example #3
| Source File: InitiatorTokenBuilder.java From steady with Apache License 2.0 | 6 votes |
|
public Assertion build(Element element, AssertionBuilderFactory factory)
throws IllegalArgumentException {
SPConstants consts = SP11Constants.SP_NS.equals(element.getNamespaceURI())
? SP11Constants.INSTANCE : SP12Constants.INSTANCE;
InitiatorToken initiatorToken = new InitiatorToken(consts, builder);
initiatorToken.setOptional(PolicyConstants.isOptional(element));
initiatorToken.setIgnorable(PolicyConstants.isIgnorable(element));
Policy policy = builder.getPolicy(DOMUtils.getFirstElement(element));
policy = policy.normalize(builder.getPolicyRegistry(), false);
for (Iterator<List<Assertion>> iterator = policy.getAlternatives(); iterator.hasNext();) {
processAlternative(iterator.next(), initiatorToken);
break; // TODO process all the token that must be set ..
}
return initiatorToken;
}
Example #4
| Source File: PolicyLoggingInterceptor.java From cxf with Apache License 2.0 | 6 votes |
|
public void handleMessage(Message message) throws Fault {
EndpointInfo ei = message.getExchange().getEndpoint().getEndpointInfo();
BindingOperationInfo boi = message.getExchange().getBindingOperationInfo();
LOG.fine("Getting effective server request policy for endpoint " + ei
+ " and binding operation " + boi);
EffectivePolicy ep =
bus.getExtension(PolicyEngine.class).getEffectiveServerRequestPolicy(ei, boi, message);
for (Iterator<List<Assertion>> it = ep.getPolicy().getAlternatives(); it.hasNext();) {
Collection<Assertion> as = it.next();
LOG.fine("Checking alternative with " + as.size() + " assertions.");
for (Assertion a : as) {
LOG.fine("Assertion: " + a.getClass().getName());
HTTPServerPolicy p = (JaxbAssertion.cast(a, HTTPServerPolicy.class)).getData();
LOG.fine("server policy: " + ServerPolicyCalculator.toString(p));
}
}
}
Example #5
| Source File: SignedElementsBuilder.java From steady with Apache License 2.0 | 6 votes |
|
public Assertion build(Element element, AssertionBuilderFactory factory)
throws IllegalArgumentException {
SPConstants consts = SP11Constants.SP_NS.equals(element.getNamespaceURI())
? SP11Constants.INSTANCE : SP12Constants.INSTANCE;
SignedEncryptedElements signedEncryptedElements = new SignedEncryptedElements(true,
consts);
String attribute = element.getAttributeNS(consts.getNamespace(), SPConstants.XPATH_VERSION);
if (attribute != null) {
signedEncryptedElements.setXPathVersion(attribute);
}
Node nd = element.getFirstChild();
while (nd != null) {
if (nd instanceof Element) {
processElement((Element)nd, signedEncryptedElements);
}
nd = nd.getNextSibling();
}
return signedEncryptedElements;
}
Example #6
| Source File: AbstractBindingBuilder.java From steady with Apache License 2.0 | 6 votes |
|
protected void policyNotAsserted(Assertion assertion, String reason) {
if (assertion == null) {
return;
}
LOG.log(Level.FINE, "Not asserting " + assertion.getName() + ": " + reason);
Collection<AssertionInfo> ais;
ais = aim.get(assertion.getName());
if (ais != null) {
for (AssertionInfo ai : ais) {
if (ai.getAssertion() == assertion) {
ai.setNotAsserted(reason);
}
}
}
if (!assertion.isOptional()) {
throw new PolicyException(new Message(reason, LOG));
}
}
Example #7
| Source File: AssertionInfoMapTest.java From cxf with Apache License 2.0 | 6 votes |
|
@Test
public void testCheck() throws PolicyException {
QName aqn = new QName("http://x.y.z", "a");
Assertion a = new PrimitiveAssertion(aqn);
Collection<Assertion> assertions = new ArrayList<>();
assertions.add(a);
AssertionInfoMap aim = new AssertionInfoMap(assertions);
try {
aim.check();
fail("Expected PolicyException not thrown.");
} catch (PolicyException ex) {
assertEquals("NOT_ASSERTED_EXC", ex.getCode());
}
aim.get(aqn).iterator().next().setAsserted(true);
aim.check();
}
Example #8
| Source File: AbstractCommonBindingHandler.java From cxf with Apache License 2.0 | 6 votes |
|
protected void assertPolicy(Assertion assertion) {
if (assertion == null) {
return;
}
if (LOG.isLoggable(Level.FINE)) {
LOG.log(Level.FINE, "Asserting " + assertion.getName());
}
AssertionInfoMap aim = message.get(AssertionInfoMap.class);
Collection<AssertionInfo> ais = aim.get(assertion.getName());
if (ais != null) {
for (AssertionInfo ai : ais) {
if (ai.getAssertion() == assertion) {
ai.setAsserted(true);
}
}
}
}
Example #9
| Source File: AbstractBindingBuilder.java From steady with Apache License 2.0 | 6 votes |
|
protected void policyNotAsserted(Assertion assertion, Exception reason) {
if (assertion == null) {
return;
}
LOG.log(Level.FINE, "Not asserting " + assertion.getName() + ": " + reason);
Collection<AssertionInfo> ais;
ais = aim.get(assertion.getName());
if (ais != null) {
for (AssertionInfo ai : ais) {
if (ai.getAssertion() == assertion) {
ai.setNotAsserted(reason.getMessage());
}
}
}
if (!assertion.isOptional()) {
throw new PolicyException(new Message(reason.getMessage(), LOG));
}
}
Example #10
| Source File: EncryptedElementsBuilder.java From steady with Apache License 2.0 | 6 votes |
|
public Assertion build(Element element, AssertionBuilderFactory factory)
throws IllegalArgumentException {
SPConstants consts = SP11Constants.SP_NS.equals(element.getNamespaceURI())
? SP11Constants.INSTANCE : SP12Constants.INSTANCE;
SignedEncryptedElements signedEncryptedElements = new SignedEncryptedElements(false,
consts);
String attribute = element.getAttributeNS(consts.getNamespace(), SPConstants.XPATH_VERSION);
if (attribute != null) {
signedEncryptedElements.setXPathVersion(attribute);
}
Node nd = element.getFirstChild();
while (nd != null) {
if (nd instanceof Element) {
processElement((Element)nd, signedEncryptedElements);
}
nd = nd.getNextSibling();
}
return signedEncryptedElements;
}
Example #11
| Source File: AbstractBindingBuilder.java From steady with Apache License 2.0 | 6 votes |
|
protected void policyNotAsserted(Assertion assertion, String reason) {
if (assertion == null) {
return;
}
LOG.log(Level.FINE, "Not asserting " + assertion.getName() + ": " + reason);
Collection<AssertionInfo> ais;
ais = aim.get(assertion.getName());
if (ais != null) {
for (AssertionInfo ai : ais) {
if (ai.getAssertion() == assertion) {
ai.setNotAsserted(reason);
}
}
}
if (!assertion.isOptional()) {
throw new PolicyException(new Message(reason, LOG));
}
}
Example #12
| Source File: SymmetricBindingBuilder.java From steady with Apache License 2.0 | 6 votes |
|
public Assertion build(Element element, AssertionBuilderFactory factory)
throws IllegalArgumentException {
SPConstants consts = SP11Constants.SP_NS.equals(element.getNamespaceURI())
? SP11Constants.INSTANCE : SP12Constants.INSTANCE;
SymmetricBinding symmetricBinding = new SymmetricBinding(consts, builder);
Policy policy = builder.getPolicy(DOMUtils.getFirstElement(element));
policy = policy.normalize(builder.getPolicyRegistry(), false);
Iterator<List<Assertion>> iterator = policy.getAlternatives();
if (!iterator.hasNext()) {
throw new IllegalArgumentException(
"sp:SymmetricBinding must specify at least one alternative"
);
}
processAlternatives(iterator.next(), symmetricBinding, consts);
return symmetricBinding;
}
Example #13
| Source File: PolicyInterceptorsTest.java From cxf with Apache License 2.0 | 6 votes |
|
@Test
public void testClientPolicyOutInterceptor() {
PolicyOutInterceptor interceptor = new PolicyOutInterceptor();
doTestBasics(interceptor, true, true);
control.reset();
setupMessage(true, true, true, true, true, true);
EffectivePolicy effectivePolicy = control.createMock(EffectivePolicy.class);
EasyMock.expect(pe.getEffectiveClientRequestPolicy(ei, boi, conduit, message))
.andReturn(effectivePolicy);
List<Interceptor<? extends Message>> li = createMockInterceptorList();
EasyMock.expect(effectivePolicy.getInterceptors())
.andReturn(li);
InterceptorChain ic = control.createMock(InterceptorChain.class);
EasyMock.expect(message.getInterceptorChain()).andReturn(ic);
ic.add(li.get(0));
EasyMock.expectLastCall();
Collection<Assertion> assertions =
CastUtils.cast(Collections.EMPTY_LIST, Assertion.class);
EasyMock.expect(effectivePolicy.getChosenAlternative()).andReturn(assertions);
control.replay();
interceptor.handleMessage(message);
control.verify();
}
Example #14
| Source File: RequiredElementsBuilder.java From steady with Apache License 2.0 | 6 votes |
|
public Assertion build(Element element, AssertionBuilderFactory factory)
throws IllegalArgumentException {
SPConstants consts = SP11Constants.SP_NS.equals(element.getNamespaceURI())
? SP11Constants.INSTANCE : SP12Constants.INSTANCE;
RequiredElements requiredElements = new RequiredElements(consts);
String attrXPathVersion = element.getAttributeNS(consts.getNamespace(), SPConstants.XPATH_VERSION);
if (attrXPathVersion != null) {
requiredElements.setXPathVersion(attrXPathVersion);
}
Node nd = element.getFirstChild();
while (nd != null) {
if (nd instanceof Element) {
processElement((Element)nd, requiredElements);
}
nd = nd.getNextSibling();
}
return requiredElements;
}
Example #15
| Source File: InitiatorTokenBuilder.java From steady with Apache License 2.0 | 6 votes |
|
public Assertion build(Element element, AssertionBuilderFactory factory)
throws IllegalArgumentException {
SPConstants consts = SP11Constants.SP_NS.equals(element.getNamespaceURI())
? SP11Constants.INSTANCE : SP12Constants.INSTANCE;
InitiatorToken initiatorToken = new InitiatorToken(consts, builder);
initiatorToken.setOptional(PolicyConstants.isOptional(element));
initiatorToken.setIgnorable(PolicyConstants.isIgnorable(element));
Policy policy = builder.getPolicy(DOMUtils.getFirstElement(element));
policy = policy.normalize(builder.getPolicyRegistry(), false);
for (Iterator<List<Assertion>> iterator = policy.getAlternatives(); iterator.hasNext();) {
processAlternative(iterator.next(), initiatorToken);
break; // TODO process all the token that must be set ..
}
return initiatorToken;
}
Example #16
| Source File: WSS10Builder.java From steady with Apache License 2.0 | 5 votes |
|
public Assertion build(Element element, AssertionBuilderFactory factory)
throws IllegalArgumentException {
SPConstants consts = SP11Constants.SP_NS.equals(element.getNamespaceURI())
? SP11Constants.INSTANCE : SP12Constants.INSTANCE;
Wss10 wss10 = new Wss10(consts);
processAlternative(element, wss10, consts);
return wss10;
}
Example #17
| Source File: AlgorithmSuiteBuilder.java From steady with Apache License 2.0 | 5 votes |
|
public Assertion build(Element element, AssertionBuilderFactory factory)
throws IllegalArgumentException {
SPConstants consts = SP11Constants.SP_NS.equals(element.getNamespaceURI())
? SP11Constants.INSTANCE : SP12Constants.INSTANCE;
AlgorithmSuiteLoader loader = bus.getExtension(AlgorithmSuiteLoader.class);
if (loader == null) {
loader = new DefaultAlgorithmSuiteLoader();
}
Element policyElement = DOMUtils.getFirstElement(element);
if (policyElement == null) {
throw new IllegalArgumentException(
"sp:AlgorithmSuite/wsp:Policy must have a value"
);
}
AlgorithmSuite algorithmSuite = null;
try {
algorithmSuite = loader.getAlgorithmSuite(policyElement, consts);
} catch (WSSPolicyException e) {
throw new IllegalArgumentException(e);
}
if (algorithmSuite == null && consts != SP11Constants.INSTANCE) {
String algorithmSuiteName = DOMUtils.getFirstElement(policyElement).getLocalName();
throw new IllegalArgumentException(
"Algorithm suite \"" + algorithmSuiteName + "\" is not registered"
);
}
return algorithmSuite;
}
Example #18
| Source File: PolicyUtils.java From cxf with Apache License 2.0 | 5 votes |
|
/**
* Determine if one collection of assertions contains another collection of assertion, using
* the equal method from the Assertion interface.
*
* @param assertions a collection of assertions
* @param candidates the collections of assertion to test
* @return true iff each candidate is equal to one of the assertions in the collection
*/
public static boolean contains(Collection<Assertion> assertions,
Collection<Assertion> candidates) {
if (null == candidates || candidates.isEmpty()) {
return true;
}
for (Assertion c : candidates) {
if (!contains(assertions, c)) {
return false;
}
}
return true;
}
Example #19
| Source File: AbstractBindingBuilder.java From steady with Apache License 2.0 | 5 votes |
|
protected void policyAsserted(Assertion assertion) {
if (assertion == null) {
return;
}
LOG.log(Level.FINE, "Asserting " + assertion.getName());
Collection<AssertionInfo> ais;
ais = aim.get(assertion.getName());
if (ais != null) {
for (AssertionInfo ai : ais) {
if (ai.getAssertion() == assertion) {
ai.setAsserted(true);
}
}
}
}
Example #20
| Source File: AbstractBindingBuilder.java From steady with Apache License 2.0 | 5 votes |
|
protected void policyAsserted(Assertion assertion) {
if (assertion == null) {
return;
}
LOG.log(Level.FINE, "Asserting " + assertion.getName());
Collection<AssertionInfo> ais;
ais = aim.get(assertion.getName());
if (ais != null) {
for (AssertionInfo ai : ais) {
if (ai.getAssertion() == assertion) {
ai.setAsserted(true);
}
}
}
}
Example #21
| Source File: AbstractBindingBuilder.java From steady with Apache License 2.0 | 5 votes |
|
protected Collection<Assertion> findAndAssertPolicy(QName n) {
Collection<AssertionInfo> ais = aim.getAssertionInfo(n);
if (ais != null && !ais.isEmpty()) {
List<Assertion> p = new ArrayList<Assertion>(ais.size());
for (AssertionInfo ai : ais) {
ai.setAsserted(true);
p.add(ai.getAssertion());
}
return p;
}
return null;
}
Example #22
| Source File: WSS11Builder.java From steady with Apache License 2.0 | 5 votes |
|
public Assertion build(Element element, AssertionBuilderFactory factory)
throws IllegalArgumentException {
SPConstants consts = SP11Constants.SP_NS.equals(element.getNamespaceURI())
? SP11Constants.INSTANCE : SP12Constants.INSTANCE;
Wss11 wss11 = new Wss11(consts);
processAlternative(element, wss11, consts);
return wss11;
}
Example #23
| Source File: AbstractBindingBuilder.java From steady with Apache License 2.0 | 5 votes |
|
protected void assertSupportingTokens(Collection<Assertion> suppTokens) {
if (suppTokens == null) {
return;
}
for (Assertion pa : suppTokens) {
if (pa instanceof SupportingToken) {
for (Token token : ((SupportingToken)pa).getTokens()) {
this.policyAsserted(token);
}
}
}
}
Example #24
| Source File: NegotiationUtils.java From steady with Apache License 2.0 | 5 votes |
|
static Assertion getAddressingPolicy(AssertionInfoMap aim, boolean optional) {
Collection<AssertionInfo> lst = aim.get(MetadataConstants.USING_ADDRESSING_2004_QNAME);
Assertion assertion = null;
if (null != lst && !lst.isEmpty()) {
assertion = lst.iterator().next().getAssertion();
}
if (assertion == null) {
lst = aim.get(MetadataConstants.USING_ADDRESSING_2005_QNAME);
if (null != lst && !lst.isEmpty()) {
assertion = lst.iterator().next().getAssertion();
}
}
if (assertion == null) {
lst = aim.get(MetadataConstants.USING_ADDRESSING_2006_QNAME);
if (null != lst && !lst.isEmpty()) {
assertion = lst.iterator().next().getAssertion();
}
}
if (assertion == null) {
return new PrimitiveAssertion(MetadataConstants.USING_ADDRESSING_2006_QNAME,
optional);
} else if (optional) {
return new PrimitiveAssertion(assertion.getName(),
optional);
}
return assertion;
}
Example #25
| Source File: SignedPartsBuilder.java From steady with Apache License 2.0 | 5 votes |
|
public Assertion build(Element element, AssertionBuilderFactory factory)
throws IllegalArgumentException {
SPConstants consts = SP11Constants.SP_NS.equals(element.getNamespaceURI())
? SP11Constants.INSTANCE : SP12Constants.INSTANCE;
SignedEncryptedParts signedEncryptedParts = new SignedEncryptedParts(true, consts);
Node nd = element.getFirstChild();
while (nd != null) {
if (nd instanceof Element) {
processElement((Element)nd, signedEncryptedParts);
}
nd = nd.getNextSibling();
}
//
// If SignedParts is empty then default to signing the SOAP Body
//
if (!signedEncryptedParts.isBody() && !signedEncryptedParts.isAttachments()
&& signedEncryptedParts.getHeaders().isEmpty()) {
signedEncryptedParts.setBody(true);
}
return signedEncryptedParts;
}
Example #26
| Source File: RecipientEncryptionTokenBuilder.java From steady with Apache License 2.0 | 5 votes |
|
private void processAlternative(List<Assertion> assertions, RecipientEncryptionToken parent) {
for (Assertion assertion : assertions) {
if (assertion instanceof Token) {
parent.setRecipientEncryptionToken((Token)assertion);
}
}
}
Example #27
| Source File: RequiredPartsBuilder.java From steady with Apache License 2.0 | 5 votes |
|
public Assertion build(Element element, AssertionBuilderFactory factory)
throws IllegalArgumentException {
RequiredParts requiredParts = new RequiredParts(SP12Constants.INSTANCE);
Node nd = element.getFirstChild();
while (nd != null) {
if (nd instanceof Element) {
processElement((Element)nd, requiredParts);
}
nd = nd.getNextSibling();
}
return requiredParts;
}
Example #28
| Source File: InitiatorTokenBuilder.java From steady with Apache License 2.0 | 5 votes |
|
private void processAlternative(List<Assertion> assertions, InitiatorToken parent) {
for (Assertion token : assertions) {
if (token instanceof Token) {
parent.setInitiatorToken((Token)token);
}
}
}
Example #29
| Source File: Trust10Builder.java From steady with Apache License 2.0 | 5 votes |
|
public Assertion build(Element element, AssertionBuilderFactory factory)
throws IllegalArgumentException {
element = DOMUtils.getFirstElement(element);
if (element == null || !element.getLocalName().equals("Policy")) {
throw new IllegalArgumentException("Trust10 assertion doesn't contain any Policy");
}
Trust10 trust10 = new Trust10(SP11Constants.INSTANCE);
if (DOMUtils.getFirstChildWithName(element, SP11Constants.MUST_SUPPORT_CLIENT_CHALLENGE) != null) {
trust10.setMustSupportClientChallenge(true);
}
if (DOMUtils.getFirstChildWithName(element, SP11Constants.MUST_SUPPORT_SERVER_CHALLENGE) != null) {
trust10.setMustSupportServerChallenge(true);
}
if (DOMUtils.getFirstChildWithName(element, SP11Constants.REQUIRE_CLIENT_ENTROPY) != null) {
trust10.setRequireClientEntropy(true);
}
if (DOMUtils.getFirstChildWithName(element, SP11Constants.REQUIRE_SERVER_ENTROPY) != null) {
trust10.setRequireServerEntropy(true);
}
if (DOMUtils.getFirstChildWithName(element, SP11Constants.MUST_SUPPORT_ISSUED_TOKENS) != null) {
trust10.setMustSupportIssuedTokens(true);
}
return trust10;
}
Example #30
| Source File: SHA512PolicyLoader.java From cxf with Apache License 2.0 | 5 votes |
|
@Override
protected void parseCustomAssertion(Assertion assertion) {
String assertionName = assertion.getName().getLocalPart();
String assertionNamespace = assertion.getName().getNamespaceURI();
if (!"http://cxf.apache.org/custom/security-policy".equals(assertionNamespace)) {
return;
}
if ("Basic128RsaSha512".equals(assertionName)) {
setAlgorithmSuiteType(ALGORITHM_SUITE_TYPES.get("Basic128RsaSha512"));
getAlgorithmSuiteType().setNamespace(assertionNamespace);
}
}
