org.apache.neethi.Policy Java Examples
The following examples show how to use
org.apache.neethi.Policy.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: InitiatorSignatureTokenBuilder.java From steady with Apache License 2.0 | 6 votes |
|
public Assertion build(Element element, AssertionBuilderFactory factory)
throws IllegalArgumentException {
SPConstants consts = SP11Constants.SP_NS.equals(element.getNamespaceURI())
? SP11Constants.INSTANCE : SP12Constants.INSTANCE;
InitiatorSignatureToken initiatorToken = new InitiatorSignatureToken(consts, builder);
initiatorToken.setOptional(PolicyConstants.isOptional(element));
initiatorToken.setIgnorable(PolicyConstants.isIgnorable(element));
Policy policy = builder.getPolicy(DOMUtils.getFirstElement(element));
policy = policy.normalize(builder.getPolicyRegistry(), false);
for (Iterator<List<Assertion>> iterator = policy.getAlternatives(); iterator.hasNext();) {
processAlternative(iterator.next(), initiatorToken);
break; // TODO process all the token that must be set ..
}
return initiatorToken;
}
Example #2
| Source File: RecipientEncryptionTokenBuilder.java From steady with Apache License 2.0 | 6 votes |
|
public Assertion build(Element element, AssertionBuilderFactory factory)
throws IllegalArgumentException {
SPConstants consts = SP11Constants.SP_NS.equals(element.getNamespaceURI())
? SP11Constants.INSTANCE : SP12Constants.INSTANCE;
RecipientEncryptionToken recipientEncryptionToken = new RecipientEncryptionToken(consts, builder);
recipientEncryptionToken.setOptional(PolicyConstants.isOptional(element));
recipientEncryptionToken.setIgnorable(PolicyConstants.isIgnorable(element));
Policy policy = builder.getPolicy(DOMUtils.getFirstElement(element));
policy = policy.normalize(builder.getPolicyRegistry(), false);
for (Iterator<List<Assertion>> iterator = policy.getAlternatives(); iterator.hasNext();) {
processAlternative(iterator.next(), recipientEncryptionToken);
break; // TODO process all the token that must be set ..
}
return recipientEncryptionToken;
}
Example #3
| Source File: AsymmetricBindingBuilder.java From steady with Apache License 2.0 | 6 votes |
|
public Assertion build(Element element, AssertionBuilderFactory factory)
throws IllegalArgumentException {
SPConstants consts = SP11Constants.SP_NS.equals(element.getNamespaceURI())
? SP11Constants.INSTANCE : SP12Constants.INSTANCE;
AsymmetricBinding asymmetricBinding = new AsymmetricBinding(consts, builder);
Policy policy = builder.getPolicy(DOMUtils.getFirstElement(element));
policy = policy.normalize(builder.getPolicyRegistry(), false);
Iterator<List<Assertion>> iterator = policy.getAlternatives();
if (!iterator.hasNext()) {
throw new IllegalArgumentException(
"sp:AsymmetricBinding must specify at least one alternative"
);
}
processAlternative(iterator.next(), asymmetricBinding, consts);
return asymmetricBinding;
}
Example #4
| Source File: AbstractPolicySecurityTest.java From steady with Apache License 2.0 | 6 votes |
|
protected void runInInterceptorAndValidate(String document,
String policyDocument, List<QName> assertedInAssertions,
List<QName> notAssertedInAssertions,
List<CoverageType> types) throws Exception {
final Policy policy = this.policyBuilder.getPolicy(
this.readDocument(policyDocument).getDocumentElement());
final Document doc = this.readDocument(document);
this.runInInterceptorAndValidate(
doc, policy,
assertedInAssertions,
notAssertedInAssertions,
types);
}
Example #5
| Source File: AbstractPolicySecurityTest.java From steady with Apache License 2.0 | 6 votes |
|
protected void runInInterceptorAndValidate(String document,
String policyDocument, List<QName> assertedInAssertions,
List<QName> notAssertedInAssertions,
List<CoverageType> types) throws Exception {
final Policy policy = this.policyBuilder.getPolicy(
this.readDocument(policyDocument).getDocumentElement());
final Document doc = this.readDocument(document);
this.runInInterceptorAndValidate(
doc, policy,
assertedInAssertions,
notAssertedInAssertions,
types);
}
Example #6
| Source File: MGF256AlgorithmSuiteLoader.java From cxf with Apache License 2.0 | 6 votes |
|
public AlgorithmSuite getAlgorithmSuite(Bus bus, SPConstants.SPVersion version, Policy nestedPolicy) {
AssertionBuilderRegistry reg = bus.getExtension(AssertionBuilderRegistry.class);
if (reg != null) {
String ns = "http://cxf.apache.org/custom/security-policy";
final Map<QName, Assertion> assertions = new HashMap<>();
QName qName = new QName(ns, "Basic256GCMMGFSHA256");
assertions.put(qName, new PrimitiveAssertion(qName));
reg.registerBuilder(new PrimitiveAssertionBuilder(assertions.keySet()) {
public Assertion build(Element element, AssertionBuilderFactory fact) {
if (XMLPrimitiveAssertionBuilder.isOptional(element)
|| XMLPrimitiveAssertionBuilder.isIgnorable(element)) {
return super.build(element, fact);
}
QName q = new QName(element.getNamespaceURI(), element.getLocalName());
return assertions.get(q);
}
});
}
return new GCMAlgorithmSuite(version, nestedPolicy);
}
Example #7
| Source File: ProtectionTokenBuilder.java From steady with Apache License 2.0 | 6 votes |
|
public Assertion build(Element element, AssertionBuilderFactory factory)
throws IllegalArgumentException {
SPConstants consts = SP11Constants.SP_NS.equals(element.getNamespaceURI())
? SP11Constants.INSTANCE : SP12Constants.INSTANCE;
ProtectionToken protectionToken = new ProtectionToken(consts, builder);
Policy policy = builder.getPolicy(DOMUtils.getFirstElement(element));
policy = policy.normalize(builder.getPolicyRegistry(), false);
for (Iterator<List<Assertion>> iterator = policy.getAlternatives(); iterator.hasNext();) {
processAlternative(iterator.next(), protectionToken);
break; // since there should be only one alternative ..
}
return protectionToken;
}
Example #8
| Source File: AsymmetricBindingBuilder.java From steady with Apache License 2.0 | 6 votes |
|
public Assertion build(Element element, AssertionBuilderFactory factory)
throws IllegalArgumentException {
SPConstants consts = SP11Constants.SP_NS.equals(element.getNamespaceURI())
? SP11Constants.INSTANCE : SP12Constants.INSTANCE;
AsymmetricBinding asymmetricBinding = new AsymmetricBinding(consts, builder);
Policy policy = builder.getPolicy(DOMUtils.getFirstElement(element));
policy = policy.normalize(builder.getPolicyRegistry(), false);
Iterator<List<Assertion>> iterator = policy.getAlternatives();
if (!iterator.hasNext()) {
throw new IllegalArgumentException(
"sp:AsymmetricBinding must specify at least one alternative"
);
}
processAlternative(iterator.next(), asymmetricBinding, consts);
return asymmetricBinding;
}
Example #9
| Source File: RecipientTokenBuilder.java From steady with Apache License 2.0 | 6 votes |
|
public Assertion build(Element element, AssertionBuilderFactory factory)
throws IllegalArgumentException {
SPConstants consts = SP11Constants.SP_NS.equals(element.getNamespaceURI())
? SP11Constants.INSTANCE : SP12Constants.INSTANCE;
RecipientToken recipientToken = new RecipientToken(consts, builder);
Policy policy = builder.getPolicy(DOMUtils.getFirstElement(element));
policy = policy.normalize(builder.getPolicyRegistry(), false);
for (Iterator<List<Assertion>> iterator = policy.getAlternatives(); iterator.hasNext();) {
processAlternative(iterator.next(), recipientToken);
/*
* for the moment we will pick the first token specified in the policy
*/
break;
}
return recipientToken;
}
Example #10
| Source File: InitiatorTokenBuilder.java From steady with Apache License 2.0 | 6 votes |
|
public Assertion build(Element element, AssertionBuilderFactory factory)
throws IllegalArgumentException {
SPConstants consts = SP11Constants.SP_NS.equals(element.getNamespaceURI())
? SP11Constants.INSTANCE : SP12Constants.INSTANCE;
InitiatorToken initiatorToken = new InitiatorToken(consts, builder);
initiatorToken.setOptional(PolicyConstants.isOptional(element));
initiatorToken.setIgnorable(PolicyConstants.isIgnorable(element));
Policy policy = builder.getPolicy(DOMUtils.getFirstElement(element));
policy = policy.normalize(builder.getPolicyRegistry(), false);
for (Iterator<List<Assertion>> iterator = policy.getAlternatives(); iterator.hasNext();) {
processAlternative(iterator.next(), initiatorToken);
break; // TODO process all the token that must be set ..
}
return initiatorToken;
}
Example #11
| Source File: SecurityDeploymentInterceptor.java From carbon-identity with Apache License 2.0 | 6 votes |
|
private Policy applyPolicyToBindings(AxisService axisService) throws ServerException {
Parameter parameter = axisService.getParameter(APPLY_POLICY_TO_BINDINGS);
if (parameter != null && "true".equalsIgnoreCase(parameter.getValue().toString()) &&
axisService.getPolicySubject() != null && axisService.getPolicySubject().getAttachedPolicyComponents()
!= null) {
Iterator iterator = axisService.getPolicySubject().
getAttachedPolicyComponents().iterator();
while (iterator.hasNext()) {
PolicyComponent currentPolicyComponent = (PolicyComponent) iterator.next();
if (currentPolicyComponent instanceof Policy) {
Policy policy = ((Policy) currentPolicyComponent);
String policyId = policy.getId();
axisService.getPolicySubject().detachPolicyComponent(policyId);
addPolicyToAllBindings(axisService, policy);
return policy;
}
}
}
return null;
}
Example #12
| Source File: EffectivePolicyImplTest.java From cxf with Apache License 2.0 | 6 votes |
|
@Test
public void testAccessors() {
EffectivePolicyImpl effectivePolicy = new EffectivePolicyImpl();
assertNull(effectivePolicy.getPolicy());
assertNull(effectivePolicy.getChosenAlternative());
assertNull(effectivePolicy.getInterceptors());
Policy p = control.createMock(Policy.class);
Assertion a = control.createMock(Assertion.class);
List<Assertion> la = Collections.singletonList(a);
List<Interceptor<? extends Message>> li = createMockInterceptorList();
control.replay();
effectivePolicy.setPolicy(p);
assertSame(p, effectivePolicy.getPolicy());
effectivePolicy.setChosenAlternative(la);
assertSame(la, effectivePolicy.getChosenAlternative());
effectivePolicy.setInterceptors(li);
assertSame(li, effectivePolicy.getInterceptors());
control.verify();
}
Example #13
| Source File: SHA512PolicyLoader.java From cxf with Apache License 2.0 | 6 votes |
|
public AlgorithmSuite getAlgorithmSuite(Bus bus, SPConstants.SPVersion version, Policy nestedPolicy) {
AssertionBuilderRegistry reg = bus.getExtension(AssertionBuilderRegistry.class);
if (reg != null) {
String ns = "http://cxf.apache.org/custom/security-policy";
final Map<QName, Assertion> assertions = new HashMap<>();
QName qName = new QName(ns, "Basic128RsaSha512");
assertions.put(qName, new PrimitiveAssertion(qName));
reg.registerBuilder(new PrimitiveAssertionBuilder(assertions.keySet()) {
public Assertion build(Element element, AssertionBuilderFactory fact) {
if (XMLPrimitiveAssertionBuilder.isOptional(element)
|| XMLPrimitiveAssertionBuilder.isIgnorable(element)) {
return super.build(element, fact);
}
QName q = new QName(element.getNamespaceURI(), element.getLocalName());
return assertions.get(q);
}
});
}
return new SHA512AlgorithmSuite(version, nestedPolicy);
}
Example #14
| Source File: CustomPolicyAlgorithmsTest.java From cxf with Apache License 2.0 | 6 votes |
|
@Test
public void testSHA256AsymSigAlgorithm() throws Exception {
final String rsaSha2SigMethod = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256";
String policyName = "signed_elements_policy.xml";
Policy policy = policyBuilder.getPolicy(this.getResourceAsStream(policyName));
AssertionInfoMap aim = new AssertionInfoMap(policy);
AssertionInfo assertInfo = aim.get(SP12Constants.ASYMMETRIC_BINDING).iterator().next();
AsymmetricBinding binding = (AsymmetricBinding) assertInfo.getAssertion();
// set Signature Algorithm to RSA SHA-256
binding.getAlgorithmSuite().getAlgorithmSuiteType().setAsymmetricSignature(rsaSha2SigMethod);
String sigMethod = binding.getAlgorithmSuite().getAlgorithmSuiteType().getAsymmetricSignature();
assertNotNull(sigMethod);
assertEquals(rsaSha2SigMethod, sigMethod);
}
Example #15
| Source File: SecurityConfigAdmin.java From carbon-identity with Apache License 2.0 | 5 votes |
|
/**
* Check the policy to see whether the service should only be exposed in
* HTTPS
*
* @param policy service policy
* @return returns true if the service should only be exposed in HTTPS
* @throws org.wso2.carbon.security.SecurityConfigException ex
*/
public boolean isHttpsTransportOnly(Policy policy) throws SecurityConfigException {
// When there is a transport binding sec policy assertion,
// the service should be exposed only via HTTPS
boolean httpsRequired = false;
try {
Iterator alternatives = policy.getAlternatives();
if (alternatives.hasNext()) {
List it = (List) alternatives.next();
RampartPolicyData rampartPolicyData = RampartPolicyBuilder.build(it);
if (rampartPolicyData.isTransportBinding()) {
httpsRequired = true;
} else if (rampartPolicyData.isSymmetricBinding()) {
Token encrToken = rampartPolicyData.getEncryptionToken();
if (encrToken instanceof SecureConversationToken) {
Policy bsPol = ((SecureConversationToken) encrToken).getBootstrapPolicy();
Iterator alts = bsPol.getAlternatives();
List bsIt = (List) alts.next();
RampartPolicyData bsRampartPolicyData = RampartPolicyBuilder.build(bsIt);
httpsRequired = bsRampartPolicyData.isTransportBinding();
}
}
}
} catch (WSSPolicyException e) {
log.error("Error in checking http transport only", e);
throw new SecurityConfigException("Error in checking http transport only", e);
}
return httpsRequired;
}
Example #16
| Source File: ApplicationThrottleControllerTest.java From carbon-apimgt with Apache License 2.0 | 5 votes |
|
@Test(expected = SynapseException.class)
public void testCreatingThrottleContextThrowsSynapseExceptionWhenCreatingThrottlingMediatorFails() throws
UserStoreException, RegistryException, ThrottleException {
Mockito.when(throttleDataHolder.getThrottleContext(applicationId)).thenReturn(null);
PowerMockito.when(tenantManager.getTenantId(tenantDomain)).thenReturn(tenantID);
PowerMockito.when(registryService.getGovernanceSystemRegistry(tenantID)).thenReturn(registry);
PowerMockito.when(registry.resourceExists(RESOURCE_PATH)).thenReturn(true);
PowerMockito.when(registry.get(RESOURCE_PATH)).thenReturn(throttlingPolicyResource);
PowerMockito.when(throttlingPolicyResource.getContent()).thenReturn(THROTTLING_POLICY_DEFINITION);
PowerMockito.mockStatic(ThrottleFactory.class);
PowerMockito.when(ThrottleFactory.createMediatorThrottle((Policy) Mockito.anyObject())).thenThrow(new
ThrottleException());
ApplicationThrottleController.getApplicationThrottleContext(messageContext, throttleDataHolder,
applicationId, THROTTLE_POLICY_KEY);
}
Example #17
| Source File: PolicyEngineImpl.java From cxf with Apache License 2.0 | 5 votes |
|
Policy getAggregatedFaultPolicy(BindingFaultInfo bfi, Message m) {
Policy aggregated = null;
for (PolicyProvider pp : getPolicyProviders()) {
Policy p = pp.getEffectivePolicy(bfi, m);
if (null == aggregated) {
aggregated = p;
} else if (p != null) {
aggregated = aggregated.merge(p);
}
}
return aggregated == null ? new Policy() : aggregated;
}
Example #18
| Source File: SymmetricBinding.java From steady with Apache License 2.0 | 5 votes |
|
public Policy getPolicy() {
Policy p = new Policy();
ExactlyOne ea = new ExactlyOne();
p.addPolicyComponent(ea);
All all = new All();
if (this.getProtectionToken() != null) {
all.addPolicyComponent(this.getProtectionToken());
}
if (this.getSignatureToken() != null) {
all.addPolicyComponent(this.getSignatureToken());
}
if (this.getEncryptionToken() != null) {
all.addPolicyComponent(this.getEncryptionToken());
}
if (isIncludeTimestamp()) {
all.addPolicyComponent(new PrimitiveAssertion(SP12Constants.INCLUDE_TIMESTAMP));
}
if (getLayout() != null) {
all.addPolicyComponent(getLayout());
}
ea.addPolicyComponent(all);
Policy pc = p.normalize(builder.getPolicyRegistry(), true);
if (pc != null) {
return pc;
} else {
return new Policy();
}
}
Example #19
| Source File: SupportingToken.java From steady with Apache License 2.0 | 5 votes |
|
public Policy getPolicy() {
Policy p = new Policy();
ExactlyOne ea = new ExactlyOne();
p.addPolicyComponent(ea);
All all = new All();
for (Token token : getTokens()) {
all.addPolicyComponent(token);
}
if (signedParts != null) {
all.addPolicyComponent(signedParts);
} else if (signedElements != null) {
all.addPolicyComponent(signedElements);
} else if (encryptedParts != null) {
all.addPolicyComponent(encryptedParts);
} else if (encryptedElements != null) {
all.addPolicyComponent(encryptedElements);
}
ea.addPolicyComponent(all);
Policy pc = p.normalize(builder.getPolicyRegistry(), true);
if (pc != null) {
return pc;
} else {
return new Policy();
}
}
Example #20
| Source File: EndpointPolicyImplTest.java From cxf with Apache License 2.0 | 5 votes |
|
@Test
public void testUpdatePolicyWithEmptyAll() {
Policy emptyPolicy = new Policy();
emptyPolicy.addPolicyComponent(new All());
emptyPolicy.addPolicyComponent(new All());
doTestUpdateWithEmptyPolicy(emptyPolicy);
}
Example #21
| Source File: SymmetricBinding.java From steady with Apache License 2.0 | 5 votes |
|
public Policy getPolicy() {
Policy p = new Policy();
ExactlyOne ea = new ExactlyOne();
p.addPolicyComponent(ea);
All all = new All();
if (this.getProtectionToken() != null) {
all.addPolicyComponent(this.getProtectionToken());
}
if (this.getSignatureToken() != null) {
all.addPolicyComponent(this.getSignatureToken());
}
if (this.getEncryptionToken() != null) {
all.addPolicyComponent(this.getEncryptionToken());
}
if (isIncludeTimestamp()) {
all.addPolicyComponent(new PrimitiveAssertion(SP12Constants.INCLUDE_TIMESTAMP));
}
if (getLayout() != null) {
all.addPolicyComponent(getLayout());
}
ea.addPolicyComponent(all);
Policy pc = p.normalize(builder.getPolicyRegistry(), true);
if (pc != null) {
return pc;
} else {
return new Policy();
}
}
Example #22
| Source File: SpnegoTokenInterceptorProvider.java From steady with Apache License 2.0 | 5 votes |
|
static String setupClient(STSClient client, SoapMessage message, AssertionInfoMap aim) {
client.setTrust(NegotiationUtils.getTrust10(aim));
client.setTrust(NegotiationUtils.getTrust13(aim));
Policy p = new Policy();
ExactlyOne ea = new ExactlyOne();
p.addPolicyComponent(ea);
All all = new All();
all.addPolicyComponent(NegotiationUtils.getAddressingPolicy(aim, false));
ea.addPolicyComponent(all);
client.setPolicy(p);
client.setSoap11(message.getVersion() == Soap11.getInstance());
client.setSpnego(true);
WSSConfig config = WSSConfig.getNewInstance();
String context = config.getIdAllocator().createSecureId("_", null);
client.setContext(context);
String s = message.getContextualProperty(Message.ENDPOINT_ADDRESS).toString();
client.setLocation(s);
AlgorithmSuite suite = NegotiationUtils.getAlgorithmSuite(aim);
if (suite != null) {
client.setAlgorithmSuite(suite);
int x = suite.getMaximumSymmetricKeyLength();
if (x < 256) {
client.setKeySize(x);
}
}
Map<String, Object> ctx = client.getRequestContext();
mapSecurityProps(message, ctx);
return s;
}
Example #23
| Source File: SecurityConfigAdmin.java From carbon-identity with Apache License 2.0 | 5 votes |
|
private Policy loadPolicy(Resource resource) throws org.wso2.carbon.registry.api.RegistryException,
XMLStreamException {
InputStream in = resource.getContentStream();
XMLInputFactory xmlInputFactory = XMLInputFactory.newInstance();
xmlInputFactory.setProperty(XMLInputFactory.IS_SUPPORTING_EXTERNAL_ENTITIES, false);
XMLStreamReader parser = xmlInputFactory.createXMLStreamReader(in);
StAXOMBuilder builder = new StAXOMBuilder(parser);
OMElement policyElement = builder.getDocumentElement();
return PolicyEngine.getPolicy(policyElement);
}
Example #24
| Source File: Wsdl11AttachmentPolicyProviderTest.java From cxf with Apache License 2.0 | 5 votes |
|
@Test
public void testEffectiveMessagePolicies() {
Policy ep;
// binding operation message has no extensions
// operation message has no extensions
// message has no extensions
ep = app.getEffectivePolicy(getBindingMessageInfo(endpoints[0], true), null);
assertTrue(ep == null || ep.isEmpty());
// binding operation message has one extension of type Policy
// operation message has no extensions
// message has no extensions
ep = app.getEffectivePolicy(getBindingMessageInfo(endpoints[12], true), null);
assertFalse(ep.isEmpty());
verifyAssertionsOnly(ep, 1);
// binding operation message has no extensions
// operation message has one extension of type Policy
// message has no extensions
ep = app.getEffectivePolicy(getBindingMessageInfo(endpoints[13], true), null);
assertFalse(ep.isEmpty());
verifyAssertionsOnly(ep, 1);
// binding operation message has no extensions
// operation message has no extensions
// message has one extension of type Policy
ep = app.getEffectivePolicy(getBindingMessageInfo(endpoints[14], true), null);
assertFalse(ep.isEmpty());
verifyAssertionsOnly(ep, 1);
// binding operation message has one extension of type Policy
// operation message has one extension of type Policy
// message has one extension of type Policy
ep = app.getEffectivePolicy(getBindingMessageInfo(endpoints[15], true), null);
assertFalse(ep.isEmpty());
verifyAssertionsOnly(ep, 3);
}
Example #25
| Source File: JaxbAssertionTest.java From cxf with Apache License 2.0 | 5 votes |
|
@Test
public void testEqual() {
JaxbAssertion<FooType> assertion = new JaxbAssertion<>();
FooType data = new FooType();
data.setName("CXF");
data.setNumber(2);
QName qn = new QName("http://cxf.apache.org/test/assertions/foo", "FooType");
assertion.setName(qn);
assertion.setData(data);
PolicyComponent pc = new Policy();
assertFalse(assertion.equal(pc));
pc = new All();
assertFalse(assertion.equal(pc));
pc = new ExactlyOne();
assertFalse(assertion.equal(pc));
IMocksControl ctrl = EasyMock.createNiceControl();
PrimitiveAssertion xpa = ctrl.createMock(PrimitiveAssertion.class);
QName oqn = new QName("http://cxf.apache.org/test/assertions/blah", "OtherType");
EasyMock.expect(xpa.getName()).andReturn(oqn);
EasyMock.expect(xpa.getType()).andReturn(Constants.TYPE_ASSERTION);
ctrl.replay();
assertFalse(assertion.equal(xpa));
ctrl.verify();
FooType odata = new FooType();
odata.setName(data.getName());
odata.setNumber(data.getNumber());
JaxbAssertion<FooType> oassertion = new JaxbAssertion<>();
oassertion.setData(odata);
oassertion.setName(qn);
assertFalse(assertion.equal(oassertion));
oassertion.setData(data);
assertTrue(assertion.equal(oassertion));
assertTrue(assertion.equal(assertion));
}
Example #26
| Source File: ServiceModelPolicyUpdater.java From cxf with Apache License 2.0 | 5 votes |
|
private void addPolicyRef(Extensible ext, Policy p) {
Document doc = DOMUtils.getEmptyDocument();
Element el = doc.createElementNS(p.getNamespace(), Constants.ELEM_POLICY_REF);
el.setPrefix(Constants.ATTR_WSP);
el.setAttribute(Constants.ATTR_URI, "#" + p.getId());
UnknownExtensibilityElement uee = new UnknownExtensibilityElement();
uee.setElementType(new QName(p.getNamespace(), Constants.ELEM_POLICY_REF));
uee.setElement(el);
uee.setRequired(true);
ext.addExtensor(uee);
}
Example #27
| Source File: PolicyEngineImpl.java From cxf with Apache License 2.0 | 5 votes |
|
Policy getAggregatedServicePolicy(ServiceInfo si, Message m) {
if (si == null) {
return new Policy();
}
Policy aggregated = busPolicy;
for (PolicyProvider pp : getPolicyProviders()) {
Policy p = pp.getEffectivePolicy(si, m);
if (null == aggregated) {
aggregated = p;
} else if (p != null) {
aggregated = aggregated.merge(p);
}
}
return aggregated == null ? new Policy() : aggregated;
}
Example #28
| Source File: AbstractSTSClient.java From steady with Apache License 2.0 | 5 votes |
|
protected void setPolicyInternal(Policy newPolicy) {
this.policy = newPolicy;
if (algorithmSuite == null) {
Iterator<?> i = policy.getAlternatives();
while (i.hasNext() && algorithmSuite == null) {
List<PolicyComponent> p = CastUtils.cast((List<?>)i.next());
for (PolicyComponent p2 : p) {
if (p2 instanceof Binding) {
algorithmSuite = ((Binding)p2).getAlgorithmSuite();
}
}
}
}
}
Example #29
| Source File: SupportingTokensBuilder.java From steady with Apache License 2.0 | 5 votes |
|
public Assertion build(Element element, AssertionBuilderFactory factory)
throws IllegalArgumentException {
QName name = DOMUtils.getElementQName(element);
SupportingToken supportingToken = null;
if (SP11Constants.SUPPORTING_TOKENS.equals(name)) {
supportingToken = new SupportingToken(SupportTokenType.SUPPORTING_TOKEN_SUPPORTING,
SP11Constants.INSTANCE,
builder);
} else if (SP11Constants.SIGNED_SUPPORTING_TOKENS.equals(name)) {
supportingToken = new SupportingToken(SupportTokenType.SUPPORTING_TOKEN_SIGNED,
SP11Constants.INSTANCE,
builder);
} else if (SP11Constants.ENDORSING_SUPPORTING_TOKENS.equals(name)) {
supportingToken = new SupportingToken(SupportTokenType.SUPPORTING_TOKEN_ENDORSING,
SP11Constants.INSTANCE,
builder);
} else if (SP11Constants.SIGNED_ENDORSING_SUPPORTING_TOKENS.equals(name)) {
supportingToken = new SupportingToken(SupportTokenType.SUPPORTING_TOKEN_SIGNED_ENDORSING,
SP11Constants.INSTANCE,
builder);
}
Policy policy = builder.getPolicy(DOMUtils.getFirstElement(element));
policy = policy.normalize(builder.getPolicyRegistry(), false);
for (Iterator<List<Assertion>> iterator = policy.getAlternatives(); iterator.hasNext();) {
processAlternative(iterator.next(), supportingToken);
/*
* for the moment we will say there should be only one alternative
*/
break;
}
return supportingToken;
}
Example #30
| Source File: Utils.java From carbon-identity with Apache License 2.0 | 5 votes |
|
public static Policy getSecurityPolicy() {
String policyString = " <wsp:Policy wsu:Id=\"UTOverTransport\" xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\"\n" +
" xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\">\n" +
" <wsp:ExactlyOne>\n" +
" <wsp:All>\n" +
" <sp:TransportBinding xmlns:sp=\"http://schemas.xmlsoap.org/ws/2005/07/securitypolicy\">\n" +
" <wsp:Policy>\n" +
" <sp:TransportToken>\n" +
" <wsp:Policy>\n" +
" <sp:HttpsToken RequireClientCertificate=\"true\"/>\n" +
" </wsp:Policy>\n" +
" </sp:TransportToken>\n" +
" <sp:AlgorithmSuite>\n" +
" <wsp:Policy>\n" +
" <sp:Basic256/>\n" +
" </wsp:Policy>\n" +
" </sp:AlgorithmSuite>\n" +
" <sp:Layout>\n" +
" <wsp:Policy>\n" +
" <sp:Lax/>\n" +
" </wsp:Policy>\n" +
" </sp:Layout>\n" +
" <sp:IncludeTimestamp/>\n" +
" </wsp:Policy>\n" +
" </sp:TransportBinding>\n" +
" </wsp:All>\n" +
" </wsp:ExactlyOne>\n" +
" </wsp:Policy>";
return PolicyEngine.getPolicy(new ByteArrayInputStream(policyString.getBytes()));
}
