FileDocCategorySizeDatePackage
SymmetricBindingProcessor.javaAPI DocExample12372Thu Jul 19 02:00:10 BST 2007com.sun.xml.ws.security.impl.policyconv

SymmetricBindingProcessor

public class SymmetricBindingProcessor extends BindingProcessor
author
K.Venugopal@sun.com

Fields Summary
private com.sun.xml.ws.security.policy.SymmetricBinding
binding
Constructors Summary
public SymmetricBindingProcessor(com.sun.xml.ws.security.policy.SymmetricBinding binding, XWSSPolicyContainer container, boolean isServer, boolean isIncoming, Vector signedParts, Vector encryptedParts, Vector signedElements, Vector encryptedElements)
Creates a new instance of SymmetricBindingProcessor

           
       
                
               
        this.binding = binding;
        this.container = container;
        this.isServer = isServer;
        this.isIncoming = isIncoming;
        protectionOrder = binding.getProtectionOrder();
        tokenProcessor = new TokenProcessor(isServer,isIncoming,pid);
        iAP = new IntegrityAssertionProcessor(binding.getAlgorithmSuite(),binding.isSignContent());
        eAP = new EncryptionAssertionProcessor(binding.getAlgorithmSuite(),false);
        this.signedParts = signedParts;
        this.signedElements = signedElements;
        this.encryptedElements = encryptedElements;
        this.encryptedParts = encryptedParts;
    
Methods Summary
protected voidaddSymmetricKeyBinding(com.sun.xml.wss.impl.policy.mls.WSSPolicy policy, com.sun.xml.ws.security.policy.Token token)

        com.sun.xml.wss.impl.policy.mls.SymmetricKeyBinding skb =
                new com.sun.xml.wss.impl.policy.mls.SymmetricKeyBinding();
        //skb.setKeyAlgorithm(_binding.getAlgorithmSuite().getSymmetricKeyAlgorithm());
        // policy.setKeyBinding(skb);
        PolicyAssertion tokenAssertion = (PolicyAssertion)token;
        if(PolicyUtil.isX509Token(tokenAssertion)){
            AuthenticationTokenPolicy.X509CertificateBinding x509CB =new AuthenticationTokenPolicy.X509CertificateBinding();
            //        (AuthenticationTokenPolicy.X509CertificateBinding)policy.newX509CertificateKeyBinding();
            x509CB.setUUID(token.getTokenId());
            tokenProcessor.setTokenValueType(x509CB, tokenAssertion);
            tokenProcessor.setTokenInclusion(x509CB,(Token) tokenAssertion);
            //x509CB.setPolicyToken((Token) tokenAssertion);
            tokenProcessor.setX509TokenRefType(x509CB, (X509Token) token);
            
            if(((X509Token)token).isRequireDerivedKeys()){
                DerivedTokenKeyBinding dtKB =  new DerivedTokenKeyBinding();
                skb.setKeyBinding(x509CB);
                policy.setKeyBinding(dtKB);
                dtKB.setOriginalKeyBinding(skb);
                dtKB.setUUID(pid.generateID());
            }else{
                skb.setKeyBinding(x509CB);
                policy.setKeyBinding(skb);
            }
        }else if(PolicyUtil.isSamlToken(tokenAssertion)){
            AuthenticationTokenPolicy.SAMLAssertionBinding sab = new AuthenticationTokenPolicy.SAMLAssertionBinding();
            sab.setUUID(token.getTokenId());
            sab.setReferenceType(MessageConstants.DIRECT_REFERENCE_TYPE);
            tokenProcessor.setTokenInclusion(sab,(Token) tokenAssertion);
            //sab.setPolicyToken((Token) tokenAssertion);
            if(((SamlToken)token).isRequireDerivedKeys()){
                DerivedTokenKeyBinding dtKB =  new DerivedTokenKeyBinding();
                dtKB.setOriginalKeyBinding(sab);
                policy.setKeyBinding(dtKB);
                dtKB.setUUID(pid.generateID());
            }else{
                policy.setKeyBinding(sab);
            }
        }else if(PolicyUtil.isIssuedToken(tokenAssertion)){
            IssuedTokenKeyBinding itkb = new IssuedTokenKeyBinding();
            tokenProcessor.setTokenInclusion(itkb,(Token) tokenAssertion);
            //itkb.setPolicyToken((Token) tokenAssertion);
            itkb.setUUID(((Token)tokenAssertion).getTokenId());
            IssuedToken it = (IssuedToken)tokenAssertion;
            if(it.isRequireDerivedKeys()){
                DerivedTokenKeyBinding dtKB =  new DerivedTokenKeyBinding();
                dtKB.setOriginalKeyBinding(itkb);
                policy.setKeyBinding(dtKB);
                dtKB.setUUID(pid.generateID());
            }else{
                policy.setKeyBinding(itkb);
            }
        }else if(PolicyUtil.isSecureConversationToken(tokenAssertion)){
            SecureConversationTokenKeyBinding sct = new SecureConversationTokenKeyBinding();
            SecureConversationToken sctPolicy = (SecureConversationToken)tokenAssertion;
            if(sctPolicy.isRequireDerivedKeys()){
                DerivedTokenKeyBinding dtKB =  new DerivedTokenKeyBinding();
                dtKB.setOriginalKeyBinding(sct);
                policy.setKeyBinding(dtKB);
                dtKB.setUUID(pid.generateID());
            }else{
                policy.setKeyBinding(sct);
            }
            tokenProcessor.setTokenInclusion(sct,(Token) tokenAssertion);
            //sct.setPolicyToken((Token) tokenAssertion);
            sct.setUUID(((Token)tokenAssertion).getTokenId());
        }else{
            throw new UnsupportedOperationException("addKeyBinding for "+ token + "is not supported");
        }
    
protected voidclose()

        if(protectionOrder == Binding.SIGN_ENCRYPT){
            container.insert(primaryEP);
        }
    
protected com.sun.xml.ws.security.policy.BindinggetBinding()

        return binding;
    
protected com.sun.xml.wss.impl.policy.mls.EncryptionPolicygetSecondaryEncryptionPolicy()

        if(sEncPolicy == null){
            sEncPolicy  = new EncryptionPolicy();
            sEncPolicy.setUUID(pid.generateID());
            Token token = null;
            token = binding.getProtectionToken();
            if( token== null){
                token = binding.getEncryptionToken();
            }
            addSymmetricKeyBinding(sEncPolicy,token);
            container.insert(sEncPolicy);
        }
        return sEncPolicy;
    
public voidprocess()

        
        Token pt = binding.getProtectionToken();
        Token st = null;
        Token et = null;
        
        if(pt == null ){
            st = binding.getSignatureToken();
            et = binding.getEncryptionToken();
            
            if(et != null){
                primaryEP = new EncryptionPolicy();
                primaryEP.setUUID(pid.generateID());
                addSymmetricKeyBinding(primaryEP,et);
            }
            
            if(st != null){
                primarySP = new SignaturePolicy();
                primarySP.setUUID(pid.generateID());
                
                SignaturePolicy.FeatureBinding spFB = (com.sun.xml.wss.impl.policy.mls.SignaturePolicy.FeatureBinding)
                        primarySP.getFeatureBinding();
                //spFB.setCanonicalizationAlgorithm(CanonicalizationMethod.EXCLUSIVE);
                SecurityPolicyUtil.setCanonicalizationMethod(spFB, binding.getAlgorithmSuite());
                spFB.isPrimarySignature(true);
                addSymmetricKeyBinding(primarySP,st);
            }
        }else{
            primarySP = new SignaturePolicy();
            primarySP.setUUID(pid.generateID());
            primaryEP = new EncryptionPolicy();
            primaryEP.setUUID(pid.generateID());
            addSymmetricKeyBinding(primarySP,pt);
            addSymmetricKeyBinding(primaryEP,pt);
            
            SignaturePolicy.FeatureBinding spFB = (com.sun.xml.wss.impl.policy.mls.SignaturePolicy.FeatureBinding)
                    primarySP.getFeatureBinding();
            //spFB.setCanonicalizationAlgorithm(CanonicalizationMethod.EXCLUSIVE);
            SecurityPolicyUtil.setCanonicalizationMethod(spFB, binding.getAlgorithmSuite());
            spFB.isPrimarySignature(true);
        }
        
        if(protectionOrder == Binding.SIGN_ENCRYPT){
            container.insert(primarySP);
            // container.insert(primaryEP);
        }else{
            container.insert(primaryEP);
            container.insert(primarySP);
            if(primaryEP != null){
                EncryptionPolicy.FeatureBinding efp = (EncryptionPolicy.FeatureBinding) primaryEP.getFeatureBinding();
                efp.setUseStandAloneRefList(true);
            }
            
        }
        addPrimaryTargets();
        
        
        if(foundEncryptTargets && binding.getSignatureProtection()){
            protectPrimarySignature();
        }
        if(binding.isIncludeTimeStamp()){
            protectTimestamp();
        }
        if(binding.getTokenProtection()){
            WSSPolicy policy = (WSSPolicy) primarySP.getKeyBinding();
            if(PolicyTypeUtil.derivedTokenKeyBinding(policy)){
                protectToken(policy,true);
            }else{
                protectToken((WSSPolicy) policy.getKeyBinding(),true);
            }
        }