File Doc Category Size Date Package
SymmetricBindingProcessor.java API Doc Example 12372 Thu Jul 19 02:00:10 BST 2007 com.sun.xml.ws.security.impl.policyconv

SymmetricBindingProcessor

java.lang.Object
- BindingProcessor

public class SymmetricBindingProcessor extends BindingProcessor

author: K.Venugopal@sun.com

Fields Summary
private com.sun.xml.ws.security.policy.SymmetricBinding
binding
Constructors Summary
public SymmetricBindingProcessor(com.sun.xml.ws.security.policy.SymmetricBinding binding, XWSSPolicyContainer container, boolean isServer, boolean isIncoming, Vector signedParts, Vector encryptedParts, Vector signedElements, Vector encryptedElements)
Creates a new instance of SymmetricBindingProcessor
this.binding = binding; this.container = container; this.isServer = isServer; this.isIncoming = isIncoming; protectionOrder = binding.getProtectionOrder(); tokenProcessor = new TokenProcessor(isServer,isIncoming,pid); iAP = new IntegrityAssertionProcessor(binding.getAlgorithmSuite(),binding.isSignContent()); eAP = new EncryptionAssertionProcessor(binding.getAlgorithmSuite(),false); this.signedParts = signedParts; this.signedElements = signedElements; this.encryptedElements = encryptedElements; this.encryptedParts = encryptedParts;
Methods Summary
protected void addSymmetricKeyBinding(com.sun.xml.wss.impl.policy.mls.WSSPolicy policy, com.sun.xml.ws.security.policy.Token token)
com.sun.xml.wss.impl.policy.mls.SymmetricKeyBinding skb = new com.sun.xml.wss.impl.policy.mls.SymmetricKeyBinding(); //skb.setKeyAlgorithm(_binding.getAlgorithmSuite().getSymmetricKeyAlgorithm()); // policy.setKeyBinding(skb); PolicyAssertion tokenAssertion = (PolicyAssertion)token; if(PolicyUtil.isX509Token(tokenAssertion)){ AuthenticationTokenPolicy.X509CertificateBinding x509CB =new AuthenticationTokenPolicy.X509CertificateBinding(); // (AuthenticationTokenPolicy.X509CertificateBinding)policy.newX509CertificateKeyBinding(); x509CB.setUUID(token.getTokenId()); tokenProcessor.setTokenValueType(x509CB, tokenAssertion); tokenProcessor.setTokenInclusion(x509CB,(Token) tokenAssertion); //x509CB.setPolicyToken((Token) tokenAssertion); tokenProcessor.setX509TokenRefType(x509CB, (X509Token) token); if(((X509Token)token).isRequireDerivedKeys()){ DerivedTokenKeyBinding dtKB = new DerivedTokenKeyBinding(); skb.setKeyBinding(x509CB); policy.setKeyBinding(dtKB); dtKB.setOriginalKeyBinding(skb); dtKB.setUUID(pid.generateID()); }else{ skb.setKeyBinding(x509CB); policy.setKeyBinding(skb); } }else if(PolicyUtil.isSamlToken(tokenAssertion)){ AuthenticationTokenPolicy.SAMLAssertionBinding sab = new AuthenticationTokenPolicy.SAMLAssertionBinding(); sab.setUUID(token.getTokenId()); sab.setReferenceType(MessageConstants.DIRECT_REFERENCE_TYPE); tokenProcessor.setTokenInclusion(sab,(Token) tokenAssertion); //sab.setPolicyToken((Token) tokenAssertion); if(((SamlToken)token).isRequireDerivedKeys()){ DerivedTokenKeyBinding dtKB = new DerivedTokenKeyBinding(); dtKB.setOriginalKeyBinding(sab); policy.setKeyBinding(dtKB); dtKB.setUUID(pid.generateID()); }else{ policy.setKeyBinding(sab); } }else if(PolicyUtil.isIssuedToken(tokenAssertion)){ IssuedTokenKeyBinding itkb = new IssuedTokenKeyBinding(); tokenProcessor.setTokenInclusion(itkb,(Token) tokenAssertion); //itkb.setPolicyToken((Token) tokenAssertion); itkb.setUUID(((Token)tokenAssertion).getTokenId()); IssuedToken it = (IssuedToken)tokenAssertion; if(it.isRequireDerivedKeys()){ DerivedTokenKeyBinding dtKB = new DerivedTokenKeyBinding(); dtKB.setOriginalKeyBinding(itkb); policy.setKeyBinding(dtKB); dtKB.setUUID(pid.generateID()); }else{ policy.setKeyBinding(itkb); } }else if(PolicyUtil.isSecureConversationToken(tokenAssertion)){ SecureConversationTokenKeyBinding sct = new SecureConversationTokenKeyBinding(); SecureConversationToken sctPolicy = (SecureConversationToken)tokenAssertion; if(sctPolicy.isRequireDerivedKeys()){ DerivedTokenKeyBinding dtKB = new DerivedTokenKeyBinding(); dtKB.setOriginalKeyBinding(sct); policy.setKeyBinding(dtKB); dtKB.setUUID(pid.generateID()); }else{ policy.setKeyBinding(sct); } tokenProcessor.setTokenInclusion(sct,(Token) tokenAssertion); //sct.setPolicyToken((Token) tokenAssertion); sct.setUUID(((Token)tokenAssertion).getTokenId()); }else{ throw new UnsupportedOperationException("addKeyBinding for "+ token + "is not supported"); }
protected void close()
if(protectionOrder == Binding.SIGN_ENCRYPT){ container.insert(primaryEP); }
protected com.sun.xml.ws.security.policy.Binding getBinding()
return binding;
protected com.sun.xml.wss.impl.policy.mls.EncryptionPolicy getSecondaryEncryptionPolicy()
if(sEncPolicy == null){ sEncPolicy = new EncryptionPolicy(); sEncPolicy.setUUID(pid.generateID()); Token token = null; token = binding.getProtectionToken(); if( token== null){ token = binding.getEncryptionToken(); } addSymmetricKeyBinding(sEncPolicy,token); container.insert(sEncPolicy); } return sEncPolicy;
public void process()
Token pt = binding.getProtectionToken(); Token st = null; Token et = null; if(pt == null ){ st = binding.getSignatureToken(); et = binding.getEncryptionToken(); if(et != null){ primaryEP = new EncryptionPolicy(); primaryEP.setUUID(pid.generateID()); addSymmetricKeyBinding(primaryEP,et); } if(st != null){ primarySP = new SignaturePolicy(); primarySP.setUUID(pid.generateID()); SignaturePolicy.FeatureBinding spFB = (com.sun.xml.wss.impl.policy.mls.SignaturePolicy.FeatureBinding) primarySP.getFeatureBinding(); //spFB.setCanonicalizationAlgorithm(CanonicalizationMethod.EXCLUSIVE); SecurityPolicyUtil.setCanonicalizationMethod(spFB, binding.getAlgorithmSuite()); spFB.isPrimarySignature(true); addSymmetricKeyBinding(primarySP,st); } }else{ primarySP = new SignaturePolicy(); primarySP.setUUID(pid.generateID()); primaryEP = new EncryptionPolicy(); primaryEP.setUUID(pid.generateID()); addSymmetricKeyBinding(primarySP,pt); addSymmetricKeyBinding(primaryEP,pt); SignaturePolicy.FeatureBinding spFB = (com.sun.xml.wss.impl.policy.mls.SignaturePolicy.FeatureBinding) primarySP.getFeatureBinding(); //spFB.setCanonicalizationAlgorithm(CanonicalizationMethod.EXCLUSIVE); SecurityPolicyUtil.setCanonicalizationMethod(spFB, binding.getAlgorithmSuite()); spFB.isPrimarySignature(true); } if(protectionOrder == Binding.SIGN_ENCRYPT){ container.insert(primarySP); // container.insert(primaryEP); }else{ container.insert(primaryEP); container.insert(primarySP); if(primaryEP != null){ EncryptionPolicy.FeatureBinding efp = (EncryptionPolicy.FeatureBinding) primaryEP.getFeatureBinding(); efp.setUseStandAloneRefList(true); } } addPrimaryTargets(); if(foundEncryptTargets && binding.getSignatureProtection()){ protectPrimarySignature(); } if(binding.isIncludeTimeStamp()){ protectTimestamp(); } if(binding.getTokenProtection()){ WSSPolicy policy = (WSSPolicy) primarySP.getKeyBinding(); if(PolicyTypeUtil.derivedTokenKeyBinding(policy)){ protectToken(policy,true); }else{ protectToken((WSSPolicy) policy.getKeyBinding(),true); } }