File Doc Category Size Date Package
WSTrustClientContractImpl.java API Doc Example 13274 Tue May 29 16:56:58 BST 2007 com.sun.xml.ws.security.trust.impl

WSTrustClientContractImpl

java.lang.Object

public class WSTrustClientContractImpl extends Object implements com.sun.xml.ws.security.trust.WSTrustClientContract

author: WS-Trust-Implementation team

Fields Summary
private static final Logger
log
private static final SimpleDateFormat
calendarFormatter
Constructors Summary
public WSTrustClientContractImpl(com.sun.xml.ws.security.trust.Configuration config)
Creates a new instance of WSTrustClientContractImpl
//this.config = config;
Methods Summary
private byte[] computeKey(com.sun.xml.ws.security.trust.elements.RequestSecurityTokenResponse rstr, com.sun.xml.ws.security.trust.elements.RequestedProofToken proofToken, com.sun.xml.ws.security.trust.elements.RequestSecurityToken rst)
// get ComputeKey algorithm URI, client entropy, server entropy and compute // the SecretKey final URI computedKey = proofToken.getComputedKey(); final Entropy clientEntropy = rst.getEntropy(); final Entropy serverEntropy = rstr.getEntropy(); final BinarySecret clientBinarySecret = clientEntropy.getBinarySecret(); final BinarySecret serverBinarySecret = serverEntropy.getBinarySecret(); byte [] clientEntropyBytes = null; byte [] serverEntropyBytes = null; if(clientBinarySecret!=null){ clientEntropyBytes = clientBinarySecret.getRawValue(); } if(serverBinarySecret!=null){ serverEntropyBytes = serverBinarySecret.getRawValue(); } final int keySize = (int)rstr.getKeySize()/8; byte[] key = null; if(computedKey.toString().equals(WSTrustConstants.CK_PSHA1)){ try { key = SecurityUtil.P_SHA1(clientEntropyBytes,serverEntropyBytes, keySize); } catch (Exception ex) { log.log(Level.SEVERE, LogStringsMessages.WST_0037_ERROR_COMPUTING_KEY(), ex); throw new WSTrustException(LogStringsMessages.WST_0037_ERROR_COMPUTING_KEY(), ex); } } else { log.log(Level.SEVERE, LogStringsMessages.WST_0026_INVALID_CK_ALGORITHM(computedKey)); throw new WSTrustException(LogStringsMessages.WST_0026_INVALID_CK_ALGORITHM_E(computedKey)); } return key;
public boolean containsChallenge(com.sun.xml.ws.security.trust.elements.RequestSecurityTokenResponse rstr)
Contains Challenge
return
true if the RSTR contains a SignChallenge/BinaryExchange or some other custom challenge recognized by this implementation.
throw new UnsupportedOperationException("Unsupported operation: containsChallenge");
public com.sun.xml.ws.security.trust.elements.RequestSecurityTokenResponse createRSTRForClientInitiatedIssuedTokenContext(com.sun.xml.ws.policy.impl.bindings.AppliesTo scopes, com.sun.xml.ws.security.IssuedTokenContext context)
Create an RSTR for a client initiated IssuedTokenContext establishment, for example a Client Initiated WS-SecureConversation context.
throw new UnsupportedOperationException("Unsupported operation: createRSTRForClientInitiatedIssuedTokenContext");
public java.net.URI getComputedKeyAlgorithmFromProofToken(com.sun.xml.ws.security.trust.elements.RequestSecurityTokenResponse rstr)
Return the <wst:ComputedKey> URI if any inside the RSTR, null otherwise
throw new UnsupportedOperationException("Unsupported operation: getComputedKeyAlgorithmFromProofToken");
private byte[] getKey(com.sun.xml.ws.security.trust.elements.RequestSecurityTokenResponse rstr, com.sun.xml.ws.security.trust.elements.RequestedProofToken proofToken, com.sun.xml.ws.security.trust.elements.RequestSecurityToken rst, java.lang.String appliesTo)
byte[] key = null; if (proofToken != null){ final String proofTokenType = proofToken.getProofTokenType(); if (RequestedProofToken.COMPUTED_KEY_TYPE.equals(proofTokenType)){ key = computeKey(rstr, proofToken, rst); } else if (RequestedProofToken.TOKEN_REF_TYPE.equals(proofTokenType)){ //ToDo log.log(Level.SEVERE, LogStringsMessages.WST_0001_UNSUPPORTED_PROOF_TOKEN_TYPE(proofTokenType, appliesTo)); throw new WSTrustException( LogStringsMessages.WST_0001_UNSUPPORTED_PROOF_TOKEN_TYPE(proofTokenType, appliesTo)); } else if (RequestedProofToken.ENCRYPTED_KEY_TYPE.equals(proofTokenType)){ // ToDo log.log(Level.SEVERE, LogStringsMessages.WST_0001_UNSUPPORTED_PROOF_TOKEN_TYPE(proofTokenType, appliesTo)); throw new WSTrustException( LogStringsMessages.WST_0001_UNSUPPORTED_PROOF_TOKEN_TYPE(proofTokenType, appliesTo)); } else if (RequestedProofToken.BINARY_SECRET_TYPE.equals(proofTokenType)){ final BinarySecret binarySecret = proofToken.getBinarySecret(); key = binarySecret.getRawValue(); } else{ log.log(Level.SEVERE, LogStringsMessages.WST_0019_INVALID_PROOF_TOKEN_TYPE(proofTokenType, appliesTo)); throw new WSTrustException( LogStringsMessages.WST_0019_INVALID_PROOF_TOKEN_TYPE(proofTokenType, appliesTo)); } } return key;
public void handleRSTR(com.sun.xml.ws.security.trust.elements.RequestSecurityToken rst, com.sun.xml.ws.security.trust.elements.RequestSecurityTokenResponse rstr, com.sun.xml.ws.security.IssuedTokenContext context)
Handle an RSTR returned by the Issuer and update Token information into the IssuedTokenContext.
if (rst.getRequestType().toString().equals(WSTrustConstants.ISSUE_REQUEST)){ String appliesTo = null; AppliesTo requestAppliesTo = rst.getAppliesTo(); if (requestAppliesTo != null){ appliesTo = WSTrustUtil.getAppliesToURI(requestAppliesTo); } //AppliesTo responseAppliesTo = rstr.getAppliesTo(); final RequestedSecurityToken securityToken = rstr.getRequestedSecurityToken(); // Requested References final RequestedAttachedReference attachedRef = rstr.getRequestedAttachedReference(); final RequestedUnattachedReference unattachedRef = rstr.getRequestedUnattachedReference(); // RequestedProofToken final RequestedProofToken proofToken = rstr.getRequestedProofToken(); // Obtain the secret key for the context final byte[] key = getKey(rstr, proofToken, rst, appliesTo); if(key != null){ context.setProofKey(key); } //get the creation time and expires time and set it in the context setLifetime(rstr, context); // if securityToken == null and proofToken == null // throw exception if(securityToken == null && proofToken == null){ log.log(Level.SEVERE, LogStringsMessages.WST_0018_TOKENS_NULL(appliesTo)); throw new WSTrustException( LogStringsMessages.WST_0018_TOKENS_NULL(appliesTo)); } if (securityToken != null){ context.setSecurityToken(securityToken.getToken()); } if(attachedRef != null){ context.setAttachedSecurityTokenReference(attachedRef.getSTR()); } if (unattachedRef != null){ context.setUnAttachedSecurityTokenReference(unattachedRef.getSTR()); } }
public com.sun.xml.ws.security.trust.elements.RequestSecurityTokenResponse handleRSTRForNegotiatedExchange(com.sun.xml.ws.security.trust.elements.RequestSecurityToken rst, com.sun.xml.ws.security.trust.elements.RequestSecurityTokenResponse rstr, com.sun.xml.ws.security.IssuedTokenContext context)
Handle an RSTR returned by the Issuer and Respond to the Challenge
throw new UnsupportedOperationException("Unsupported operation: handleRSTRForNegotiatedExchange");
private void setLifetime(com.sun.xml.ws.security.trust.elements.RequestSecurityTokenResponse rstr, com.sun.xml.ws.security.IssuedTokenContext context)
// Get Created and Expires from Lifetime try{ final Lifetime lifetime = rstr.getLifetime(); final AttributedDateTime created = lifetime.getCreated(); final AttributedDateTime expires = lifetime.getExpires(); synchronized (calendarFormatter){ final Date dateCreated = calendarFormatter.parse(created.getValue()); final Date dateExpires = calendarFormatter.parse(expires.getValue()); // populate the IssuedTokenContext context.setCreationTime(dateCreated); context.setExpirationTime(dateExpires); } }catch(ParseException ex){ throw new WSTrustException(ex.getMessage(), ex); }