FileDocCategorySizeDatePackage
SecurityPipeBase.javaAPI DocExample67330Mon Jun 04 22:45:56 BST 2007com.sun.xml.wss.jaxws.impl

SecurityPipeBase

public abstract class SecurityPipeBase extends Object implements com.sun.xml.ws.api.pipe.Pipe
author
Vbkumar.Jayanti@Sun.COM, K.Venugopal@sun.com

Fields Summary
protected static final Logger
log
protected com.sun.xml.ws.api.pipe.Pipe
nextPipe
protected boolean
optimized
protected boolean
transportOptimization
protected Hashtable
issuedTokenContextMap
protected com.sun.xml.ws.assembler.PipeConfiguration
pipeConfig
protected static final JAXBContext
jaxbContext
protected boolean
disablePayloadBuffer
protected com.sun.xml.ws.security.policy.AlgorithmSuite
bindingLevelAlgSuite
private final QName
optServerSecurity
private final QName
optClientSecurity
private final QName
disableSPBuffering
private final QName
disableCPBuffering
protected boolean
disableIncPrefix
private final QName
disableIncPrefixServer
private final QName
disableIncPrefixClient
protected boolean
encHeaderContent
private final QName
encHeaderContentServer
private final QName
encHeaderContentClient
private final QName
bsp10Server
private final QName
bsp10Client
protected boolean
bsp10
protected static final ArrayList
securityPolicyNamespaces
protected static final List
EMPTY_LIST
protected com.sun.xml.wss.SecurityEnvironment
secEnv
protected static final boolean
debug
protected boolean
isSOAP12
protected com.sun.xml.ws.api.SOAPVersion
soapVersion
protected SOAPFactory
soapFactory
protected com.sun.xml.ws.policy.PolicyMap
wsPolicyMap
protected HashMap
outMessagePolicyMap
protected HashMap
inMessagePolicyMap
protected HashMap
outProtocolPM
protected HashMap
inProtocolPM
public static final URI
ISSUE_REQUEST_URI
public static final URI
CANCEL_REQUEST_URI
protected com.sun.xml.ws.policy.Policy
bpMSP
protected long
timestampTimeOut
protected com.sun.xml.ws.api.model.wsdl.WSDLBoundOperation
cachedOperation
Constants for RM Security Processing
protected com.sun.xml.ws.policy.Policy
wsitConfig
protected Marshaller
marshaller
protected Unmarshaller
unmarshaller
boolean
hasIssuedTokens
boolean
hasSecureConversation
boolean
hasReliableMessaging
AddressingVersion
addVer
Constructors Summary
public SecurityPipeBase(com.sun.xml.ws.assembler.PipeConfiguration config, com.sun.xml.ws.api.pipe.Pipe nextPipe)

    
    //flag used as temporary variable for each run
    //boolean isTrustOrSCMessage = false;
    
     
        try {
            //TODO: system property maynot be appropriate for server side.
            debug = Boolean.valueOf(System.getProperty("DebugSecurity"));
            ISSUE_REQUEST_URI = new URI(WSTrustConstants.REQUEST_SECURITY_TOKEN_ISSUE_ACTION);
            CANCEL_REQUEST_URI = new URI(WSTrustConstants.CANCEL_REQUEST);
            jaxbContext = WSTrustElementFactory.getContext();           ;
            securityPolicyNamespaces = new ArrayList<String>();
            securityPolicyNamespaces.add(SECURITY_POLICY_2005_07_NAMESPACE);
            
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    
      
        this.nextPipe= nextPipe;
        this.pipeConfig = config;
        this.inMessagePolicyMap = new HashMap<WSDLBoundOperation,SecurityPolicyHolder>();
        this.outMessagePolicyMap = new HashMap<WSDLBoundOperation,SecurityPolicyHolder>();
        soapVersion = pipeConfig.getBinding().getSOAPVersion();
        //addressingEnabled = (pipeConfig.getBinding().getAddressingVersion() == null) ?  false : true;
        isSOAP12 = (soapVersion == SOAPVersion.SOAP_12) ? true : false;
        wsPolicyMap = pipeConfig.getPolicyMap();
        soapFactory = pipeConfig.getBinding().getSOAPVersion().saajSoapFactory;
        this.inProtocolPM = new HashMap<String,SecurityPolicyHolder>();
        this.outProtocolPM = new HashMap<String,SecurityPolicyHolder>();
        //unmarshaller as instance variable of the pipe
        try {
            this.marshaller = jaxbContext.createMarshaller();
            this.unmarshaller = jaxbContext.createUnmarshaller();
        }catch (javax.xml.bind.JAXBException ex) {
            log.log(Level.SEVERE, LogStringsMessages.WSSPIPE_0001_PROBLEM_MAR_UNMAR(), ex);
            throw new RuntimeException(LogStringsMessages.WSSPIPE_0001_PROBLEM_MAR_UNMAR(), ex);
        }
        
        if(wsPolicyMap != null){
            collectPolicies();
        }
        //unmarshaller = jaxbContext.createUnmarshaller();
        // check whether Service Port has RM
        hasReliableMessaging = isReliableMessagingEnabled(wsPolicyMap, pipeConfig.getWSDLModel());
        //   opResolver = new OperationResolverImpl(inMessagePolicyMap,pipeConfig.getWSDLModel().getBinding());
        
    
protected SecurityPipeBase(SecurityPipeBase that)

        nextPipe = that.nextPipe;
        pipeConfig = that.pipeConfig;
        transportOptimization = that.transportOptimization;
        optimized = that.optimized;
        disableIncPrefix = that.disableIncPrefix;
        encHeaderContent = that.encHeaderContent;
        issuedTokenContextMap = that.issuedTokenContextMap;
        secEnv = that.secEnv;
        isSOAP12 = that.isSOAP12;
        soapVersion = that.soapVersion;
        this.soapFactory = that.soapFactory;
        this.addVer = that.addVer;
        wsPolicyMap = that.wsPolicyMap;
        outMessagePolicyMap = that.outMessagePolicyMap;
        inMessagePolicyMap = that.inMessagePolicyMap;
        bindingLevelAlgSuite = that.bindingLevelAlgSuite;
        this.inProtocolPM = that.inProtocolPM;
        this.outProtocolPM = that.outProtocolPM;
        this.hasIssuedTokens = that.hasIssuedTokens;
        this.hasSecureConversation = that.hasSecureConversation;
        this.hasReliableMessaging = that.hasReliableMessaging;
        //this.opResolver = that.opResolver;
        this.timestampTimeOut = that.timestampTimeOut;

        try {
            this.marshaller = jaxbContext.createMarshaller();
            this.unmarshaller = jaxbContext.createUnmarshaller();
        }catch (javax.xml.bind.JAXBException ex) {
            log.log(Level.SEVERE, LogStringsMessages.WSSPIPE_0001_PROBLEM_MAR_UNMAR(), ex);
            throw new RuntimeException("Problem creating JAXB Marshaller/Unmarshaller", ex);
        }
    
Methods Summary
private voidaddConfigAssertions(com.sun.xml.ws.policy.Policy policy, com.sun.xml.ws.security.impl.policyconv.SecurityPolicyHolder sph)

        //ArrayList<PolicyAssertion> tokenList = new ArrayList<PolicyAssertion>();
        for(AssertionSet assertionSet : policy){
            for(PolicyAssertion assertion:assertionSet){
                if(PolicyUtil.isConfigPolicyAssertion(assertion)){
                    sph.addConfigAssertions(assertion);
                }
            }
        }
    
protected abstract voidaddIncomingFaultPolicy(com.sun.xml.ws.policy.Policy effectivePolicy, com.sun.xml.ws.security.impl.policyconv.SecurityPolicyHolder sph, com.sun.xml.ws.api.model.wsdl.WSDLFault fault)

protected abstract com.sun.xml.ws.security.impl.policyconv.SecurityPolicyHolderaddIncomingMP(com.sun.xml.ws.api.model.wsdl.WSDLBoundOperation operation, com.sun.xml.ws.policy.Policy policy)

protected abstract voidaddIncomingProtocolPolicy(com.sun.xml.ws.policy.Policy effectivePolicy, java.lang.String protocol)

protected abstract voidaddOutgoingFaultPolicy(com.sun.xml.ws.policy.Policy effectivePolicy, com.sun.xml.ws.security.impl.policyconv.SecurityPolicyHolder sph, com.sun.xml.ws.api.model.wsdl.WSDLFault fault)

protected abstract com.sun.xml.ws.security.impl.policyconv.SecurityPolicyHolderaddOutgoingMP(com.sun.xml.ws.api.model.wsdl.WSDLBoundOperation operation, com.sun.xml.ws.policy.Policy policy)

protected abstract voidaddOutgoingProtocolPolicy(com.sun.xml.ws.policy.Policy effectivePolicy, java.lang.String protocol)

private voidaddToken(com.sun.xml.ws.security.policy.Token token, java.util.ArrayList list)

        if(PolicyUtil.isSecureConversationToken((PolicyAssertion)token) ||
                PolicyUtil.isIssuedToken((PolicyAssertion)token)){
            list.add((PolicyAssertion)token);
        }
    
protected booleanbindingHasIssuedTokenPolicy()

        return hasIssuedTokens;
    
protected booleanbindingHasRMPolicy()

        return hasReliableMessaging;
    
protected booleanbindingHasSecureConversationPolicy()

        return hasSecureConversation;
    
protected voidbuildProtocolPolicy(com.sun.xml.ws.policy.Policy endpointPolicy)

        if(endpointPolicy == null ){
            return;
        }
        try{
            RMPolicyResolver rr = new RMPolicyResolver();
            Policy msgLevelPolicy = rr.getOperationLevelPolicy();
            PolicyMerger merger = PolicyMerger.getMerger();
            ArrayList<Policy> pList = new ArrayList<Policy>(2);
            pList.add(endpointPolicy);
            pList.add(msgLevelPolicy);
            Policy effectivePolicy = merger.merge(pList);
            addIncomingProtocolPolicy(effectivePolicy,"RM");
            addOutgoingProtocolPolicy(effectivePolicy,"RM");
            
            pList.remove(msgLevelPolicy);
            pList.add(getMessageBootstrapPolicy());
            PolicyMerger pm = PolicyMerger.getMerger();
            //add secure conversation policy.
            Policy ep = pm.merge(pList);
            addIncomingProtocolPolicy(ep,"SC");
            addOutgoingProtocolPolicy(ep,"SC");
        }catch(IOException ie){
            log.log(Level.SEVERE,
                    LogStringsMessages.WSSPIPE_0008_PROBLEM_BUILDING_PROTOCOL_POLICY(), ie);
            throw new PolicyException(
                    LogStringsMessages.WSSPIPE_0008_PROBLEM_BUILDING_PROTOCOL_POLICY(), ie);
        }
    
protected voidcacheMessage(com.sun.xml.ws.api.message.Packet packet)

        Message message = null;
        if(!optimized){
            try{
                message = packet.getMessage();
                message= Messages.create(message.readAsSOAPMessage());
                packet.setMessage(message);
            }catch(SOAPException se){
                // internal error
                log.log(Level.SEVERE, LogStringsMessages.WSSPIPE_0005_PROBLEM_PROC_SOAP_MESSAGE(), se);
                throw new WebServiceException(LogStringsMessages.WSSPIPE_0005_PROBLEM_PROC_SOAP_MESSAGE(), se);
            }
        }
    
protected final voidcacheOperation(com.sun.xml.ws.api.message.Message msg)

        cachedOperation = msg.getOperation(pipeConfig.getWSDLModel());
    
protected voidcollectPolicies()
Summary from Section 4.2, WS-Security Policy spec( version 1.1 July 2005 ). MessagePolicySubject : policy can be attached to 1) wsdl:binding/wsdl:operation/wsdl:input, ./wsdl:output, or ./wsdl:fault OperationPolicySubject : policy can be attached to 1)wsdl:binding/wsdl:operation EndpointPolicySubject : policy can be attached to 1)wsdl:port 2)wsdl:Binding

        try{
            if (wsPolicyMap == null) {
                return;
            }
            //To check: Is this sufficient, any edge cases I need to take care
            QName serviceName = pipeConfig.getWSDLModel().getOwner().getName();
            QName portName = pipeConfig.getWSDLModel().getName();
            //Review: will this take care of EndpointPolicySubject
            PolicyMerger policyMerge = PolicyMerger.getMerger();
            PolicyMapKey endpointKey =wsPolicyMap.createWsdlEndpointScopeKey(serviceName,portName);
            //createWsdlEndpointScopeKey(serviceName,portName);
            //Review:Will getEffectivePolicy return null or empty policy ?.
            Policy endpointPolicy = wsPolicyMap.getEndpointEffectivePolicy(endpointKey);
            
            if (endpointPolicy != null){
                if (endpointPolicy.contains(AddressingVersion.W3C.policyNsUri)){
                    addVer = AddressingVersion.W3C;
                } else if (endpointPolicy.contains(AddressingVersion.MEMBER.policyNsUri)){
                    addVer = AddressingVersion.MEMBER;
                }
                if(endpointPolicy.contains(optServerSecurity) || endpointPolicy.contains(optClientSecurity)){
                    optimized = false;
                }
                if(endpointPolicy.contains(disableCPBuffering) || endpointPolicy.contains(disableSPBuffering)){
                    disablePayloadBuffer = true;
                }    
                if(endpointPolicy.contains(disableIncPrefixServer) || endpointPolicy.contains(disableIncPrefixClient)){
                    disableIncPrefix = true;
                }
                if(endpointPolicy.contains(encHeaderContentServer) || endpointPolicy.contains(encHeaderContentClient)){
                    encHeaderContent = true;
                }
            }
           
	    if(endpointPolicy.contains(bsp10Client) || endpointPolicy.contains(bsp10Server)){
		bsp10 = true;
            } 
            
            buildProtocolPolicy(endpointPolicy);
            ArrayList<Policy> policyList = new ArrayList<Policy>();
            if(endpointPolicy != null){
                policyList.add(endpointPolicy);
            }
            for( WSDLBoundOperation operation: pipeConfig.getWSDLModel().getBinding().getBindingOperations()){
                QName operationName = operation.getName();
                WSDLOperation wsdlOperation = operation.getOperation();
                WSDLInput input = wsdlOperation.getInput();
                WSDLOutput output = wsdlOperation.getOutput();
                
                QName inputMessageName = input.getMessage().getName();
                QName outputMessageName = null;
                if(output != null){
                    outputMessageName = output.getMessage().getName();
                }
                
                PolicyMapKey messageKey =  wsPolicyMap.createWsdlMessageScopeKey(
                        serviceName,portName,operationName);
                
                
                PolicyMapKey operationKey = wsPolicyMap.createWsdlOperationScopeKey(serviceName,portName,operationName);
                
                //Review:Not sure if this is need and what is the
                //difference between operation and message level key.
                //securityPolicyNamespaces
                
                Policy operationPolicy = wsPolicyMap.getOperationEffectivePolicy(operationKey);
                if(operationPolicy != null ){
                    policyList.add(operationPolicy);
                }else{
                    //log fine message
                    
                    //System.out.println("Operation Level Security policy is null");
                }
                
                
                Policy imPolicy = null;
                
                imPolicy = wsPolicyMap.getInputMessageEffectivePolicy(messageKey);
                if(imPolicy != null ){
                    policyList.add(imPolicy);
                }
                //input message effective policy to be used. Policy elements at various
                //scopes merged.
                
                Policy imEP = policyMerge.merge(policyList);
                SecurityPolicyHolder outPH = addOutgoingMP(operation,imEP);
                if(imPolicy != null){
                    policyList.remove(imPolicy);
                }
                //one way
                SecurityPolicyHolder inPH = null;
                //TODO: Venu to verify this fix later
                /*if(output != null){*/
                Policy omPolicy = null;
                omPolicy = wsPolicyMap.getOutputMessageEffectivePolicy(messageKey);
                if(omPolicy != null){
                    policyList.add(omPolicy);
                }
                //ouput message effective policy to be used. Policy elements at various
                //scopes merged.
                
                Policy omEP =  policyMerge.merge(policyList);
                if(omPolicy != null){
                   policyList.remove(omPolicy);
                }
                inPH = addIncomingMP(operation,omEP);
                /*}*/
                Iterator faults = operation.getOperation().getFaults().iterator();
                ArrayList<Policy> faultPL = new ArrayList<Policy>();
                faultPL.add(endpointPolicy);
                if(operationPolicy != null){
                    faultPL.add(operationPolicy);
                }
                while(faults.hasNext()){
                    WSDLFault fault = (WSDLFault) faults.next();
                    
                    PolicyMapKey fKey = null;
                    fKey = wsPolicyMap.createWsdlFaultMessageScopeKey(
                            serviceName,portName,operationName,fault.getMessage().getName());
                    Policy fPolicy = wsPolicyMap.getFaultMessageEffectivePolicy(fKey);
                    
                    if(fPolicy != null){
                        faultPL.add(fPolicy);
                    }else{
                        continue;
                    }
                    Policy ep = policyMerge.merge(faultPL);
                    if(inPH != null){
                        addIncomingFaultPolicy(ep,inPH,fault);
                    }
                    if(outPH != null){
                        addOutgoingFaultPolicy(ep,outPH,fault);
                    }
                    faultPL.remove(fPolicy);
                }
            }
        }catch(PolicyException pe){
            throw generateInternalError(pe);
        }
    
protected com.sun.xml.ws.security.impl.policyconv.SecurityPolicyHolderconstructPolicyHolder(com.sun.xml.ws.policy.Policy effectivePolicy, boolean isServer, boolean isIncoming)

        return  constructPolicyHolder(effectivePolicy,isServer,isIncoming,false);
    
protected com.sun.xml.ws.security.impl.policyconv.SecurityPolicyHolderconstructPolicyHolder(com.sun.xml.ws.policy.Policy effectivePolicy, boolean isServer, boolean isIncoming, boolean ignoreST)

        
        XWSSPolicyGenerator xwssPolicyGenerator = new XWSSPolicyGenerator(effectivePolicy,isServer,isIncoming);
        xwssPolicyGenerator.process(ignoreST);
        this.bindingLevelAlgSuite = xwssPolicyGenerator.getBindingLevelAlgSuite();
        MessagePolicy messagePolicy = xwssPolicyGenerator.getXWSSPolicy();
        
        SecurityPolicyHolder sph = new SecurityPolicyHolder();
        sph.setMessagePolicy(messagePolicy);
        sph.setBindingLevelAlgSuite(xwssPolicyGenerator.getBindingLevelAlgSuite());
        List<PolicyAssertion> tokenList = getTokens(effectivePolicy);
        addConfigAssertions(effectivePolicy,sph);
        
        for(PolicyAssertion token:tokenList){
            if(PolicyUtil.isSecureConversationToken(token)){
                NestedPolicy bootstrapPolicy = ((SecureConversationToken)token).getBootstrapPolicy();
                Policy effectiveBP = null;
                if(hasTargets(bootstrapPolicy)){
                    effectiveBP = bootstrapPolicy;
                }else{
                    effectiveBP = getEffectiveBootstrapPolicy(bootstrapPolicy);
                }
                xwssPolicyGenerator = new XWSSPolicyGenerator(effectiveBP,isServer,isIncoming);
                xwssPolicyGenerator.process(ignoreST);
                MessagePolicy bmp = xwssPolicyGenerator.getXWSSPolicy();
                
                
                if(isServer && isIncoming){
                    EncryptionPolicy optionalPolicy =
                            new EncryptionPolicy();
                    EncryptionPolicy.FeatureBinding  fb = (EncryptionPolicy.FeatureBinding) optionalPolicy.getFeatureBinding();
                    optionalPolicy.newX509CertificateKeyBinding();
                    EncryptionTarget target = new EncryptionTarget();
                    target.setQName(new QName(MessageConstants.SAML_v1_1_NS,MessageConstants.SAML_ASSERTION_LNAME));
                    target.setEnforce(false);
                    fb.addTargetBinding(target);
                    /*
                    try {
                        bmp.prepend(optionalPolicy);
                    } catch (PolicyGenerationException ex) {
                        throw new PolicyException(ex);
                    }*/
                }
                
                PolicyAssertion sct = new SCTokenWrapper(token,bmp);
                sph.addSecureConversationToken(sct);
                hasSecureConversation = true;
                
                // if the bootstrap has issued tokens then set hasIssuedTokens=true
                List<PolicyAssertion> iList =
                        this.getIssuedTokenPoliciesFromBootstrapPolicy((Token)sct);
                if (!iList.isEmpty()) {
                    hasIssuedTokens = true;
                }
                
            }else if(PolicyUtil.isIssuedToken(token)){
                sph.addIssuedToken(token);
                hasIssuedTokens = true;
            }
        }
        return sph;
    
protected java.lang.RuntimeExceptiongenerateInternalError(com.sun.xml.ws.policy.PolicyException ex)

        SOAPFault fault = null;
        try {
            if (isSOAP12) {
                fault = soapFactory.createFault(ex.getMessage(),SOAPConstants.SOAP_SENDER_FAULT);
                fault.appendFaultSubcode(MessageConstants.WSSE_INTERNAL_SERVER_ERROR);
            } else {
                fault = soapFactory.createFault(ex.getMessage(), MessageConstants.WSSE_INTERNAL_SERVER_ERROR);
            }
        } catch (Exception e) {
            log.log(Level.SEVERE, LogStringsMessages.WSSPIPE_0002_INTERNAL_SERVER_ERROR(), e);
            throw new RuntimeException(LogStringsMessages.WSSPIPE_0002_INTERNAL_SERVER_ERROR(), e);
        }
        return new SOAPFaultException(fault);
    
protected java.lang.StringgetAction(com.sun.xml.ws.api.message.Packet packet)

        // if ("true".equals(packet.invocationProperties.get(WSTrustConstants.IS_TRUST_MESSAGE))){
        //    return (String)packet.invocationProperties.get(WSTrustConstants.REQUEST_SECURITY_TOKEN_ISSUE_ACTION);
        //}
        
        HeaderList hl = packet.getMessage().getHeaders();
        //String action =  hl.getAction(pipeConfig.getBinding().getAddressingVersion(), pipeConfig.getBinding().getSOAPVersion());
        String action =  hl.getAction(addVer, pipeConfig.getBinding().getSOAPVersion());
        return action;
    
protected abstract java.lang.StringgetAction(com.sun.xml.ws.api.model.wsdl.WSDLOperation operation, boolean isIncomming)

protected com.sun.xml.wss.impl.AlgorithmSuitegetAlgoSuite(com.sun.xml.ws.security.policy.AlgorithmSuite suite)

        if (suite == null) {
            return null;
        }
        com.sun.xml.wss.impl.AlgorithmSuite als = new com.sun.xml.wss.impl.AlgorithmSuite(
                suite.getDigestAlgorithm(),
                suite.getEncryptionAlgorithm(),
                suite.getSymmetricKeyAlgorithm(),
                suite.getAsymmetricKeyAlgorithm());
        
        return als;
    
protected com.sun.xml.ws.security.policy.AlgorithmSuitegetBindingAlgorithmSuite(com.sun.xml.ws.api.message.Packet packet)

        return bindingLevelAlgSuite;
    
protected com.sun.xml.ws.policy.PolicygetEffectiveBootstrapPolicy(com.sun.xml.ws.policy.NestedPolicy bp)

        try {
            ArrayList<Policy> pl = new ArrayList<Policy>();
            pl.add(bp);
            Policy mbp = getMessageBootstrapPolicy();
            if ( mbp != null ) {
                pl.add(mbp);
            }
            
            PolicyMerger pm = PolicyMerger.getMerger();
            Policy ep = pm.merge(pl);
            return ep;
        } catch (Exception e) {
            log.log(Level.SEVERE, LogStringsMessages.WSSPIPE_0007_PROBLEM_GETTING_EFF_BOOT_POLICY(), e);
            throw new PolicyException(LogStringsMessages.WSSPIPE_0007_PROBLEM_GETTING_EFF_BOOT_POLICY(), e);
        }
        
    
protected java.util.ListgetInBoundSCP(com.sun.xml.ws.api.message.Message message)

        if (inMessagePolicyMap == null) {
            return Collections.emptyList();
        }
        SecurityPolicyHolder sph = null;
        Collection coll = inMessagePolicyMap.values();
        Iterator itr = coll.iterator();
        
        while(itr.hasNext()){
            SecurityPolicyHolder ph = (SecurityPolicyHolder) itr.next();
            if(ph != null){
                sph = ph;
                break;
            }
        }
        if(sph == null){
            return EMPTY_LIST;
        }
        return sph.getSecureConversationTokens();
    
protected com.sun.xml.wss.impl.policy.mls.MessagePolicygetInboundXWSBootstrapPolicy(com.sun.xml.ws.security.policy.Token scAssertion)

        return ((SCTokenWrapper)scAssertion).getMessagePolicy();
    
protected java.util.ListgetIssuedTokenPoliciesFromBootstrapPolicy(com.sun.xml.ws.security.policy.Token scAssertion)

        SCTokenWrapper token = (SCTokenWrapper)scAssertion;
        return token.getIssuedTokens();
    
private com.sun.xml.ws.policy.PolicygetMessageBootstrapPolicy()

        if(bpMSP == null){
            PolicySourceModel model =  unmarshalPolicy(
                    "com/sun/xml/ws/security/impl/policyconv/"+"boot-msglevel-policy.xml");
            bpMSP = PolicyModelTranslator.getTranslator().translate(model);
        }
        return bpMSP;
    
private com.sun.xml.ws.policy.PolicygetMessageLevelBSP()

        QName serviceName = pipeConfig.getWSDLModel().getOwner().getName();
        QName portName = pipeConfig.getWSDLModel().getName();
        PolicyMapKey operationKey = wsPolicyMap.createWsdlOperationScopeKey(serviceName, portName, bsOperationName);
        
        Policy operationLevelEP =  wsPolicyMap.getOperationEffectivePolicy(operationKey);
        return operationLevelEP;
    
protected com.sun.xml.ws.api.model.wsdl.WSDLBoundOperationgetOperation(com.sun.xml.ws.api.message.Message message)

        if(cachedOperation == null){
            cachedOperation = message.getOperation(pipeConfig.getWSDLModel());
        }
        return cachedOperation;
    
protected com.sun.xml.ws.policy.PolicyMapKeygetOperationKey(com.sun.xml.ws.api.message.Message message)

        WSDLBoundOperation operation = message.getOperation(pipeConfig.getWSDLModel());
        WSDLOperation wsdlOperation = operation.getOperation();
        QName serviceName = pipeConfig.getWSDLModel().getOwner().getName();
        QName portName = pipeConfig.getWSDLModel().getName();
        //WSDLInput input = wsdlOperation.getInput();
        //WSDLOutput output = wsdlOperation.getOutput();
        //QName inputMessageName = input.getMessage().getName();
        //QName outputMessageName = output.getMessage().getName();
        PolicyMapKey messageKey =  wsPolicyMap.createWsdlMessageScopeKey(
                serviceName,portName,wsdlOperation.getName());
        return messageKey;
        
    
protected java.util.ListgetOutBoundSCP(com.sun.xml.ws.api.message.Message message)

        
        if (outMessagePolicyMap == null) {
            return Collections.emptyList();
        }
        SecurityPolicyHolder sph = null;
        Collection coll = outMessagePolicyMap.values();
        Iterator itr = coll.iterator();
        
        while(itr.hasNext()){
            SecurityPolicyHolder ph = (SecurityPolicyHolder) itr.next();
            if(ph != null){
                sph = ph;
                break;
            }
        }
        if(sph == null){
            return EMPTY_LIST;
        }
        return sph.getSecureConversationTokens();
        
    
protected com.sun.xml.wss.impl.policy.mls.MessagePolicygetOutgoingXWSBootstrapPolicy(com.sun.xml.ws.security.policy.Token scAssertion)

        return ((SCTokenWrapper)scAssertion).getMessagePolicy();
    
protected com.sun.xml.wss.impl.policy.mls.MessagePolicygetOutgoingXWSSecurityPolicy(com.sun.xml.ws.api.message.Packet packet, boolean isSCMessage)

        
        
        if (isSCMessage) {
            Token scToken = (Token)packet.invocationProperties.get(SC_ASSERTION);
            return getOutgoingXWSBootstrapPolicy(scToken);
        }
        Message message = packet.getMessage();
        WSDLBoundOperation operation = null;
        if(isTrustMessage(packet)){
            operation = getWSDLOpFromAction(packet,false);
        }else{
            operation =message.getOperation(pipeConfig.getWSDLModel());
        }
        
        //Review : Will this return operation name in all cases , doclit,rpclit, wrap / non wrap ?
        
        MessagePolicy mp = null;
        //if(operation == null){
        //Body could be encrypted. Security will have to infer the
        //policy from the message till the Body is decrypted.
        //    mp =  new MessagePolicy();
        //}
        if (outMessagePolicyMap == null) {
            //empty message policy
            return new MessagePolicy();
        }
        SecurityPolicyHolder sph = (SecurityPolicyHolder) outMessagePolicyMap.get(operation);
        if(sph == null){
            return new MessagePolicy();
        }
        mp = sph.getMessagePolicy();
        return mp;
    
protected javax.xml.soap.SOAPFaultgetSOAPFault(com.sun.xml.wss.impl.WssSoapFaultException sfe)

        
        SOAPFault fault = null;
        try {
            if (isSOAP12) {
                fault = soapFactory.createFault(sfe.getFaultString(),SOAPConstants.SOAP_SENDER_FAULT);
                fault.appendFaultSubcode(sfe.getFaultCode());
            } else {
                fault = soapFactory.createFault(sfe.getFaultString(), sfe.getFaultCode());
            }
        } catch (Exception e) {
            log.log(Level.SEVERE, LogStringsMessages.WSSPIPE_0002_INTERNAL_SERVER_ERROR());
            throw new RuntimeException(LogStringsMessages.WSSPIPE_0002_INTERNAL_SERVER_ERROR(), e);
        }
        return fault;
    
protected javax.xml.ws.soap.SOAPFaultExceptiongetSOAPFaultException(com.sun.xml.wss.impl.WssSoapFaultException sfe)

        
        SOAPFault fault = null;
        try {
            if (isSOAP12) {
                fault = soapFactory.createFault(sfe.getFaultString(),SOAPConstants.SOAP_SENDER_FAULT);
                fault.appendFaultSubcode(sfe.getFaultCode());
            } else {
                fault = soapFactory.createFault(sfe.getFaultString(), sfe.getFaultCode());
            }
        } catch (Exception e) {
            log.log(Level.SEVERE, LogStringsMessages.WSSPIPE_0002_INTERNAL_SERVER_ERROR());
            throw new RuntimeException(LogStringsMessages.WSSPIPE_0002_INTERNAL_SERVER_ERROR(), e);
        }
        return new SOAPFaultException(fault);
        
    
protected javax.xml.ws.soap.SOAPFaultExceptiongetSOAPFaultException(com.sun.xml.wss.XWSSecurityException xwse)

        QName qname = null;
        if (xwse.getCause() instanceof PolicyViolationException)
            qname = MessageConstants.WSSE_RECEIVER_POLICY_VIOLATION;
        else
            qname = MessageConstants.WSSE_FAILED_AUTHENTICATION;
        
        com.sun.xml.wss.impl.WssSoapFaultException wsfe =
                SecurableSoapMessage.newSOAPFaultException(
                qname, xwse.getMessage(), xwse);
        
        return getSOAPFaultException(wsfe);
    
protected java.util.ListgetSecureConversationPolicies(com.sun.xml.ws.api.message.Message message, java.lang.String scope)

        
        if (outMessagePolicyMap == null) {
            return Collections.emptyList();
        }
        SecurityPolicyHolder sph = null;
        Collection coll = outMessagePolicyMap.values();
        Iterator itr = coll.iterator();
        
        while(itr.hasNext()){
            SecurityPolicyHolder ph = (SecurityPolicyHolder) itr.next();
            if(ph != null){
                sph = ph;
                break;
            }
        }
        if(sph == null){
            return EMPTY_LIST;
        }
        return sph.getSecureConversationTokens();
        
    
protected java.util.ArrayListgetTokens(com.sun.xml.ws.policy.Policy policy)

        ArrayList<PolicyAssertion> tokenList = new ArrayList<PolicyAssertion>();
        for(AssertionSet assertionSet : policy){
            for(PolicyAssertion assertion:assertionSet){
                if(PolicyUtil.isAsymmetricBinding(assertion)){
                    AsymmetricBinding sb =  (AsymmetricBinding)assertion;
                    addToken(sb.getInitiatorToken(),tokenList);
                    addToken(sb.getRecipientToken(),tokenList);
                }else if(PolicyUtil.isSymmetricBinding(assertion)){
                    SymmetricBinding sb = (SymmetricBinding)assertion;
                    Token token = sb.getProtectionToken();
                    if(token != null){
                        addToken(token,tokenList);
                    }else{
                        addToken(sb.getEncryptionToken(),tokenList);
                        addToken(sb.getSignatureToken(),tokenList);
                    }
                }else if(PolicyUtil.isSupportingTokens(assertion)){
                    SupportingTokens st = (SupportingTokens)assertion;
                    Iterator itr = st.getTokens();
                    while(itr.hasNext()){
                        addToken((Token)itr.next(),tokenList);
                    }
                }
            }
        }
        return tokenList;
    
protected com.sun.xml.ws.api.model.wsdl.WSDLBoundOperationgetWSDLOpFromAction(com.sun.xml.ws.api.message.Packet packet, boolean isIncomming)

        String uriValue = getAction(packet);
        Set <WSDLBoundOperation>keys = outMessagePolicyMap.keySet();
        for(WSDLBoundOperation wbo : keys){
            WSDLOperation wo = wbo.getOperation();
            // WsaWSDLOperationExtension extensions = wo.getExtension(WsaWSDLOperationExtension.class);
            String action = getAction(wo, isIncomming);
            if(action != null && action.equals(uriValue)){
                return wbo;
            }
        }
        return null;
    
protected com.sun.xml.wss.impl.WSSAssertiongetWssAssertion(com.sun.xml.ws.security.policy.WSSAssertion asser)

        com.sun.xml.wss.impl.WSSAssertion assertion = new com.sun.xml.wss.impl.WSSAssertion(
                asser.getRequiredProperties(),
                asser.getType());
        return assertion;
    
private booleanhasTargets(com.sun.xml.ws.policy.NestedPolicy policy)

        AssertionSet as = policy.getAssertionSet();
        //Iterator<PolicyAssertion> paItr = as.iterator();
        boolean foundTargets = false;
        for(PolicyAssertion assertion : as){
            if(PolicyUtil.isSignedParts(assertion) || PolicyUtil.isEncryptParts(assertion)){
                foundTargets = true;
                break;
            }
        }
        return foundTargets;
    
protected com.sun.xml.wss.ProcessingContextinitializeInboundProcessingContext(com.sun.xml.ws.api.message.Packet packet)

        ProcessingContextImpl ctx = null;
        if(optimized){
            ctx = new JAXBFilterProcessingContext(packet.invocationProperties);
            ((JAXBFilterProcessingContext)ctx).setAddressingVersion(addVer);
            ((JAXBFilterProcessingContext)ctx).setSOAPVersion(soapVersion);
            ((JAXBFilterProcessingContext)ctx).setSecure(packet.wasTransportSecure);
            ((JAXBFilterProcessingContext)ctx).setBSP(bsp10); 
        }else{
            ctx = new ProcessingContextImpl( packet.invocationProperties);
        }
        ctx.setTimestampTimeout(this.timestampTimeOut);
        ctx.setIssuedTokenContextMap(issuedTokenContextMap);
        ctx.setAlgorithmSuite(getAlgoSuite(getBindingAlgorithmSuite(packet)));
        
        // setting a flag if issued tokens present
        ctx.hasIssuedToken(bindingHasIssuedTokenPolicy());
        ctx.setSecurityEnvironment(secEnv);
        ctx.isInboundMessage(true);
        
        return ctx;
    
protected com.sun.xml.wss.ProcessingContextinitializeOutgoingProcessingContext(com.sun.xml.ws.api.message.Packet packet, boolean isSCMessage)

        ProcessingContextImpl ctx = null;
        if(optimized){
            ctx = new JAXBFilterProcessingContext(packet.invocationProperties);
            ((JAXBFilterProcessingContext)ctx).setAddressingVersion(addVer);
            ((JAXBFilterProcessingContext)ctx).setSOAPVersion(soapVersion);
            ((JAXBFilterProcessingContext)ctx).setBSP(bsp10);
        }else{
            ctx = new ProcessingContextImpl( packet.invocationProperties);
        }
        // set the policy, issued-token-map, and extraneous properties
        ctx.setIssuedTokenContextMap(issuedTokenContextMap);
        ctx.setAlgorithmSuite(getAlgoSuite(getBindingAlgorithmSuite(packet)));
        try {
            MessagePolicy policy = null;
            if (isRMMessage(packet)) {
                SecurityPolicyHolder holder = outProtocolPM.get("RM");
                policy = holder.getMessagePolicy();
            }else if(isSCCancel(packet)){
                SecurityPolicyHolder holder = outProtocolPM.get("SC");
                policy = holder.getMessagePolicy();
            }else {
                policy = getOutgoingXWSSecurityPolicy(packet, isSCMessage);
            }
            if (debug) {
                policy.dumpMessages(true);
            }
            if (policy.getAlgorithmSuite() != null) {
                //override the binding level suite
                ctx.setAlgorithmSuite(policy.getAlgorithmSuite());
            }
            ctx.setWSSAssertion(policy.getWSSAssertion());
            ctx.setSecurityPolicy(policy);
            ctx.setSecurityEnvironment(secEnv);
            ctx.isInboundMessage(false);
        } catch (XWSSecurityException e) {
            log.log(Level.SEVERE, LogStringsMessages.WSSPIPE_0006_PROBLEM_INIT_OUT_PROC_CONTEXT(), e);
            throw new RuntimeException(LogStringsMessages.WSSPIPE_0006_PROBLEM_INIT_OUT_PROC_CONTEXT(), e);
        }
        return ctx;
    
protected booleanisAddressingEnabled()

        return (addVer != null);
    
protected booleanisRMMessage(com.sun.xml.ws.api.message.Packet packet)

        if (!isAddressingEnabled()) {
            return false;
        }
        if (!bindingHasRMPolicy()) {
            return false;
        }
        String action = getAction(packet);
        if (RM_CREATE_SEQ.equals(action) || RM_CREATE_SEQ_RESP.equals(action)
                || RM_SEQ_ACK.equals(action) || RM_TERMINATE_SEQ.equals(action)
                || RM_LAST_MESSAGE.equals(action)) {
            return true;
        }
        
        return false;
    
private booleanisReliableMessagingEnabled(com.sun.xml.ws.policy.PolicyMap policyMap, com.sun.xml.ws.api.model.wsdl.WSDLPort port)

        if (policyMap == null)
            return false;
        
        try {
            PolicyMapKey endpointKey = policyMap.createWsdlEndpointScopeKey(port.getOwner().getName(),
                    port.getName());
            Policy policy = policyMap.getEndpointEffectivePolicy(endpointKey);
            
            return (policy != null) && policy.contains(Constants.version);
        } catch (PolicyException e) {
            log.log(Level.SEVERE,
                    LogStringsMessages.WSSPIPE_0012_PROBLEM_CHECKING_RELIABLE_MESSAGE_ENABLE(), e);
            throw new WebServiceException(LogStringsMessages.WSSPIPE_0012_PROBLEM_CHECKING_RELIABLE_MESSAGE_ENABLE(), e);
        }
    
protected booleanisSCCancel(com.sun.xml.ws.api.message.Packet packet)

        
        if (!bindingHasSecureConversationPolicy()) {
            return false;
        }
        
        if (!isAddressingEnabled()) {
            return false;
        }
        
        String action = getAction(packet);
        if(WSSCConstants.CANCEL_SECURITY_CONTEXT_TOKEN_RESPONSE_ACTION.equals(action) ||
                WSSCConstants.CANCEL_SECURITY_CONTEXT_TOKEN_ACTION .equals(action)) {
            return true;
        }
        return false;
    
protected booleanisSCMessage(com.sun.xml.ws.api.message.Packet packet)

        
        if (!bindingHasSecureConversationPolicy()) {
            return false;
        }
        
        if (!isAddressingEnabled()) {
            return false;
        }
        
        String action = getAction(packet);
        if (rstSCTURI.equals(action)){
            return true;
        }
        return false;
    
protected booleanisTrustMessage(com.sun.xml.ws.api.message.Packet packet)

        if (!isAddressingEnabled()) {
            return false;
        }
        String action = getAction(packet);
        if(WSTrustConstants.REQUEST_SECURITY_TOKEN_ISSUE_ACTION.equals(action) ||
                WSTrustConstants.REQUEST_SECURITY_TOKEN_RESPONSE_ISSUE_ACTION.equals(action)){
            return true;
        }
        return false;
        
    
protected java.lang.ClassloadClass(java.lang.String classname)

        if (classname == null) {
            return null;
        }
        Class ret = null;
        ClassLoader loader = Thread.currentThread().getContextClassLoader();
        if (loader != null) {
            try {
                ret = loader.loadClass(classname);
                return ret;
            } catch (ClassNotFoundException e) {
                // ignore
            }
        }
        // if context classloader didnt work, try this
        loader = this.getClass().getClassLoader();
        try {
            ret = loader.loadClass(classname);
            return ret;
        } catch (ClassNotFoundException e) {
            // ignore
        }
        log.log(Level.FINE,
                LogStringsMessages.WSSPIPE_0011_COULD_NOT_FIND_USER_CLASS(), classname);
        throw new XWSSecurityException(LogStringsMessages.WSSPIPE_0011_COULD_NOT_FIND_USER_CLASS());
    
private java.lang.StringpopulateCallbackHandlerProps(java.util.Properties props, com.sun.xml.ws.security.policy.CallbackHandlerConfiguration conf)

         //check if timestamp timeout has been set
        if (conf.getTimestampTimeout() != null) {
            //in milliseconds
            this.timestampTimeOut = Long.parseLong(conf.getTimestampTimeout()) * 1000;
        }
        Iterator it = conf.getCallbackHandlers();
        for (; it.hasNext();) {
            PolicyAssertion p = (PolicyAssertion)it.next();
            com.sun.xml.ws.security.impl.policy.CallbackHandler hd = (com.sun.xml.ws.security.impl.policy.CallbackHandler)p;
            String name = hd.getHandlerName();
            String ret = hd.getHandler();
            if ("xwssCallbackHandler".equals(name)) {
                if (ret != null && !"".equals(ret)) {
                    return ret;
                } else {
                    log.log(Level.SEVERE,
                            LogStringsMessages.WSSPIPE_0018_NULL_OR_EMPTY_XWSS_CALLBACK_HANDLER_CLASSNAME());
                    throw new RuntimeException(LogStringsMessages.WSSPIPE_0018_NULL_OR_EMPTY_XWSS_CALLBACK_HANDLER_CLASSNAME());
                }
            } else if ("usernameHandler".equals(name)) {
                if (ret != null && !"".equals(ret)) {
                    props.put(DefaultCallbackHandler.USERNAME_CBH, ret);
                } else {
                    QName qname = new QName("default");
                    String def = hd.getAttributeValue(qname);
                    if (def != null && !"".equals(def)) {
                        props.put(DefaultCallbackHandler.MY_USERNAME, def);
                    } else {
                        log.log(Level.SEVERE,
                                LogStringsMessages.WSSPIPE_0019_NULL_OR_EMPTY_USERNAME_HANDLER_CLASSNAME());
                        throw new RuntimeException(LogStringsMessages.WSSPIPE_0019_NULL_OR_EMPTY_USERNAME_HANDLER_CLASSNAME());
                    }
                }
            } else if ("passwordHandler".equals(name)) {
                if (ret != null && !"".equals(ret)) {
                    props.put(DefaultCallbackHandler.PASSWORD_CBH, ret);
                } else {
                    QName qname = new QName("default");
                    String def = hd.getAttributeValue(qname);
                    if (def != null && !"".equals(def)) {
                        props.put(DefaultCallbackHandler.MY_PASSWORD, def);
                    } else {
                        log.log(Level.SEVERE,
                                LogStringsMessages.WSSPIPE_0020_NULL_OR_EMPTY_PASSWORD_HANDLER_CLASSNAME());
                        throw new RuntimeException(LogStringsMessages.WSSPIPE_0020_NULL_OR_EMPTY_PASSWORD_HANDLER_CLASSNAME());
                    }
                }
            } else if ("samlHandler".equals(name)) {
                if (ret == null || "".equals(ret)) {
                    log.log(Level.SEVERE,
                            LogStringsMessages.WSSPIPE_0021_NULL_OR_EMPTY_SAML_HANDLER_CLASSNAME());
                    throw new RuntimeException(LogStringsMessages.WSSPIPE_0021_NULL_OR_EMPTY_SAML_HANDLER_CLASSNAME());
                }
                props.put(DefaultCallbackHandler.SAML_CBH, ret);
            } else {
                log.log(Level.SEVERE,
                        LogStringsMessages.WSSPIPE_0009_UNSUPPORTED_CALLBACK_TYPE_ENCOUNTERED(name));
                throw new RuntimeException(LogStringsMessages.WSSPIPE_0009_UNSUPPORTED_CALLBACK_TYPE_ENCOUNTERED(name));
            }
        }
        return null;
    
private voidpopulateCertStoreProps(java.util.Properties props, com.sun.xml.ws.security.policy.CertStoreConfig certStoreConfig)

        if (certStoreConfig.getCallbackHandlerClassName() != null) {
            props.put(DefaultCallbackHandler.CERTSTORE_CBH, certStoreConfig.getCallbackHandlerClassName());
        }
        if (certStoreConfig.getCertSelectorClassName() != null) {
            props.put(DefaultCallbackHandler.CERTSTORE_CERTSELECTOR,certStoreConfig.getCertSelectorClassName());
        }
        if (certStoreConfig.getCRLSelectorClassName() != null) {
            props.put(DefaultCallbackHandler.CERTSTORE_CRLSELECTOR,certStoreConfig.getCRLSelectorClassName());
        }
    
protected java.lang.StringpopulateConfigProperties(java.util.Set configAssertions, java.util.Properties props)

        if (configAssertions == null) {
            return null;
        }
        Iterator it = configAssertions.iterator();
        for (; it.hasNext();) {
            PolicyAssertion as = (PolicyAssertion)it.next();
            if ("KeyStore".equals(as.getName().getLocalPart())) {
                populateKeystoreProps(props, (KeyStore)as);
            } else if ("TrustStore".equals(as.getName().getLocalPart())) {
                populateTruststoreProps(props, (TrustStore)as);
            } else if ("CallbackHandlerConfiguration".equals(as.getName().getLocalPart())) {
                String ret = populateCallbackHandlerProps(props, (CallbackHandlerConfiguration)as);
                if (ret != null) {
                    return ret;
                }
            } else if ("ValidatorConfiguration".equals(as.getName().getLocalPart())) {
                populateValidatorProps(props, (ValidatorConfiguration)as);
            } else if ("CertStore".equals(as.getName().getLocalPart())) {
                populateCertStoreProps(props, (CertStoreConfig)as);
            }
        }
        return null;
    
private voidpopulateKeystoreProps(java.util.Properties props, com.sun.xml.ws.security.policy.KeyStore store)

        if (store.getLocation() != null) {
            props.put(DefaultCallbackHandler.KEYSTORE_URL, store.getLocation());
        } else {
            //throw RuntimeException for now
            log.log(Level.SEVERE,
                    LogStringsMessages.WSSPIPE_0014_KEYSTORE_URL_NULL_CONFIG_ASSERTION());
            throw new RuntimeException(LogStringsMessages.WSSPIPE_0014_KEYSTORE_URL_NULL_CONFIG_ASSERTION());
        }
        
        if (store.getType() != null) {
            props.put(DefaultCallbackHandler.KEYSTORE_TYPE, store.getType());
        } else {
            props.put(DefaultCallbackHandler.KEYSTORE_TYPE, "JKS");
        }
        
        if (store.getPassword() != null) {
            props.put(DefaultCallbackHandler.KEYSTORE_PASSWORD, new String(store.getPassword()));
        } else {
            log.log(Level.SEVERE,
                    LogStringsMessages.WSSPIPE_0015_KEYSTORE_PASSWORD_NULL_CONFIG_ASSERTION());
            throw new RuntimeException(LogStringsMessages.WSSPIPE_0015_KEYSTORE_PASSWORD_NULL_CONFIG_ASSERTION() );
        }
        
        if (store.getAlias() != null) {
            props.put(DefaultCallbackHandler.MY_ALIAS, store.getAlias());
        } else {
            // use default alias
            //throw new RuntimeException("KeyStore Alias was obtained as NULL from ConfigAssertion");
        }
        
        if (store.getKeyPassword() != null) {
            props.put(DefaultCallbackHandler.KEY_PASSWORD, store.getKeyPassword());
        }
        
        if (store.getAliasSelectorClassName() != null) {
            props.put(DefaultCallbackHandler.KEYSTORE_CERTSELECTOR, store.getAliasSelectorClassName());
        }
    
private voidpopulateTruststoreProps(java.util.Properties props, com.sun.xml.ws.security.policy.TrustStore store)

        if (store.getLocation() != null) {
            props.put(DefaultCallbackHandler.TRUSTSTORE_URL, store.getLocation());
        } else {
            //throw RuntimeException for now
            log.log(Level.SEVERE,
                    LogStringsMessages.WSSPIPE_0016_TRUSTSTORE_URL_NULL_CONFIG_ASSERTION());
            throw new RuntimeException(LogStringsMessages.WSSPIPE_0016_TRUSTSTORE_URL_NULL_CONFIG_ASSERTION() );
        }
        
        if (store.getType() != null) {
            props.put(DefaultCallbackHandler.TRUSTSTORE_TYPE, store.getType());
        } else {
            props.put(DefaultCallbackHandler.TRUSTSTORE_TYPE, "JKS");
        }
        
        if (store.getPassword() != null) {
            props.put(DefaultCallbackHandler.TRUSTSTORE_PASSWORD, new String(store.getPassword()));
        } else {
            log.log(Level.SEVERE,
                    LogStringsMessages.WSSPIPE_0017_TRUSTSTORE_PASSWORD_NULL_CONFIG_ASSERTION());
            throw new RuntimeException(LogStringsMessages.WSSPIPE_0017_TRUSTSTORE_PASSWORD_NULL_CONFIG_ASSERTION() );
        }
        
        if (store.getPeerAlias() != null) {
            props.put(DefaultCallbackHandler.PEER_ENTITY_ALIAS, store.getPeerAlias());
        }
        
        if (store.getSTSAlias() != null) {
            props.put(DefaultCallbackHandler.STS_ALIAS, store.getSTSAlias());
        }
        
        if (store.getServiceAlias() != null) {
            props.put(DefaultCallbackHandler.SERVICE_ALIAS, store.getServiceAlias());
        }
        
        if (store.getCertSelectorClassName() != null) {
            props.put(DefaultCallbackHandler.TRUSTSTORE_CERTSELECTOR, store.getCertSelectorClassName());
        }
    
private voidpopulateValidatorProps(java.util.Properties props, com.sun.xml.ws.security.policy.ValidatorConfiguration conf)

        if (conf.getMaxClockSkew() != null) {
            props.put(DefaultCallbackHandler.MAX_CLOCK_SKEW_PROPERTY, conf.getMaxClockSkew());
        }
        
        if (conf.getTimestampFreshnessLimit() != null) {
            props.put(DefaultCallbackHandler.TIMESTAMP_FRESHNESS_LIMIT_PROPERTY, conf.getTimestampFreshnessLimit());
        }
        
        if (conf.getMaxNonceAge() != null) {
            props.put(DefaultCallbackHandler.MAX_NONCE_AGE_PROPERTY, conf.getMaxNonceAge());
        }
        if (conf.getRevocationEnabled() != null) {
            props.put(DefaultCallbackHandler.REVOCATION_ENABLED, conf.getRevocationEnabled());
        }
        
        Iterator it = conf.getValidators();
        for (; it.hasNext();) {
            PolicyAssertion p = (PolicyAssertion)it.next();
            Validator v = (Validator)p;
            String name = v.getValidatorName();
            String validator = v.getValidator();
            if (validator == null || "".equals(validator)) {
                log.log(Level.SEVERE,
                        LogStringsMessages.WSSPIPE_0022_NULL_OR_EMPTY_VALIDATOR_CLASSNAME(name));
                throw new RuntimeException(LogStringsMessages.WSSPIPE_0022_NULL_OR_EMPTY_VALIDATOR_CLASSNAME(name));
            }
            
            if ("usernameValidator".equals(name)) {
                props.put(DefaultCallbackHandler.USERNAME_VALIDATOR, validator);
            } else if ("timestampValidator".equals(name)) {
                props.put(DefaultCallbackHandler.TIMESTAMP_VALIDATOR, validator);
            } else if ("certificateValidator".equals(name)) {
                props.put(DefaultCallbackHandler.CERTIFICATE_VALIDATOR, validator);
            } else if ("samlAssertionValidator".equals(name)) {
                props.put(DefaultCallbackHandler.SAML_VALIDATOR, validator);
            } else {
                log.log(Level.SEVERE,
                        LogStringsMessages.WSSPIPE_0010_UNKNOWN_VALIDATOR_TYPE_CONFIG(name));
                throw new RuntimeException(LogStringsMessages.WSSPIPE_0010_UNKNOWN_VALIDATOR_TYPE_CONFIG(name));
            }
        }
    
protected final voidresetCachedOperation()

        cachedOperation = null;
    
protected javax.xml.soap.SOAPMessagesecureOutboundMessage(javax.xml.soap.SOAPMessage message, com.sun.xml.wss.ProcessingContext ctx)

        try {
            ctx.setSOAPMessage(message);
            SecurityAnnotator.secureMessage(ctx);
            return ctx.getSOAPMessage();
        } catch (WssSoapFaultException soapFaultException) {
            throw getSOAPFaultException(soapFaultException);
        } catch (XWSSecurityException xwse) {
            WssSoapFaultException wsfe =
                    SecurableSoapMessage.newSOAPFaultException(
                    MessageConstants.WSSE_INTERNAL_SERVER_ERROR,
                    xwse.getMessage(), xwse);
            throw getSOAPFaultException(wsfe);
        }
    
protected com.sun.xml.ws.api.message.MessagesecureOutboundMessage(com.sun.xml.ws.api.message.Message message, com.sun.xml.wss.ProcessingContext ctx)

        try{
            JAXBFilterProcessingContext  context = (JAXBFilterProcessingContext)ctx;
            context.setSOAPVersion(soapVersion);
            context.setJAXWSMessage(message, soapVersion);
            context.isOneWayMessage(message.isOneWay(this.pipeConfig.getWSDLModel()));   
            context.setDisableIncPrefix(disableIncPrefix);
            context.setEncHeaderContent(encHeaderContent);
            context.setBSP(bsp10);
            SecurityAnnotator.secureMessage(context);            
            return context.getJAXWSMessage();
        } catch(XWSSecurityException xwse){
            WssSoapFaultException wsfe =
                    SecurableSoapMessage.newSOAPFaultException(
                    MessageConstants.WSSE_INTERNAL_SERVER_ERROR,
                    xwse.getMessage(), xwse);
            throw getSOAPFaultException(wsfe);
        }
    
public voidsetNextPipe(com.sun.xml.ws.api.pipe.Pipe pipe)

        nextPipe = pipe;
    
protected com.sun.xml.ws.policy.sourcemodel.PolicySourceModelunmarshalPolicy(java.lang.String resource)

        InputStream is = Thread.currentThread().getContextClassLoader().getResourceAsStream(resource);
        if (is == null) return null;
        Reader reader =  new InputStreamReader(is);
        PolicySourceModel model = PolicyModelUnmarshaller.getXmlUnmarshaller().unmarshalModel(reader);
        reader.close();
        return model;
    
protected javax.xml.soap.SOAPMessageverifyInboundMessage(javax.xml.soap.SOAPMessage message, com.sun.xml.wss.ProcessingContext ctx)

        try {
            ctx.setSOAPMessage(message);
            if (debug) {
                DumpFilter.process(ctx);
            }
            NewSecurityRecipient.validateMessage(ctx);
            return ctx.getSOAPMessage();
        } catch (WssSoapFaultException soapFaultException) {
            throw getSOAPFaultException(soapFaultException);
        } catch (XWSSecurityException xwse) {
            WssSoapFaultException wsfe =
                    SecurableSoapMessage.newSOAPFaultException(
                    MessageConstants.WSSE_INTERNAL_SERVER_ERROR,
                    xwse.getMessage(), xwse);
            throw getSOAPFaultException(wsfe);
        }
    
protected com.sun.xml.ws.api.message.MessageverifyInboundMessage(com.sun.xml.ws.api.message.Message message, com.sun.xml.wss.ProcessingContext ctx)

        JAXBFilterProcessingContext  context = (JAXBFilterProcessingContext)ctx;
        context.setDisablePayloadBuffering(disablePayloadBuffer);
        context.setDisableIncPrefix(disableIncPrefix);
        context.setEncHeaderContent(encHeaderContent);
         context.setBSP(bsp10);
        //  context.setJAXWSMessage(message, soapVersion);
        if(debug){
            try {
                ((LazyStreamBasedMessage)message).print();
            } catch (XMLStreamException ex) {
                log.log(Level.SEVERE, LogStringsMessages.WSSPIPE_0003_PROBLEM_PRINTING_MSG(), ex);
                throw new XWSSecurityException(LogStringsMessages.WSSPIPE_0003_PROBLEM_PRINTING_MSG(), ex);
            }
        }
        com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient recipient =
                new com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient(((LazyStreamBasedMessage)message).readMessage(),soapVersion);
        
        return recipient.validateMessage(context);