Package org.apache.cxf.ws.security.wss4j

Class CryptoCoverageChecker

java.lang.Object
org.apache.cxf.phase.AbstractPhaseInterceptor<org.apache.cxf.binding.soap.SoapMessage>
org.apache.cxf.binding.soap.interceptor.AbstractSoapInterceptor
org.apache.cxf.ws.security.wss4j.CryptoCoverageChecker
All Implemented Interfaces:
org.apache.cxf.binding.soap.interceptor.SoapInterceptor, org.apache.cxf.interceptor.Interceptor<org.apache.cxf.binding.soap.SoapMessage>, org.apache.cxf.phase.PhaseInterceptor<org.apache.cxf.binding.soap.SoapMessage>
Direct Known Subclasses:
DefaultCryptoCoverageChecker
public class CryptoCoverageChecker extends org.apache.cxf.binding.soap.interceptor.AbstractSoapInterceptor
Utility to enable the checking of WS-Security signature/encryption coverage based on the results of the WSS4J processors. This interceptor provides an alternative to using WS-Policy based configuration for crypto coverage enforcement.

  • Nested Class Summary

    Nested Classes
    Modifier and Type
    Class
    Description
    static class 
    CryptoCoverageChecker.XPathExpression
    A simple wrapper for an XPath expression and coverage type / scope indicating how the XPath expression should be enforced as a cryptographic coverage requirement.

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    protected Map<String,String>
    prefixMap
    Mapping of namespace prefixes to namespace URIs.
    protected List<CryptoCoverageChecker.XPathExpression>
    xPaths
    The XPath expressions for locating elements in SOAP messages that must be covered.

  • Constructor Summary

    Constructors
    Constructor
    Description
    CryptoCoverageChecker()
    Creates a new instance.
    CryptoCoverageChecker(Map<String,String> prefixes, List<CryptoCoverageChecker.XPathExpression> xPaths)
    Creates a new instance that checks for signature coverage over matches to the provided XPath expressions making defensive copies of provided arguments.

  • Method Summary

    Modifier and Type
    Method
    Description
    final void
    addPrefixes(Map<String,String> prefixes)
    Adds the mapping of namespace prefixes to namespace URIs, adding to any previously set mappings.
    final void
    addXPaths(List<CryptoCoverageChecker.XPathExpression> xpaths)
    Adds the XPath expressions to check for, adding to any previously set expressions.
    void
    handleMessage(org.apache.cxf.binding.soap.SoapMessage message)
    Checks that the WSS4J results refer to the required signed/encrypted elements as defined by the XPath expressions in xPaths.
    boolean
    isCheckFaults()
     
    void
    setCheckFaults(boolean checkFaults)
     
    final void
    setPrefixes(Map<String,String> prefixes)
    Sets the mapping of namespace prefixes to namespace URIs, clearing all previously set mappings.
    final void
    setXPaths(List<CryptoCoverageChecker.XPathExpression> xpaths)
    Sets the XPath expressions to check for, clearing all previously set expressions.

    Methods inherited from class org.apache.cxf.binding.soap.interceptor.AbstractSoapInterceptor

    getFaultCodePrefix, getRoles, getUnderstoodHeaders, prepareStackTrace

    Methods inherited from class org.apache.cxf.phase.AbstractPhaseInterceptor

    addAfter, addAfter, addBefore, addBefore, getAdditionalInterceptors, getAfter, getBefore, getId, getPhase, handleFault, isGET, isRequestor, setAfter, setBefore

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    Methods inherited from interface org.apache.cxf.interceptor.Interceptor

    handleFault

  • Field Details

  • Constructor Details

    • CryptoCoverageChecker

      public CryptoCoverageChecker()
      Creates a new instance. See #setPrefixes() and #setXpaths() for providing configuration options.

    • CryptoCoverageChecker

      public CryptoCoverageChecker(Map<String,String> prefixes, List<CryptoCoverageChecker.XPathExpression> xPaths)
      Creates a new instance that checks for signature coverage over matches to the provided XPath expressions making defensive copies of provided arguments.
      Parameters:
      prefixes - mapping of namespace prefixes to namespace URIs
      xPaths - a list of XPath expressions

  • Method Details

    • handleMessage

      public void handleMessage(org.apache.cxf.binding.soap.SoapMessage message) throws org.apache.cxf.interceptor.Fault
      Checks that the WSS4J results refer to the required signed/encrypted elements as defined by the XPath expressions in xPaths.
      Parameters:
      message - the SOAP message containing the signature
      Throws:
      org.apache.cxf.binding.soap.SoapFault - if there is an error evaluating an XPath or an element is not covered by the required cryptographic operation
      org.apache.cxf.interceptor.Fault

    • setXPaths

      public final void setXPaths(List<CryptoCoverageChecker.XPathExpression> xpaths)
      Sets the XPath expressions to check for, clearing all previously set expressions.
      Parameters:
      xpaths - the XPath expressions to check for

    • addXPaths

      public final void addXPaths(List<CryptoCoverageChecker.XPathExpression> xpaths)
      Adds the XPath expressions to check for, adding to any previously set expressions.
      Parameters:
      xpaths - the XPath expressions to check for

    • setPrefixes

      public final void setPrefixes(Map<String,String> prefixes)
      Sets the mapping of namespace prefixes to namespace URIs, clearing all previously set mappings.
      Parameters:
      prefixes - the mapping of namespace prefixes to namespace URIs

    • addPrefixes

      public final void addPrefixes(Map<String,String> prefixes)
      Adds the mapping of namespace prefixes to namespace URIs, adding to any previously set mappings.
      Parameters:
      prefixes - the mapping of namespace prefixes to namespace URIs

    • isCheckFaults

      public boolean isCheckFaults()

    • setCheckFaults

      public void setCheckFaults(boolean checkFaults)