Class AbstractBindingPolicyValidator
java.lang.Object
org.apache.cxf.ws.security.wss4j.policyvalidators.AbstractBindingPolicyValidator
- All Implemented Interfaces:
SecurityPolicyValidator
- Direct Known Subclasses:
AsymmetricBindingPolicyValidator,SymmetricBindingPolicyValidator,TransportBindingPolicyValidator
public abstract class AbstractBindingPolicyValidator
extends Object
implements SecurityPolicyValidator
Some abstract functionality for validating a security binding.
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected voidassertDerivedKeys(org.apache.wss4j.policy.model.AbstractToken token, org.apache.cxf.ws.policy.AssertionInfoMap aim) protected booleancheckDerivedKeys(org.apache.wss4j.policy.model.AbstractTokenWrapper tokenWrapper, boolean hasDerivedKeys, List<org.apache.wss4j.dom.engine.WSSecurityEngineResult> signedResults, List<org.apache.wss4j.dom.engine.WSSecurityEngineResult> encryptedResults) Check the derived key requirement.protected booleancheckProperties(org.apache.wss4j.policy.model.AbstractSymmetricAsymmetricBinding binding, org.apache.cxf.ws.policy.AssertionInfo ai, org.apache.cxf.ws.policy.AssertionInfoMap aim, org.apache.wss4j.dom.handler.WSHandlerResult results, List<org.apache.wss4j.dom.engine.WSSecurityEngineResult> signedResults, org.apache.cxf.message.Message message) Check various properties set in the policy of the bindingprotected booleancheckProtectionOrder(org.apache.wss4j.policy.model.AbstractSymmetricAsymmetricBinding binding, org.apache.cxf.ws.policy.AssertionInfoMap aim, org.apache.cxf.ws.policy.AssertionInfo ai, List<org.apache.wss4j.dom.engine.WSSecurityEngineResult> results) Check the Protection Order of the bindingprotected booleanisSignatureEncrypted(List<org.apache.wss4j.dom.engine.WSSecurityEngineResult> results) Check whether the primary Signature (and all SignatureConfirmation) elements were encryptedprotected booleanisTokenProtected(List<org.apache.wss4j.dom.engine.WSSecurityEngineResult> results, List<org.apache.wss4j.dom.engine.WSSecurityEngineResult> signedResults) Check whether the token protection policy is followed.protected booleanvalidateEntireHeaderAndBodySignatures(List<org.apache.wss4j.dom.engine.WSSecurityEngineResult> signedResults) Validate the entire header and body signature property.protected booleanvalidateTimestamp(boolean includeTimestamp, boolean transportBinding, org.apache.wss4j.dom.handler.WSHandlerResult results, List<org.apache.wss4j.dom.engine.WSSecurityEngineResult> signedResults, org.apache.cxf.message.Message message) Validate a TimestampMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface org.apache.cxf.ws.security.wss4j.policyvalidators.SecurityPolicyValidator
canValidatePolicy, validatePolicies
-
Constructor Details
-
AbstractBindingPolicyValidator
public AbstractBindingPolicyValidator()
-
-
Method Details
-
validateTimestamp
protected boolean validateTimestamp(boolean includeTimestamp, boolean transportBinding, org.apache.wss4j.dom.handler.WSHandlerResult results, List<org.apache.wss4j.dom.engine.WSSecurityEngineResult> signedResults, org.apache.cxf.message.Message message) Validate a Timestamp- Parameters:
includeTimestamp- whether a Timestamp must be included or nottransportBinding- whether the Transport binding is in use or notsignedResults- the signed results listmessage- the Message object- Returns:
- whether the Timestamp policy is valid or not
-
validateEntireHeaderAndBodySignatures
protected boolean validateEntireHeaderAndBodySignatures(List<org.apache.wss4j.dom.engine.WSSecurityEngineResult> signedResults) Validate the entire header and body signature property. -
checkProperties
protected boolean checkProperties(org.apache.wss4j.policy.model.AbstractSymmetricAsymmetricBinding binding, org.apache.cxf.ws.policy.AssertionInfo ai, org.apache.cxf.ws.policy.AssertionInfoMap aim, org.apache.wss4j.dom.handler.WSHandlerResult results, List<org.apache.wss4j.dom.engine.WSSecurityEngineResult> signedResults, org.apache.cxf.message.Message message) Check various properties set in the policy of the binding -
checkProtectionOrder
protected boolean checkProtectionOrder(org.apache.wss4j.policy.model.AbstractSymmetricAsymmetricBinding binding, org.apache.cxf.ws.policy.AssertionInfoMap aim, org.apache.cxf.ws.policy.AssertionInfo ai, List<org.apache.wss4j.dom.engine.WSSecurityEngineResult> results) Check the Protection Order of the binding -
checkDerivedKeys
protected boolean checkDerivedKeys(org.apache.wss4j.policy.model.AbstractTokenWrapper tokenWrapper, boolean hasDerivedKeys, List<org.apache.wss4j.dom.engine.WSSecurityEngineResult> signedResults, List<org.apache.wss4j.dom.engine.WSSecurityEngineResult> encryptedResults) Check the derived key requirement. -
isTokenProtected
protected boolean isTokenProtected(List<org.apache.wss4j.dom.engine.WSSecurityEngineResult> results, List<org.apache.wss4j.dom.engine.WSSecurityEngineResult> signedResults) Check whether the token protection policy is followed. In other words, check that the signature token was itself signed. -
isSignatureEncrypted
protected boolean isSignatureEncrypted(List<org.apache.wss4j.dom.engine.WSSecurityEngineResult> results) Check whether the primary Signature (and all SignatureConfirmation) elements were encrypted -
assertDerivedKeys
protected void assertDerivedKeys(org.apache.wss4j.policy.model.AbstractToken token, org.apache.cxf.ws.policy.AssertionInfoMap aim)
-