org.globus.wsrf.impl.security.authentication.wssec
Class WSSecurityEngine
java.lang.Object
org.globus.wsrf.impl.security.authentication.wssec.WSSecurityEngine
- Direct Known Subclasses:
- WSSecurityRequestEngine, WSSecurityResponseEngine
- public abstract class WSSecurityEngine
- extends Object
|
Method Summary |
protected void |
checkMessageValidity(ReplayAttackFilter replayFilter,
org.w3c.dom.Element timestampElem,
SOAPHeaderElement messageIDHeader)
|
private boolean |
constantSet(Object msgVal,
Object propValue)
|
abstract boolean |
decryptXMLEncryption(org.w3c.dom.Element element,
MessageContext msgCtx)
|
boolean |
decryptXMLEncryption(org.w3c.dom.Element element,
PrivateKey privateKey)
|
protected void |
enforceSecureDispatchHeaders(org.apache.xml.security.signature.SignedInfo info,
MessageContext msgCtx,
boolean request)
|
protected void |
ensureSignature(MessageContext msgCtx)
|
protected X509Certificate[] |
getCertificatesX509Data(org.apache.xml.security.keys.KeyInfo info)
|
protected QName |
getResourceKeyHeaderQName(MessageContext msgCtx)
|
protected javax.security.auth.Subject |
getSubject(MessageContext msgCtx)
|
boolean |
handleEncryptionElement(org.w3c.dom.Element element,
MessageContext msgCtx)
|
boolean |
handleSignatureElement(org.w3c.dom.Element element,
MessageContext msgCtx,
boolean request)
|
boolean |
handleUsernameElement(org.w3c.dom.Element element,
MessageContext msgCtx)
|
static void |
normalize(org.w3c.dom.Node node)
Replaces all Text nodes that start with "\n " or "\n\n" with
"\n" This is only used by signature callback. |
void |
processSecurityHeader(org.w3c.dom.Element securityHeader,
MessageContext msgCtx,
String actor,
SOAPHeaderElement messageIdHeader,
boolean request)
|
abstract org.w3c.dom.Document |
processSecurityHeader(SOAPEnvelope env,
MessageContext msgCtx)
|
org.w3c.dom.Document |
processSecurityHeader(SOAPEnvelope env,
MessageContext msgCtx,
boolean request)
|
org.w3c.dom.Document |
processSecurityHeader(SOAPEnvelope env,
String actor,
MessageContext msgCtx,
boolean request)
|
protected void |
processTimestampHeader(org.w3c.dom.Element timestampElem,
MessageContext msgCtx,
SOAPHeaderElement messageIDHeader)
|
protected boolean |
rejectMsgSansTimestampHeader(MessageContext msgCtx,
String propertyValue)
|
protected void |
setContextProperties(MessageContext msgContext,
SecurityContext secContext,
Integer msgType)
|
abstract boolean |
verifyGssXMLSignature(org.apache.xml.security.signature.XMLSignature sig,
MessageContext msgCtx)
|
protected boolean |
verifyTimestamp(Calendar created,
int TTL)
|
protected boolean |
verifyTimestamp(org.apache.ws.security.message.token.Timestamp timestamp,
int TTL)
|
abstract boolean |
verifyXMLSignature(org.apache.xml.security.signature.XMLSignature sig,
MessageContext msgCtx)
|
protected boolean |
verifyXMLSignature(org.apache.xml.security.signature.XMLSignature sig,
MessageContext msgCtx,
org.globus.gsi.proxy.ProxyPathValidator validator)
|
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
i18n
protected static org.globus.util.I18n i18n
log
private static org.apache.commons.logging.Log log
SIG_LN
public static final String SIG_LN
- See Also:
- Constant Field Values
wssEngine
private org.apache.ws.security.WSSecurityEngine wssEngine
crypto
private static ContextCrypto crypto
WSSecurityEngine
public WSSecurityEngine()
handleSignatureElement
public boolean handleSignatureElement(org.w3c.dom.Element element,
MessageContext msgCtx,
boolean request)
throws Exception
- Throws:
Exception
enforceSecureDispatchHeaders
protected void enforceSecureDispatchHeaders(org.apache.xml.security.signature.SignedInfo info,
MessageContext msgCtx,
boolean request)
throws Exception
- Throws:
Exception
getResourceKeyHeaderQName
protected QName getResourceKeyHeaderQName(MessageContext msgCtx)
throws Exception
- Throws:
Exception
verifyGssXMLSignature
public abstract boolean verifyGssXMLSignature(org.apache.xml.security.signature.XMLSignature sig,
MessageContext msgCtx)
throws Exception
- Throws:
Exception
getCertificatesX509Data
protected X509Certificate[] getCertificatesX509Data(org.apache.xml.security.keys.KeyInfo info)
throws Exception
- Throws:
Exception
verifyXMLSignature
public abstract boolean verifyXMLSignature(org.apache.xml.security.signature.XMLSignature sig,
MessageContext msgCtx)
throws Exception
- Throws:
Exception
verifyXMLSignature
protected boolean verifyXMLSignature(org.apache.xml.security.signature.XMLSignature sig,
MessageContext msgCtx,
org.globus.gsi.proxy.ProxyPathValidator validator)
throws Exception
- Throws:
Exception
getSubject
protected javax.security.auth.Subject getSubject(MessageContext msgCtx)
handleEncryptionElement
public boolean handleEncryptionElement(org.w3c.dom.Element element,
MessageContext msgCtx)
throws Exception
- Throws:
Exception
decryptXMLEncryption
public abstract boolean decryptXMLEncryption(org.w3c.dom.Element element,
MessageContext msgCtx)
throws Exception
- Throws:
Exception
decryptXMLEncryption
public boolean decryptXMLEncryption(org.w3c.dom.Element element,
PrivateKey privateKey)
throws Exception
- Throws:
Exception
processSecurityHeader
public abstract org.w3c.dom.Document processSecurityHeader(SOAPEnvelope env,
MessageContext msgCtx)
throws Exception
- Throws:
Exception
processSecurityHeader
public org.w3c.dom.Document processSecurityHeader(SOAPEnvelope env,
MessageContext msgCtx,
boolean request)
throws Exception
- Throws:
Exception
processSecurityHeader
public org.w3c.dom.Document processSecurityHeader(SOAPEnvelope env,
String actor,
MessageContext msgCtx,
boolean request)
throws Exception
- Throws:
Exception
processSecurityHeader
public void processSecurityHeader(org.w3c.dom.Element securityHeader,
MessageContext msgCtx,
String actor,
SOAPHeaderElement messageIdHeader,
boolean request)
throws Exception
- Throws:
Exception
handleUsernameElement
public boolean handleUsernameElement(org.w3c.dom.Element element,
MessageContext msgCtx)
throws Exception
- Throws:
Exception
processTimestampHeader
protected void processTimestampHeader(org.w3c.dom.Element timestampElem,
MessageContext msgCtx,
SOAPHeaderElement messageIDHeader)
throws Exception
- Throws:
Exception
verifyTimestamp
protected boolean verifyTimestamp(org.apache.ws.security.message.token.Timestamp timestamp,
int TTL)
verifyTimestamp
protected boolean verifyTimestamp(Calendar created,
int TTL)
checkMessageValidity
protected void checkMessageValidity(ReplayAttackFilter replayFilter,
org.w3c.dom.Element timestampElem,
SOAPHeaderElement messageIDHeader)
throws Exception
- Throws:
Exception
rejectMsgSansTimestampHeader
protected boolean rejectMsgSansTimestampHeader(MessageContext msgCtx,
String propertyValue)
throws Exception
- Throws:
Exception
normalize
public static void normalize(org.w3c.dom.Node node)
- Replaces all Text nodes that start with "\n " or "\n\n" with
"\n" This is only used by signature callback.
There is a bug somewhere in serliazation/deserialization code
that appends spaces to \n Text nodes for no reason breaking
the signature stuff.
ensureSignature
protected void ensureSignature(MessageContext msgCtx)
throws Exception
- Throws:
Exception
constantSet
private boolean constantSet(Object msgVal,
Object propValue)
setContextProperties
protected void setContextProperties(MessageContext msgContext,
SecurityContext secContext,
Integer msgType)
throws Exception
- Throws:
Exception