org.globus.wsrf.impl.security.authentication.wssec
Class WSSecurityEngine
java.lang.Object
org.globus.wsrf.impl.security.authentication.wssec.WSSecurityEngine
- Direct Known Subclasses:
- WSSecurityRequestEngine, WSSecurityResponseEngine
- public abstract class WSSecurityEngine
- extends java.lang.Object
|
Field Summary |
private static ContextCrypto |
crypto
|
protected static org.globus.util.I18n |
i18n
|
private static org.apache.commons.logging.Log |
log
|
static java.lang.String |
SIG_LN
|
private org.apache.ws.security.WSSecurityEngine |
wssEngine
|
|
Method Summary |
protected void |
checkMessageValidity(ReplayAttackFilter replayFilter,
org.w3c.dom.Element timestampElem,
javax.xml.soap.SOAPHeaderElement messageIDHeader)
|
private boolean |
constantSet(java.lang.Object msgVal,
java.lang.Object propValue)
|
abstract boolean |
decryptXMLEncryption(org.w3c.dom.Element element,
javax.xml.rpc.handler.MessageContext msgCtx)
|
boolean |
decryptXMLEncryption(org.w3c.dom.Element element,
java.security.PrivateKey privateKey)
|
protected void |
enforceSecureDispatchHeaders(org.apache.xml.security.signature.SignedInfo info,
javax.xml.rpc.handler.MessageContext msgCtx,
boolean request)
|
protected void |
ensureSignature(javax.xml.rpc.handler.MessageContext msgCtx)
|
protected java.security.cert.X509Certificate[] |
getCertificatesX509Data(org.apache.xml.security.keys.KeyInfo info)
|
protected javax.xml.namespace.QName |
getResourceKeyHeaderQName(javax.xml.rpc.handler.MessageContext msgCtx)
|
protected javax.security.auth.Subject |
getSubject(javax.xml.rpc.handler.MessageContext msgCtx)
|
boolean |
handleEncryptionElement(org.w3c.dom.Element element,
javax.xml.rpc.handler.MessageContext msgCtx)
|
boolean |
handleSignatureElement(org.w3c.dom.Element element,
javax.xml.rpc.handler.MessageContext msgCtx,
boolean request)
|
boolean |
handleUsernameElement(org.w3c.dom.Element element,
javax.xml.rpc.handler.MessageContext msgCtx)
|
static void |
normalize(org.w3c.dom.Node node)
Replaces all Text nodes that start with "\n " or "\n\n" with
"\n" This is only used by signature callback. |
void |
processSecurityHeader(org.w3c.dom.Element securityHeader,
javax.xml.rpc.handler.MessageContext msgCtx,
java.lang.String actor,
javax.xml.soap.SOAPHeaderElement messageIdHeader,
boolean request)
|
abstract org.w3c.dom.Document |
processSecurityHeader(javax.xml.soap.SOAPEnvelope env,
javax.xml.rpc.handler.MessageContext msgCtx)
|
org.w3c.dom.Document |
processSecurityHeader(javax.xml.soap.SOAPEnvelope env,
javax.xml.rpc.handler.MessageContext msgCtx,
boolean request)
|
org.w3c.dom.Document |
processSecurityHeader(javax.xml.soap.SOAPEnvelope env,
java.lang.String actor,
javax.xml.rpc.handler.MessageContext msgCtx,
boolean request)
|
protected void |
processTimestampHeader(org.w3c.dom.Element timestampElem,
javax.xml.rpc.handler.MessageContext msgCtx,
javax.xml.soap.SOAPHeaderElement messageIDHeader)
|
protected boolean |
rejectMsgSansTimestampHeader(javax.xml.rpc.handler.MessageContext msgCtx,
java.lang.String propertyValue)
|
protected void |
setContextProperties(javax.xml.rpc.handler.MessageContext msgContext,
SecurityContext secContext,
java.lang.Integer msgType)
|
abstract boolean |
verifyGssXMLSignature(org.apache.xml.security.signature.XMLSignature sig,
javax.xml.rpc.handler.MessageContext msgCtx)
|
protected boolean |
verifyTimestamp(java.util.Calendar created,
int TTL)
|
protected boolean |
verifyTimestamp(org.apache.ws.security.message.token.Timestamp timestamp,
int TTL)
|
abstract boolean |
verifyXMLSignature(org.apache.xml.security.signature.XMLSignature sig,
javax.xml.rpc.handler.MessageContext msgCtx)
|
protected boolean |
verifyXMLSignature(org.apache.xml.security.signature.XMLSignature sig,
javax.xml.rpc.handler.MessageContext msgCtx,
org.globus.gsi.proxy.ProxyPathValidator validator)
|
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
i18n
protected static org.globus.util.I18n i18n
log
private static org.apache.commons.logging.Log log
SIG_LN
public static final java.lang.String SIG_LN
- See Also:
- Constant Field Values
wssEngine
private org.apache.ws.security.WSSecurityEngine wssEngine
crypto
private static ContextCrypto crypto
WSSecurityEngine
public WSSecurityEngine()
handleSignatureElement
public boolean handleSignatureElement(org.w3c.dom.Element element,
javax.xml.rpc.handler.MessageContext msgCtx,
boolean request)
throws java.lang.Exception
- Throws:
java.lang.Exception
enforceSecureDispatchHeaders
protected void enforceSecureDispatchHeaders(org.apache.xml.security.signature.SignedInfo info,
javax.xml.rpc.handler.MessageContext msgCtx,
boolean request)
throws java.lang.Exception
- Throws:
java.lang.Exception
getResourceKeyHeaderQName
protected javax.xml.namespace.QName getResourceKeyHeaderQName(javax.xml.rpc.handler.MessageContext msgCtx)
throws java.lang.Exception
- Throws:
java.lang.Exception
verifyGssXMLSignature
public abstract boolean verifyGssXMLSignature(org.apache.xml.security.signature.XMLSignature sig,
javax.xml.rpc.handler.MessageContext msgCtx)
throws java.lang.Exception
- Throws:
java.lang.Exception
getCertificatesX509Data
protected java.security.cert.X509Certificate[] getCertificatesX509Data(org.apache.xml.security.keys.KeyInfo info)
throws java.lang.Exception
- Throws:
java.lang.Exception
verifyXMLSignature
public abstract boolean verifyXMLSignature(org.apache.xml.security.signature.XMLSignature sig,
javax.xml.rpc.handler.MessageContext msgCtx)
throws java.lang.Exception
- Throws:
java.lang.Exception
verifyXMLSignature
protected boolean verifyXMLSignature(org.apache.xml.security.signature.XMLSignature sig,
javax.xml.rpc.handler.MessageContext msgCtx,
org.globus.gsi.proxy.ProxyPathValidator validator)
throws java.lang.Exception
- Throws:
java.lang.Exception
getSubject
protected javax.security.auth.Subject getSubject(javax.xml.rpc.handler.MessageContext msgCtx)
handleEncryptionElement
public boolean handleEncryptionElement(org.w3c.dom.Element element,
javax.xml.rpc.handler.MessageContext msgCtx)
throws java.lang.Exception
- Throws:
java.lang.Exception
decryptXMLEncryption
public abstract boolean decryptXMLEncryption(org.w3c.dom.Element element,
javax.xml.rpc.handler.MessageContext msgCtx)
throws java.lang.Exception
- Throws:
java.lang.Exception
decryptXMLEncryption
public boolean decryptXMLEncryption(org.w3c.dom.Element element,
java.security.PrivateKey privateKey)
throws java.lang.Exception
- Throws:
java.lang.Exception
processSecurityHeader
public abstract org.w3c.dom.Document processSecurityHeader(javax.xml.soap.SOAPEnvelope env,
javax.xml.rpc.handler.MessageContext msgCtx)
throws java.lang.Exception
- Throws:
java.lang.Exception
processSecurityHeader
public org.w3c.dom.Document processSecurityHeader(javax.xml.soap.SOAPEnvelope env,
javax.xml.rpc.handler.MessageContext msgCtx,
boolean request)
throws java.lang.Exception
- Throws:
java.lang.Exception
processSecurityHeader
public org.w3c.dom.Document processSecurityHeader(javax.xml.soap.SOAPEnvelope env,
java.lang.String actor,
javax.xml.rpc.handler.MessageContext msgCtx,
boolean request)
throws java.lang.Exception
- Throws:
java.lang.Exception
processSecurityHeader
public void processSecurityHeader(org.w3c.dom.Element securityHeader,
javax.xml.rpc.handler.MessageContext msgCtx,
java.lang.String actor,
javax.xml.soap.SOAPHeaderElement messageIdHeader,
boolean request)
throws java.lang.Exception
- Throws:
java.lang.Exception
handleUsernameElement
public boolean handleUsernameElement(org.w3c.dom.Element element,
javax.xml.rpc.handler.MessageContext msgCtx)
throws java.lang.Exception
- Throws:
java.lang.Exception
processTimestampHeader
protected void processTimestampHeader(org.w3c.dom.Element timestampElem,
javax.xml.rpc.handler.MessageContext msgCtx,
javax.xml.soap.SOAPHeaderElement messageIDHeader)
throws java.lang.Exception
- Throws:
java.lang.Exception
verifyTimestamp
protected boolean verifyTimestamp(org.apache.ws.security.message.token.Timestamp timestamp,
int TTL)
verifyTimestamp
protected boolean verifyTimestamp(java.util.Calendar created,
int TTL)
checkMessageValidity
protected void checkMessageValidity(ReplayAttackFilter replayFilter,
org.w3c.dom.Element timestampElem,
javax.xml.soap.SOAPHeaderElement messageIDHeader)
throws java.lang.Exception
- Throws:
java.lang.Exception
rejectMsgSansTimestampHeader
protected boolean rejectMsgSansTimestampHeader(javax.xml.rpc.handler.MessageContext msgCtx,
java.lang.String propertyValue)
throws java.lang.Exception
- Throws:
java.lang.Exception
normalize
public static void normalize(org.w3c.dom.Node node)
- Replaces all Text nodes that start with "\n " or "\n\n" with
"\n" This is only used by signature callback.
There is a bug somewhere in serliazation/deserialization code
that appends spaces to \n Text nodes for no reason breaking
the signature stuff.
ensureSignature
protected void ensureSignature(javax.xml.rpc.handler.MessageContext msgCtx)
throws java.lang.Exception
- Throws:
java.lang.Exception
constantSet
private boolean constantSet(java.lang.Object msgVal,
java.lang.Object propValue)
setContextProperties
protected void setContextProperties(javax.xml.rpc.handler.MessageContext msgContext,
SecurityContext secContext,
java.lang.Integer msgType)
throws java.lang.Exception
- Throws:
java.lang.Exception