public String getUsernameFromMessage(SOAPMessage saajSoapMessage) throws WSSecurityException { if (saajSoapMessage == null) { return null; } Element securityHeader = WSSecurityUtil.getSecurityHeader(saajSoapMessage.getSOAPPart(), ""); return getUsernameFromSecurityHeader(securityHeader); }
/** Sets the validation actions to be executed by the interceptor. */ public void setValidationActions(String actions) { this.validationActions = actions; try { validationActionsVector = WSSecurityUtil.decodeAction(actions); } catch (WSSecurityException ex) { throw new IllegalArgumentException(ex); } }
/** * Get the SOAP Body */ public Element getSOAPBody() { return WSSecurityUtil.findBodyElement(doc); } }
/** * Returns the first WS-Security header element for a given actor. Only one * WS-Security header is allowed for an actor. * * @param doc * @param actor * @return the <code>wsse:Security</code> element or <code>null</code> * if not such element found */ public static Element getSecurityHeader(Document doc, String actor) throws WSSecurityException { Element soapHeaderElement = getSOAPHeader(doc); if (soapHeaderElement == null) { // no SOAP header at all return null; } String soapNamespace = WSSecurityUtil.getSOAPNamespace(doc.getDocumentElement()); return getSecurityHeader(soapHeaderElement, actor, WSConstants.URI_SOAP12_ENV.equals(soapNamespace)); }
boolean doCreate ) throws WSSecurityException { String soapNamespace = WSSecurityUtil.getSOAPNamespace(doc.getDocumentElement()); Element header = XMLUtils.getDirectChildElement( header = createElementInSameNamespace(node, WSConstants.ELEM_HEADER); } else { header = createElementInSameNamespace(doc.getDocumentElement(), WSConstants.ELEM_HEADER); header = (Element)getDomElement(header); header = prependChildElement(envelope, header); header = createElementInSameNamespace(envelope, WSConstants.ELEM_HEADER); header = prependChildElement(envelope, header); String hActor = (attr != null) ? attr.getValue() : null; if (WSSecurityUtil.isActorEqual(actor, hActor)) { if (foundSecurityHeader != null) { LOG.debug( foundSecurityHeader.setAttributeNS(WSConstants.XMLNS_NS, "xmlns:wsse", WSConstants.WSSE_NS); doc.importNode(foundSecurityHeader, true); foundSecurityHeader = (Element)getDomElement(foundSecurityHeader); return prependChildElement(header, foundSecurityHeader);
List<Integer> actions = WSSecurityUtil.decodeAction(action); WSSecurityUtil.getSecurityHeader(doc.getSOAPHeader(), actor, version.getVersion() != 1.1); elem = (Element)DOMUtils.getDomElement(elem); Node originalNode = null;
/** * Creates and adds a Nonce element to this UsernameToken */ public void addNonce(Document doc) { if (elementNonce != null) { return; } byte[] nonceValue = null; try { nonceValue = WSSecurityUtil.generateNonce(16); } catch (WSSecurityException ex) { LOG.debug(ex.getMessage(), ex); return; } elementNonce = doc.createElementNS(WSConstants.WSSE_NS, "wsse:" + WSConstants.NONCE_LN); elementNonce.appendChild(doc.createTextNode(org.apache.xml.security.utils.XMLUtils.encodeToString(nonceValue))); elementNonce.setAttributeNS(null, "EncodingType", BASE64_ENCODING); element.appendChild(elementNonce); }
public void setSecurityTokenReference(Element elem) { elementSecurityTokenReference = elem; WSSecurityUtil.prependChildElement(element, elem); }
@Override protected void secureMessage(SoapMessage soapMessage, MessageContext messageContext) throws WsSecuritySecurementException { List<HandlerAction> securementActionsVector = new ArrayList<HandlerAction>(); try { securementActionsVector = WSSecurityUtil.decodeHandlerAction(securementActions, wssConfig); } catch (WSSecurityException ex) { throw new Wss4jSecuritySecurementException(ex.getMessage(), ex); } if (securementActionsVector.isEmpty() && !enableSignatureConfirmation) { return; } if (logger.isDebugEnabled()) { logger.debug("Securing message [" + soapMessage + "] with actions [" + securementActions + "]"); } RequestData requestData = initializeRequestData(messageContext); Document envelopeAsDocument = soapMessage.getDocument(); try { handler.doSenderAction(envelopeAsDocument, requestData, securementActionsVector, false); } catch (WSSecurityException ex) { throw new Wss4jSecuritySecurementException(ex.getMessage(), ex); } soapMessage.setDocument(envelopeAsDocument); }
wsEncrypt.getParts().addAll(parts); } else { wsEncrypt.getParts().add(WSSecurityUtil.getDefaultEncryptionPart(doc)); WSSecurityUtil.prependChildElement(reqData.getSecHeader().getSecurityHeaderElement(), tokenElement);
/** * find the first ws-security header block <p/> * * @param doc the DOM document (SOAP request) * @param envelope the SOAP envelope * @param doCreate if true create a new WSS header block if none exists * @return the WSS header or null if none found and doCreate is false */ public static Element findWsseSecurityHeaderBlock( Document doc, Element envelope, boolean doCreate ) throws WSSecurityException { return findWsseSecurityHeaderBlock(doc, envelope, null, doCreate); }
WSSecurityUtil.findWsseSecurityHeaderBlock( doc, doc.getDocumentElement(), actor, true ); String soapNamespace = WSSecurityUtil.getSOAPNamespace(doc.getDocumentElement()); String soapPrefix = XMLUtils.setNamespace(
secHeader.insertSecurityHeader(); reqData.setSecHeader(secHeader); reqData.setSoapConstants(WSSecurityUtil.getSOAPConstants(doc.getDocumentElement())); signatureToken.getParts().add(WSSecurityUtil.getDefaultEncryptionPart(doc));
public static String getSOAPNamespace(Element startElement) { return getSOAPConstants(startElement).getEnvelopeURI(); }
List<Integer> actions = WSSecurityUtil.decodeAction(action); WSSecurityUtil.getSecurityHeader(doc.getSOAPHeader(), actor, version.getVersion() != 1.1); elem = (Element)DOMUtils.getDomElement(elem); Node originalNode = null;
protected byte[] writeElementsForRSTSymmetricKey(W3CDOMStreamWriter writer, boolean wroteKeySize) throws Exception { byte[] requestorEntropy = null; if (!wroteKeySize) { addKeySize(keySize, writer); } if (requiresEntropy) { writer.writeStartElement("wst", "Entropy", namespace); writer.writeStartElement("wst", "BinarySecret", namespace); writer.writeAttribute("Type", namespace + "/Nonce"); if (algorithmSuite == null) { requestorEntropy = WSSecurityUtil.generateNonce(keySize / 8); } else { AlgorithmSuiteType algType = algorithmSuite.getAlgorithmSuiteType(); requestorEntropy = WSSecurityUtil .generateNonce(algType.getMaximumSymmetricKeyLength() / 8); } writer.writeCharacters(org.apache.xml.security.utils.XMLUtils.encodeToString(requestorEntropy)); writer.writeEndElement(); writer.writeEndElement(); writer.writeStartElement("wst", "ComputedKeyAlgorithm", namespace); writer.writeCharacters(namespace + "/CK/PSHA1"); writer.writeEndElement(); } return requestorEntropy; }
public void addAttachmentEncryptedDataElements() { if (attachmentEncryptedDataElements != null) { for (int i = 0; i < attachmentEncryptedDataElements.size(); i++) { Element encryptedData = attachmentEncryptedDataElements.get(i); Element securityHeaderElement = getSecurityHeader().getSecurityHeaderElement(); WSSecurityUtil.prependChildElement(securityHeaderElement, encryptedData); } } }
@Override protected void secureMessage(SoapMessage soapMessage, MessageContext messageContext) throws WsSecuritySecurementException { List<HandlerAction> securementActionsVector = new ArrayList<HandlerAction>(); try { securementActionsVector = WSSecurityUtil.decodeHandlerAction(securementActions, wssConfig); } catch (WSSecurityException ex) { throw new Wss4jSecuritySecurementException(ex.getMessage(), ex); } if (securementActionsVector.isEmpty() && !enableSignatureConfirmation) { return; } if (logger.isDebugEnabled()) { logger.debug("Securing message [" + soapMessage + "] with actions [" + securementActions + "]"); } RequestData requestData = initializeRequestData(messageContext); Document envelopeAsDocument = soapMessage.getDocument(); try { handler.doSenderAction(envelopeAsDocument, requestData, securementActionsVector, false); } catch (WSSecurityException ex) { throw new Wss4jSecuritySecurementException(ex.getMessage(), ex); } soapMessage.setDocument(envelopeAsDocument); }
wsSign.getParts().addAll(parts); } else { wsSign.getParts().add(WSSecurityUtil.getDefaultEncryptionPart(doc)); WSSecurityUtil.prependChildElement(reqData.getSecHeader().getSecurityHeaderElement(), tokenElement);
public void removeSecurityHeader() throws WSSecurityException { if (securityHeader == null) { if (doc == null) { throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "empty", new Object[] {"The Document of WSSecHeader is null"}); } securityHeader = WSSecurityUtil.findWsseSecurityHeaderBlock( doc, doc.getDocumentElement(), actor, false ); } if (securityHeader != null) { Node parent = securityHeader.getParentNode(); parent.removeChild(securityHeader); } }