/** * Process the security header given the soap envelope as W3C document. * <p/> * This is the main entry point to verify or decrypt a SOAP envelope. * First check if a <code>wsse:Security</code> is available with the * defined actor. * * @param doc the SOAP envelope as {@link Document} * @param actor the engine works on behalf of this <code>actor</code>. Refer * to the SOAP specification about <code>actor</code> or <code>role * </code> * @param cb a callback hander to the caller to resolve passwords during * encryption and UsernameToken handling * @param crypto the object that implements the access to the keystore and the * handling of certificates. * @return a result list * @throws WSSecurityException * @see WSSecurityEngine#processSecurityHeader(Element securityHeader, CallbackHandler cb, * Crypto sigCrypto, Crypto decCrypto) */ public List<WSSecurityEngineResult> processSecurityHeader( Document doc, String actor, CallbackHandler cb, Crypto crypto ) throws WSSecurityException { return processSecurityHeader(doc, actor, cb, crypto, crypto); }
/** * Process the security header given the soap envelope as W3C document. * <p/> * This is the main entry point to verify or decrypt a SOAP envelope. * First check if a <code>wsse:Security</code> is available with the * defined actor. * * @param doc the SOAP envelope as {@link Document} * @param actor the engine works on behalf of this <code>actor</code>. Refer * to the SOAP specification about <code>actor</code> or <code>role * </code> * @param cb a callback hander to the caller to resolve passwords during * encryption and UsernameToken handling * @param crypto the object that implements the access to the keystore and the * handling of certificates. * @return a result list * @throws WSSecurityException * @see WSSecurityEngine#processSecurityHeader(Element securityHeader, CallbackHandler cb, * Crypto sigCrypto, Crypto decCrypto) */ public List<WSSecurityEngineResult> processSecurityHeader( Document doc, String actor, CallbackHandler cb, Crypto crypto ) throws WSSecurityException { return processSecurityHeader(doc, actor, cb, crypto, crypto); }
log.debug("Processing WS-Security header for '" + actor + "' actor."); wsResult = processSecurityHeader(elem, cb, sigCrypto, decCrypto);
log.debug("Processing WS-Security header for '" + actor + "' actor."); wsResult = processSecurityHeader(elem, cb, sigCrypto, decCrypto);
private void handleInboundMessage(SOAPMessageContext context) throws WSSecurityException { SOAPMessage soapMessage = context.getMessage(); SOAPPart soapPart = soapMessage.getSOAPPart(); WSSecurityEngine secEngine = new WSSecurityEngine(); List<WSSecurityEngineResult> results = secEngine.processSecurityHeader( soapPart, null, null, null); if (null == results) { throw new SecurityException("no WS-Security results"); } Timestamp timestamp = null; for (WSSecurityEngineResult result : results) { Timestamp resultTimestamp = (Timestamp) result .get(WSSecurityEngineResult.TAG_TIMESTAMP); if (null != resultTimestamp) { timestamp = resultTimestamp; } } if (null == timestamp) { throw new SecurityException("no WS-Security timestamp"); } }
wsSecurityEngineResults = securityEngine.processSecurityHeader( document, null, null, null); } catch (WSSecurityException e) {
try { Crypto crypto = new ServerCrypto(); wsSecurityEngineResults = securityEngine.processSecurityHeader( document, null, null, crypto); } catch (WSSecurityException e) {
data.setSigCrypto(sigCrypto); data.setCallbackHandler(cb); return processSecurityHeader(securityHeader, data);
data.setSigCrypto(sigCrypto); data.setCallbackHandler(cb); return processSecurityHeader(securityHeader, data);
results = engine.processSecurityHeader(rmd.getDocument(), actorValue, tokenCallbackHandler, results = engine.processSecurityHeader(rmd.getDocument(), actorValue, tokenCallbackHandler,