Class AbstractBindingPolicyValidator
- java.lang.Object
-
- org.apache.cxf.ws.security.wss4j.policyvalidators.AbstractBindingPolicyValidator
-
- All Implemented Interfaces:
SecurityPolicyValidator
- Direct Known Subclasses:
AsymmetricBindingPolicyValidator,SymmetricBindingPolicyValidator,TransportBindingPolicyValidator
public abstract class AbstractBindingPolicyValidator extends Object implements SecurityPolicyValidator
Some abstract functionality for validating a security binding.
-
-
Constructor Summary
Constructors Constructor Description AbstractBindingPolicyValidator()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected voidassertDerivedKeys(org.apache.wss4j.policy.model.AbstractToken token, org.apache.cxf.ws.policy.AssertionInfoMap aim)protected booleancheckDerivedKeys(org.apache.wss4j.policy.model.AbstractTokenWrapper tokenWrapper, boolean hasDerivedKeys, List<org.apache.wss4j.dom.engine.WSSecurityEngineResult> signedResults, List<org.apache.wss4j.dom.engine.WSSecurityEngineResult> encryptedResults)Check the derived key requirement.protected booleancheckProperties(org.apache.wss4j.policy.model.AbstractSymmetricAsymmetricBinding binding, org.apache.cxf.ws.policy.AssertionInfo ai, org.apache.cxf.ws.policy.AssertionInfoMap aim, org.apache.wss4j.dom.handler.WSHandlerResult results, List<org.apache.wss4j.dom.engine.WSSecurityEngineResult> signedResults, org.apache.cxf.message.Message message)Check various properties set in the policy of the bindingprotected booleancheckProtectionOrder(org.apache.wss4j.policy.model.AbstractSymmetricAsymmetricBinding binding, org.apache.cxf.ws.policy.AssertionInfoMap aim, org.apache.cxf.ws.policy.AssertionInfo ai, List<org.apache.wss4j.dom.engine.WSSecurityEngineResult> results)Check the Protection Order of the bindingprotected booleanisSignatureEncrypted(List<org.apache.wss4j.dom.engine.WSSecurityEngineResult> results)Check whether the primary Signature (and all SignatureConfirmation) elements were encryptedprotected booleanisTokenProtected(List<org.apache.wss4j.dom.engine.WSSecurityEngineResult> results, List<org.apache.wss4j.dom.engine.WSSecurityEngineResult> signedResults)Check whether the token protection policy is followed.protected booleanvalidateEntireHeaderAndBodySignatures(List<org.apache.wss4j.dom.engine.WSSecurityEngineResult> signedResults)Validate the entire header and body signature property.protected booleanvalidateTimestamp(boolean includeTimestamp, boolean transportBinding, org.apache.wss4j.dom.handler.WSHandlerResult results, List<org.apache.wss4j.dom.engine.WSSecurityEngineResult> signedResults, org.apache.cxf.message.Message message)Validate a Timestamp-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.apache.cxf.ws.security.wss4j.policyvalidators.SecurityPolicyValidator
canValidatePolicy, validatePolicies
-
-
-
-
Method Detail
-
validateTimestamp
protected boolean validateTimestamp(boolean includeTimestamp, boolean transportBinding, org.apache.wss4j.dom.handler.WSHandlerResult results, List<org.apache.wss4j.dom.engine.WSSecurityEngineResult> signedResults, org.apache.cxf.message.Message message)Validate a Timestamp- Parameters:
includeTimestamp- whether a Timestamp must be included or nottransportBinding- whether the Transport binding is in use or notsignedResults- the signed results listmessage- the Message object- Returns:
- whether the Timestamp policy is valid or not
-
validateEntireHeaderAndBodySignatures
protected boolean validateEntireHeaderAndBodySignatures(List<org.apache.wss4j.dom.engine.WSSecurityEngineResult> signedResults)
Validate the entire header and body signature property.
-
checkProperties
protected boolean checkProperties(org.apache.wss4j.policy.model.AbstractSymmetricAsymmetricBinding binding, org.apache.cxf.ws.policy.AssertionInfo ai, org.apache.cxf.ws.policy.AssertionInfoMap aim, org.apache.wss4j.dom.handler.WSHandlerResult results, List<org.apache.wss4j.dom.engine.WSSecurityEngineResult> signedResults, org.apache.cxf.message.Message message)Check various properties set in the policy of the binding
-
checkProtectionOrder
protected boolean checkProtectionOrder(org.apache.wss4j.policy.model.AbstractSymmetricAsymmetricBinding binding, org.apache.cxf.ws.policy.AssertionInfoMap aim, org.apache.cxf.ws.policy.AssertionInfo ai, List<org.apache.wss4j.dom.engine.WSSecurityEngineResult> results)Check the Protection Order of the binding
-
checkDerivedKeys
protected boolean checkDerivedKeys(org.apache.wss4j.policy.model.AbstractTokenWrapper tokenWrapper, boolean hasDerivedKeys, List<org.apache.wss4j.dom.engine.WSSecurityEngineResult> signedResults, List<org.apache.wss4j.dom.engine.WSSecurityEngineResult> encryptedResults)Check the derived key requirement.
-
isTokenProtected
protected boolean isTokenProtected(List<org.apache.wss4j.dom.engine.WSSecurityEngineResult> results, List<org.apache.wss4j.dom.engine.WSSecurityEngineResult> signedResults)
Check whether the token protection policy is followed. In other words, check that the signature token was itself signed.
-
isSignatureEncrypted
protected boolean isSignatureEncrypted(List<org.apache.wss4j.dom.engine.WSSecurityEngineResult> results)
Check whether the primary Signature (and all SignatureConfirmation) elements were encrypted
-
assertDerivedKeys
protected void assertDerivedKeys(org.apache.wss4j.policy.model.AbstractToken token, org.apache.cxf.ws.policy.AssertionInfoMap aim)
-
-