org.apache.rampart
Class PolicyBasedResultsValidator
java.lang.Object
org.apache.rampart.PolicyBasedResultsValidator
- All Implemented Interfaces:
- PolicyValidatorCallbackHandler
public class PolicyBasedResultsValidator
- extends java.lang.Object
- implements PolicyValidatorCallbackHandler
Method Summary |
protected java.util.ArrayList |
getEncryptedReferences(java.util.Vector results)
|
protected java.util.ArrayList |
getResults(java.util.Vector results,
int action)
|
protected java.util.ArrayList |
getSigEncrActions(java.util.Vector results)
|
protected void |
handleSupportingTokens(java.util.Vector results,
org.apache.ws.secpolicy.model.SupportingToken suppTok)
|
protected boolean |
isSignatureRequired(RampartMessageData rmd)
|
protected boolean |
isUsernameTokenPresent(org.apache.ws.secpolicy.model.SupportingToken suppTok)
|
protected boolean |
isUsernameTokenPresent(ValidatorData data)
|
void |
validate(ValidatorData data,
java.util.Vector results)
Validate policy based results. |
protected void |
validateEncrSig(ValidatorData data,
java.util.Vector encryptedParts,
java.util.Vector signatureParts,
java.util.Vector results)
|
protected void |
validateEncryptedParts(ValidatorData data,
java.util.Vector encryptedParts,
java.util.Vector results)
|
protected void |
validateProtectionOrder(ValidatorData data,
java.util.Vector results)
|
void |
validateRequiredElements(ValidatorData data)
|
protected void |
validateSignedPartsHeaders(ValidatorData data,
java.util.Vector signatureParts,
java.util.Vector results)
|
protected void |
validateSupportingTokens(ValidatorData data,
java.util.Vector results)
|
protected boolean |
verifyTimestamp(org.apache.ws.security.message.token.Timestamp timestamp,
RampartMessageData rmd)
|
protected boolean |
verifyTrust(java.security.cert.X509Certificate cert,
RampartMessageData rmd)
Evaluate whether a given certificate should be trusted. |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
PolicyBasedResultsValidator
public PolicyBasedResultsValidator()
validate
public void validate(ValidatorData data,
java.util.Vector results)
throws RampartException
- Validate policy based results.
- Specified by:
validate
in interface PolicyValidatorCallbackHandler
- Parameters:
data
- validator dataresults
- policy based ws-security results
- Throws:
RampartException
- Rampart exception
validateEncrSig
protected void validateEncrSig(ValidatorData data,
java.util.Vector encryptedParts,
java.util.Vector signatureParts,
java.util.Vector results)
throws RampartException
- Parameters:
encryptedParts
- signatureParts
-
- Throws:
RampartException
validateSupportingTokens
protected void validateSupportingTokens(ValidatorData data,
java.util.Vector results)
throws RampartException
- Parameters:
data
- results
-
- Throws:
RampartException
handleSupportingTokens
protected void handleSupportingTokens(java.util.Vector results,
org.apache.ws.secpolicy.model.SupportingToken suppTok)
throws RampartException
- Parameters:
results
- suppTok
-
- Throws:
RampartException
validateProtectionOrder
protected void validateProtectionOrder(ValidatorData data,
java.util.Vector results)
throws RampartException
- Parameters:
data
- results
-
- Throws:
RampartException
getSigEncrActions
protected java.util.ArrayList getSigEncrActions(java.util.Vector results)
validateEncryptedParts
protected void validateEncryptedParts(ValidatorData data,
java.util.Vector encryptedParts,
java.util.Vector results)
throws RampartException
- Throws:
RampartException
validateRequiredElements
public void validateRequiredElements(ValidatorData data)
throws RampartException
- Throws:
RampartException
validateSignedPartsHeaders
protected void validateSignedPartsHeaders(ValidatorData data,
java.util.Vector signatureParts,
java.util.Vector results)
throws RampartException
- Throws:
RampartException
isSignatureRequired
protected boolean isSignatureRequired(RampartMessageData rmd)
verifyTimestamp
protected boolean verifyTimestamp(org.apache.ws.security.message.token.Timestamp timestamp,
RampartMessageData rmd)
throws RampartException
- Throws:
RampartException
verifyTrust
protected boolean verifyTrust(java.security.cert.X509Certificate cert,
RampartMessageData rmd)
throws RampartException
- Evaluate whether a given certificate should be trusted.
Hook to allow subclasses to implement custom validation methods however they see fit.
Policy used in this implementation:
1. Search the keystore for the transmitted certificate
2. Search the keystore for a connection to the transmitted certificate
(that is, search for certificate(s) of the issuer of the transmitted certificate
3. Verify the trust path for those certificates found because the search for the issuer might be fooled by a phony DN (String!)
- Parameters:
cert
- the certificate that should be validated against the keystore
- Returns:
- true if the certificate is trusted, false if not (AxisFault is thrown for exceptions during CertPathValidation)
- Throws:
org.apache.ws.security.WSSecurityException
RampartException
getEncryptedReferences
protected java.util.ArrayList getEncryptedReferences(java.util.Vector results)
getResults
protected java.util.ArrayList getResults(java.util.Vector results,
int action)
isUsernameTokenPresent
protected boolean isUsernameTokenPresent(ValidatorData data)
isUsernameTokenPresent
protected boolean isUsernameTokenPresent(org.apache.ws.secpolicy.model.SupportingToken suppTok)