org.apache.rampart
Class PolicyBasedResultsValidator

java.lang.Object
  extended by org.apache.rampart.PolicyBasedResultsValidator
All Implemented Interfaces:
PolicyValidatorCallbackHandler

public class PolicyBasedResultsValidator
extends java.lang.Object
implements PolicyValidatorCallbackHandler


Constructor Summary
PolicyBasedResultsValidator()
           
 
Method Summary
protected  java.util.ArrayList getEncryptedReferences(java.util.Vector results)
           
protected  java.util.ArrayList getResults(java.util.Vector results, int action)
           
protected  java.util.ArrayList getSigEncrActions(java.util.Vector results)
           
protected  void handleSupportingTokens(java.util.Vector results, org.apache.ws.secpolicy.model.SupportingToken suppTok)
           
protected  boolean isSignatureRequired(RampartMessageData rmd)
           
protected  boolean isUsernameTokenPresent(org.apache.ws.secpolicy.model.SupportingToken suppTok)
           
protected  boolean isUsernameTokenPresent(ValidatorData data)
           
 void validate(ValidatorData data, java.util.Vector results)
          Validate policy based results.
protected  void validateEncrSig(ValidatorData data, java.util.Vector encryptedParts, java.util.Vector signatureParts, java.util.Vector results)
           
protected  void validateEncryptedParts(ValidatorData data, java.util.Vector encryptedParts, java.util.Vector results)
           
protected  void validateProtectionOrder(ValidatorData data, java.util.Vector results)
           
 void validateRequiredElements(ValidatorData data)
           
protected  void validateSignedPartsHeaders(ValidatorData data, java.util.Vector signatureParts, java.util.Vector results)
           
protected  void validateSupportingTokens(ValidatorData data, java.util.Vector results)
           
protected  boolean verifyTimestamp(org.apache.ws.security.message.token.Timestamp timestamp, RampartMessageData rmd)
           
protected  boolean verifyTrust(java.security.cert.X509Certificate cert, RampartMessageData rmd)
          Evaluate whether a given certificate should be trusted.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

PolicyBasedResultsValidator

public PolicyBasedResultsValidator()
Method Detail

validate

public void validate(ValidatorData data,
                     java.util.Vector results)
              throws RampartException
Validate policy based results.

Specified by:
validate in interface PolicyValidatorCallbackHandler
Parameters:
data - validator data
results - policy based ws-security results
Throws:
RampartException - Rampart exception

validateEncrSig

protected void validateEncrSig(ValidatorData data,
                               java.util.Vector encryptedParts,
                               java.util.Vector signatureParts,
                               java.util.Vector results)
                        throws RampartException
Parameters:
encryptedParts -
signatureParts -
Throws:
RampartException

validateSupportingTokens

protected void validateSupportingTokens(ValidatorData data,
                                        java.util.Vector results)
                                 throws RampartException
Parameters:
data -
results -
Throws:
RampartException

handleSupportingTokens

protected void handleSupportingTokens(java.util.Vector results,
                                      org.apache.ws.secpolicy.model.SupportingToken suppTok)
                               throws RampartException
Parameters:
results -
suppTok -
Throws:
RampartException

validateProtectionOrder

protected void validateProtectionOrder(ValidatorData data,
                                       java.util.Vector results)
                                throws RampartException
Parameters:
data -
results -
Throws:
RampartException

getSigEncrActions

protected java.util.ArrayList getSigEncrActions(java.util.Vector results)

validateEncryptedParts

protected void validateEncryptedParts(ValidatorData data,
                                      java.util.Vector encryptedParts,
                                      java.util.Vector results)
                               throws RampartException
Throws:
RampartException

validateRequiredElements

public void validateRequiredElements(ValidatorData data)
                              throws RampartException
Throws:
RampartException

validateSignedPartsHeaders

protected void validateSignedPartsHeaders(ValidatorData data,
                                          java.util.Vector signatureParts,
                                          java.util.Vector results)
                                   throws RampartException
Throws:
RampartException

isSignatureRequired

protected boolean isSignatureRequired(RampartMessageData rmd)

verifyTimestamp

protected boolean verifyTimestamp(org.apache.ws.security.message.token.Timestamp timestamp,
                                  RampartMessageData rmd)
                           throws RampartException
Throws:
RampartException

verifyTrust

protected boolean verifyTrust(java.security.cert.X509Certificate cert,
                              RampartMessageData rmd)
                       throws RampartException
Evaluate whether a given certificate should be trusted. Hook to allow subclasses to implement custom validation methods however they see fit.

Policy used in this implementation: 1. Search the keystore for the transmitted certificate 2. Search the keystore for a connection to the transmitted certificate (that is, search for certificate(s) of the issuer of the transmitted certificate 3. Verify the trust path for those certificates found because the search for the issuer might be fooled by a phony DN (String!)

Parameters:
cert - the certificate that should be validated against the keystore
Returns:
true if the certificate is trusted, false if not (AxisFault is thrown for exceptions during CertPathValidation)
Throws:
org.apache.ws.security.WSSecurityException
RampartException

getEncryptedReferences

protected java.util.ArrayList getEncryptedReferences(java.util.Vector results)

getResults

protected java.util.ArrayList getResults(java.util.Vector results,
                                         int action)

isUsernameTokenPresent

protected boolean isUsernameTokenPresent(ValidatorData data)

isUsernameTokenPresent

protected boolean isUsernameTokenPresent(org.apache.ws.secpolicy.model.SupportingToken suppTok)