org.apache.rampart.util
Class RampartUtil

java.lang.Object
  extended by org.apache.rampart.util.RampartUtil

public class RampartUtil
extends java.lang.Object


Constructor Summary
RampartUtil()
           
 
Method Summary
static org.apache.neethi.Policy addRampartConfig(RampartMessageData rmd, org.apache.neethi.Policy policy)
           
static java.lang.String addWsuIdToElement(org.apache.axiom.om.OMElement elem)
           
static org.w3c.dom.Element appendChildToSecHeader(RampartMessageData rmd, org.w3c.dom.Element elem)
           
static org.w3c.dom.Element appendChildToSecHeader(RampartMessageData rmd, org.apache.axiom.om.OMElement elem)
           
static boolean checkRequiredElements(org.apache.axiom.soap.SOAPEnvelope envelope, java.util.HashMap decNamespaces, java.lang.String expression)
          Get a element for SOAP
static org.apache.axiom.om.OMElement createRSTTempalteForSCT(int conversationVersion, int wstVersion)
           
static java.util.Vector getContentEncryptedElements(java.util.Vector encryptedPartsElements, org.apache.axiom.soap.SOAPEnvelope envelope, java.util.Vector elements, java.util.HashMap decNamespaces)
           
static java.lang.String getContextIdentifierKey(org.apache.axis2.context.MessageContext msgContext)
          Creates the unique (reproducible) id for to hold the context identifier of the message exchange.
static java.util.Hashtable getContextMap(org.apache.axis2.context.MessageContext msgContext)
          Returns the map of security context token identifiers
static java.util.Vector getEncryptedParts(RampartMessageData rmd)
           
static org.apache.ws.security.components.crypto.Crypto getEncryptionCrypto(RampartConfig config, java.lang.ClassLoader loader)
          Create the Crypto instance for encryption using information from the rampart configuration assertion
static javax.crypto.KeyGenerator getEncryptionKeyGenerator(java.lang.String symEncrAlgo)
           
static java.lang.String getIssuedToken(RampartMessageData rmd, org.apache.ws.secpolicy.model.IssuedToken issuedToken)
          Obtain an issued token.
static int getKeyIdentifier(org.apache.ws.secpolicy.model.X509Token token)
          figureout the key identifier of a give X509Token
static java.util.Vector getPartsAndElements(boolean sign, org.apache.axiom.soap.SOAPEnvelope envelope, boolean includeBody, java.util.Vector parts, java.util.Vector elements, java.util.HashMap decNamespaces)
           
static javax.security.auth.callback.CallbackHandler getPasswordCB(org.apache.axis2.context.MessageContext msgContext, RampartPolicyData rpd)
           
static javax.security.auth.callback.CallbackHandler getPasswordCB(RampartMessageData rmd)
           
static org.apache.neethi.Policy getPolicyFromMetadataRef(org.apache.axiom.om.OMElement mex)
          Retrieve policy using metadata reference http://address/of/mex/service
static PolicyValidatorCallbackHandler getPolicyValidatorCB(org.apache.axis2.context.MessageContext msgContext, RampartPolicyData rpd)
          Returns an instance of PolicyValidatorCallbackHandler to be used to validate ws-security results.
static java.lang.String getRequestEncryptedKeyId(java.util.Vector results)
           
static byte[] getRequestEncryptedKeyValue(java.util.Vector results)
           
static java.lang.String getSecConvToken(RampartMessageData rmd, org.apache.ws.secpolicy.model.SecureConversationToken secConvTok)
          Obtain a security context token.
static java.lang.String getSigElementId(RampartMessageData rmd)
           
static org.apache.ws.security.components.crypto.Crypto getSignatureCrypto(RampartConfig config, java.lang.ClassLoader loader)
          Create the Crypto instance for signature using information from the rampart configuration assertion
static java.util.Vector getSignedParts(RampartMessageData rmd)
           
static java.lang.String getSoapBodyId(org.apache.axiom.soap.SOAPEnvelope env)
           
static int getTimestampMaxSkew(RampartMessageData messageData)
           
static int getTimeToLive(RampartMessageData messageData)
           
static java.lang.String getToken(RampartMessageData rmd, org.apache.axiom.om.OMElement rstTemplate, java.lang.String issuerEpr, java.lang.String action, org.apache.neethi.Policy issuerPolicy)
          Request a token.
static java.lang.String getUsername(java.util.Vector results)
          Scan through WSHandlerResult vector for a Username token and return the username if a Username Token found
static org.apache.ws.security.WSSConfig getWSSConfigInstance()
          We use this method to prevent the singleton behavior of WSSConfig
static void handleEncryptedSignedHeaders(java.util.Vector encryptedParts, java.util.Vector signedParts, org.w3c.dom.Document doc)
           
static org.w3c.dom.Element insertSiblingAfter(RampartMessageData rmd, org.w3c.dom.Element child, org.w3c.dom.Element sibling)
           
static org.w3c.dom.Element insertSiblingAfterOrPrepend(RampartMessageData rmd, org.w3c.dom.Element child, org.w3c.dom.Element elem)
          If the child is present insert the element as a sibling after him.
static org.w3c.dom.Element insertSiblingBefore(RampartMessageData rmd, org.w3c.dom.Element child, org.w3c.dom.Element sibling)
           
static org.w3c.dom.Element insertSiblingBeforeOrPrepend(RampartMessageData rmd, org.w3c.dom.Element child, org.w3c.dom.Element elem)
           
static boolean isSecHeaderRequired(RampartPolicyData rpd, boolean initiator, boolean inflow)
          Method to check whether security header is required in incoming message
static boolean isTokenValid(RampartMessageData rmd, java.lang.String id)
           
static org.apache.ws.security.WSPasswordCallback performCallback(javax.security.auth.callback.CallbackHandler cbHandler, java.lang.String username, int doAction)
          Perform a callback to get a password.
static java.lang.String processIssuerAddress(org.apache.axiom.om.OMElement issuerAddress)
          Process a give issuer address element and return the address.
static void setEncryptionUser(RampartMessageData rmd, org.apache.ws.security.message.WSSecEncryptedKey encrKeyBuilder)
           
static void setKeyIdentifierType(RampartPolicyData rpd, org.apache.ws.security.message.WSSecBase secBase, org.apache.ws.secpolicy.model.Token token)
          Sets the keyIdentifierType of WSSecSignature or WSSecEncryptedKey according to the given Token and RampartPolicyData First check the requirements specified under Token Assertion and if not found check the WSS11 and WSS10 assertions
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

RampartUtil

public RampartUtil()
Method Detail

getPasswordCB

public static javax.security.auth.callback.CallbackHandler getPasswordCB(RampartMessageData rmd)
                                                                  throws RampartException
Throws:
RampartException

getPasswordCB

public static javax.security.auth.callback.CallbackHandler getPasswordCB(org.apache.axis2.context.MessageContext msgContext,
                                                                         RampartPolicyData rpd)
                                                                  throws RampartException
Parameters:
msgContext -
rpd -
Returns:
The CallbackHandler instance
Throws:
RampartException

getPolicyValidatorCB

public static PolicyValidatorCallbackHandler getPolicyValidatorCB(org.apache.axis2.context.MessageContext msgContext,
                                                                  RampartPolicyData rpd)
                                                           throws RampartException
Returns an instance of PolicyValidatorCallbackHandler to be used to validate ws-security results.

Parameters:
msgContext - MessageContext
rpd - RampartPolicyData
Returns:
PolicyValidatorCallbackHandler
Throws:
RampartException - RampartException

performCallback

public static org.apache.ws.security.WSPasswordCallback performCallback(javax.security.auth.callback.CallbackHandler cbHandler,
                                                                        java.lang.String username,
                                                                        int doAction)
                                                                 throws RampartException
Perform a callback to get a password.

The called back function gets an indication why to provide a password: to produce a UsernameToken, Signature, or a password (key) for a given name.

Throws:
RampartException

getEncryptionCrypto

public static org.apache.ws.security.components.crypto.Crypto getEncryptionCrypto(RampartConfig config,
                                                                                  java.lang.ClassLoader loader)
                                                                           throws RampartException
Create the Crypto instance for encryption using information from the rampart configuration assertion

Parameters:
config -
Returns:
The Crypto instance to be used for encryption
Throws:
RampartException

getSignatureCrypto

public static org.apache.ws.security.components.crypto.Crypto getSignatureCrypto(RampartConfig config,
                                                                                 java.lang.ClassLoader loader)
                                                                          throws RampartException
Create the Crypto instance for signature using information from the rampart configuration assertion

Parameters:
config -
Returns:
The Crypto instance to be used for signature
Throws:
RampartException

getKeyIdentifier

public static int getKeyIdentifier(org.apache.ws.secpolicy.model.X509Token token)
                            throws RampartException
figureout the key identifier of a give X509Token

Parameters:
token -
Returns:
The key identifier of a give X509Token
Throws:
RampartException

processIssuerAddress

public static java.lang.String processIssuerAddress(org.apache.axiom.om.OMElement issuerAddress)
                                             throws RampartException
Process a give issuer address element and return the address.

Parameters:
issuerAddress -
Returns:
The address of an issuer address element
Throws:
RampartException - If the issuer address element is malformed.

getPolicyFromMetadataRef

public static org.apache.neethi.Policy getPolicyFromMetadataRef(org.apache.axiom.om.OMElement mex)
                                                         throws RampartException
Retrieve policy using metadata reference http://address/of/mex/service

Parameters:
mex - Metadata element
Returns:
Policy from the mex service
Throws:
RampartException

addRampartConfig

public static org.apache.neethi.Policy addRampartConfig(RampartMessageData rmd,
                                                        org.apache.neethi.Policy policy)

createRSTTempalteForSCT

public static org.apache.axiom.om.OMElement createRSTTempalteForSCT(int conversationVersion,
                                                                    int wstVersion)
                                                             throws RampartException
Throws:
RampartException

getTimeToLive

public static int getTimeToLive(RampartMessageData messageData)

getTimestampMaxSkew

public static int getTimestampMaxSkew(RampartMessageData messageData)

getSecConvToken

public static java.lang.String getSecConvToken(RampartMessageData rmd,
                                               org.apache.ws.secpolicy.model.SecureConversationToken secConvTok)
                                        throws TrustException,
                                               RampartException
Obtain a security context token.

Parameters:
rmd -
secConvTok -
Returns:
Return the SecurityContextidentifier of the token
Throws:
TrustException
RampartException

getIssuedToken

public static java.lang.String getIssuedToken(RampartMessageData rmd,
                                              org.apache.ws.secpolicy.model.IssuedToken issuedToken)
                                       throws RampartException
Obtain an issued token.

Parameters:
rmd -
issuedToken -
Returns:
The identifier of the issued token
Throws:
RampartException

getToken

public static java.lang.String getToken(RampartMessageData rmd,
                                        org.apache.axiom.om.OMElement rstTemplate,
                                        java.lang.String issuerEpr,
                                        java.lang.String action,
                                        org.apache.neethi.Policy issuerPolicy)
                                 throws RampartException
Request a token.

Parameters:
rmd -
rstTemplate -
issuerEpr -
action -
issuerPolicy -
Returns:
Return the identifier of the obtained token
Throws:
RampartException

getSoapBodyId

public static java.lang.String getSoapBodyId(org.apache.axiom.soap.SOAPEnvelope env)

addWsuIdToElement

public static java.lang.String addWsuIdToElement(org.apache.axiom.om.OMElement elem)

appendChildToSecHeader

public static org.w3c.dom.Element appendChildToSecHeader(RampartMessageData rmd,
                                                         org.apache.axiom.om.OMElement elem)

appendChildToSecHeader

public static org.w3c.dom.Element appendChildToSecHeader(RampartMessageData rmd,
                                                         org.w3c.dom.Element elem)

insertSiblingAfter

public static org.w3c.dom.Element insertSiblingAfter(RampartMessageData rmd,
                                                     org.w3c.dom.Element child,
                                                     org.w3c.dom.Element sibling)

insertSiblingBefore

public static org.w3c.dom.Element insertSiblingBefore(RampartMessageData rmd,
                                                      org.w3c.dom.Element child,
                                                      org.w3c.dom.Element sibling)

getEncryptedParts

public static java.util.Vector getEncryptedParts(RampartMessageData rmd)

getSignedParts

public static java.util.Vector getSignedParts(RampartMessageData rmd)

getContentEncryptedElements

public static java.util.Vector getContentEncryptedElements(java.util.Vector encryptedPartsElements,
                                                           org.apache.axiom.soap.SOAPEnvelope envelope,
                                                           java.util.Vector elements,
                                                           java.util.HashMap decNamespaces)

getPartsAndElements

public static java.util.Vector getPartsAndElements(boolean sign,
                                                   org.apache.axiom.soap.SOAPEnvelope envelope,
                                                   boolean includeBody,
                                                   java.util.Vector parts,
                                                   java.util.Vector elements,
                                                   java.util.HashMap decNamespaces)

checkRequiredElements

public static boolean checkRequiredElements(org.apache.axiom.soap.SOAPEnvelope envelope,
                                            java.util.HashMap decNamespaces,
                                            java.lang.String expression)
Get a element for SOAP

Parameters:
envelope -
namespaces -
xpath -
Returns:

getEncryptionKeyGenerator

public static javax.crypto.KeyGenerator getEncryptionKeyGenerator(java.lang.String symEncrAlgo)
                                                           throws org.apache.ws.security.WSSecurityException
Throws:
org.apache.ws.security.WSSecurityException

getContextIdentifierKey

public static java.lang.String getContextIdentifierKey(org.apache.axis2.context.MessageContext msgContext)
Creates the unique (reproducible) id for to hold the context identifier of the message exchange.

Returns:
Id to hold the context identifier in the message context

getContextMap

public static java.util.Hashtable getContextMap(org.apache.axis2.context.MessageContext msgContext)
Returns the map of security context token identifiers

Returns:
the map of security context token identifiers

isTokenValid

public static boolean isTokenValid(RampartMessageData rmd,
                                   java.lang.String id)
                            throws RampartException
Throws:
RampartException

setEncryptionUser

public static void setEncryptionUser(RampartMessageData rmd,
                                     org.apache.ws.security.message.WSSecEncryptedKey encrKeyBuilder)
                              throws RampartException
Throws:
RampartException

setKeyIdentifierType

public static void setKeyIdentifierType(RampartPolicyData rpd,
                                        org.apache.ws.security.message.WSSecBase secBase,
                                        org.apache.ws.secpolicy.model.Token token)
Sets the keyIdentifierType of WSSecSignature or WSSecEncryptedKey according to the given Token and RampartPolicyData First check the requirements specified under Token Assertion and if not found check the WSS11 and WSS10 assertions


getUsername

public static java.lang.String getUsername(java.util.Vector results)
Scan through WSHandlerResult vector for a Username token and return the username if a Username Token found

Parameters:
results -
Returns:

getRequestEncryptedKeyId

public static java.lang.String getRequestEncryptedKeyId(java.util.Vector results)

getRequestEncryptedKeyValue

public static byte[] getRequestEncryptedKeyValue(java.util.Vector results)

insertSiblingAfterOrPrepend

public static org.w3c.dom.Element insertSiblingAfterOrPrepend(RampartMessageData rmd,
                                                              org.w3c.dom.Element child,
                                                              org.w3c.dom.Element elem)
If the child is present insert the element as a sibling after him. If the child is null, then prepend the element.

Parameters:
rmd -
child -
elem - - element mentioned above
Returns:

insertSiblingBeforeOrPrepend

public static org.w3c.dom.Element insertSiblingBeforeOrPrepend(RampartMessageData rmd,
                                                               org.w3c.dom.Element child,
                                                               org.w3c.dom.Element elem)

isSecHeaderRequired

public static boolean isSecHeaderRequired(RampartPolicyData rpd,
                                          boolean initiator,
                                          boolean inflow)
Method to check whether security header is required in incoming message

Parameters:
rpd -
Returns:
true if a security header is required in the incoming message

handleEncryptedSignedHeaders

public static void handleEncryptedSignedHeaders(java.util.Vector encryptedParts,
                                                java.util.Vector signedParts,
                                                org.w3c.dom.Document doc)

getSigElementId

public static java.lang.String getSigElementId(RampartMessageData rmd)

getWSSConfigInstance

public static org.apache.ws.security.WSSConfig getWSSConfigInstance()
We use this method to prevent the singleton behavior of WSSConfig

Returns:
WSSConfig object with the latest settings.