|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.apache.ws.security.util.WSSecurityUtil
public class WSSecurityUtil
WS-Security Utility methods.
Constructor Summary | |
---|---|
WSSecurityUtil()
|
Method Summary | |
---|---|
static void |
checkAllElementsProtected(List<WSSecurityEngineResult> results,
int action,
QName[] requiredParts)
Check that all of the QName[] requiredParts are protected by a specified action in the results list. |
static void |
checkSignsAllElements(WSSecurityEngineResult resultItem,
String[] requiredIDs)
Ensure that this covers all required elements (identified by their wsu:Id attributes). |
static Text |
createBase64EncodedTextNode(Document doc,
byte[] data)
create a base64 test node |
static int |
decodeAction(String action,
List<Integer> actions)
|
static int |
decodeAction(String action,
List<Integer> actions,
WSSConfig wssConfig)
Decode an action String. |
static WSSecurityEngineResult |
fetchActionResult(List<WSSecurityEngineResult> resultList,
int action)
Fetch the result of a given action from a given result list |
static List<WSSecurityEngineResult> |
fetchAllActionResults(List<WSSecurityEngineResult> resultList,
int action,
List<WSSecurityEngineResult> actionResultList)
Fetch the result of a given action from a given result list. |
static Element |
findBodyElement(Document doc)
return the first soap "Body" element. |
static Element |
findElement(Node startNode,
String name,
String namespace)
Returns the first element that matches name and
namespace . |
static Element |
findElementById(Node startNode,
String value,
boolean checkMultipleElements)
Returns the single element that contains an Id with value uri and namespace . |
static List<Element> |
findElements(Node startNode,
String name,
String namespace)
Returns all elements that match name and namespace . |
static List<Element> |
findElements(WSEncryptionPart part,
CallbackLookup callbackLookup,
Document doc)
Find the DOM Element in the SOAP Envelope that is referenced by the WSEncryptionPart argument. |
static Element |
findSAMLAssertionElementById(Node startNode,
String value)
Returns the single SAMLAssertion element that contains an AssertionID/ID that matches the supplied parameter. |
static Element |
findWsseSecurityHeaderBlock(Document doc,
Element envelope,
boolean doCreate)
find the first ws-security header block |
static Element |
findWsseSecurityHeaderBlock(Document doc,
Element envelope,
String actor,
boolean doCreate)
find a WS-Security header block for a given actor |
static byte[] |
generateDigest(byte[] inputBytes)
Generate a (SHA1) digest of the input bytes. |
static byte[] |
generateNonce(int length)
Generate a nonce of the given length using the SHA1PRNG algorithm. |
static Cipher |
getCipherInstance(String cipherAlgo)
Translate the "cipherAlgo" URI to a JCE ID, and return a javax.crypto.Cipher instance of this type. |
static Element |
getDirectChildElement(Node parentNode,
String localName,
String namespace)
Gets a direct child with specified localname and namespace. |
static List<Element> |
getDirectChildElements(Node fNode,
String localName,
String namespace)
Gets all direct children with specified localname and namespace. |
static QName |
getFullQNameFromString(String str,
Node e)
Return a QName when passed a string like "foo:bar" by mapping the "foo" prefix to a namespace in the context of the given Node. |
static String |
getIDFromReference(String ref)
Turn a reference (eg "#5") into an ID (eg "5"). |
static int |
getKeyLength(String algorithm)
Returns the length of the key in # of bytes |
static String |
getNamespace(String prefix,
Node e)
|
static String |
getPrefixNS(String uri,
Node e)
|
static QName |
getQNameFromString(String str,
Node e)
Return a QName when passed a string like "foo:bar" by mapping the "foo" prefix to a namespace in the context of the given Node. |
static Element |
getSecurityHeader(Document doc,
String actor)
Returns the first WS-Security header element for a given actor. |
static SOAPConstants |
getSOAPConstants(Element startElement)
|
static String |
getSOAPNamespace(Element startElement)
|
static String |
getStringForQName(QName qname,
Element e)
Return a string for a particular QName, mapping a new prefix if necessary. |
static boolean |
isActorEqual(String actor,
String hActor)
Compares two actor strings and returns true if these are equal. |
static List<Node> |
listChildren(Node parent)
|
static List<Node> |
newNodes(List<Node> a,
List<Node> b)
|
static SecretKey |
prepareSecretKey(String symEncAlgo,
byte[] rawKey)
Convert the raw key bytes into a SecretKey object of type symEncAlgo. |
static Element |
prependChildElement(Element parent,
Element child)
prepend a child element |
static String |
setNamespace(Element element,
String namespace,
String prefix)
Set a namespace/prefix on an element if it is not set already. |
static void |
storeElementInContext(javax.xml.crypto.dom.DOMCryptoContext context,
Element element)
Store the element argument in the DOM Crypto Context if it has one of the standard "Id" attributes. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public WSSecurityUtil()
Method Detail |
---|
public static Element getSecurityHeader(Document doc, String actor) throws WSSecurityException
doc
- actor
-
wsse:Security
element or null
if not such element found
WSSecurityException
public static boolean isActorEqual(String actor, String hActor)
actor
- hActor
-
public static Element getDirectChildElement(Node parentNode, String localName, String namespace)
parentNode
- the node where to start the searchlocalName
- local name of the child to getnamespace
- the namespace of the child to get
null
if not such node foundpublic static List<Element> getDirectChildElements(Node fNode, String localName, String namespace)
fNode
- the node where to start the searchlocalName
- local name of the children to getnamespace
- the namespace of the children to get
null
if not such nodes are foundpublic static Element findBodyElement(Document doc)
doc
-
null
if document does not
contain a SOAP bodypublic static List<Element> findElements(WSEncryptionPart part, CallbackLookup callbackLookup, Document doc) throws WSSecurityException
part
- The WSEncryptionPart object corresponding to the DOM Element(s) we wantcallbackLookup
- The CallbackLookup object used to find Elementsdoc
- The owning document
WSSecurityException
public static Element findElement(Node startNode, String name, String namespace)
name
and
namespace
. This is a replacement for a XPath lookup
//name
with the given namespace. It's somewhat faster than
XPath, and we do not deal with prefixes, just with the real namespace URI
startNode
- Where to start the searchname
- Local name of the elementnamespace
- Namespace URI of the element
null
public static List<Element> findElements(Node startNode, String name, String namespace)
name
and namespace
.
This is a replacement for a XPath lookup
//name
with the given namespace. It's somewhat faster than
XPath, and we do not deal with prefixes, just with the real namespace URI
startNode
- Where to start the searchname
- Local name of the elementnamespace
- Namespace URI of the element
public static Element findSAMLAssertionElementById(Node startNode, String value)
startNode
- Where to start the searchvalue
- Value of the AssertionID/ID attribute
null
otherwisepublic static Element findElementById(Node startNode, String value, boolean checkMultipleElements)
uri
and namespace
. The Id can be either a wsu:Id or an Id
with no namespace. This is a replacement for a XPath Id lookup with the given namespace.
It's somewhat faster than XPath, and we do not deal with prefixes, just with the real
namespace URI
If checkMultipleElements is true and there are multiple elements, we log a
warning and return null as this can be used to get around the signature checking.
startNode
- Where to start the searchvalue
- Value of the Id attributecheckMultipleElements
- If true then go through the entire tree and return
null if there are multiple elements with the same Id
null
otherwisepublic static String setNamespace(Element element, String namespace, String prefix)
element
- namespace
- prefix
-
public static String getPrefixNS(String uri, Node e)
public static String getNamespace(String prefix, Node e)
public static QName getQNameFromString(String str, Node e)
public static QName getFullQNameFromString(String str, Node e)
public static String getStringForQName(QName qname, Element e)
public static String getIDFromReference(String ref)
ref
-
public static Element prependChildElement(Element parent, Element child)
parent
- element of this child elementchild
- the element to append
public static Element findWsseSecurityHeaderBlock(Document doc, Element envelope, boolean doCreate) throws WSSecurityException
doc
- the DOM document (SOAP request)envelope
- the SOAP envelopedoCreate
- if true create a new WSS header block if none exists
WSSecurityException
public static Element findWsseSecurityHeaderBlock(Document doc, Element envelope, String actor, boolean doCreate) throws WSSecurityException
doc
- the DOM document (SOAP request)envelope
- the SOAP envelopeactor
- the actor (role) name of the WSS headerdoCreate
- if true create a new WSS header block if none exists
WSSecurityException
public static Text createBase64EncodedTextNode(Document doc, byte[] data)
doc
- the DOM document (SOAP request)data
- to encode
public static SOAPConstants getSOAPConstants(Element startElement)
public static String getSOAPNamespace(Element startElement)
public static SecretKey prepareSecretKey(String symEncAlgo, byte[] rawKey)
public static Cipher getCipherInstance(String cipherAlgo) throws WSSecurityException
WSSecurityException
public static WSSecurityEngineResult fetchActionResult(List<WSSecurityEngineResult> resultList, int action)
resultList
- The result list to fetch an action fromaction
- The action to fetch
public static List<WSSecurityEngineResult> fetchAllActionResults(List<WSSecurityEngineResult> resultList, int action, List<WSSecurityEngineResult> actionResultList)
resultList
- The result list to fetch an action fromaction
- The action to fetchactionResultList
- where to store the found results data for the action
public static int decodeAction(String action, List<Integer> actions) throws WSSecurityException
WSSecurityException
public static int decodeAction(String action, List<Integer> actions, WSSConfig wssConfig) throws WSSecurityException
action
- The initial String of actions to performactions
- The list of created actions that will be performedwssConfig
- This object holds the list of custom actions to be performed.
WSSecurityException
public static int getKeyLength(String algorithm) throws WSSecurityException
algorithm
-
WSSecurityException
public static byte[] generateNonce(int length) throws WSSecurityException
WSSecurityException
public static byte[] generateDigest(byte[] inputBytes) throws WSSecurityException
inputBytes
- the bytes to digest
WSSecurityException
public static void checkAllElementsProtected(List<WSSecurityEngineResult> results, int action, QName[] requiredParts) throws WSSecurityException
results
- The List of WSSecurityEngineResults from processingaction
- The action that is required (e.g. WSConstants.SIGN)requiredParts
- An array of QNames that correspond to the required elements
WSSecurityException
public static void checkSignsAllElements(WSSecurityEngineResult resultItem, String[] requiredIDs) throws WSSecurityException
resultItem
- the signature to checkrequiredIDs
- the list of wsu:Id values that must be covered
WSSecurityException
- if any required element is not includedpublic static List<Node> listChildren(Node parent)
public static List<Node> newNodes(List<Node> a, List<Node> b)
public static void storeElementInContext(javax.xml.crypto.dom.DOMCryptoContext context, Element element)
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |