Java Code Examples for org.apache.cxf.helpers.CastUtils

The following examples show how to use org.apache.cxf.helpers.CastUtils. These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source Project: steady   Source File: KerberosTokenInterceptorProvider.java    License: Apache License 2.0 6 votes vote down vote up
public void handleMessage(Message message) throws Fault {
    AssertionInfoMap aim = message.get(AssertionInfoMap.class);
    // extract Assertion information
    if (aim != null) {
        Collection<AssertionInfo> ais = aim.get(SP12Constants.KERBEROS_TOKEN);
        if (ais == null) {
            return;
        }
        if (!isRequestor(message)) {
            List<WSHandlerResult> results = 
                CastUtils.cast((List<?>)message.get(WSHandlerConstants.RECV_RESULTS));
            if (results != null && results.size() > 0) {
                parseHandlerResults(results.get(0), message, aim);
            }
        } else {
            //client side should be checked on the way out
            for (AssertionInfo ai : ais) {
                ai.setAsserted(true);
            }                    
        }
    }
}
 
Example 2
Source Project: steady   Source File: IssuedTokenInterceptorProvider.java    License: Apache License 2.0 6 votes vote down vote up
public void handleMessage(Message message) throws Fault {
    AssertionInfoMap aim = message.get(AssertionInfoMap.class);
    // extract Assertion information
    if (aim != null) {
        Collection<AssertionInfo> ais = aim.get(SP12Constants.ISSUED_TOKEN);
        if (ais == null) {
            return;
        }
        if (!isRequestor(message)) {
            List<WSHandlerResult> results = 
                CastUtils.cast((List<?>)message.get(WSHandlerConstants.RECV_RESULTS));
            if (results != null && results.size() > 0) {
                parseHandlerResults(results.get(0), message, aim);
            }
        } else {
            //client side should be checked on the way out
            for (AssertionInfo ai : ais) {
                ai.setAsserted(true);
            }                    
        }
    }
}
 
Example 3
Source Project: steady   Source File: AbstractBindingPolicyValidator.java    License: Apache License 2.0 6 votes vote down vote up
/**
 * Check to see if a signature was applied before encryption.
 * Note that results are stored in the reverse order.
 */
private boolean isSignedBeforeEncrypted(List<WSSecurityEngineResult> results) {
    boolean signed = false;
    for (WSSecurityEngineResult result : results) {
        Integer actInt = (Integer)result.get(WSSecurityEngineResult.TAG_ACTION);
        List<WSDataRef> el = 
            CastUtils.cast((List<?>)result.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
        
        // Don't count an endorsing signature
        if (actInt.intValue() == WSConstants.SIGN && el != null
            && !(el.size() == 1 && el.get(0).getName().equals(SIG_QNAME))) {
            signed = true;
        }
        if (actInt.intValue() == WSConstants.ENCR && el != null) {
            if (signed) {
                return true;
            }
            return false;
        }
    }
    return false;
}
 
Example 4
Source Project: steady   Source File: AbstractBindingPolicyValidator.java    License: Apache License 2.0 6 votes vote down vote up
/**
 * Validate the entire header and body signature property.
 */
protected boolean validateEntireHeaderAndBodySignatures(
    List<WSSecurityEngineResult> signedResults
) {
    for (WSSecurityEngineResult signedResult : signedResults) {
        List<WSDataRef> dataRefs = 
                CastUtils.cast((List<?>)signedResult.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
        for (WSDataRef dataRef : dataRefs) {
            String xpath = dataRef.getXpath();
            if (xpath != null) {
                String[] nodes = StringUtils.split(xpath, "/");
                // envelope/Body || envelope/Header/header || envelope/Header/wsse:Security/header
                if (nodes.length == 5 && nodes[3].contains("Security")) {
                    continue;
                } else if (nodes.length < 3 || nodes.length > 4) {
                    return false;
                }
            }
        }
    }
    return true;
}
 
Example 5
Source Project: steady   Source File: AbstractBindingPolicyValidator.java    License: Apache License 2.0 6 votes vote down vote up
/**
 * Check to see if a signature was applied before encryption.
 * Note that results are stored in the reverse order.
 */
private boolean isSignedBeforeEncrypted(List<WSSecurityEngineResult> results) {
    boolean signed = false;
    for (WSSecurityEngineResult result : results) {
        Integer actInt = (Integer)result.get(WSSecurityEngineResult.TAG_ACTION);
        List<WSDataRef> el = 
            CastUtils.cast((List<?>)result.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
        
        // Don't count an endorsing signature
        if (actInt.intValue() == WSConstants.SIGN && el != null
            && !(el.size() == 1 && el.get(0).getName().equals(SIG_QNAME))) {
            signed = true;
        }
        if (actInt.intValue() == WSConstants.ENCR && el != null) {
            if (signed) {
                return true;
            }
            return false;
        }
    }
    return false;
}
 
Example 6
/**
 * Return true if a token was encrypted, false otherwise.
 */
private boolean isTokenEncrypted(Element token) {
    for (WSSecurityEngineResult signedResult : encryptedResults) {
        List<WSDataRef> dataRefs = 
            CastUtils.cast((List<?>)signedResult.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
        if (dataRefs == null) {
            return false;
        }
        for (WSDataRef dataRef : dataRefs) {
            if (token == dataRef.getProtectedElement()) {
                return true;
            }
        }
    }
    return false;
}
 
Example 7
/**
 * Return true if the Timestamp is signed by one of the token results
 * @param tokenResults A list of WSSecurityEngineResults corresponding to tokens
 * @return true if the Timestamp is signed
 */
private boolean checkTimestampIsSigned(List<WSSecurityEngineResult> tokenResults) {
    for (WSSecurityEngineResult signedResult : signedResults) {
        List<WSDataRef> sl =
            CastUtils.cast((List<?>)signedResult.get(
                WSSecurityEngineResult.TAG_DATA_REF_URIS
            ));
        if (sl != null) {
            for (WSDataRef dataRef : sl) {
                if (timestamp == dataRef.getProtectedElement()
                    && checkSignatureOrEncryptionResult(signedResult, tokenResults)) {
                    return true;
                }
            }
        }
    }
    return false;
}
 
Example 8
/**
 * Return true if the Signature is itself signed by one of the token results
 * @param tokenResults A list of WSSecurityEngineResults corresponding to tokens
 * @return true if the Signature is itself signed
 */
private boolean checkSignatureIsSigned(List<WSSecurityEngineResult> tokenResults) {
    for (WSSecurityEngineResult signedResult : signedResults) {
        List<WSDataRef> sl =
            CastUtils.cast((List<?>)signedResult.get(
                WSSecurityEngineResult.TAG_DATA_REF_URIS
            ));
        if (sl != null && sl.size() == 1) {
            for (WSDataRef dataRef : sl) {
                QName signedQName = dataRef.getName();
                if (WSSecurityEngine.SIGNATURE.equals(signedQName)
                    && checkSignatureOrEncryptionResult(signedResult, tokenResults)) {
                    return true;
                }
            }
        }
    }
    return false;
}
 
Example 9
/**
 * Check that an Element is signed or encrypted by one of the token results
 */
private boolean checkProtectionResult(
    Element elementToProtect,
    boolean content,
    List<WSSecurityEngineResult> protResults,
    List<WSSecurityEngineResult> tokenResults
) {
    for (WSSecurityEngineResult result : protResults) {
        List<WSDataRef> dataRefs = 
            CastUtils.cast((List<?>)result.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
        if (dataRefs != null) {
            for (WSDataRef dataRef : dataRefs) {
                if (elementToProtect == dataRef.getProtectedElement()
                    && content == dataRef.isContent()
                    && checkSignatureOrEncryptionResult(result, tokenResults)) {
                    return true;
                }
            }
        }
    }
    return false;
}
 
Example 10
/**
 * Return true if the Timestamp is signed by one of the token results
 * @param tokenResults A list of WSSecurityEngineResults corresponding to tokens
 * @return true if the Timestamp is signed
 */
private boolean checkTimestampIsSigned(List<WSSecurityEngineResult> tokenResults) {
    for (WSSecurityEngineResult signedResult : signedResults) {
        List<WSDataRef> sl =
            CastUtils.cast((List<?>)signedResult.get(
                WSSecurityEngineResult.TAG_DATA_REF_URIS
            ));
        if (sl != null) {
            for (WSDataRef dataRef : sl) {
                if (timestamp == dataRef.getProtectedElement()
                    && checkSignatureOrEncryptionResult(signedResult, tokenResults)) {
                    return true;
                }
            }
        }
    }
    return false;
}
 
Example 11
/**
 * Check that an Element is signed or encrypted by one of the token results
 */
private boolean checkProtectionResult(
    Element elementToProtect,
    boolean content,
    List<WSSecurityEngineResult> protResults,
    List<WSSecurityEngineResult> tokenResults
) {
    for (WSSecurityEngineResult result : protResults) {
        List<WSDataRef> dataRefs = 
            CastUtils.cast((List<?>)result.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
        if (dataRefs != null) {
            for (WSDataRef dataRef : dataRefs) {
                if (elementToProtect == dataRef.getProtectedElement()
                    && content == dataRef.isContent()
                    && checkSignatureOrEncryptionResult(result, tokenResults)) {
                    return true;
                }
            }
        }
    }
    return false;
}
 
Example 12
Source Project: steady   Source File: AbstractPolicySecurityTest.java    License: Apache License 2.0 6 votes vote down vote up
protected void verifyWss4jEncResults(SoapMessage inmsg) {
    //
    // There should be exactly 1 (WSS4J) HandlerResult
    //
    final List<WSHandlerResult> handlerResults = 
        CastUtils.cast((List<?>)inmsg.get(WSHandlerConstants.RECV_RESULTS));
    assertNotNull(handlerResults);
    assertSame(handlerResults.size(), 1);

    List<WSSecurityEngineResult> protectionResults = new Vector<WSSecurityEngineResult>();
    WSSecurityUtil.fetchAllActionResults(handlerResults.get(0).getResults(),
            WSConstants.ENCR, protectionResults);
    assertNotNull(protectionResults);
    
    //
    // This result should contain a reference to the decrypted element
    //
    final Map<String, Object> result = protectionResults
            .get(0);
    final List<WSDataRef> protectedElements = 
        CastUtils.cast((List<?>)result.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
    assertNotNull(protectedElements);
}
 
Example 13
Source Project: steady   Source File: KerberosTokenInterceptorProvider.java    License: Apache License 2.0 6 votes vote down vote up
public void handleMessage(Message message) throws Fault {
    AssertionInfoMap aim = message.get(AssertionInfoMap.class);
    // extract Assertion information
    if (aim != null) {
        Collection<AssertionInfo> ais = aim.get(SP12Constants.KERBEROS_TOKEN);
        if (ais == null) {
            return;
        }
        if (!isRequestor(message)) {
            List<WSHandlerResult> results = 
                CastUtils.cast((List<?>)message.get(WSHandlerConstants.RECV_RESULTS));
            if (results != null && results.size() > 0) {
                parseHandlerResults(results.get(0), message, aim);
            }
        } else {
            //client side should be checked on the way out
            for (AssertionInfo ai : ais) {
                ai.setAsserted(true);
            }                    
        }
    }
}
 
Example 14
Source Project: steady   Source File: KerberosTokenInterceptorProvider.java    License: Apache License 2.0 6 votes vote down vote up
public void handleMessage(Message message) throws Fault {
    AssertionInfoMap aim = message.get(AssertionInfoMap.class);
    // extract Assertion information
    if (aim != null) {
        Collection<AssertionInfo> ais = aim.get(SP12Constants.KERBEROS_TOKEN);
        if (ais == null) {
            return;
        }
        if (!isRequestor(message)) {
            List<WSHandlerResult> results = 
                CastUtils.cast((List<?>)message.get(WSHandlerConstants.RECV_RESULTS));
            if (results != null && results.size() > 0) {
                parseHandlerResults(results.get(0), message, aim);
            }
        } else {
            //client side should be checked on the way out
            for (AssertionInfo ai : ais) {
                ai.setAsserted(true);
            }                    
        }
    }
}
 
Example 15
Source Project: steady   Source File: IssuedTokenInterceptorProvider.java    License: Apache License 2.0 6 votes vote down vote up
public void handleMessage(Message message) throws Fault {
    AssertionInfoMap aim = message.get(AssertionInfoMap.class);
    // extract Assertion information
    if (aim != null) {
        Collection<AssertionInfo> ais = aim.get(SP12Constants.ISSUED_TOKEN);
        if (ais == null) {
            return;
        }
        if (!isRequestor(message)) {
            List<WSHandlerResult> results = 
                CastUtils.cast((List<?>)message.get(WSHandlerConstants.RECV_RESULTS));
            if (results != null && results.size() > 0) {
                parseHandlerResults(results.get(0), message, aim);
            }
        } else {
            //client side should be checked on the way out
            for (AssertionInfo ai : ais) {
                ai.setAsserted(true);
            }                    
        }
    }
}
 
Example 16
/**
 * Return true if the Signature is itself signed by one of the token results
 * @param tokenResults A list of WSSecurityEngineResults corresponding to tokens
 * @return true if the Signature is itself signed
 */
private boolean checkSignatureIsSigned(List<WSSecurityEngineResult> tokenResults) {
    for (WSSecurityEngineResult signedResult : signedResults) {
        List<WSDataRef> sl =
            CastUtils.cast((List<?>)signedResult.get(
                WSSecurityEngineResult.TAG_DATA_REF_URIS
            ));
        if (sl != null && sl.size() == 1) {
            for (WSDataRef dataRef : sl) {
                QName signedQName = dataRef.getName();
                if (WSSecurityEngine.SIGNATURE.equals(signedQName)
                    && checkSignatureOrEncryptionResult(signedResult, tokenResults)) {
                    return true;
                }
            }
        }
    }
    return false;
}
 
Example 17
/**
 * Return true if the Signature is itself signed by one of the token results
 * @param tokenResults A list of WSSecurityEngineResults corresponding to tokens
 * @return true if the Signature is itself signed
 */
private boolean checkSignatureIsSigned(List<WSSecurityEngineResult> tokenResults) {
    for (WSSecurityEngineResult signedResult : signedResults) {
        List<WSDataRef> sl =
            CastUtils.cast((List<?>)signedResult.get(
                WSSecurityEngineResult.TAG_DATA_REF_URIS
            ));
        if (sl != null && sl.size() == 1) {
            for (WSDataRef dataRef : sl) {
                QName signedQName = dataRef.getName();
                if (WSSecurityEngine.SIGNATURE.equals(signedQName)
                    && checkSignatureOrEncryptionResult(signedResult, tokenResults)) {
                    return true;
                }
            }
        }
    }
    return false;
}
 
Example 18
Source Project: steady   Source File: AbstractBindingPolicyValidator.java    License: Apache License 2.0 6 votes vote down vote up
/**
 * Return true if the given id was encrypted
 */
private boolean isIdEncrypted(String sigId, List<WSSecurityEngineResult> results) {
    for (WSSecurityEngineResult wser : results) {
        Integer actInt = (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
        if (actInt.intValue() == WSConstants.ENCR) {
            List<WSDataRef> el = 
                CastUtils.cast((List<?>)wser.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
            if (el != null) {
                for (WSDataRef r : el) {
                    Element protectedElement = r.getProtectedElement();
                    if (protectedElement != null) {
                        String id = protectedElement.getAttribute("Id");
                        String wsuId = protectedElement.getAttributeNS(WSConstants.WSU_NS, "Id");
                        if (sigId.equals(id) || sigId.equals(wsuId)) {
                            return true;
                        }
                    }
                }
            }
        }
    }
    return false;
}
 
Example 19
/**
 * Return true if the Timestamp is signed by one of the token results
 * @param tokenResults A list of WSSecurityEngineResults corresponding to tokens
 * @return true if the Timestamp is signed
 */
private boolean checkTimestampIsSigned(List<WSSecurityEngineResult> tokenResults) {
    for (WSSecurityEngineResult signedResult : signedResults) {
        List<WSDataRef> sl =
            CastUtils.cast((List<?>)signedResult.get(
                WSSecurityEngineResult.TAG_DATA_REF_URIS
            ));
        if (sl != null) {
            for (WSDataRef dataRef : sl) {
                if (timestamp == dataRef.getProtectedElement()
                    && checkSignatureOrEncryptionResult(signedResult, tokenResults)) {
                    return true;
                }
            }
        }
    }
    return false;
}
 
Example 20
/**
 * Check that an Element is signed or encrypted by one of the token results
 */
private boolean checkProtectionResult(
    Element elementToProtect,
    boolean content,
    List<WSSecurityEngineResult> protResults,
    List<WSSecurityEngineResult> tokenResults
) {
    for (WSSecurityEngineResult result : protResults) {
        List<WSDataRef> dataRefs = 
            CastUtils.cast((List<?>)result.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
        if (dataRefs != null) {
            for (WSDataRef dataRef : dataRefs) {
                if (elementToProtect == dataRef.getProtectedElement()
                    && content == dataRef.isContent()
                    && checkSignatureOrEncryptionResult(result, tokenResults)) {
                    return true;
                }
            }
        }
    }
    return false;
}
 
Example 21
/**
 * Return true if a token was encrypted, false otherwise.
 */
private boolean isTokenEncrypted(Element token) {
    for (WSSecurityEngineResult signedResult : encryptedResults) {
        List<WSDataRef> dataRefs = 
            CastUtils.cast((List<?>)signedResult.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
        if (dataRefs == null) {
            return false;
        }
        for (WSDataRef dataRef : dataRefs) {
            if (token == dataRef.getProtectedElement()) {
                return true;
            }
        }
    }
    return false;
}
 
Example 22
Source Project: steady   Source File: WSS4JInInterceptor.java    License: Apache License 2.0 6 votes vote down vote up
public WSS4JInInterceptor(Map<String, Object> properties) {
    this();
    setProperties(properties);
    final Map<QName, Object> processorMap = CastUtils.cast(
        (Map<?, ?>)properties.get(PROCESSOR_MAP));
    final Map<QName, Object> validatorMap = CastUtils.cast(
        (Map<?, ?>)properties.get(VALIDATOR_MAP));
    
    if (processorMap != null) {
        if (validatorMap != null) {
            processorMap.putAll(validatorMap);
        }
        secEngineOverride = createSecurityEngine(processorMap);
    } else if (validatorMap != null) {
        secEngineOverride = createSecurityEngine(validatorMap);
    }
}
 
Example 23
Source Project: steady   Source File: AbstractPolicySecurityTest.java    License: Apache License 2.0 6 votes vote down vote up
protected void verifyWss4jEncResults(SoapMessage inmsg) {
    //
    // There should be exactly 1 (WSS4J) HandlerResult
    //
    final List<WSHandlerResult> handlerResults = 
        CastUtils.cast((List<?>)inmsg.get(WSHandlerConstants.RECV_RESULTS));
    assertNotNull(handlerResults);
    assertSame(handlerResults.size(), 1);

    List<WSSecurityEngineResult> protectionResults = new Vector<WSSecurityEngineResult>();
    WSSecurityUtil.fetchAllActionResults(handlerResults.get(0).getResults(),
            WSConstants.ENCR, protectionResults);
    assertNotNull(protectionResults);
    
    //
    // This result should contain a reference to the decrypted element
    //
    final Map<String, Object> result = protectionResults
            .get(0);
    final List<WSDataRef> protectedElements = 
        CastUtils.cast((List<?>)result.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
    assertNotNull(protectedElements);
}
 
Example 24
/**
 * Check that an Element is signed or encrypted by one of the token results
 */
private boolean checkProtectionResult(
    Element elementToProtect,
    boolean content,
    List<WSSecurityEngineResult> protResults,
    List<WSSecurityEngineResult> tokenResults
) {
    for (WSSecurityEngineResult result : protResults) {
        List<WSDataRef> dataRefs = 
            CastUtils.cast((List<?>)result.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
        if (dataRefs != null) {
            for (WSDataRef dataRef : dataRefs) {
                if (elementToProtect == dataRef.getProtectedElement()
                    && content == dataRef.isContent()
                    && checkSignatureOrEncryptionResult(result, tokenResults)) {
                    return true;
                }
            }
        }
    }
    return false;
}
 
Example 25
Source Project: steady   Source File: KerberosTokenInterceptorProvider.java    License: Apache License 2.0 6 votes vote down vote up
public void handleMessage(Message message) throws Fault {
    AssertionInfoMap aim = message.get(AssertionInfoMap.class);
    // extract Assertion information
    if (aim != null) {
        Collection<AssertionInfo> ais = aim.get(SP12Constants.KERBEROS_TOKEN);
        if (ais == null) {
            return;
        }
        if (!isRequestor(message)) {
            List<WSHandlerResult> results = 
                CastUtils.cast((List<?>)message.get(WSHandlerConstants.RECV_RESULTS));
            if (results != null && results.size() > 0) {
                parseHandlerResults(results.get(0), message, aim);
            }
        } else {
            //client side should be checked on the way out
            for (AssertionInfo ai : ais) {
                ai.setAsserted(true);
            }                    
        }
    }
}
 
Example 26
Source Project: steady   Source File: AbstractBindingPolicyValidator.java    License: Apache License 2.0 6 votes vote down vote up
/**
 * Validate the entire header and body signature property.
 */
protected boolean validateEntireHeaderAndBodySignatures(
    List<WSSecurityEngineResult> signedResults
) {
    for (WSSecurityEngineResult signedResult : signedResults) {
        List<WSDataRef> dataRefs = 
                CastUtils.cast((List<?>)signedResult.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
        for (WSDataRef dataRef : dataRefs) {
            String xpath = dataRef.getXpath();
            if (xpath != null) {
                String[] nodes = StringUtils.split(xpath, "/");
                // envelope/Body || envelope/Header/header || envelope/Header/wsse:Security/header
                if (nodes.length == 5 && nodes[3].contains("Security")) {
                    continue;
                } else if (nodes.length < 3 || nodes.length > 4) {
                    return false;
                }
            }
        }
    }
    return true;
}
 
Example 27
Source Project: steady   Source File: AbstractBindingPolicyValidator.java    License: Apache License 2.0 6 votes vote down vote up
/**
 * Validate the entire header and body signature property.
 */
protected boolean validateEntireHeaderAndBodySignatures(
    List<WSSecurityEngineResult> signedResults
) {
    for (WSSecurityEngineResult signedResult : signedResults) {
        List<WSDataRef> dataRefs = 
                CastUtils.cast((List<?>)signedResult.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
        for (WSDataRef dataRef : dataRefs) {
            String xpath = dataRef.getXpath();
            if (xpath != null) {
                String[] nodes = StringUtils.split(xpath, "/");
                // envelope/Body || envelope/Header/header || envelope/Header/wsse:Security/header
                if (nodes.length == 5 && nodes[3].contains("Security")) {
                    continue;
                } else if (nodes.length < 3 || nodes.length > 4) {
                    return false;
                }
            }
        }
    }
    return true;
}
 
Example 28
Source Project: steady   Source File: AbstractBindingPolicyValidator.java    License: Apache License 2.0 6 votes vote down vote up
/**
 * Check to see if a signature was applied before encryption.
 * Note that results are stored in the reverse order.
 */
private boolean isSignedBeforeEncrypted(List<WSSecurityEngineResult> results) {
    boolean signed = false;
    for (WSSecurityEngineResult result : results) {
        Integer actInt = (Integer)result.get(WSSecurityEngineResult.TAG_ACTION);
        List<WSDataRef> el = 
            CastUtils.cast((List<?>)result.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
        
        // Don't count an endorsing signature
        if (actInt.intValue() == WSConstants.SIGN && el != null
            && !(el.size() == 1 && el.get(0).getName().equals(SIG_QNAME))) {
            signed = true;
        }
        if (actInt.intValue() == WSConstants.ENCR && el != null) {
            if (signed) {
                return true;
            }
            return false;
        }
    }
    return false;
}
 
Example 29
Source Project: steady   Source File: AbstractBindingPolicyValidator.java    License: Apache License 2.0 6 votes vote down vote up
/**
 * Check to see if encryption was applied before signature.
 * Note that results are stored in the reverse order.
 */
private boolean isEncryptedBeforeSigned(List<WSSecurityEngineResult> results) {
    boolean encrypted = false;
    for (WSSecurityEngineResult result : results) {
        Integer actInt = (Integer)result.get(WSSecurityEngineResult.TAG_ACTION);
        List<WSDataRef> el = 
            CastUtils.cast((List<?>)result.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
        
        if (actInt.intValue() == WSConstants.ENCR && el != null) {
            encrypted = true;
        }
        // Don't count an endorsing signature
        if (actInt.intValue() == WSConstants.SIGN && el != null
            && !(el.size() == 1 && el.get(0).getName().equals(SIG_QNAME))) {
            if (encrypted) {
                return true;
            }
            return false;
        }
    }
    return false;
}
 
Example 30
Source Project: steady   Source File: AbstractBindingPolicyValidator.java    License: Apache License 2.0 6 votes vote down vote up
/**
 * Return true if the given id was encrypted
 */
private boolean isIdEncrypted(String sigId, List<WSSecurityEngineResult> results) {
    for (WSSecurityEngineResult wser : results) {
        Integer actInt = (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
        if (actInt.intValue() == WSConstants.ENCR) {
            List<WSDataRef> el = 
                CastUtils.cast((List<?>)wser.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
            if (el != null) {
                for (WSDataRef r : el) {
                    Element protectedElement = r.getProtectedElement();
                    if (protectedElement != null) {
                        String id = protectedElement.getAttribute("Id");
                        String wsuId = protectedElement.getAttributeNS(WSConstants.WSU_NS, "Id");
                        if (sigId.equals(id) || sigId.equals(wsuId)) {
                            return true;
                        }
                    }
                }
            }
        }
    }
    return false;
}