Package org.apache.cxf.ws.security.wss4j.policyvalidators

Class AbstractBindingPolicyValidator

java.lang.Object
org.apache.cxf.ws.security.wss4j.policyvalidators.AbstractBindingPolicyValidator
All Implemented Interfaces:
SecurityPolicyValidator
Direct Known Subclasses:
AsymmetricBindingPolicyValidator, SymmetricBindingPolicyValidator, TransportBindingPolicyValidator
public abstract class AbstractBindingPolicyValidator extends Object implements SecurityPolicyValidator
Some abstract functionality for validating a security binding.

  • Constructor Details

    • AbstractBindingPolicyValidator

      public AbstractBindingPolicyValidator()

  • Method Details

    • validateTimestamp

      protected boolean validateTimestamp(boolean includeTimestamp, boolean transportBinding, WSHandlerResult results, List<WSSecurityEngineResult> signedResults, Message message)
      Validate a Timestamp
      Parameters:
      includeTimestamp - whether a Timestamp must be included or not
      transportBinding - whether the Transport binding is in use or not
      signedResults - the signed results list
      message - the Message object
      Returns:
      whether the Timestamp policy is valid or not

    • validateEntireHeaderAndBodySignatures

      protected boolean validateEntireHeaderAndBodySignatures(List<WSSecurityEngineResult> signedResults)
      Validate the entire header and body signature property.

    • checkProperties

      protected boolean checkProperties(AbstractSymmetricAsymmetricBinding binding, org.apache.cxf.ws.policy.AssertionInfo ai, org.apache.cxf.ws.policy.AssertionInfoMap aim, WSHandlerResult results, List<WSSecurityEngineResult> signedResults, Message message)
      Check various properties set in the policy of the binding

    • checkProtectionOrder

      protected boolean checkProtectionOrder(AbstractSymmetricAsymmetricBinding binding, org.apache.cxf.ws.policy.AssertionInfoMap aim, org.apache.cxf.ws.policy.AssertionInfo ai, List<WSSecurityEngineResult> results)
      Check the Protection Order of the binding

    • checkDerivedKeys

      protected boolean checkDerivedKeys(AbstractTokenWrapper tokenWrapper, boolean hasDerivedKeys, List<WSSecurityEngineResult> signedResults, List<WSSecurityEngineResult> encryptedResults)
      Check the derived key requirement.

    • isTokenProtected

      protected boolean isTokenProtected(List<WSSecurityEngineResult> results, List<WSSecurityEngineResult> signedResults)
      Check whether the token protection policy is followed. In other words, check that the signature token was itself signed.

    • isSignatureEncrypted

      protected boolean isSignatureEncrypted(List<WSSecurityEngineResult> results)
      Check whether the primary Signature (and all SignatureConfirmation) elements were encrypted

    • assertDerivedKeys

      protected void assertDerivedKeys(AbstractToken token, org.apache.cxf.ws.policy.AssertionInfoMap aim)