Permalink
Browse files

The child policy of BootstrapPolicy should not be used as part of the…

… normalization and vocabulary of the currently being processed message as it's just used to setup the policy for the interaction with the secure conversation endpoint.

git-svn-id: https://svn.apache.org/repos/asf/webservices/wss4j/trunk@1463709 13f79535-47bb-0310-9956-ffa450edef68
  • Loading branch information...
1 parent 5fe3464 commit 26885b8e3b06d0a983445e2827f7e32987ae0af4 @dkulp dkulp committed Apr 2, 2013
@@ -0,0 +1,54 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.wss4j.policy.builders;
+
+import javax.xml.namespace.QName;
+
+import org.w3c.dom.Element;
+
+import org.apache.neethi.Assertion;
+import org.apache.neethi.AssertionBuilderFactory;
+import org.apache.neethi.Policy;
+import org.apache.neethi.builders.AssertionBuilder;
+import org.apache.wss4j.policy.SP11Constants;
+import org.apache.wss4j.policy.SP13Constants;
+import org.apache.wss4j.policy.SPConstants;
+import org.apache.wss4j.policy.SPUtils;
+import org.apache.wss4j.policy.model.BootstrapPolicy;
+
+public class BootstrapPolicyBuilder implements AssertionBuilder<Element> {
+
+ public BootstrapPolicyBuilder() {
+ }
+
+ public Assertion build(Element element, AssertionBuilderFactory factory) throws IllegalArgumentException {
+ final SPConstants.SPVersion spVersion = SPConstants.SPVersion.getSPVersion(element.getNamespaceURI());
+ final Element nestedPolicyElement = SPUtils.getFirstPolicyChildElement(element);
+ if (nestedPolicyElement == null) {
+ throw new IllegalArgumentException("sp:BootstrapPolicy must have an inner wsp:Policy element");
+ }
+ final Policy nestedPolicy = factory.getPolicyEngine().getPolicy(nestedPolicyElement);
+ return new BootstrapPolicy(spVersion, nestedPolicy);
+ }
+
+ public QName[] getKnownElements() {
+ return new QName[]{SP13Constants.BOOTSTRAP_POLICY, SP11Constants.BOOTSTRAP_POLICY};
+ }
+
+}
@@ -0,0 +1,60 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.wss4j.policy.model;
+
+import javax.xml.namespace.QName;
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamWriter;
+
+import org.apache.neethi.Policy;
+import org.apache.wss4j.policy.SPConstants.SPVersion;
+
+/**
+ * A BootstrapPolicy is held internally to a SecureConversationToken
+ *
+ * While a BootstrapPolicy element DOES contain an internal Policy, this
+ * token is NOT considered a PolicyContainingAssertion for the purpose of
+ * calculating things like normalized policies and vocabulary.
+ */
+public class BootstrapPolicy extends AbstractSecurityAssertion {
+ private final Policy nestedPolicy;
+
+ public BootstrapPolicy(SPVersion version, Policy nestedPolicy) {
+ super(version);
+ this.nestedPolicy = nestedPolicy;
+ }
+
+ public QName getName() {
+ return super.getVersion().getSPConstants().getBootstrapPolicy();
+ }
+
+ public Policy getPolicy() {
+ return nestedPolicy;
+ }
+
+ public void serialize(XMLStreamWriter writer) throws XMLStreamException {
+ super.serialize(writer, nestedPolicy);
+ }
+
+ protected AbstractSecurityAssertion cloneAssertion(Policy nestedPolicy) {
+ return this;
+ }
+
+}
@@ -20,7 +20,6 @@
import org.apache.neethi.Assertion;
import org.apache.neethi.Policy;
-import org.apache.neethi.builders.PolicyContainingPrimitiveAssertion;
import org.apache.wss4j.policy.SPConstants;
import org.w3c.dom.Element;
@@ -30,7 +29,7 @@
public class SecureConversationToken extends SecurityContextToken {
- private Policy bootstrapPolicy;
+ private BootstrapPolicy bootstrapPolicy;
private boolean mustNotSendCancel;
private boolean mustNotSendAmend;
@@ -93,8 +92,8 @@ protected void parseNestedPolicy(Policy nestedPolicy, SecureConversationToken se
if (secureConversationToken.getBootstrapPolicy() != null) {
throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
}
- PolicyContainingPrimitiveAssertion policyContainingPrimitiveAssertion = (PolicyContainingPrimitiveAssertion) assertion;
- secureConversationToken.setBootstrapPolicy(policyContainingPrimitiveAssertion.getPolicy());
+ BootstrapPolicy bootstrap = (BootstrapPolicy) assertion;
+ secureConversationToken.setBootstrapPolicy(bootstrap);
continue;
}
}
@@ -125,11 +124,11 @@ protected void setMustNotSendRenew(boolean mustNotSendRenew) {
this.mustNotSendRenew = mustNotSendRenew;
}
- public Policy getBootstrapPolicy() {
+ public BootstrapPolicy getBootstrapPolicy() {
return bootstrapPolicy;
}
- protected void setBootstrapPolicy(Policy bootstrapPolicy) {
+ protected void setBootstrapPolicy(BootstrapPolicy bootstrapPolicy) {
this.bootstrapPolicy = bootstrapPolicy;
}
}
@@ -97,6 +97,7 @@ protected Policy loadPolicy(String policy) throws Exception {
assertionBuilderFactory.registerBuilder(new RequiredPartsBuilder());
assertionBuilderFactory.registerBuilder(new SamlTokenBuilder());
assertionBuilderFactory.registerBuilder(new SecureConversationTokenBuilder());
+ assertionBuilderFactory.registerBuilder(new BootstrapPolicyBuilder());
assertionBuilderFactory.registerBuilder(new SecurityContextTokenBuilder());
assertionBuilderFactory.registerBuilder(new SignatureTokenBuilder());
assertionBuilderFactory.registerBuilder(new SignedElementsBuilder());
@@ -68,7 +68,7 @@ public void testSecureConversationToken() throws Exception {
assertEquals(1, policyComponents.size());
PolicyOperator policyOperator = (PolicyOperator) policyComponents.get(0);
policyComponents = policyOperator.getPolicyComponents();
- assertEquals(3, policyComponents.size());
+ assertEquals(2, policyComponents.size());
All all = (All) policyComponents.get(0);
List<PolicyComponent> policyComponentsAll = all.getAssertions();
assertEquals(0, policyComponentsAll.size());
@@ -16,39 +16,10 @@
<sp:MustNotSendAmend/>
<sp:MustNotSendRenew/>
<sp:BootstrapPolicy>
- <wsp:Policy xmlns:wsp="http://www.w3.org/ns/ws-policy">
+ <wsp:Policy>
<wsp:ExactlyOne>
- <wsp:All>
- <Test1 xmlns=""></Test1>
- </wsp:All>
- </wsp:ExactlyOne>
- </wsp:Policy>
- </sp:BootstrapPolicy>
- </wsp:All>
- </wsp:ExactlyOne>
- </wsp:Policy>
- </sp:SecureConversationToken>
- </wsp:All>
- <wsp:All>
- <sp:SecureConversationToken xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
- sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Once"
- wsp:Ignorable="true">
- <sp:IssuerName>issuerName</sp:IssuerName>
- <wsp:Policy xmlns:wsp="http://www.w3.org/ns/ws-policy">
- <wsp:ExactlyOne>
- <wsp:All>
- <sp:RequireDerivedKeys/>
- <sp:RequireExternalUriReference/>
- <sp:SC13SecurityContextToken/>
- <sp:MustNotSendCancel/>
- <sp:MustNotSendAmend/>
- <sp:MustNotSendRenew/>
- <sp:BootstrapPolicy>
- <wsp:Policy xmlns:wsp="http://www.w3.org/ns/ws-policy">
- <wsp:ExactlyOne>
- <wsp:All>
- <Test2 xmlns=""></Test2>
- </wsp:All>
+ <Test1 xmlns=""></Test1>
+ <Test2 xmlns=""></Test2>
</wsp:ExactlyOne>
</wsp:Policy>
</sp:BootstrapPolicy>
@@ -58,4 +29,13 @@
</sp:SecureConversationToken>
</wsp:All>
</wsp:ExactlyOne>
-</wsp:Policy>
+</wsp:Policy>
+
+
+
+
+
+
+
+
+
@@ -49,6 +49,7 @@
import org.apache.wss4j.policy.WSSPolicyException;
import org.apache.wss4j.policy.builders.AlgorithmSuiteBuilder;
import org.apache.wss4j.policy.builders.AsymmetricBindingBuilder;
+import org.apache.wss4j.policy.builders.BootstrapPolicyBuilder;
import org.apache.wss4j.policy.builders.ContentEncryptedElementsBuilder;
import org.apache.wss4j.policy.builders.EncryptedElementsBuilder;
import org.apache.wss4j.policy.builders.EncryptedPartsBuilder;
@@ -132,6 +133,7 @@ private PolicyEnforcerFactory(List<AssertionBuilder<Element>> customAssertionBui
assertionBuilders.add(new RequiredPartsBuilder());
assertionBuilders.add(new SamlTokenBuilder());
assertionBuilders.add(new SecureConversationTokenBuilder());
+ assertionBuilders.add(new BootstrapPolicyBuilder());
assertionBuilders.add(new SecurityContextTokenBuilder());
assertionBuilders.add(new SignatureTokenBuilder());
assertionBuilders.add(new SignedElementsBuilder());

0 comments on commit 26885b8

Please sign in to comment.