Home » rampart-dist-1.4-src » org.apache » rampart » builder » [javadoc | source]

    1   /*
    2    * Copyright 2004,2005 The Apache Software Foundation.
    3    *
    4    * Licensed under the Apache License, Version 2.0 (the "License");
    5    * you may not use this file except in compliance with the License.
    6    * You may obtain a copy of the License at
    7    *
    8    *      http://www.apache.org/licenses/LICENSE-2.0
    9    *
   10    * Unless required by applicable law or agreed to in writing, software
   11    * distributed under the License is distributed on an "AS IS" BASIS,
   12    * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   13    * See the License for the specific language governing permissions and
   14    * limitations under the License.
   15    */
   16   
   17   package org.apache.rampart.builder;
   18   
   19   import java.util.ArrayList;
   20   import java.util.Iterator;
   21   import java.util.Vector;
   22   
   23   import org.apache.axiom.om.OMElement;
   24   import org.apache.axiom.soap.SOAPEnvelope;
   25   import org.apache.axis2.context.MessageContext;
   26   import org.apache.commons.logging.Log;
   27   import org.apache.commons.logging.LogFactory;
   28   import org.apache.rahas.RahasConstants;
   29   import org.apache.rahas.TrustException;
   30   import org.apache.rampart.RampartConstants;
   31   import org.apache.rampart.RampartException;
   32   import org.apache.rampart.RampartMessageData;
   33   import org.apache.rampart.policy.RampartPolicyData;
   34   import org.apache.rampart.util.RampartUtil;
   35   import org.apache.ws.secpolicy.SPConstants;
   36   import org.apache.ws.secpolicy.model.AlgorithmSuite;
   37   import org.apache.ws.secpolicy.model.Header;
   38   import org.apache.ws.secpolicy.model.IssuedToken;
   39   import org.apache.ws.secpolicy.model.SecureConversationToken;
   40   import org.apache.ws.secpolicy.model.SignedEncryptedParts;
   41   import org.apache.ws.secpolicy.model.SupportingToken;
   42   import org.apache.ws.secpolicy.model.Token;
   43   import org.apache.ws.secpolicy.model.UsernameToken;
   44   import org.apache.ws.secpolicy.model.X509Token;
   45   import org.apache.ws.security.WSConstants;
   46   import org.apache.ws.security.WSEncryptionPart;
   47   import org.apache.ws.security.WSSecurityException;
   48   import org.apache.ws.security.conversation.ConversationException;
   49   import org.apache.ws.security.handler.WSHandlerConstants;
   50   import org.apache.ws.security.message.WSSecDKSign;
   51   import org.apache.ws.security.message.WSSecEncryptedKey;
   52   import org.apache.ws.security.message.WSSecSignature;
   53   import org.apache.ws.security.message.WSSecUsernameToken;
   54   import org.w3c.dom.Document;
   55   import org.w3c.dom.Element;
   56   
   57   public class TransportBindingBuilder extends BindingBuilder {
   58   
   59       private static Log log = LogFactory.getLog(TransportBindingBuilder.class);
   60       private static Log tlog = LogFactory.getLog(RampartConstants.TIME_LOG);	
   61       private boolean dotDebug = false;
   62       
   63       public TransportBindingBuilder(){
   64       	dotDebug = tlog.isDebugEnabled();
   65       }
   66       
   67       public void build(RampartMessageData rmd) throws RampartException {
   68           
   69           log.debug("TransportBindingBuilder build invoked");
   70           
   71           long t0 = 0, t1 = 0;
   72       	if(dotDebug){
   73       		t1 = System.currentTimeMillis();
   74       	}
   75           
   76           RampartPolicyData rpd = rmd.getPolicyData();
   77           
   78           if (rpd.isIncludeTimestamp()) {
   79           	addTimestamp(rmd);
   80           }
   81          
   82           /*
   83            * Process Supporting tokens
   84            */
   85           if(rmd.isInitiator()) {
   86               Vector signatureValues = new Vector();
   87               
   88               SupportingToken sgndSuppTokens = rpd.getSignedSupportingTokens();
   89               
   90               if(sgndSuppTokens != null && sgndSuppTokens.getTokens() != null &&
   91                       sgndSuppTokens.getTokens().size() > 0) {
   92                   
   93                   log.debug("Processing signed supporting tokens");
   94                   
   95                   ArrayList tokens = sgndSuppTokens.getTokens();
   96                   for (Iterator iter = tokens.iterator(); iter.hasNext();) {
   97                       
   98                       Token token = (Token) iter.next();
   99                       if(token instanceof UsernameToken) {
  100                           WSSecUsernameToken utBuilder = addUsernameToken(rmd,(UsernameToken)token);
  101                           
  102                           utBuilder.prepare(rmd.getDocument());
  103                           
  104                           //Add the UT
  105                           utBuilder.appendToHeader(rmd.getSecHeader());
  106                           
  107                       } else {
  108                           throw new RampartException("unsupportedSignedSupportingToken", 
  109                                   new String[]{"{" +token.getName().getNamespaceURI() 
  110                                   + "}" + token.getName().getLocalPart()});
  111                       }
  112                   }
  113               }
  114               
  115               SupportingToken sgndEndSuppTokens = rpd.getSignedEndorsingSupportingTokens();
  116               if(sgndEndSuppTokens != null && sgndEndSuppTokens.getTokens() != null &&
  117                       sgndEndSuppTokens.getTokens().size() > 0) {
  118                   
  119                   log.debug("Processing endorsing signed supporting tokens");
  120                   
  121                   ArrayList tokens = sgndEndSuppTokens.getTokens();
  122                   SignedEncryptedParts signdParts = sgndEndSuppTokens.getSignedParts();
  123                   for (Iterator iter = tokens.iterator(); iter.hasNext();) {
  124                       Token token = (Token) iter.next();
  125                       if(token instanceof IssuedToken && rmd.isInitiator()) {
  126                           signatureValues.add(doIssuedTokenSignature(rmd, token, signdParts));
  127                       } else if(token instanceof X509Token) {
  128                           signatureValues.add(doX509TokenSignature(rmd, token, signdParts));
  129                       }
  130                   }
  131               }
  132       
  133               SupportingToken endSupptokens = rpd.getEndorsingSupportingTokens();
  134               if(endSupptokens != null && endSupptokens.getTokens() != null &&
  135                       endSupptokens.getTokens().size() > 0) {
  136                   log.debug("Processing endorsing supporting tokens");
  137                   ArrayList tokens = endSupptokens.getTokens();
  138                   SignedEncryptedParts signdParts = endSupptokens.getSignedParts();
  139                   for (Iterator iter = tokens.iterator(); iter.hasNext();) {
  140                       Token token = (Token) iter.next();
  141                       if(token instanceof IssuedToken && rmd.isInitiator()){
  142                           signatureValues.add(doIssuedTokenSignature(rmd, token, signdParts));
  143                       } else if(token instanceof X509Token) {
  144                           signatureValues.add(doX509TokenSignature(rmd, token, signdParts));
  145                       } else if (token instanceof SecureConversationToken) {
  146                           handleSecureConversationTokens(rmd, (SecureConversationToken)token);
  147                           signatureValues.add(doSecureConversationSignature(rmd, token, signdParts));                                               
  148                       }
  149                   }
  150               }
  151               
  152               
  153               SupportingToken supportingToks = rpd.getSupportingTokens();
  154               this.handleSupportingTokens(rmd, supportingToks);
  155               
  156               
  157               //Store the signature values vector
  158               rmd.getMsgContext().setProperty(WSHandlerConstants.SEND_SIGV, signatureValues);
  159           } else {
  160               addSignatureConfirmation(rmd, null);
  161           }
  162           
  163       	if(dotDebug){
  164       		t1 = System.currentTimeMillis();
  165       		tlog.debug("Transport binding build took "+ (t1 - t0));
  166       	}
  167       }
  168   
  169   
  170   
  171       /**
  172        * X.509 signature
  173        * @param rmd
  174        * @param token
  175        * @param signdParts 
  176        */
  177       private byte[] doX509TokenSignature(RampartMessageData rmd, Token token, SignedEncryptedParts signdParts) throws RampartException {
  178           
  179           RampartPolicyData rpd = rmd.getPolicyData();
  180           Document doc = rmd.getDocument();
  181           
  182           Vector sigParts = new Vector();
  183           
  184           if(this.timestampElement != null){
  185               sigParts.add(new WSEncryptionPart(rmd.getTimestampId()));                          
  186           }
  187           
  188           if(signdParts != null) {
  189               if(signdParts.isBody()) {
  190                   SOAPEnvelope env = rmd.getMsgContext().getEnvelope();
  191                   sigParts.add(new WSEncryptionPart(RampartUtil.addWsuIdToElement(env.getBody())));
  192               }
  193       
  194               ArrayList headers = signdParts.getHeaders();
  195               for (Iterator iterator = headers.iterator(); iterator.hasNext();) {
  196                   Header header = (Header) iterator.next();
  197                   WSEncryptionPart wep = new WSEncryptionPart(header.getName(), 
  198                           header.getNamespace(),
  199                           "Content");
  200                   sigParts.add(wep);
  201               }
  202           }
  203           if(token.isDerivedKeys()) {
  204               //In this case we will have to encrypt the ephmeral key with the 
  205               //other party's key and then use it as the parent key of the
  206               // derived keys
  207               try {
  208                   
  209                   WSSecEncryptedKey encrKey = getEncryptedKeyBuilder(rmd, token);
  210                   
  211                   Element bstElem = encrKey.getBinarySecurityTokenElement();
  212                   if(bstElem != null) {
  213                      RampartUtil.appendChildToSecHeader(rmd, bstElem); 
  214                   }
  215                   
  216                   encrKey.appendToHeader(rmd.getSecHeader());
  217                   
  218                   WSSecDKSign dkSig = new WSSecDKSign();
  219                   
  220                   dkSig.setWsConfig(rmd.getConfig());
  221                   
  222                   dkSig.setSigCanonicalization(rpd.getAlgorithmSuite().getInclusiveC14n());
  223                   dkSig.setSignatureAlgorithm(rpd.getAlgorithmSuite().getSymmetricSignature());
  224                   dkSig.setDerivedKeyLength(rpd.getAlgorithmSuite().getSignatureDerivedKeyLength()/8);
  225                   
  226                   dkSig.setExternalKey(encrKey.getEphemeralKey(), encrKey.getId());
  227                   
  228                   dkSig.prepare(doc, rmd.getSecHeader());
  229                   
  230                   
  231                   if(rpd.isTokenProtection()) {
  232                       sigParts.add(new WSEncryptionPart(encrKey.getBSTTokenId()));
  233                   }
  234                   
  235                   dkSig.setParts(sigParts);
  236                   
  237                   dkSig.addReferencesToSign(sigParts, rmd.getSecHeader());
  238                   
  239                   //Do signature
  240                   dkSig.computeSignature();
  241                   
  242                   dkSig.appendDKElementToHeader(rmd.getSecHeader());
  243   
  244                   dkSig.appendSigToHeader(rmd.getSecHeader());
  245                   
  246                   return dkSig.getSignatureValue();
  247                   
  248               } catch (WSSecurityException e) {
  249                   throw new RampartException("errorInDerivedKeyTokenSignature", e);
  250               } catch (ConversationException e) {
  251                   throw new RampartException("errorInDerivedKeyTokenSignature", e);
  252               }
  253               
  254           } else {
  255               
  256               try {
  257                   WSSecSignature sig = this.getSignatureBuider(rmd, token);
  258                   
  259   
  260                   sig.appendBSTElementToHeader(rmd.getSecHeader());
  261                   
  262                   if (rpd.isTokenProtection()
  263                           && !(SPConstants.INCLUDE_TOKEN_NEVER == token.getInclusion())) {
  264                       sigParts.add(new WSEncryptionPart(sig.getBSTTokenId()));
  265                   }
  266                   
  267                   sig.addReferencesToSign(sigParts, rmd.getSecHeader());
  268                   
  269                   sig.appendToHeader(rmd.getSecHeader());
  270                   
  271                   sig.computeSignature();
  272                   
  273                   return sig.getSignatureValue();    
  274               } catch (WSSecurityException e) {
  275                   throw new RampartException("errorInSignatureWithX509Token", e);
  276               }
  277               
  278               
  279           }
  280           
  281       }
  282   
  283   
  284       /**
  285        * IssuedToken signature
  286        * @param rmd
  287        * @param token
  288        * @param signdParts 
  289        * @throws RampartException
  290        */
  291       private byte[] doIssuedTokenSignature(RampartMessageData rmd, Token token, SignedEncryptedParts signdParts) throws RampartException {
  292           
  293           RampartPolicyData rpd = rmd.getPolicyData();
  294           Document doc= rmd.getDocument();
  295           
  296           //Get the issued token
  297           String id = RampartUtil.getIssuedToken(rmd, (IssuedToken)token);
  298      
  299           int inclusion = token.getInclusion();
  300           org.apache.rahas.Token tok = null;
  301           try {
  302             tok = rmd.getTokenStorage().getToken(id);
  303           } catch (TrustException e) {
  304             throw new RampartException("errorExtractingToken",
  305                     new String[]{id} ,e);
  306           }
  307      
  308           boolean tokenIncluded = false;
  309           
  310           if(inclusion == SPConstants.INCLUDE_TOEKN_ALWAYS ||
  311           ((inclusion == SPConstants.INCLUDE_TOEKN_ALWAYS_TO_RECIPIENT 
  312                   || inclusion == SPConstants.INCLUDE_TOKEN_ONCE) 
  313                   && rmd.isInitiator())) {
  314             
  315               //Add the token
  316               rmd.getSecHeader().getSecurityHeader().appendChild(
  317                     doc.importNode((Element) tok.getToken(), true));
  318             
  319               tokenIncluded = true;
  320           }
  321   
  322           Vector sigParts = new Vector();
  323           
  324           if(this.timestampElement != null){
  325               sigParts.add(new WSEncryptionPart(rmd.getTimestampId()));                          
  326           }
  327           
  328           
  329           if(rpd.isTokenProtection() && tokenIncluded) {
  330               sigParts.add(new WSEncryptionPart(id));
  331           }
  332           
  333           if(signdParts != null) {
  334               if(signdParts.isBody()) {
  335                   SOAPEnvelope env = rmd.getMsgContext().getEnvelope();
  336                   sigParts.add(new WSEncryptionPart(RampartUtil.addWsuIdToElement(env.getBody())));
  337               }
  338       
  339               ArrayList headers = signdParts.getHeaders();
  340               for (Iterator iterator = headers.iterator(); iterator.hasNext();) {
  341                   Header header = (Header) iterator.next();
  342                   WSEncryptionPart wep = new WSEncryptionPart(header.getName(), 
  343                           header.getNamespace(),
  344                           "Content");
  345                   sigParts.add(wep);
  346               }
  347           }
  348           
  349           //check for derived keys
  350           AlgorithmSuite algorithmSuite = rpd.getAlgorithmSuite();
  351           if(token.isDerivedKeys()) {
  352             //Create a derived key and add
  353             try {
  354      
  355                 //Do Signature with derived keys
  356                 WSSecDKSign dkSign = new WSSecDKSign();
  357                 
  358                 // Setting the AttachedReference or the UnattachedReference according to the flag
  359                 OMElement ref;
  360                 if (tokenIncluded == true) {
  361                     ref = tok.getAttachedReference();
  362                 } else {
  363                     ref = tok.getUnattachedReference();
  364                 }
  365                 
  366                 if(ref != null) {
  367                     dkSign.setExternalKey(tok.getSecret(), (Element) 
  368                             doc.importNode((Element) ref, true));
  369                 } else {
  370                     dkSign.setExternalKey(tok.getSecret(), tok.getId());
  371                 }
  372                 
  373                 //Set the algo info
  374                 dkSign.setSignatureAlgorithm(algorithmSuite.getSymmetricSignature());
  375                 dkSign.setDerivedKeyLength(algorithmSuite.getSignatureDerivedKeyLength());
  376                 
  377                 dkSign.prepare(doc);
  378                 
  379                 dkSign.appendDKElementToHeader(rmd.getSecHeader());
  380                 
  381                 dkSign.setParts(sigParts);
  382                 
  383                 dkSign.addReferencesToSign(sigParts, rmd.getSecHeader());
  384                 
  385                 //Do signature
  386                 dkSign.computeSignature();
  387                 
  388                 dkSign.appendSigToHeader(rmd.getSecHeader());
  389                 
  390                 return dkSign.getSignatureValue();
  391                 
  392             } catch (ConversationException e) {
  393                 throw new RampartException(
  394                         "errorInDerivedKeyTokenSignature", e);
  395             } catch (WSSecurityException e) {
  396                 throw new RampartException(
  397                         "errorInDerivedKeyTokenSignature", e);
  398             }
  399             
  400           } else {
  401               try {
  402                   WSSecSignature sig = new WSSecSignature();
  403                   sig.setWsConfig(rmd.getConfig());
  404                   sig.setCustomTokenId(tok.getId().substring(1));
  405                   sig.setCustomTokenValueType(WSConstants.WSS_SAML_NS +
  406                           WSConstants.SAML_ASSERTION_ID);
  407                   sig.setSecretKey(tok.getSecret());
  408                   sig.setSignatureAlgorithm(algorithmSuite.getAsymmetricSignature());
  409                   sig.setSignatureAlgorithm(algorithmSuite.getSymmetricSignature());
  410                   sig.setKeyIdentifierType(WSConstants.CUSTOM_SYMM_SIGNING);
  411                   sig.prepare(rmd.getDocument(), RampartUtil.getSignatureCrypto(rpd
  412                           .getRampartConfig(), rmd.getCustomClassLoader()),
  413                           rmd.getSecHeader());
  414   
  415                   sig.setParts(sigParts);
  416                   sig.addReferencesToSign(sigParts, rmd.getSecHeader());
  417   
  418                   //Do signature
  419                   sig.computeSignature();
  420   
  421                   //Add elements to header
  422                   this.setInsertionLocation(RampartUtil.insertSiblingAfter(
  423                           rmd,
  424                           this.getInsertionLocation(),
  425                           sig.getSignatureElement()));
  426   
  427                   return sig.getSignatureValue();
  428   
  429               } catch (WSSecurityException e) {
  430                   throw new RampartException("errorInSignatureWithACustomToken", e);
  431               }
  432           }
  433       }
  434       
  435       private byte[] doSecureConversationSignature(RampartMessageData rmd, Token token, SignedEncryptedParts signdParts) throws RampartException {
  436           
  437           RampartPolicyData rpd = rmd.getPolicyData();
  438           Document doc= rmd.getDocument();
  439           
  440           //Get the issued token
  441           String id = rmd.getSecConvTokenId();
  442      
  443           int inclusion = token.getInclusion();
  444           org.apache.rahas.Token tok = null;
  445           try {
  446             tok = rmd.getTokenStorage().getToken(id);
  447           } catch (TrustException e) {
  448             throw new RampartException("errorExtractingToken",
  449                     new String[]{id} ,e);
  450           }
  451      
  452           boolean tokenIncluded = false;
  453           
  454           if(inclusion == SPConstants.INCLUDE_TOEKN_ALWAYS ||
  455           ((inclusion == SPConstants.INCLUDE_TOEKN_ALWAYS_TO_RECIPIENT 
  456                   || inclusion == SPConstants.INCLUDE_TOKEN_ONCE) 
  457                   && rmd.isInitiator())) {
  458             
  459               //Add the token
  460               rmd.getSecHeader().getSecurityHeader().appendChild(
  461                     doc.importNode((Element) tok.getToken(), true));
  462             
  463               tokenIncluded = true;
  464           }
  465   
  466           Vector sigParts = new Vector();
  467           
  468           if(this.timestampElement != null){
  469               sigParts.add(new WSEncryptionPart(rmd.getTimestampId()));                          
  470           }
  471           
  472           
  473           if(rpd.isTokenProtection() && tokenIncluded) {
  474               sigParts.add(new WSEncryptionPart(id));
  475           }
  476           
  477           if(signdParts != null) {
  478               if(signdParts.isBody()) {
  479                   SOAPEnvelope env = rmd.getMsgContext().getEnvelope();
  480                   sigParts.add(new WSEncryptionPart(RampartUtil.addWsuIdToElement(env.getBody())));
  481               }
  482       
  483               ArrayList headers = signdParts.getHeaders();
  484               for (Iterator iterator = headers.iterator(); iterator.hasNext();) {
  485                   Header header = (Header) iterator.next();
  486                   WSEncryptionPart wep = new WSEncryptionPart(header.getName(), 
  487                           header.getNamespace(),
  488                           "Content");
  489                   sigParts.add(wep);
  490               }
  491           }
  492           
  493           //check for derived keys
  494           AlgorithmSuite algorithmSuite = rpd.getAlgorithmSuite();
  495           if(token.isDerivedKeys()) {
  496             //Create a derived key and add
  497             try {
  498      
  499                 //Do Signature with derived keys
  500                 WSSecDKSign dkSign = new WSSecDKSign();
  501                 
  502                 // Setting the AttachedReference or the UnattachedReference according to the flag
  503                 OMElement ref;
  504                 if (tokenIncluded == true) {
  505                     ref = tok.getAttachedReference();
  506                 } else {
  507                     ref = tok.getUnattachedReference();
  508                 }
  509                 
  510                 if(ref != null) {
  511                     dkSign.setExternalKey(tok.getSecret(), (Element) 
  512                             doc.importNode((Element) ref, true));
  513                 } else {
  514                     dkSign.setExternalKey(tok.getSecret(), tok.getId());
  515                 }
  516                 
  517                 //Set the algo info
  518                 dkSign.setSignatureAlgorithm(algorithmSuite.getSymmetricSignature());
  519                 dkSign.setDerivedKeyLength(algorithmSuite.getSignatureDerivedKeyLength());
  520                 
  521                 dkSign.prepare(doc);
  522                 
  523                 dkSign.appendDKElementToHeader(rmd.getSecHeader());
  524                 
  525                 dkSign.setParts(sigParts);
  526                 
  527                 dkSign.addReferencesToSign(sigParts, rmd.getSecHeader());
  528                 
  529                 //Do signature
  530                 dkSign.computeSignature();
  531                 
  532                 dkSign.appendSigToHeader(rmd.getSecHeader());
  533                 
  534                 return dkSign.getSignatureValue();
  535                 
  536             } catch (ConversationException e) {
  537                 throw new RampartException(
  538                         "errorInDerivedKeyTokenSignature", e);
  539             } catch (WSSecurityException e) {
  540                 throw new RampartException(
  541                         "errorInDerivedKeyTokenSignature", e);
  542             }
  543             
  544           } else {
  545               try {
  546                   WSSecSignature sig = new WSSecSignature();
  547                   sig.setWsConfig(rmd.getConfig());
  548                   sig.setCustomTokenId(tok.getId().substring(1));
  549                   sig.setCustomTokenValueType(WSConstants.WSS_SAML_NS +
  550                           WSConstants.SAML_ASSERTION_ID);
  551                   sig.setSecretKey(tok.getSecret());
  552                   sig.setSignatureAlgorithm(algorithmSuite.getAsymmetricSignature());
  553                   sig.setSignatureAlgorithm(algorithmSuite.getSymmetricSignature());
  554                   sig.setKeyIdentifierType(WSConstants.CUSTOM_SYMM_SIGNING);
  555                   sig.prepare(rmd.getDocument(), RampartUtil.getSignatureCrypto(rpd
  556                           .getRampartConfig(), rmd.getCustomClassLoader()),
  557                           rmd.getSecHeader());
  558   
  559                   sig.setParts(sigParts);
  560                   sig.addReferencesToSign(sigParts, rmd.getSecHeader());
  561   
  562                   //Do signature
  563                   sig.computeSignature();
  564   
  565                   //Add elements to header
  566                   this.setInsertionLocation(RampartUtil.insertSiblingAfter(
  567                           rmd,
  568                           this.getInsertionLocation(),
  569                           sig.getSignatureElement()));
  570   
  571                   return sig.getSignatureValue();
  572   
  573               } catch (WSSecurityException e) {
  574                   throw new RampartException("errorInSignatureWithACustomToken", e);
  575               }
  576           }
  577       }
  578       
  579       private void handleSecureConversationTokens(RampartMessageData rmd, 
  580                                         SecureConversationToken secConvTok) throws RampartException {
  581               
  582               
  583               MessageContext msgContext = rmd.getMsgContext();
  584               
  585               String secConvTokenId = rmd.getSecConvTokenId();
  586               
  587               //The RSTR has to be secured with the cancelled token
  588               String action = msgContext.getOptions().getAction();
  589               boolean cancelReqResp = action.equals(RahasConstants.WST_NS_05_02 + RahasConstants.RSTR_ACTION_CANCEL_SCT) || 
  590                                          action.equals(RahasConstants.WST_NS_05_02 + RahasConstants.RSTR_ACTION_CANCEL_SCT) ||
  591                                          action.equals(RahasConstants.WST_NS_05_02 + RahasConstants.RST_ACTION_CANCEL_SCT) || 
  592                                          action.equals(RahasConstants.WST_NS_05_02 + RahasConstants.RST_ACTION_CANCEL_SCT);
  593               
  594               //In the case of the cancel req or resp we should mark the token as cancelled
  595               if(secConvTokenId != null && cancelReqResp) {
  596                   try {
  597                       rmd.getTokenStorage().getToken(secConvTokenId).setState(org.apache.rahas.Token.CANCELLED);
  598                       msgContext.setProperty(RampartMessageData.SCT_ID, secConvTokenId);
  599                       
  600                       //remove from the local map of contexts
  601                       String contextIdentifierKey = RampartUtil.getContextIdentifierKey(msgContext);
  602                       RampartUtil.getContextMap(msgContext).remove(contextIdentifierKey);
  603                   } catch (TrustException e) {
  604                       throw new RampartException("errorExtractingToken",e);
  605                   }
  606               }
  607               
  608               if (secConvTokenId == null
  609                       || (secConvTokenId != null && 
  610                               (!RampartUtil.isTokenValid(rmd, secConvTokenId) && !cancelReqResp))) {
  611               
  612                   log.debug("No SecureConversationToken found, " +
  613                           "requesting a new token");
  614                   
  615                   try {
  616   
  617                       secConvTokenId = RampartUtil.getSecConvToken(rmd, secConvTok);
  618                       rmd.setSecConvTokenId(secConvTokenId);
  619                       
  620                   } catch (TrustException e) {
  621                       throw new RampartException("errorInObtainingSct", e);
  622                   }
  623               }
  624               
  625   /*          org.apache.rahas.Token token;
  626               try {
  627                   token = rmd.getTokenStorage().getToken(secConvTokenId);
  628               } catch (TrustException e) {
  629                   throw new RampartException("errorExtractingToken", e);
  630               }
  631               
  632               
  633               //Add the token to the header
  634              Element siblingElem = RampartUtil
  635                       .insertSiblingAfter(rmd, this.getInsertionLocation(),
  636                               (Element) token.getToken());
  637               this.setInsertionLocation(siblingElem);*/
  638               
  639           }
  640   }

Home » rampart-dist-1.4-src » org.apache » rampart » builder » [javadoc | source]