1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.apache.wss4j.policy.stax.assertionStates;
20
21 import javax.xml.namespace.QName;
22
23 import org.apache.wss4j.policy.AssertionState;
24 import org.apache.wss4j.policy.SPConstants;
25 import org.apache.wss4j.common.WSSPolicyException;
26 import org.apache.wss4j.policy.model.AbstractSecurityAssertion;
27 import org.apache.wss4j.policy.model.Wss11;
28 import org.apache.wss4j.policy.stax.Assertable;
29 import org.apache.wss4j.policy.stax.DummyPolicyAsserter;
30 import org.apache.wss4j.policy.stax.PolicyAsserter;
31 import org.apache.wss4j.stax.securityEvent.WSSecurityEventConstants;
32 import org.apache.xml.security.stax.securityEvent.SecurityEvent;
33 import org.apache.xml.security.stax.securityEvent.SecurityEventConstants;
34
35 public class SignatureConfirmationAssertionState extends AssertionState implements Assertable {
36
37 private PolicyAsserter policyAsserter;
38
39 public SignatureConfirmationAssertionState(AbstractSecurityAssertion assertion,
40 PolicyAsserter policyAsserter,
41 boolean asserted) {
42 super(assertion, asserted);
43
44 this.policyAsserter = policyAsserter;
45 if (this.policyAsserter == null) {
46 this.policyAsserter = new DummyPolicyAsserter();
47 }
48
49 if (asserted) {
50 String namespace = getAssertion().getName().getNamespaceURI();
51 policyAsserter.assertPolicy(new QName(namespace, SPConstants.REQUIRE_SIGNATURE_CONFIRMATION));
52 }
53 }
54
55 @Override
56 public SecurityEventConstants.Event[] getSecurityEventType() {
57 return new SecurityEventConstants.Event[]{
58 WSSecurityEventConstants.SIGNATURE_CONFIRMATION
59 };
60 }
61
62 @Override
63 public boolean assertEvent(SecurityEvent securityEvent) throws WSSPolicyException {
64 Wss11 wss11 = (Wss11)getAssertion();
65
66 String namespace = getAssertion().getName().getNamespaceURI();
67 if (wss11.isRequireSignatureConfirmation()) {
68 policyAsserter.assertPolicy(new QName(namespace, SPConstants.REQUIRE_SIGNATURE_CONFIRMATION));
69 setAsserted(true);
70 } else {
71 setAsserted(false);
72 setErrorMessage("Signature confirmation elements must not be used");
73 policyAsserter.unassertPolicy(new QName(namespace, SPConstants.REQUIRE_SIGNATURE_CONFIRMATION),
74 getErrorMessage());
75 }
76 return isAsserted();
77 }
78 }