Skip navigation links
oracle.wsm.security.policy.scenario.util
Class ScenarioUtils
java.lang.Object
oracle.wsm.security.policy.scenario.util.ScenarioUtils
-
public class ScenarioUtils
- extends Object
- Since:
- release specific (what release of product did this appear in)
- Version:
- $Header: owsm/src/oracle/wsm/security/policy/scenario/util/ScenarioUtils.java /st_j2ee_11.1.1.1.0/4 2009/03/28 04:15:37 gaurasha Exp $
- Author:
- rturlapa
| Method Summary |
static boolean |
authorize(IMessageContext msgContext, AuthorizationType policy)
|
static boolean |
checkIfCodeSourceHasAllPermission()
|
static boolean |
checkPermission(String permClass, Subject subject, String serviceName, String operationName)
This method should be refactored to simply invoke checkIfCodeSourceHasAllPermission and checkPermissionNewStyle once deprecate time is over |
static void |
checkTLSClientRequirements(IMessageContext msgContext, RequireTlsType reqTLS)
|
static
<E extends oracle.security.xmlsec.dsig.XSReference>
boolean |
|
containsSTRXform(E reference)
|
static ArrayList<String> |
convertConfigValToArray(String strValue)
|
static SecurityException |
convertWSSEtoSecurityException(oracle.security.xmlsec.wss.WSSException wsse)
|
static Map<String,Object> |
createWss10ArgsMap(Object... arguments)
|
static Map<String,Object> |
createWss11ArgsMap(Object... arguments)
|
static Properties |
extractSamlVersion(String samlVersion)
This method wil extract major & minor version |
static SecretKey |
generateDataEncryptionKey(String uri)
|
static String |
getConfigPropertyValue(String propName, IMessageContext msgContext, Properties policyConfig, Map<String,String> jpsKeyStoreConfig)
|
static ScenarioUtils.Credentials |
getCredentials(Properties config, IMessageContext msgContext, JpsManager jpsManager)
Extracts the credentials in following order 1. |
static CallbackHandler |
getCustomCallbackHandler(Properties config)
|
static ScenarioUtils.Credentials |
getKeyStoreCredsFromCSF(String csfMapName, String csfKey, oracle.security.jps.service.credstore.CredentialStore matchingCsfStore)
|
static String[] |
getLegacyPolicyAlgos(Properties config)
|
static int |
getLegacyPolicyNumberOfAlgos(Properties config)
|
static Subject |
getSubject(IMessageContext msgContext)
|
static String |
getTimestampExpiry(Properties config)
|
static HashMap |
getUserAttrsAndRoles(IMessageContext msgContext, String userAttrs, boolean includeUserRoles, JpsManager jpsManager)
|
static Subject |
getWebLogicSubject(Subject jpsSubject)
|
static boolean |
isBSTSigned(oracle.security.xmlsec.dsig.XSSignature sig, oracle.security.xmlsec.wss.x509.X509BinarySecurityToken xbst)
|
static boolean |
isEncryptPolicy(SignedEncryptedPartsType signedEncryptedPart, List<oracle.security.xmlsec.util.QName> tokenQNames)
|
static boolean |
isHostedClient(IMessageContext msgContext)
|
static boolean |
isJpsEnv()
|
static
<T extends oracle.security.xmlsec.dsig.XSReference>
T |
|
isKeyInfoSigned(oracle.security.xmlsec.dsig.XSSignature sig, oracle.security.xmlsec.dsig.XSKeyInfo keyInfo)
|
static boolean |
isLegacyPolicy(Properties config)
|
static boolean |
isOnlyHeaderAndAttachmentEncryptPolicy(SignedEncryptedPartsType signedEncryptedPart)
|
static boolean |
isOnlyHeaderAndAttachmentSignPolicy(SignedEncryptedPartsType signedEncryptedPart)
|
static boolean |
isSecretProperty(String propName)
|
static boolean |
isSecurityHeaderRequired(IMessageContext msgContext, Wss10MsgSecurityType msgPolicy, List<oracle.security.xmlsec.util.QName> tokenSignQNames, List<oracle.security.xmlsec.util.QName> tokenEncryptQNames, Properties config, boolean protectToken)
|
static boolean |
isSignPolicy(SignedEncryptedPartsType signedEncryptedPart, List<oracle.security.xmlsec.util.QName> tokenQNames)
|
static Permission |
populatePermissionObject(String resource, String action, String permsClass)
|
static SignedEncryptedPartsType |
resolveSignedEncryptedParts(IMessageContext.STAGE processingStage, String operationName, Wss10MsgSecurityType policy)
|
static void |
setRoleClassName(Properties config, IMessageContext ctx)
|
static oracle.security.xmlsec.dsig.XSSignature |
signKeyInfo(oracle.security.xmlsec.dsig.XSSignature signature, oracle.security.xmlsec.dsig.XSKeyInfo keyInfo, AlgorithmSuitePolicy algoPolicy, WsmKeyStore keyStore)
This method will sign the immutable KeyInfo mandated by the X509TokenProfile 1.1 specification. |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
MAJOR_VERSION
public static final String MAJOR_VERSION
-
- See Also:
- Constant Field Values
MINOR_VERSION
public static final String MINOR_VERSION
-
- See Also:
- Constant Field Values
ConfigOverrideMapping
public static Map<String,String> ConfigOverrideMapping
JPS_CONFIG_SYSTEM_PROPERTY
public static final String JPS_CONFIG_SYSTEM_PROPERTY
-
- See Also:
- Constant Field Values
ScenarioUtils
public ScenarioUtils()
isSecretProperty
public static boolean isSecretProperty(String propName)
getConfigPropertyValue
public static String getConfigPropertyValue(String propName,
IMessageContext msgContext,
Properties policyConfig,
Map<String,String> jpsKeyStoreConfig)
containsSTRXform
public static <E extends oracle.security.xmlsec.dsig.XSReference> boolean containsSTRXform(E reference)
getCustomCallbackHandler
public static CallbackHandler getCustomCallbackHandler(Properties config)
throws SecurityException
-
- Throws:
SecurityException
getSubject
public static Subject getSubject(IMessageContext msgContext)
getWebLogicSubject
public static Subject getWebLogicSubject(Subject jpsSubject)
throws SecurityException
-
- Throws:
SecurityException
isHostedClient
public static boolean isHostedClient(IMessageContext msgContext)
convertConfigValToArray
public static ArrayList<String> convertConfigValToArray(String strValue)
createWss11ArgsMap
public static Map<String,Object> createWss11ArgsMap(Object... arguments)
createWss10ArgsMap
public static Map<String,Object> createWss10ArgsMap(Object... arguments)
getUserAttrsAndRoles
public static HashMap getUserAttrsAndRoles(IMessageContext msgContext,
String userAttrs,
boolean includeUserRoles,
JpsManager jpsManager)
throws SecurityException
-
- Throws:
SecurityException
resolveSignedEncryptedParts
public static SignedEncryptedPartsType resolveSignedEncryptedParts(IMessageContext.STAGE processingStage,
String operationName,
Wss10MsgSecurityType policy)
isSignPolicy
public static boolean isSignPolicy(SignedEncryptedPartsType signedEncryptedPart,
List<oracle.security.xmlsec.util.QName> tokenQNames)
isOnlyHeaderAndAttachmentSignPolicy
public static boolean isOnlyHeaderAndAttachmentSignPolicy(SignedEncryptedPartsType signedEncryptedPart)
isEncryptPolicy
public static boolean isEncryptPolicy(SignedEncryptedPartsType signedEncryptedPart,
List<oracle.security.xmlsec.util.QName> tokenQNames)
isOnlyHeaderAndAttachmentEncryptPolicy
public static boolean isOnlyHeaderAndAttachmentEncryptPolicy(SignedEncryptedPartsType signedEncryptedPart)
isLegacyPolicy
public static boolean isLegacyPolicy(Properties config)
getLegacyPolicyNumberOfAlgos
public static int getLegacyPolicyNumberOfAlgos(Properties config)
getLegacyPolicyAlgos
public static String[] getLegacyPolicyAlgos(Properties config)
getTimestampExpiry
public static String getTimestampExpiry(Properties config)
signKeyInfo
public static oracle.security.xmlsec.dsig.XSSignature signKeyInfo(oracle.security.xmlsec.dsig.XSSignature signature,
oracle.security.xmlsec.dsig.XSKeyInfo keyInfo,
AlgorithmSuitePolicy algoPolicy,
WsmKeyStore keyStore)
throws SecurityException
- This method will sign the immutable KeyInfo mandated by the X509TokenProfile 1.1 specification. In case of direct references when
BinarySecurityToken is embedded into the security header, the BST has to be signed.
However, in case of issuerserial,SKI,Thumbprint, when the cert is not embedded into the security header, the KeyInfo wrapping these should be signed as a strong recommendation by XTP 1.1
-
- Throws:
SecurityException
isKeyInfoSigned
public static <T extends oracle.security.xmlsec.dsig.XSReference> T isKeyInfoSigned(oracle.security.xmlsec.dsig.XSSignature sig,
oracle.security.xmlsec.dsig.XSKeyInfo keyInfo)
isBSTSigned
public static boolean isBSTSigned(oracle.security.xmlsec.dsig.XSSignature sig,
oracle.security.xmlsec.wss.x509.X509BinarySecurityToken xbst)
generateDataEncryptionKey
public static SecretKey generateDataEncryptionKey(String uri)
throws SecurityException
-
- Throws:
SecurityException
getCredentials
public static ScenarioUtils.Credentials getCredentials(Properties config,
IMessageContext msgContext,
JpsManager jpsManager)
throws SecurityException
- Extracts the credentials in following order 1. csf-key from Stub 2. csf-key from BindingProvider 3. Username/Password from Stub (programmatic override) 4. Username/Password from BindingProvider (programmatic override) 5. csf-key from policy
-
- Throws:
SecurityException
getKeyStoreCredsFromCSF
public static ScenarioUtils.Credentials getKeyStoreCredsFromCSF(String csfMapName,
String csfKey,
oracle.security.jps.service.credstore.CredentialStore matchingCsfStore)
throws SecurityException
-
- Throws:
SecurityException
authorize
public static final boolean authorize(IMessageContext msgContext,
AuthorizationType policy)
throws SecurityException
-
- Throws:
SecurityException
checkTLSClientRequirements
public static void checkTLSClientRequirements(IMessageContext msgContext,
RequireTlsType reqTLS)
throws SecurityException
-
- Throws:
SecurityException
convertWSSEtoSecurityException
public static SecurityException convertWSSEtoSecurityException(oracle.security.xmlsec.wss.WSSException wsse)
isJpsEnv
public static boolean isJpsEnv()
populatePermissionObject
public static Permission populatePermissionObject(String resource,
String action,
String permsClass)
throws Exception
-
- Throws:
Exception
extractSamlVersion
public static Properties extractSamlVersion(String samlVersion)
- This method wil extract major & minor version
-
- Parameters:
samlVersion -- Returns:
isSecurityHeaderRequired
public static boolean isSecurityHeaderRequired(IMessageContext msgContext,
Wss10MsgSecurityType msgPolicy,
List<oracle.security.xmlsec.util.QName> tokenSignQNames,
List<oracle.security.xmlsec.util.QName> tokenEncryptQNames,
Properties config,
boolean protectToken)
setRoleClassName
public static void setRoleClassName(Properties config,
IMessageContext ctx)
checkPermission
public static boolean checkPermission(String permClass,
Subject subject,
String serviceName,
String operationName)
throws WSMException
- This method should be refactored to simply invoke checkIfCodeSourceHasAllPermission and checkPermissionNewStyle once deprecate time is over
-
- Parameters:
perm -subject -- Returns:
- Throws:
WSMException
checkIfCodeSourceHasAllPermission
public static boolean checkIfCodeSourceHasAllPermission()
Skip navigation links
Copyright © 2007, 2009, Oracle and/or its affiliates. All rights reserved.