ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From gi...@apache.org
Subject svn commit: r1172285 [15/48] - in /webservices/wss4j/branches/swssf: ./ cxf-integration/ cxf-integration/src/ cxf-integration/src/main/ cxf-integration/src/main/java/ cxf-integration/src/main/java/org/ cxf-integration/src/main/java/org/swssf/ cxf-integ...
Date Sun, 18 Sep 2011 13:51:36 GMT
Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/OutboundWSSec.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/OutboundWSSec.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/OutboundWSSec.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/OutboundWSSec.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,158 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.ext;
+
+import org.swssf.impl.DocumentContextImpl;
+import org.swssf.impl.OutputProcessorChainImpl;
+import org.swssf.impl.XMLSecurityStreamWriter;
+import org.swssf.impl.processor.output.*;
+import org.swssf.securityEvent.SecurityEvent;
+import org.swssf.securityEvent.SecurityEventListener;
+
+import javax.xml.stream.XMLStreamWriter;
+import java.io.OutputStream;
+import java.util.List;
+
+/**
+ * Outbound Streaming-WebService-Security
+ * An instance of this class can be retrieved over the WSSec class
+ *
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public class OutboundWSSec {
+
+    private SecurityProperties securityProperties;
+
+    public OutboundWSSec(SecurityProperties securityProperties) {
+        this.securityProperties = securityProperties;
+    }
+
+    /**
+     * This method is the entry point for the incoming security-engine.
+     * Hand over the original XMLStreamReader and use the returned one for further processing
+     *
+     * @param outputStream The original outputStream
+     * @return A new XMLStreamWriter which does transparently the security processing.
+     * @throws WSSecurityException thrown when a Security failure occurs
+     */
+    public XMLStreamWriter processOutMessage(OutputStream outputStream, String encoding, List<SecurityEvent> requestSecurityEvents) throws WSSecurityException {
+        return processOutMessage(outputStream, encoding, requestSecurityEvents, null);
+    }
+
+    /**
+     * This method is the entry point for the incoming security-engine.
+     * Hand over the original XMLStreamReader and use the returned one for further processing
+     *
+     * @param outputStream The original outputStream
+     * @return A new XMLStreamWriter which does transparently the security processing.
+     * @throws WSSecurityException thrown when a Security failure occurs
+     */
+    public XMLStreamWriter processOutMessage(OutputStream outputStream, String encoding, List<SecurityEvent> requestSecurityEvents, SecurityEventListener securityEventListener) throws WSSecurityException {
+
+        final SecurityContextImpl securityContextImpl = new SecurityContextImpl();
+        securityContextImpl.putList(SecurityEvent.class, requestSecurityEvents);
+        securityContextImpl.setSecurityEventListener(securityEventListener);
+        final DocumentContextImpl documentContext = new DocumentContextImpl();
+        documentContext.setEncoding(encoding);
+
+        OutputProcessorChainImpl processorChain = new OutputProcessorChainImpl(securityContextImpl, documentContext);
+        processorChain.addProcessor(new SecurityHeaderOutputProcessor(securityProperties, null));
+        //todo some combinations are not possible atm: eg Action.SIGNATURE and Action.USERNAMETOKEN_SIGNED
+        //todo they use the same signaure parts
+        for (int i = 0; i < securityProperties.getOutAction().length; i++) {
+            Constants.Action action = securityProperties.getOutAction()[i];
+            switch (action) {
+                case TIMESTAMP: {
+                    processorChain.addProcessor(new TimestampOutputProcessor(securityProperties, action));
+                    break;
+                }
+                case SIGNATURE: {
+                    processorChain.addProcessor(new BinarySecurityTokenOutputProcessor(securityProperties, action));
+                    SignatureOutputProcessor signatureOutputProcessor = new SignatureOutputProcessor(securityProperties, action);
+                    processorChain.addProcessor(signatureOutputProcessor);
+                    processorChain.addProcessor(new SignatureEndingOutputProcessor(securityProperties, action, signatureOutputProcessor));
+                    break;
+                }
+                case ENCRYPT: {
+                    processorChain.addProcessor(new BinarySecurityTokenOutputProcessor(securityProperties, action));
+                    processorChain.addProcessor(new EncryptedKeyOutputProcessor(securityProperties, action));
+                    processorChain.addProcessor(new EncryptOutputProcessor(securityProperties, action));
+                    processorChain.addProcessor(new EncryptEndingOutputProcessor(securityProperties, action));
+                    break;
+                }
+                case USERNAMETOKEN: {
+                    UsernameTokenOutputProcessor usernameTokenOutputProcessor = new UsernameTokenOutputProcessor(securityProperties, action);
+                    processorChain.addProcessor(usernameTokenOutputProcessor);
+                    break;
+                }
+                case USERNAMETOKEN_SIGNED: {
+                    processorChain.addProcessor(new UsernameTokenOutputProcessor(securityProperties, action));
+                    SignatureOutputProcessor signatureOutputProcessor = new SignatureOutputProcessor(securityProperties, action);
+                    processorChain.addProcessor(signatureOutputProcessor);
+                    processorChain.addProcessor(new SignatureEndingOutputProcessor(securityProperties, action, signatureOutputProcessor));
+                    break;
+                }
+                case SIGNATURE_CONFIRMATION: {
+                    SignatureConfirmationOutputProcessor signatureConfirmationOutputProcessor = new SignatureConfirmationOutputProcessor(securityProperties, action);
+                    processorChain.addProcessor(signatureConfirmationOutputProcessor);
+                    break;
+                }
+                case SIGNATURE_WITH_DERIVED_KEY: {
+                    processorChain.addProcessor(new BinarySecurityTokenOutputProcessor(securityProperties, action));
+                    if (securityProperties.getDerivedKeyTokenReference() == Constants.DerivedKeyTokenReference.EncryptedKey) {
+                        processorChain.addProcessor(new EncryptedKeyOutputProcessor(securityProperties, action));
+                    } else if (securityProperties.getDerivedKeyTokenReference() == Constants.DerivedKeyTokenReference.SecurityContextToken) {
+                        processorChain.addProcessor(new SecurityContextTokenOutputProcessor(securityProperties, action));
+                    }
+                    processorChain.addProcessor(new DerivedKeyTokenOutputProcessor(securityProperties, action));
+                    SignatureOutputProcessor signatureOutputProcessor = new SignatureOutputProcessor(securityProperties, action);
+                    processorChain.addProcessor(signatureOutputProcessor);
+                    processorChain.addProcessor(new SignatureEndingOutputProcessor(securityProperties, action, signatureOutputProcessor));
+                    break;
+                }
+                case ENCRYPT_WITH_DERIVED_KEY: {
+                    processorChain.addProcessor(new BinarySecurityTokenOutputProcessor(securityProperties, action));
+                    if (securityProperties.getDerivedKeyTokenReference() == Constants.DerivedKeyTokenReference.EncryptedKey) {
+                        processorChain.addProcessor(new EncryptedKeyOutputProcessor(securityProperties, action));
+                    } else if (securityProperties.getDerivedKeyTokenReference() == Constants.DerivedKeyTokenReference.SecurityContextToken) {
+                        processorChain.addProcessor(new SecurityContextTokenOutputProcessor(securityProperties, action));
+                    }
+                    processorChain.addProcessor(new DerivedKeyTokenOutputProcessor(securityProperties, action));
+                    processorChain.addProcessor(new EncryptOutputProcessor(securityProperties, action));
+                    processorChain.addProcessor(new EncryptEndingOutputProcessor(securityProperties, action));
+                    break;
+                }
+                case SAML_TOKEN_SIGNED: {
+                    processorChain.addProcessor(new SAMLTokenOutputProcessor(securityProperties, action));
+                    SignatureOutputProcessor signatureOutputProcessor = new SignatureOutputProcessor(securityProperties, action);
+                    processorChain.addProcessor(signatureOutputProcessor);
+                    processorChain.addProcessor(new SignatureEndingOutputProcessor(securityProperties, action, signatureOutputProcessor));
+                    break;
+                }
+                case SAML_TOKEN_UNSIGNED: {
+                    processorChain.addProcessor(new SAMLTokenOutputProcessor(securityProperties, action));
+                }
+            }
+        }
+
+        processorChain.addProcessor(new FinalOutputProcessor(outputStream, encoding, securityProperties, null));
+        return new XMLSecurityStreamWriter(processorChain);
+    }
+}

Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/OutboundWSSec.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision

Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/OutputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/OutputProcessor.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/OutputProcessor.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/OutputProcessor.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,72 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.ext;
+
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.events.XMLEvent;
+import java.util.Set;
+
+/**
+ * This is the Interface which every OutputProcessor must implement.
+ *
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public interface OutputProcessor {
+
+    /**
+     * This OutputProcessor will be added before the processors in this set
+     *
+     * @return The set with the named OutputProcessor
+     */
+    Set<Object> getBeforeProcessors();
+
+    /**
+     * This OutputProcessor will be added after the processors in this set
+     *
+     * @return The set with the named OutputProcessor
+     */
+    Set<Object> getAfterProcessors();
+
+    /**
+     * The Phase in which this OutputProcessor should be applied
+     *
+     * @return The Phase
+     */
+    Constants.Phase getPhase();
+
+    /**
+     * Will be called from the framework for every XMLEvent
+     *
+     * @param xmlEvent             The next XMLEvent to process
+     * @param outputProcessorChain
+     * @throws XMLStreamException  thrown when a streaming error occurs
+     * @throws WSSecurityException thrown when a Security failure occurs
+     */
+    void processNextEvent(XMLEvent xmlEvent, OutputProcessorChain outputProcessorChain) throws XMLStreamException, WSSecurityException;
+
+    /**
+     * Will be called when the whole document is processed.
+     *
+     * @param outputProcessorChain
+     * @throws XMLStreamException  thrown when a streaming error occurs
+     * @throws WSSecurityException thrown when a Security failure occurs
+     */
+    void doFinal(OutputProcessorChain outputProcessorChain) throws XMLStreamException, WSSecurityException;
+}

Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/OutputProcessor.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision

Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/OutputProcessorChain.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/OutputProcessorChain.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/OutputProcessorChain.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/OutputProcessorChain.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,89 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.ext;
+
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.events.XMLEvent;
+import java.util.List;
+
+/**
+ * The OutputProcessorChain manages the OutputProcessors and controls the XMLEvent flow
+ *
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public interface OutputProcessorChain extends ProcessorChain {
+
+    /**
+     * Adds an OutputProcessor to the chain. The place where it
+     * will be applied can be controlled through the Phase,
+     * getBeforeProcessors and getAfterProcessors. @see Interface OutputProcessor
+     *
+     * @param outputProcessor The OutputProcessor which should be placed in the chain
+     */
+    public void addProcessor(OutputProcessor outputProcessor);
+
+    /**
+     * Removes the specified OutputProcessor from this chain.
+     *
+     * @param outputProcessor to remove
+     */
+    public void removeProcessor(OutputProcessor outputProcessor);
+
+    /**
+     * Returns a list with the active processors.
+     *
+     * @return List<InputProcessor>
+     */
+    public List<OutputProcessor> getProcessors();
+
+    /**
+     * The actual processed document's security context
+     *
+     * @return The SecurityContext
+     */
+    public SecurityContext getSecurityContext();
+
+    /**
+     * The actual processed document's document context
+     *
+     * @return The DocumentContext
+     */
+    public DocumentContext getDocumentContext();
+
+    /**
+     * Create a new SubChain. The XMLEvents will be only be processed from the given OutputProcessor to the end.
+     * All earlier OutputProcessors don't get these events. In other words the chain will be splitted in two parts.
+     *
+     * @param outputProcessor The OutputProcessor position the XMLEvents should be processed over this SubChain.
+     * @return A new OutputProcessorChain
+     * @throws XMLStreamException  thrown when a streaming error occurs
+     * @throws WSSecurityException thrown when a Security failure occurs
+     */
+    public OutputProcessorChain createSubChain(OutputProcessor outputProcessor) throws XMLStreamException, WSSecurityException;
+
+    /**
+     * Forwards the XMLEvent to the next processor in the chain.
+     *
+     * @param xmlEvent The XMLEvent which should be forwarded to the next processor
+     * @throws XMLStreamException  thrown when a streaming error occurs
+     * @throws WSSecurityException thrown when a Security failure occurs
+     */
+    public void processEvent(XMLEvent xmlEvent) throws XMLStreamException, WSSecurityException;
+}
\ No newline at end of file

Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/OutputProcessorChain.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision

Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/ParseException.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/ParseException.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/ParseException.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/ParseException.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,44 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.ext;
+
+/**
+ * Exception for the self made XML parsing.
+ * This self made parsing is ugly and will be replaced in future.
+ *
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public class ParseException extends Exception {
+
+    public ParseException() {
+    }
+
+    public ParseException(String message) {
+        super(message);
+    }
+
+    public ParseException(String message, Throwable cause) {
+        super(message, cause);
+    }
+
+    public ParseException(Throwable cause) {
+        super(cause);
+    }
+}

Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/ParseException.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision

Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/Parseable.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/Parseable.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/Parseable.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/Parseable.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,44 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.ext;
+
+import javax.xml.stream.events.XMLEvent;
+
+/**
+ * Parseable interface to parse and validate xml
+ *
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public interface Parseable {
+
+    /**
+     * @param xmlEvent The XMLEvent to parse
+     * @return true when current Element is finished
+     * @throws ParseException in the case of an unexpected element
+     */
+    public boolean parseXMLEvent(XMLEvent xmlEvent) throws ParseException;
+
+    /**
+     * Validates the XML-Object structure
+     *
+     * @throws ParseException thrown when the the object-structure is invalid
+     */
+    public void validate() throws ParseException;
+}

Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/Parseable.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision

Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/ProcessorChain.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/ProcessorChain.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/ProcessorChain.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/ProcessorChain.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,43 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.ext;
+
+import javax.xml.stream.XMLStreamException;
+
+/**
+ * Basic interface for Output- and Input-Processor chains
+ *
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public interface ProcessorChain {
+
+    /**
+     * resets the chain so that the next event will go again to the first processor in the chain.
+     */
+    public void reset();
+
+    /**
+     * Will finally be called when the whole document is processed
+     *
+     * @throws XMLStreamException  thrown when a streaming error occurs
+     * @throws WSSecurityException thrown when a Security failure occurs
+     */
+    public void doFinal() throws XMLStreamException, WSSecurityException;
+}

Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/ProcessorChain.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision

Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurePart.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurePart.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurePart.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurePart.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,146 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.ext;
+
+import java.util.EnumSet;
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * Class to describe which and how an element must be secured
+ *
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public class SecurePart {
+
+    public enum Modifier {
+        Element("http://www.w3.org/2001/04/xmlenc#Element"),
+        Content("http://www.w3.org/2001/04/xmlenc#Content");
+
+        private String modifier;
+
+        Modifier(String modifier) {
+            this.modifier = modifier;
+        }
+
+        public String getModifier() {
+            return this.modifier;
+        }
+
+        private static final Map<String, Modifier> modifierMap = new HashMap<String, Modifier>();
+
+        static {
+            for (Modifier modifier : EnumSet.allOf(Modifier.class)) {
+                modifierMap.put(modifier.getModifier(), modifier);
+            }
+        }
+
+        public static Modifier getModifier(String modifier) {
+            return modifierMap.get(modifier);
+        }
+    }
+
+    private String name;
+    private String namespace;
+    private Modifier modifier;
+    private String idToSign;
+    private String idToReference;
+
+    public SecurePart(String name, String namespace, Modifier modifier) {
+        this.name = name;
+        this.namespace = namespace;
+        this.modifier = modifier;
+    }
+
+    public SecurePart(String name, String namespace, Modifier modifier, String idToSign) {
+        this.name = name;
+        this.namespace = namespace;
+        this.modifier = modifier;
+        this.idToSign = idToSign;
+    }
+
+    public SecurePart(String name, String namespace, Modifier modifier, String idToSign, String idToReference) {
+        this.name = name;
+        this.namespace = namespace;
+        this.modifier = modifier;
+        this.idToSign = idToSign;
+        this.idToReference = idToReference;
+    }
+
+    /**
+     * The name of the element to be secured
+     *
+     * @return The Element-Local-Name
+     */
+    public String getName() {
+        return name;
+    }
+
+    public void setName(String name) {
+        this.name = name;
+    }
+
+    /**
+     * The namespace of the element to be secured
+     *
+     * @return The Element Namespace
+     */
+    public String getNamespace() {
+        return namespace;
+    }
+
+    public void setNamespace(String namespace) {
+        this.namespace = namespace;
+    }
+
+    /**
+     * The Modifier: Element or Content
+     *
+     * @return The String "Element" or "Content"
+     */
+    public Modifier getModifier() {
+        return modifier;
+    }
+
+    public void setModifier(Modifier modifier) {
+        this.modifier = modifier;
+    }
+
+    /**
+     * The id of the Element
+     *
+     * @return The id
+     */
+    public String getIdToSign() {
+        return idToSign;
+    }
+
+    public void setIdToSign(String idToSign) {
+        this.idToSign = idToSign;
+    }
+
+    public String getIdToReference() {
+        return idToReference;
+    }
+
+    public void setIdToReference(String idToReference) {
+        this.idToReference = idToReference;
+    }
+}

Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurePart.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision

Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityContext.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityContext.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityContext.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityContext.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,76 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.ext;
+
+import org.swssf.securityEvent.SecurityEvent;
+import org.swssf.securityEvent.SecurityEventListener;
+
+import java.util.List;
+
+/**
+ * The document security context
+ *
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public interface SecurityContext {
+
+    public <T> void put(String key, T value);
+
+    public <T> T get(String key);
+
+    public <T> T remove(String key);
+
+    public <T extends List> void putList(Class key, T value);
+
+    public <T> void putAsList(Class key, T value);
+
+    public <T> List<T> getAsList(Class key);
+
+    /**
+     * Register a new SecurityTokenProvider.
+     *
+     * @param id                    A unique id
+     * @param securityTokenProvider The actual SecurityTokenProvider to register.
+     */
+    public void registerSecurityTokenProvider(String id, SecurityTokenProvider securityTokenProvider);
+
+    /**
+     * Returns a registered SecurityTokenProvider with the given id or null if not found
+     *
+     * @param id The SecurityTokenProvider's id
+     * @return The SecurityTokenProvider
+     */
+    public SecurityTokenProvider getSecurityTokenProvider(String id);
+
+    /**
+     * Registers a SecurityEventListener to receive Security-Events
+     *
+     * @param securityEventListener The SecurityEventListener
+     */
+    public void setSecurityEventListener(SecurityEventListener securityEventListener);
+
+    /**
+     * Registers a SecurityEvent which will be forwarded to the registered SecurityEventListener
+     *
+     * @param securityEvent The security event for the SecurityEventListener
+     * @throws WSSecurityException when the event will not be accepted (e.g. policy-violation)
+     */
+    public void registerSecurityEvent(SecurityEvent securityEvent) throws WSSecurityException;
+}

Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityContext.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision

Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityContextImpl.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityContextImpl.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityContextImpl.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityContextImpl.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,104 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.ext;
+
+import org.swssf.securityEvent.SecurityEvent;
+import org.swssf.securityEvent.SecurityEventListener;
+
+import java.util.*;
+
+/**
+ * Concrete security context implementation
+ *
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public class SecurityContextImpl implements SecurityContext {
+
+    private Map<String, SecurityTokenProvider> secretTokenProviders = new HashMap<String, SecurityTokenProvider>();
+
+    private SecurityEventListener securityEventListener;
+
+    @SuppressWarnings("unchecked")
+    private Map content = Collections.synchronizedMap(new HashMap());
+
+    @SuppressWarnings("unchecked")
+    public <T> void put(String key, T value) {
+        content.put(key, value);
+    }
+
+    @SuppressWarnings("unchecked")
+    public <T> T get(String key) {
+        return (T) content.get(key);
+    }
+
+    @SuppressWarnings("unchecked")
+    public <T> T remove(String key) {
+        return (T) content.remove(key);
+    }
+
+    @SuppressWarnings("unchecked")
+    public <T extends List> void putList(Class key, T value) {
+        if (value == null) {
+            return;
+        }
+        List<T> entry = (List<T>) content.get(key);
+        if (entry == null) {
+            entry = new ArrayList<T>();
+            content.put(key, entry);
+        }
+        entry.addAll(value);
+    }
+
+    @SuppressWarnings("unchecked")
+    public <T> void putAsList(Class key, T value) {
+        List<T> entry = (List<T>) content.get(key);
+        if (entry == null) {
+            entry = new ArrayList<T>();
+            content.put(key, entry);
+        }
+        entry.add(value);
+    }
+
+    @SuppressWarnings("unchecked")
+    public <T> List<T> getAsList(Class key) {
+        return (List<T>) content.get(key);
+    }
+
+    public void registerSecurityTokenProvider(String id, SecurityTokenProvider securityTokenProvider) {
+        if (id == null) {
+            throw new IllegalArgumentException("Id must not be null");
+        }
+        secretTokenProviders.put(id, securityTokenProvider);
+    }
+
+    public SecurityTokenProvider getSecurityTokenProvider(String id) {
+        return secretTokenProviders.get(id);
+    }
+
+    public void setSecurityEventListener(SecurityEventListener securityEventListener) {
+        this.securityEventListener = securityEventListener;
+    }
+
+    public synchronized void registerSecurityEvent(SecurityEvent securityEvent) throws WSSecurityException {
+        if (securityEventListener != null) {
+            securityEventListener.registerSecurityEvent(securityEvent);
+        }
+    }
+}

Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityContextImpl.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision

Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityProperties.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityProperties.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityProperties.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityProperties.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,638 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.ext;
+
+import org.swssf.crypto.Crypto;
+import org.swssf.crypto.CryptoBase;
+
+import javax.security.auth.callback.CallbackHandler;
+import java.net.URL;
+import java.security.KeyStore;
+import java.security.cert.X509Certificate;
+import java.util.LinkedList;
+import java.util.List;
+
+/**
+ * Main configuration class to supply keys etc.
+ * This class is subject to change in the future.
+ * Probably we will allow to configure the framework per WSDL
+ *
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public class SecurityProperties {
+
+    private List<InputProcessor> inputProcessorList = new LinkedList<InputProcessor>();
+
+    /**
+     * Add an additional, non standard, InputProcessor to the chain
+     *
+     * @param inputProcessor The InputProcessor to add
+     */
+    public void addInputProcessor(InputProcessor inputProcessor) {
+        this.inputProcessorList.add(inputProcessor);
+    }
+
+    /**
+     * Returns the currently registered additional InputProcessors
+     *
+     * @return the List with the InputProcessors
+     */
+    public List<InputProcessor> getInputProcessorList() {
+        return inputProcessorList;
+    }
+
+    private Class<? extends CryptoBase> decryptionCryptoClass;
+    private KeyStore decryptionKeyStore;
+    private CallbackHandler callbackHandler;
+
+    /**
+     * Returns the decryption keystore
+     *
+     * @return A keystore for decryption operation
+     */
+    public KeyStore getDecryptionKeyStore() {
+        return decryptionKeyStore;
+    }
+
+    /**
+     * loads a java keystore from the given url for decrypt operations
+     *
+     * @param url              The URL to the keystore
+     * @param keyStorePassword The keyStorePassword
+     * @throws Exception thrown if something goes wrong while loading the keystore
+     */
+    public void loadDecryptionKeystore(URL url, char[] keyStorePassword) throws Exception {
+        KeyStore keyStore = KeyStore.getInstance("jks");
+        keyStore.load(url.openStream(), keyStorePassword);
+        this.decryptionKeyStore = keyStore;
+    }
+
+    /**
+     * Returns the decryption crypto class
+     *
+     * @return
+     */
+    public Class<? extends CryptoBase> getDecryptionCryptoClass() {
+        if (decryptionCryptoClass != null) {
+            return decryptionCryptoClass;
+        }
+        decryptionCryptoClass = org.swssf.crypto.Merlin.class;
+        return decryptionCryptoClass;
+    }
+
+    /**
+     * Sets a custom decryption class
+     *
+     * @param decryptionCryptoClass
+     */
+    public void setDecryptionCryptoClass(Class<? extends CryptoBase> decryptionCryptoClass) {
+        this.decryptionCryptoClass = decryptionCryptoClass;
+    }
+
+    private Crypto cachedDecryptionCrypto;
+    private KeyStore cachedDecryptionKeyStore;
+
+    /**
+     * returns the decryptionCrypto for the key-management
+     *
+     * @return A Crypto instance
+     * @throws WSSecurityException thrown if something goes wrong
+     */
+    public Crypto getDecryptionCrypto() throws WSSecurityException {
+
+        if (this.getDecryptionKeyStore() == null) {
+            throw new WSSConfigurationException(WSSecurityException.ErrorCode.FAILURE, "decryptionKeyStoreNotSet");
+        }
+
+        if (this.getDecryptionKeyStore() == cachedDecryptionKeyStore) {
+            return cachedDecryptionCrypto;
+        }
+
+        Class<? extends CryptoBase> decryptionCryptoClass = this.getDecryptionCryptoClass();
+
+        try {
+            CryptoBase decryptionCrypto = decryptionCryptoClass.newInstance();
+            decryptionCrypto.setKeyStore(this.getDecryptionKeyStore());
+            cachedDecryptionCrypto = decryptionCrypto;
+            cachedDecryptionKeyStore = this.getDecryptionKeyStore();
+            return decryptionCrypto;
+        } catch (Exception e) {
+            throw new WSSConfigurationException(WSSecurityException.ErrorCode.FAILURE, "decryptionCryptoFailure", e);
+        }
+    }
+
+    /**
+     * returns the password callback handler
+     *
+     * @return
+     */
+    public CallbackHandler getCallbackHandler() {
+        return callbackHandler;
+    }
+
+    /**
+     * sets the password callback handler
+     *
+     * @param callbackHandler
+     */
+    public void setCallbackHandler(CallbackHandler callbackHandler) {
+        this.callbackHandler = callbackHandler;
+    }
+
+    private Constants.Action[] outAction;
+
+    private Class<? extends CryptoBase> encryptionCryptoClass;
+    private KeyStore encryptionKeyStore;
+    private String encryptionUser;
+    private X509Certificate encryptionUseThisCertificate;
+    private Constants.KeyIdentifierType encryptionKeyIdentifierType;
+    private String encryptionSymAlgorithm;
+    private String encryptionKeyTransportAlgorithm;
+    private List<SecurePart> encryptionParts = new LinkedList<SecurePart>();
+
+    /**
+     * Returns the encryption keystore
+     *
+     * @return A keystore for encryption operation
+     */
+    public KeyStore getEncryptionKeyStore() {
+        return encryptionKeyStore;
+    }
+
+    /**
+     * loads a java keystore from the given url for encrypt operations
+     *
+     * @param url              The URL to the keystore
+     * @param keyStorePassword The keyStorePassword
+     * @throws Exception thrown if something goes wrong while loading the keystore
+     */
+    public void loadEncryptionKeystore(URL url, char[] keyStorePassword) throws Exception {
+        KeyStore keyStore = KeyStore.getInstance("jks");
+        keyStore.load(url.openStream(), keyStorePassword);
+        this.encryptionKeyStore = keyStore;
+    }
+
+    /**
+     * Returns the encryption crypto class
+     *
+     * @return
+     */
+    public Class<? extends CryptoBase> getEncryptionCryptoClass() {
+        if (encryptionCryptoClass != null) {
+            return encryptionCryptoClass;
+        }
+        encryptionCryptoClass = org.swssf.crypto.Merlin.class;
+        return encryptionCryptoClass;
+    }
+
+    /**
+     * Sets a custom encryption class
+     *
+     * @param encryptionCryptoClass
+     */
+    public void setEncryptionCryptoClass(Class<? extends CryptoBase> encryptionCryptoClass) {
+        this.encryptionCryptoClass = encryptionCryptoClass;
+    }
+
+    private Crypto cachedEncryptionCrypto;
+    private KeyStore cachedEncryptionKeyStore;
+
+    /**
+     * returns the encryptionCrypto for the key-management
+     *
+     * @return A Crypto instance
+     * @throws WSSecurityException thrown if something goes wrong
+     */
+    public Crypto getEncryptionCrypto() throws WSSecurityException {
+
+        if (this.getEncryptionKeyStore() == null) {
+            throw new WSSConfigurationException(WSSecurityException.ErrorCode.FAILURE, "encryptionKeyStoreNotSet");
+        }
+
+        if (this.getEncryptionKeyStore() == cachedEncryptionKeyStore) {
+            return cachedEncryptionCrypto;
+        }
+
+        Class<? extends CryptoBase> encryptionCryptoClass = this.getEncryptionCryptoClass();
+
+        try {
+            CryptoBase encryptionCrypto = encryptionCryptoClass.newInstance();
+            encryptionCrypto.setKeyStore(this.getEncryptionKeyStore());
+            cachedEncryptionCrypto = encryptionCrypto;
+            cachedEncryptionKeyStore = this.getEncryptionKeyStore();
+            return encryptionCrypto;
+        } catch (Exception e) {
+            throw new WSSConfigurationException(WSSecurityException.ErrorCode.FAILURE, "encryptionCryptoFailure", e);
+        }
+    }
+
+    /**
+     * Adds a part which must be encrypted by the framework
+     *
+     * @param securePart
+     */
+    public void addEncryptionPart(SecurePart securePart) {
+        encryptionParts.add(securePart);
+    }
+
+    /**
+     * Returns the encryption parts which are actually set
+     *
+     * @return A List of SecurePart's
+     */
+    public List<SecurePart> getEncryptionSecureParts() {
+        return encryptionParts;
+    }
+
+    /**
+     * Returns the Encryption-Algo
+     *
+     * @return the Encryption-Algo as String
+     */
+    public String getEncryptionSymAlgorithm() {
+        return encryptionSymAlgorithm;
+    }
+
+    /**
+     * Specifies the encryption algorithm
+     *
+     * @param encryptionSymAlgorithm The algo to use for encryption
+     */
+    public void setEncryptionSymAlgorithm(String encryptionSymAlgorithm) {
+        this.encryptionSymAlgorithm = encryptionSymAlgorithm;
+    }
+
+    /**
+     * Returns the encryption key transport algorithm
+     *
+     * @return the key transport algorithm as string
+     */
+    public String getEncryptionKeyTransportAlgorithm() {
+        return encryptionKeyTransportAlgorithm;
+    }
+
+    /**
+     * Specifies the encryption key transport algorithm
+     *
+     * @param encryptionKeyTransportAlgorithm
+     *         the encryption key transport algorithm as string
+     */
+    public void setEncryptionKeyTransportAlgorithm(String encryptionKeyTransportAlgorithm) {
+        this.encryptionKeyTransportAlgorithm = encryptionKeyTransportAlgorithm;
+    }
+
+    public X509Certificate getEncryptionUseThisCertificate() {
+        return encryptionUseThisCertificate;
+    }
+
+    public void setEncryptionUseThisCertificate(X509Certificate encryptionUseThisCertificate) {
+        this.encryptionUseThisCertificate = encryptionUseThisCertificate;
+    }
+
+    /**
+     * Returns the alias for the encryption key in the keystore
+     *
+     * @return the alias for the encryption key in the keystore as string
+     */
+    public String getEncryptionUser() {
+        return encryptionUser;
+    }
+
+    /**
+     * Specifies the the alias for the encryption key in the keystore
+     *
+     * @param encryptionUser the the alias for the encryption key in the keystore as string
+     */
+    public void setEncryptionUser(String encryptionUser) {
+        this.encryptionUser = encryptionUser;
+    }
+
+    /**
+     * returns the KeyIdentifierType which will be used in the secured document
+     *
+     * @return The KeyIdentifierType
+     */
+    public Constants.KeyIdentifierType getEncryptionKeyIdentifierType() {
+        return encryptionKeyIdentifierType;
+    }
+
+    /**
+     * Specifies the KeyIdentifierType to use in the secured document
+     *
+     * @param encryptionKeyIdentifierType
+     */
+    public void setEncryptionKeyIdentifierType(Constants.KeyIdentifierType encryptionKeyIdentifierType) {
+        this.encryptionKeyIdentifierType = encryptionKeyIdentifierType;
+    }
+
+    private List<SecurePart> signatureParts = new LinkedList<SecurePart>();
+    private String signatureAlgorithm;
+    private String signatureDigestAlgorithm;
+    private String signatureCanonicalizationAlgorithm;
+    private Class<? extends CryptoBase> signatureCryptoClass;
+    private KeyStore signatureKeyStore;
+    private String signatureUser;
+    private Constants.KeyIdentifierType signatureKeyIdentifierType;
+    private boolean useSingleCert = true;
+
+    public void addSignaturePart(SecurePart securePart) {
+        signatureParts.add(securePart);
+    }
+
+    public List<SecurePart> getSignatureSecureParts() {
+        return signatureParts;
+    }
+
+    public String getSignatureAlgorithm() {
+        return signatureAlgorithm;
+    }
+
+    public void setSignatureAlgorithm(String signatureAlgorithm) {
+        this.signatureAlgorithm = signatureAlgorithm;
+    }
+
+    public String getSignatureDigestAlgorithm() {
+        return signatureDigestAlgorithm;
+    }
+
+    public void setSignatureDigestAlgorithm(String signatureDigestAlgorithm) {
+        this.signatureDigestAlgorithm = signatureDigestAlgorithm;
+    }
+
+    public void setSignatureUser(String signatureUser) {
+        this.signatureUser = signatureUser;
+    }
+
+    public String getSignatureUser() {
+        return signatureUser;
+    }
+
+    public KeyStore getSignatureKeyStore() {
+        return signatureKeyStore;
+    }
+
+    public void loadSignatureKeyStore(URL url, char[] keyStorePassword) throws Exception {
+        KeyStore keyStore = KeyStore.getInstance("jks");
+        keyStore.load(url.openStream(), keyStorePassword);
+        this.signatureKeyStore = keyStore;
+    }
+
+    public Class<? extends CryptoBase> getSignatureCryptoClass() {
+        if (signatureCryptoClass != null) {
+            return signatureCryptoClass;
+        }
+        signatureCryptoClass = org.swssf.crypto.Merlin.class;
+        return signatureCryptoClass;
+    }
+
+    public void setSignatureCryptoClass(Class<? extends CryptoBase> signatureCryptoClass) {
+        this.signatureCryptoClass = signatureCryptoClass;
+    }
+
+    private Crypto cachedSignatureCrypto;
+    private Class<? extends CryptoBase> cachedSignatureCryptoClass;
+    private KeyStore cachedSignatureKeyStore;
+
+    public Crypto getSignatureCrypto() throws WSSecurityException {
+
+        if (this.getSignatureKeyStore() == null) {
+            throw new WSSConfigurationException(WSSecurityException.ErrorCode.FAILURE, "signatureKeyStoreNotSet");
+        }
+
+        if (this.getSignatureKeyStore() == cachedSignatureKeyStore) {
+            return cachedSignatureCrypto;
+        }
+
+        Class<? extends CryptoBase> signatureCryptoClass = this.getSignatureCryptoClass();
+
+        try {
+            CryptoBase signatureCrypto = signatureCryptoClass.newInstance();
+            signatureCrypto.setKeyStore(this.getSignatureKeyStore());
+            cachedSignatureCrypto = signatureCrypto;
+            cachedSignatureCryptoClass = signatureCryptoClass;
+            cachedSignatureKeyStore = this.getSignatureKeyStore();
+            return signatureCrypto;
+        } catch (Exception e) {
+            throw new WSSConfigurationException(WSSecurityException.ErrorCode.FAILURE, "signatureCryptoFailure", e);
+        }
+    }
+
+    public Constants.KeyIdentifierType getSignatureKeyIdentifierType() {
+        return signatureKeyIdentifierType;
+    }
+
+    public void setSignatureKeyIdentifierType(Constants.KeyIdentifierType signatureKeyIdentifierType) {
+        this.signatureKeyIdentifierType = signatureKeyIdentifierType;
+    }
+
+    public boolean isUseSingleCert() {
+        return useSingleCert;
+    }
+
+    public void setUseSingleCert(boolean useSingleCert) {
+        this.useSingleCert = useSingleCert;
+    }
+
+    private Integer timestampTTL = 300;
+
+    public Integer getTimestampTTL() {
+        return timestampTTL;
+    }
+
+    public void setTimestampTTL(Integer timestampTTL) {
+        this.timestampTTL = timestampTTL;
+    }
+
+    /**
+     * Returns the actual set actions
+     *
+     * @return The Actions in applied order
+     */
+    public Constants.Action[] getOutAction() {
+        return outAction;
+    }
+
+    /**
+     * Specifies how to secure the document eg. Timestamp, Signature, Encrypt
+     *
+     * @param outAction
+     */
+    public void setOutAction(Constants.Action[] outAction) {
+        this.outAction = outAction;
+    }
+
+    public String getSignatureCanonicalizationAlgorithm() {
+        return signatureCanonicalizationAlgorithm;
+    }
+
+    public void setSignatureCanonicalizationAlgorithm(String signatureCanonicalizationAlgorithm) {
+        this.signatureCanonicalizationAlgorithm = signatureCanonicalizationAlgorithm;
+    }
+
+    private Class<? extends CryptoBase> signatureVerificationCryptoClass;
+    private KeyStore signatureVerificationKeyStore;
+
+    public KeyStore getSignatureVerificationKeyStore() {
+        return signatureVerificationKeyStore;
+    }
+
+    public void loadSignatureVerificationKeystore(URL url, char[] keyStorePassword) throws Exception {
+        KeyStore keyStore = KeyStore.getInstance("jks");
+        keyStore.load(url.openStream(), keyStorePassword);
+        this.signatureVerificationKeyStore = keyStore;
+    }
+
+    public Class<? extends CryptoBase> getSignatureVerificationCryptoClass() {
+        if (signatureVerificationCryptoClass != null) {
+            return signatureVerificationCryptoClass;
+        }
+        signatureVerificationCryptoClass = org.swssf.crypto.Merlin.class;
+        return signatureVerificationCryptoClass;
+    }
+
+    public void setSignatureVerificationCryptoClass(Class<? extends CryptoBase> signatureVerificationCryptoClass) {
+        this.signatureVerificationCryptoClass = signatureVerificationCryptoClass;
+    }
+
+    private Crypto cachedSignatureVerificationCrypto;
+    private KeyStore cachedSignatureVerificationKeyStore;
+
+    public Crypto getSignatureVerificationCrypto() throws WSSecurityException {
+
+        if (this.getSignatureVerificationKeyStore() == null) {
+            throw new WSSConfigurationException(WSSecurityException.ErrorCode.FAILURE, "signatureVerificationKeyStoreNotSet");
+        }
+
+        if (this.getSignatureVerificationKeyStore() == cachedSignatureVerificationKeyStore) {
+            return cachedSignatureVerificationCrypto;
+        }
+
+        Class<? extends CryptoBase> signatureVerificationCryptoClass = this.getSignatureVerificationCryptoClass();
+
+        try {
+            CryptoBase signatureVerificationCrypto = signatureVerificationCryptoClass.newInstance();
+            signatureVerificationCrypto.setKeyStore(this.getSignatureVerificationKeyStore());
+            cachedSignatureVerificationCrypto = signatureVerificationCrypto;
+            cachedSignatureVerificationKeyStore = this.getSignatureVerificationKeyStore();
+            return signatureVerificationCrypto;
+        } catch (Exception e) {
+            throw new WSSConfigurationException(WSSecurityException.ErrorCode.FAILURE, "signatureVerificationCryptoFailure", e);
+        }
+    }
+
+    private boolean strictTimestampCheck = true;
+
+    public boolean isStrictTimestampCheck() {
+        return strictTimestampCheck;
+    }
+
+    public void setStrictTimestampCheck(boolean strictTimestampCheck) {
+        this.strictTimestampCheck = strictTimestampCheck;
+    }
+
+    private boolean skipDocumentEvents = false;
+
+    /**
+     * Returns if the framework is skipping document-events
+     *
+     * @return true if document-events will be skipped, false otherwise
+     */
+    public boolean isSkipDocumentEvents() {
+        return skipDocumentEvents;
+    }
+
+    /**
+     * specifies if the framework should forward Document-Events or not
+     *
+     * @param skipDocumentEvents set to true when document events should be discarded, false otherwise
+     */
+    public void setSkipDocumentEvents(boolean skipDocumentEvents) {
+        this.skipDocumentEvents = skipDocumentEvents;
+    }
+
+    private String tokenUser;
+    private Constants.UsernameTokenPasswordType usernameTokenPasswordType;
+
+    public String getTokenUser() {
+        return tokenUser;
+    }
+
+    public void setTokenUser(String tokenUser) {
+        this.tokenUser = tokenUser;
+    }
+
+    public Constants.UsernameTokenPasswordType getUsernameTokenPasswordType() {
+        return usernameTokenPasswordType;
+    }
+
+    public void setUsernameTokenPasswordType(Constants.UsernameTokenPasswordType usernameTokenPasswordType) {
+        this.usernameTokenPasswordType = usernameTokenPasswordType;
+    }
+
+    private boolean enableSignatureConfirmationVerification = false;
+
+    public boolean isEnableSignatureConfirmationVerification() {
+        return enableSignatureConfirmationVerification;
+    }
+
+    public void setEnableSignatureConfirmationVerification(boolean enableSignatureConfirmationVerification) {
+        this.enableSignatureConfirmationVerification = enableSignatureConfirmationVerification;
+    }
+
+    private boolean useReqSigCertForEncryption = false;
+
+    public boolean isUseReqSigCertForEncryption() {
+        return useReqSigCertForEncryption;
+    }
+
+    public void setUseReqSigCertForEncryption(boolean useReqSigCertForEncryption) {
+        this.useReqSigCertForEncryption = useReqSigCertForEncryption;
+    }
+
+    private String actor;
+
+    public String getActor() {
+        return actor;
+    }
+
+    public void setActor(String actor) {
+        this.actor = actor;
+    }
+
+
+    private Constants.KeyIdentifierType derivedKeyKeyIdentifierType;
+    private Constants.DerivedKeyTokenReference derivedKeyTokenReference;
+
+    public Constants.KeyIdentifierType getDerivedKeyKeyIdentifierType() {
+        return derivedKeyKeyIdentifierType;
+    }
+
+    public void setDerivedKeyKeyIdentifierType(Constants.KeyIdentifierType derivedKeyKeyIdentifierType) {
+        this.derivedKeyKeyIdentifierType = derivedKeyKeyIdentifierType;
+    }
+
+    public Constants.DerivedKeyTokenReference getDerivedKeyTokenReference() {
+        return derivedKeyTokenReference;
+    }
+
+    public void setDerivedKeyTokenReference(Constants.DerivedKeyTokenReference derivedKeyTokenReference) {
+        this.derivedKeyTokenReference = derivedKeyTokenReference;
+    }
+}

Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityProperties.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision

Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityToken.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityToken.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityToken.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,109 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.ext;
+
+import java.security.Key;
+import java.security.PublicKey;
+import java.security.cert.X509Certificate;
+
+/**
+ * This class represents the different token types which can occur in WS-Security
+ * <p/>
+ * Sometimes it isn't known (@see EncryptedKeyInputProcessor) which kind of Token(Asymmetric, Symmetric)
+ * we have at creation time. So we use a generic interface for both types.
+ *
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public interface SecurityToken {
+
+    /**
+     * Returns the token id aka wsu:Id
+     *
+     * @return The id
+     */
+    public String getId();
+
+    /**
+     * Returns the responsible processor for this token
+     *
+     * @return
+     */
+    public Object getProcessor();
+
+    /**
+     * Returns the token type
+     *
+     * @return true if asymmetric token, false if symmetric token
+     */
+    public boolean isAsymmetric();
+
+    /**
+     * Returns the secret key
+     *
+     * @param algorithmURI for the requested key
+     * @return The requested key for the specified algorithmURI, or null if no matching key is found
+     * @throws WSSecurityException if the key can't be loaded
+     */
+    public Key getSecretKey(String algorithmURI, Constants.KeyUsage keyUsage) throws WSSecurityException;
+
+    /**
+     * Returns the public key if one exist for this token type
+     *
+     * @return The Public-Key for asymmetric algorithms
+     * @throws WSSecurityException if the key can't be loaded
+     */
+    public PublicKey getPublicKey(Constants.KeyUsage keyUsage) throws WSSecurityException;
+
+    /**
+     * Returns the certificate chain if one exists for this token type
+     *
+     * @return The certificate chain
+     * @throws WSSecurityException if the certificates can't be retrieved
+     */
+    public X509Certificate[] getX509Certificates() throws WSSecurityException;
+
+    /**
+     * Verifies the key if applicable
+     *
+     * @throws WSSecurityException if the key couldn't be verified or the key isn't valid
+     */
+    public void verify() throws WSSecurityException;
+
+    /**
+     * Returns the key wrapping token
+     *
+     * @return The wrapping SecurityToken
+     */
+    public SecurityToken getKeyWrappingToken();
+
+    /**
+     * Returns the Key wrapping token's algorithm
+     *
+     * @return the KeyWrappingToken algorithm
+     */
+    public String getKeyWrappingTokenAlgorithm();
+
+    /**
+     * Returns the KeyIdentifierType
+     *
+     * @return the KeyIdentifierType
+     */
+    public Constants.TokenType getTokenType();
+}

Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityToken.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision

Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityTokenProvider.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityTokenProvider.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityTokenProvider.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityTokenProvider.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,41 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.ext;
+
+import org.swssf.crypto.Crypto;
+
+/**
+ * A SecurityTokenProvider is a object which provides a Token for cryptographic operations
+ *
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public interface SecurityTokenProvider {
+
+    /**
+     * Returns the represented SecurityToken of this object
+     *
+     * @param crypto The Crypto to use to restore the Token
+     * @return The SecurityToken
+     * @throws WSSecurityException if the token couldn't be loaded
+     */
+    public SecurityToken getSecurityToken(Crypto crypto) throws WSSecurityException;
+
+    public String getId();
+}

Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/SecurityTokenProvider.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision

Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/Transformer.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/Transformer.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/Transformer.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/Transformer.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,31 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.ext;
+
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.events.XMLEvent;
+
+/**
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public interface Transformer {
+
+    public void transform(XMLEvent xmlEvent) throws XMLStreamException;
+}

Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/Transformer.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision

Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/UncheckedWSSecurityException.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/UncheckedWSSecurityException.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/UncheckedWSSecurityException.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/UncheckedWSSecurityException.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,40 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.ext;
+
+/**
+ * Unchecked Exception to mark uncaught-exceptions in threads
+ *
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public class UncheckedWSSecurityException extends RuntimeException {
+
+    public UncheckedWSSecurityException(String message) {
+        super(message);
+    }
+
+    public UncheckedWSSecurityException(String message, Throwable cause) {
+        super(message, cause);
+    }
+
+    public UncheckedWSSecurityException(Throwable cause) {
+        super(cause);
+    }
+}

Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/UncheckedWSSecurityException.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision

Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/Utils.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/Utils.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/Utils.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/Utils.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,277 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.ext;
+
+import org.apache.commons.codec.binary.Base64;
+import org.swssf.config.TransformerAlgorithmMapper;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.xml.namespace.QName;
+import javax.xml.stream.events.Attribute;
+import javax.xml.stream.events.Namespace;
+import javax.xml.stream.events.StartElement;
+import javax.xml.stream.events.XMLEvent;
+import java.io.IOException;
+import java.io.OutputStream;
+import java.io.UnsupportedEncodingException;
+import java.lang.reflect.Constructor;
+import java.lang.reflect.InvocationTargetException;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.util.Deque;
+import java.util.Iterator;
+import java.util.LinkedList;
+import java.util.List;
+
+/**
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public class Utils {
+
+    private Utils() {
+    }
+
+    /**
+     * Returns the Id reference without the leading #
+     *
+     * @param reference The reference on which to drop the #
+     * @return The reference without a leading #
+     */
+    public static String dropReferenceMarker(String reference) {
+        if (reference.startsWith("#")) {
+            return reference.substring(1);
+        }
+        return reference;
+    }
+
+    /**
+     * Returns the XMLEvent type in String form
+     *
+     * @param xmlEvent
+     * @return The XMLEvent type as string representation
+     */
+    public static String getXMLEventAsString(XMLEvent xmlEvent) {
+        int eventType = xmlEvent.getEventType();
+
+        switch (eventType) {
+            case XMLEvent.START_ELEMENT:
+                return "START_ELEMENT";
+            case XMLEvent.END_ELEMENT:
+                return "END_ELEMENT";
+            case XMLEvent.PROCESSING_INSTRUCTION:
+                return "PROCESSING_INSTRUCTION";
+            case XMLEvent.CHARACTERS:
+                return "CHARACTERS";
+            case XMLEvent.COMMENT:
+                return "COMMENT";
+            case XMLEvent.START_DOCUMENT:
+                return "START_DOCUMENT";
+            case XMLEvent.END_DOCUMENT:
+                return "END_DOCUMENT";
+            case XMLEvent.ATTRIBUTE:
+                return "ATTRIBUTE";
+            case XMLEvent.DTD:
+                return "DTD";
+            case XMLEvent.NAMESPACE:
+                return "NAMESPACE";
+            default:
+                throw new IllegalArgumentException("Illegal XMLEvent received: " + eventType);
+        }
+    }
+
+    /**
+     * Executes the Callback handling. Typically used to fetch passwords
+     *
+     * @param callbackHandler
+     * @param callback
+     * @throws WSSecurityException if the callback couldn't be executed
+     */
+    public static void doPasswordCallback(CallbackHandler callbackHandler, Callback callback) throws WSSecurityException {
+        if (callbackHandler == null) {
+            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noCallback");
+        }
+        try {
+            callbackHandler.handle(new Callback[]{callback});
+        } catch (IOException e) {
+            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noPassword", e);
+        } catch (UnsupportedCallbackException e) {
+            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noPassword", e);
+        }
+    }
+
+    /**
+     * Try to get the secret key from a CallbackHandler implementation
+     *
+     * @param cb a CallbackHandler implementation
+     * @return An array of bytes corresponding to the secret key (can be null)
+     * @throws WSSecurityException
+     */
+    public static void doSecretKeyCallback(CallbackHandler callbackHandler, Callback callback, String id) throws WSSecurityException {
+        if (callbackHandler != null) {
+            try {
+                callbackHandler.handle(new Callback[]{callback});
+            } catch (IOException e) {
+                throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noPassword", e);
+            } catch (UnsupportedCallbackException e) {
+                throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noPassword", e);
+            }
+        }
+    }
+
+    public static Class loadClass(String className) throws ClassNotFoundException {
+        return Thread.currentThread().getContextClassLoader().loadClass(className);
+    }
+
+    public static String doPasswordDigest(byte[] nonce, String created, String password) throws WSSecurityException {
+        try {
+            byte[] b1 = nonce != null ? nonce : new byte[0];
+            byte[] b2 = created != null ? created.getBytes("UTF-8") : new byte[0];
+            byte[] b3 = password.getBytes("UTF-8");
+            byte[] b4 = new byte[b1.length + b2.length + b3.length];
+            int offset = 0;
+            System.arraycopy(b1, 0, b4, offset, b1.length);
+            offset += b1.length;
+
+            System.arraycopy(b2, 0, b4, offset, b2.length);
+            offset += b2.length;
+
+            System.arraycopy(b3, 0, b4, offset, b3.length);
+
+            MessageDigest sha = MessageDigest.getInstance("SHA-1");
+            sha.reset();
+            sha.update(b4);
+            return new String(Base64.encodeBase64(sha.digest()));
+        } catch (NoSuchAlgorithmException e) {
+            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noSHA1availabe", e);
+        } catch (UnsupportedEncodingException e) {
+            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e);
+        }
+    }
+
+    @SuppressWarnings("unchecked")
+    public static XMLEvent createXMLEventNS(XMLEvent xmlEvent, Deque<List<ComparableNamespace>> nsStack, Deque<List<ComparableAttribute>> attrStack) {
+        if (xmlEvent.isStartElement()) {
+            StartElement startElement = xmlEvent.asStartElement();
+            QName startElementName = startElement.getName();
+
+            List<String> prefixList = new LinkedList<String>();
+            prefixList.add(startElementName.getPrefix());
+
+            List<ComparableNamespace> comparableNamespaceList = new LinkedList<ComparableNamespace>();
+
+            ComparableNamespace curElementNamespace = new ComparableNamespace(startElementName.getPrefix(), startElementName.getNamespaceURI());
+            comparableNamespaceList.add(curElementNamespace);
+
+            @SuppressWarnings("unchecked")
+            Iterator<Namespace> namespaceIterator = startElement.getNamespaces();
+            while (namespaceIterator.hasNext()) {
+                Namespace namespace = namespaceIterator.next();
+                String prefix = namespace.getPrefix();
+
+                if ((prefix == null || prefix.length() == 0) && (namespace.getNamespaceURI() == null || namespace.getNamespaceURI().length() == 0)) {
+                    continue;
+                }
+
+                if (!prefixList.contains(prefix)) {
+                    prefixList.add(prefix);
+                    ComparableNamespace tmpNameSpace = new ComparableNamespace(prefix, namespace.getNamespaceURI());
+                    comparableNamespaceList.add(tmpNameSpace);
+                }
+            }
+
+            List<ComparableAttribute> comparableAttributeList = new LinkedList<ComparableAttribute>();
+
+            @SuppressWarnings("unchecked")
+            Iterator<Attribute> attributeIterator = startElement.getAttributes();
+            while (attributeIterator.hasNext()) {
+                Attribute attribute = attributeIterator.next();
+                String prefix = attribute.getName().getPrefix();
+
+                if (prefix != null && prefix.length() == 0 && attribute.getName().getNamespaceURI().length() == 0) {
+                    continue;
+                }
+                if (!"xml".equals(prefix)) {
+                    if (!"".equals(prefix)) {
+                        //does an attribute have an namespace?
+                        if (!prefixList.contains(prefix)) {
+                            prefixList.add(prefix);
+                            ComparableNamespace tmpNameSpace = new ComparableNamespace(prefix, attribute.getName().getNamespaceURI());
+                            comparableNamespaceList.add(tmpNameSpace);
+                        }
+                        continue;
+                    }
+                }
+                //add all attrs with xml - prefix (eg. xml:lang) to attr list:
+                comparableAttributeList.add(new ComparableAttribute(attribute.getName(), attribute.getValue()));
+            }
+
+            nsStack.push(comparableNamespaceList);
+            attrStack.push(comparableAttributeList);
+
+            return new XMLEventNS(xmlEvent, nsStack.toArray(new List[nsStack.size()]), attrStack.toArray(new List[attrStack.size()]));
+        } else if (xmlEvent.isEndElement()) {
+            XMLEventNS xmlEventNS = new XMLEventNS(xmlEvent, nsStack.toArray(new List[nsStack.size()]), attrStack.toArray(new List[attrStack.size()]));
+            nsStack.pop();
+            attrStack.pop();
+            return xmlEventNS;
+        }
+        return xmlEvent;
+    }
+
+    public static boolean isResponsibleActorOrRole(StartElement startElement, String soapVersionNamespace, String responsibleActor) {
+        QName actorRole;
+        if (Constants.NS_SOAP11.equals(soapVersionNamespace)) {
+            actorRole = Constants.ATT_soap11_Actor;
+        } else {
+            actorRole = Constants.ATT_soap12_Role;
+        }
+
+        String actor = null;
+        @SuppressWarnings("unchecked")
+        Iterator<Attribute> attributeIterator = startElement.getAttributes();
+        while (attributeIterator.hasNext()) {
+            Attribute next = attributeIterator.next();
+            if (actorRole.equals(next.getName())) {
+                actor = next.getValue();
+            }
+        }
+
+        if (responsibleActor == null) {
+            return actor == null;
+        } else {
+            return responsibleActor.equals(actor);
+        }
+    }
+
+    public static Transformer getTransformer(Object methodParameter1, Object methodParameter2, String algorithm) throws WSSecurityException, InstantiationException, IllegalAccessException, InvocationTargetException, NoSuchMethodException {
+        Class<Transformer> transformerClass = TransformerAlgorithmMapper.getTransformerClass(algorithm);
+        Transformer childTransformer;
+        try {
+            Constructor<Transformer> constructor = transformerClass.getConstructor(Transformer.class);
+            childTransformer = constructor.newInstance(methodParameter1);
+        } catch (NoSuchMethodException e) {
+            Constructor<Transformer> constructor = transformerClass.getConstructor(String.class, OutputStream.class);
+            childTransformer = constructor.newInstance(methodParameter1, methodParameter2);
+        }
+        return childTransformer;
+    }
+}

Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/ext/Utils.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision



Mime
View raw message