ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From gi...@apache.org
Subject svn commit: r1172285 [23/48] - in /webservices/wss4j/branches/swssf: ./ cxf-integration/ cxf-integration/src/ cxf-integration/src/main/ cxf-integration/src/main/java/ cxf-integration/src/main/java/org/ cxf-integration/src/main/java/org/swssf/ cxf-integ...
Date Sun, 18 Sep 2011 13:51:36 GMT
Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/saml/bean/KeyInfoBean.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/saml/bean/KeyInfoBean.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/saml/bean/KeyInfoBean.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/saml/bean/KeyInfoBean.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,172 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.swssf.impl.saml.bean;
+
+import org.w3c.dom.Element;
+
+import java.security.PublicKey;
+import java.security.cert.X509Certificate;
+
+
+/**
+ * Class KeyInfoBean represents a KeyInfo structure that will be embedded in a SAML Subject.
+ */
+public class KeyInfoBean {
+
+    public enum CERT_IDENTIFIER {
+        X509_CERT, X509_ISSUER_SERIAL, KEY_VALUE
+    }
+
+    private X509Certificate cert;
+    private CERT_IDENTIFIER certIdentifier = CERT_IDENTIFIER.X509_CERT;
+    private PublicKey publicKey;
+    private Element keyInfoElement;
+
+    /**
+     * Constructor KeyInfoBean creates a new KeyInfoBean instance.
+     */
+    public KeyInfoBean() {
+    }
+
+    /**
+     * Method getCertificate returns the certificate of this KeyInfoBean object.
+     *
+     * @return the cert (type X509Certificate) of this KeyInfoBean object.
+     */
+    public X509Certificate getCertificate() {
+        return cert;
+    }
+
+    /**
+     * Method setCertificate sets the cert of this KeyInfoBean object.
+     *
+     * @param cert the cert of this KeyInfoBean object.
+     */
+    public void setCertificate(X509Certificate cert) {
+        this.cert = cert;
+    }
+
+    /**
+     * Method getPublicKey returns the public key of this KeyInfoBean object.
+     *
+     * @return the publicKey (type PublicKey) of this KeyInfoBean object.
+     */
+    public PublicKey getPublicKey() {
+        return publicKey;
+    }
+
+    /**
+     * Method setPublicKey sets the publicKey of this KeyInfoBean object.
+     *
+     * @param publicKey the publicKey of this KeyInfoBean object.
+     */
+    public void setPublicKey(PublicKey publicKey) {
+        this.publicKey = publicKey;
+    }
+
+    /**
+     * Method getCertIdentifer returns the cert identifer of this KeyInfoBean object.
+     *
+     * @return the certIdentifier (type CERT_IDENTIFIER) of this KeyInfoBean object.
+     */
+    public CERT_IDENTIFIER getCertIdentifer() {
+        return certIdentifier;
+    }
+
+    /**
+     * Method setCertIdentifer sets the cert identifier of this KeyInfoBean object.
+     *
+     * @param certIdentifier the certIdentifier of this KeyInfoBean object.
+     */
+    public void setCertIdentifer(CERT_IDENTIFIER certIdentifier) {
+        this.certIdentifier = certIdentifier;
+    }
+
+    /**
+     * Method getElement returns the DOM Element of this KeyInfoBean object.
+     *
+     * @return the keyInfoElement (type Element) of this KeyInfoBean object.
+     */
+    public Element getElement() {
+        return keyInfoElement;
+    }
+
+    /**
+     * Method setElement sets the DOM Element of this KeyInfoBean object.
+     *
+     * @param keyInfoElement the DOM Element of this KeyInfoBean object.
+     */
+    public void setElement(Element keyInfoElement) {
+        this.keyInfoElement = keyInfoElement;
+    }
+
+    /**
+     * Method equals ...
+     *
+     * @param o of type Object
+     * @return boolean
+     */
+    @Override
+    public boolean equals(Object o) {
+        if (this == o) return true;
+        if (!(o instanceof KeyInfoBean)) return false;
+
+        KeyInfoBean that = (KeyInfoBean) o;
+
+        if (certIdentifier != that.certIdentifier) return false;
+        if (cert == null && that.cert != null) {
+            return false;
+        } else if (cert != null && !cert.equals(that.cert)) {
+            return false;
+        }
+
+        if (publicKey == null && that.publicKey != null) {
+            return false;
+        } else if (publicKey != null && !publicKey.equals(that.publicKey)) {
+            return false;
+        }
+
+        if (keyInfoElement == null && that.keyInfoElement != null) {
+            return false;
+        } else if (keyInfoElement != null && !keyInfoElement.equals(that.keyInfoElement)) {
+            return false;
+        }
+
+        return true;
+    }
+
+    /**
+     * @return the hashCode of this object
+     */
+    @Override
+    public int hashCode() {
+        int result = certIdentifier.hashCode();
+        if (cert != null) {
+            result = 31 * result + cert.hashCode();
+        }
+        if (publicKey != null) {
+            result = 31 * result + publicKey.hashCode();
+        }
+        if (keyInfoElement != null) {
+            result = 31 * result + keyInfoElement.hashCode();
+        }
+        return result;
+    }
+}

Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/saml/bean/KeyInfoBean.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision

Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/saml/bean/SubjectBean.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/saml/bean/SubjectBean.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/saml/bean/SubjectBean.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/saml/bean/SubjectBean.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,194 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.swssf.impl.saml.bean;
+
+/**
+ * Class SubjectBean represents a SAML subject (can be used to create
+ * both SAML v1.1 and v2.0 statements)
+ * <p/>
+ * Created on May 20, 2009
+ */
+public class SubjectBean {
+    private String subjectName;
+    private String subjectNameQualifier;
+    private String subjectConfirmationMethod;
+    private KeyInfoBean keyInfo;
+
+    /**
+     * Constructor SubjectBean creates a new SubjectBean instance.
+     */
+    public SubjectBean() {
+    }
+
+    /**
+     * Constructor SubjectBean creates a new SubjectBean instance.
+     *
+     * @param subjectName               of type String
+     * @param subjectNameQualifier      of type String
+     * @param subjectConfirmationMethod of type String
+     */
+    public SubjectBean(
+            String subjectName,
+            String subjectNameQualifier,
+            String subjectConfirmationMethod
+    ) {
+        this.subjectName = subjectName;
+        this.subjectNameQualifier = subjectNameQualifier;
+        this.subjectConfirmationMethod = subjectConfirmationMethod;
+    }
+
+    /**
+     * Method getSubjectName returns the subjectName of this SubjectBean object.
+     *
+     * @return the subjectName (type String) of this SubjectBean object.
+     */
+    public String getSubjectName() {
+        return subjectName;
+    }
+
+    /**
+     * Method setSubjectName sets the subjectName of this SubjectBean object.
+     *
+     * @param subjectName the subjectName of this SubjectBean object.
+     */
+    public void setSubjectName(String subjectName) {
+        this.subjectName = subjectName;
+    }
+
+    /**
+     * Method getSubjectNameQualifier returns the subjectNameQualifier of this SubjectBean object.
+     *
+     * @return the subjectNameQualifier (type String) of this SubjectBean object.
+     */
+    public String getSubjectNameQualifier() {
+        return subjectNameQualifier;
+    }
+
+    /**
+     * Method setSubjectNameQualifier sets the subjectNameQualifier of this SubjectBean object.
+     *
+     * @param subjectNameQualifier the subjectNameQualifier of this SubjectBean object.
+     */
+    public void setSubjectNameQualifier(String subjectNameQualifier) {
+        this.subjectNameQualifier = subjectNameQualifier;
+    }
+
+    /**
+     * Method getSubjectConfirmationMethod returns the subjectConfirmationMethod of
+     * this SubjectBean object.
+     *
+     * @return the subjectConfirmationMethod (type String) of this SubjectBean object.
+     */
+    public String getSubjectConfirmationMethod() {
+        return subjectConfirmationMethod;
+    }
+
+    /**
+     * Method setSubjectConfirmationMethod sets the subjectConfirmationMethod of
+     * this SubjectBean object.
+     *
+     * @param subjectConfirmationMethod the subjectConfirmationMethod of this
+     *                                  SubjectBean object.
+     */
+    public void setSubjectConfirmationMethod(String subjectConfirmationMethod) {
+        this.subjectConfirmationMethod = subjectConfirmationMethod;
+    }
+
+    /**
+     * Method getKeyInfo returns the keyInfo of this SubjectBean object.
+     *
+     * @return the keyInfo (type KeyInfoBean) of this SubjectBean object.
+     */
+    public KeyInfoBean getKeyInfo() {
+        return keyInfo;
+    }
+
+    /**
+     * Method setKeyInfo sets the keyInfo of this SubjectBean object.
+     *
+     * @param keyInfo the keyInfo of this SubjectBean object.
+     */
+    public void setKeyInfo(KeyInfoBean keyInfo) {
+        this.keyInfo = keyInfo;
+    }
+
+    /**
+     * Method equals ...
+     *
+     * @param o of type Object
+     * @return boolean
+     */
+    @Override
+    public boolean equals(Object o) {
+        if (this == o) return true;
+        if (!(o instanceof SubjectBean)) return false;
+
+        SubjectBean that = (SubjectBean) o;
+
+        if (subjectName == null && that.subjectName != null) {
+            return false;
+        } else if (subjectName != null && !subjectName.equals(that.subjectName)) {
+            return false;
+        }
+
+        if (subjectNameQualifier == null && that.subjectNameQualifier != null) {
+            return false;
+        } else if (subjectNameQualifier != null &&
+                !subjectNameQualifier.equals(that.subjectNameQualifier)) {
+            return false;
+        }
+
+        if (subjectConfirmationMethod == null && that.subjectConfirmationMethod != null) {
+            return false;
+        } else if (subjectConfirmationMethod != null &&
+                !subjectConfirmationMethod.equals(that.subjectConfirmationMethod)) {
+            return false;
+        }
+
+        if (keyInfo == null && that.keyInfo != null) {
+            return false;
+        } else if (keyInfo != null && !keyInfo.equals(that.keyInfo)) {
+            return false;
+        }
+
+        return true;
+    }
+
+    /**
+     * @return the hashcode of this object
+     */
+    @Override
+    public int hashCode() {
+        int result = 0;
+        if (subjectName != null) {
+            result = subjectName.hashCode();
+        }
+        if (subjectNameQualifier != null) {
+            result = 31 * result + subjectNameQualifier.hashCode();
+        }
+        if (subjectConfirmationMethod != null) {
+            result = 31 * result + subjectConfirmationMethod.hashCode();
+        }
+        if (keyInfo != null) {
+            result = 31 * result + keyInfo.hashCode();
+        }
+        return result;
+    }
+}

Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/saml/bean/SubjectBean.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision

Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/saml/builder/SAML1ComponentBuilder.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/saml/builder/SAML1ComponentBuilder.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/saml/builder/SAML1ComponentBuilder.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/saml/builder/SAML1ComponentBuilder.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,467 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.swssf.impl.saml.builder;
+
+import org.joda.time.DateTime;
+import org.opensaml.Configuration;
+import org.opensaml.common.SAMLObjectBuilder;
+import org.opensaml.common.SAMLVersion;
+import org.opensaml.saml1.core.*;
+import org.opensaml.xml.XMLObjectBuilderFactory;
+import org.opensaml.xml.schema.XSString;
+import org.opensaml.xml.schema.impl.XSStringBuilder;
+import org.opensaml.xml.security.x509.BasicX509Credential;
+import org.opensaml.xml.security.x509.X509KeyInfoGeneratorFactory;
+import org.opensaml.xml.signature.KeyInfo;
+import org.swssf.ext.WSSecurityException;
+import org.swssf.impl.saml.OpenSAMLUtil;
+import org.swssf.impl.saml.bean.*;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.UUID;
+
+/**
+ * Class SAML1ComponentBuilder provides builder methods that can be used
+ * to construct SAML v1.1 statements using the OpenSaml library.
+ * <p/>
+ * Created on May 18, 2009
+ */
+public class SAML1ComponentBuilder {
+
+    private static SAMLObjectBuilder<Assertion> assertionV1Builder;
+
+    private static SAMLObjectBuilder<Conditions> conditionsV1Builder;
+
+    private static SAMLObjectBuilder<AuthenticationStatement> authenticationStatementV1Builder;
+
+    private static SAMLObjectBuilder<Subject> subjectV1Builder;
+
+    private static SAMLObjectBuilder<NameIdentifier> nameIdentifierV1Builder;
+
+    private static SAMLObjectBuilder<SubjectConfirmation>
+            subjectConfirmationV1Builder;
+
+    private static SAMLObjectBuilder<ConfirmationMethod> confirmationMethodV1Builder;
+
+    private static SAMLObjectBuilder<AttributeStatement>
+            attributeStatementV1Builder;
+
+    private static SAMLObjectBuilder<Attribute> attributeV1Builder;
+
+    private static XSStringBuilder stringBuilder;
+
+    private static SAMLObjectBuilder<AuthorizationDecisionStatement>
+            authorizationDecisionStatementV1Builder;
+
+    private static SAMLObjectBuilder<Action> actionElementV1Builder;
+
+    private static XMLObjectBuilderFactory builderFactory = Configuration.getBuilderFactory();
+
+    /**
+     * Create a new SAML 1.1 assertion
+     *
+     * @param issuer of type String
+     * @return A SAML 1.1 assertion
+     */
+    @SuppressWarnings("unchecked")
+    public static Assertion createSamlv1Assertion(String issuer) {
+        if (assertionV1Builder == null) {
+            assertionV1Builder = (SAMLObjectBuilder<Assertion>)
+                    builderFactory.getBuilder(Assertion.DEFAULT_ELEMENT_NAME);
+            if (assertionV1Builder == null) {
+                throw new IllegalStateException(
+                        "OpenSaml engine not initialized. Please make sure to initialize the OpenSaml "
+                                + "engine prior using it"
+                );
+            }
+        }
+        Assertion assertion =
+                assertionV1Builder.buildObject(
+                        Assertion.DEFAULT_ELEMENT_NAME,
+                        Assertion.TYPE_NAME
+                );
+        assertion.setVersion(SAMLVersion.VERSION_11);
+        assertion.setIssuer(issuer);
+        assertion.setIssueInstant(new DateTime()); // now
+        assertion.setID(UUID.randomUUID().toString());
+        return assertion;
+    }
+
+
+    /**
+     * Create a SAML Subject from a SubjectBean instance
+     *
+     * @param subjectBean A SubjectBean instance
+     * @return A Saml 1.1 subject
+     */
+    @SuppressWarnings("unchecked")
+    public static Subject createSaml1v1Subject(SubjectBean subjectBean)
+            throws org.opensaml.xml.security.SecurityException, WSSecurityException {
+        if (subjectV1Builder == null) {
+            subjectV1Builder = (SAMLObjectBuilder<Subject>)
+                    builderFactory.getBuilder(Subject.DEFAULT_ELEMENT_NAME);
+        }
+        if (nameIdentifierV1Builder == null) {
+            nameIdentifierV1Builder = (SAMLObjectBuilder<NameIdentifier>)
+                    builderFactory.getBuilder(NameIdentifier.DEFAULT_ELEMENT_NAME);
+        }
+        if (subjectConfirmationV1Builder == null) {
+            subjectConfirmationV1Builder = (SAMLObjectBuilder<SubjectConfirmation>)
+                    builderFactory.getBuilder(SubjectConfirmation.DEFAULT_ELEMENT_NAME);
+
+        }
+        if (confirmationMethodV1Builder == null) {
+            confirmationMethodV1Builder = (SAMLObjectBuilder<ConfirmationMethod>)
+                    builderFactory.getBuilder(ConfirmationMethod.DEFAULT_ELEMENT_NAME);
+        }
+
+        Subject subject = subjectV1Builder.buildObject();
+        NameIdentifier nameIdentifier = nameIdentifierV1Builder.buildObject();
+        SubjectConfirmation subjectConfirmation = subjectConfirmationV1Builder.buildObject();
+        ConfirmationMethod confirmationMethod = confirmationMethodV1Builder.buildObject();
+
+        nameIdentifier.setNameQualifier(subjectBean.getSubjectNameQualifier());
+        nameIdentifier.setNameIdentifier(subjectBean.getSubjectName());
+        nameIdentifier.setFormat(SAML1Constants.NAMEID_FORMAT_UNSPECIFIED);
+        String confirmationMethodStr = subjectBean.getSubjectConfirmationMethod();
+
+        if (confirmationMethodStr == null) {
+            confirmationMethodStr = SAML1Constants.CONF_SENDER_VOUCHES;
+        }
+
+        confirmationMethod.setConfirmationMethod(confirmationMethodStr);
+        subjectConfirmation.getConfirmationMethods().add(confirmationMethod);
+        if (subjectBean.getKeyInfo() != null) {
+            KeyInfo keyInfo = createKeyInfo(subjectBean.getKeyInfo());
+            subjectConfirmation.setKeyInfo(keyInfo);
+        }
+        subject.setNameIdentifier(nameIdentifier);
+        subject.setSubjectConfirmation(subjectConfirmation);
+
+        return subject;
+    }
+
+    /**
+     * Create an Opensaml KeyInfo object from the parameters
+     *
+     * @param keyInfo the KeyInfo bean from which to extract security credentials
+     * @return the KeyInfo object
+     * @throws org.opensaml.xml.security.SecurityException
+     *
+     */
+    public static KeyInfo createKeyInfo(KeyInfoBean keyInfo)
+            throws org.opensaml.xml.security.SecurityException, WSSecurityException {
+        if (keyInfo.getElement() != null) {
+            return (KeyInfo) OpenSAMLUtil.fromDom(keyInfo.getElement());
+        } else {
+            // Set the certificate or public key
+            BasicX509Credential keyInfoCredential = new BasicX509Credential();
+            if (keyInfo.getCertificate() != null) {
+                keyInfoCredential.setEntityCertificate(keyInfo.getCertificate());
+            } else if (keyInfo.getPublicKey() != null) {
+                keyInfoCredential.setPublicKey(keyInfo.getPublicKey());
+            }
+
+            // Configure how to emit the certificate
+            X509KeyInfoGeneratorFactory kiFactory = new X509KeyInfoGeneratorFactory();
+            KeyInfoBean.CERT_IDENTIFIER certIdentifier = keyInfo.getCertIdentifer();
+            switch (certIdentifier) {
+                case X509_CERT: {
+                    kiFactory.setEmitEntityCertificate(true);
+                    break;
+                }
+                case KEY_VALUE: {
+                    kiFactory.setEmitPublicKeyValue(true);
+                    break;
+                }
+                case X509_ISSUER_SERIAL: {
+                    kiFactory.setEmitX509IssuerSerial(true);
+                }
+            }
+            return kiFactory.newInstance().generate(keyInfoCredential);
+        }
+    }
+
+    /**
+     * Create a Conditions object
+     *
+     * @param conditionsBean A ConditionsBean object
+     * @return a Conditions object
+     */
+    @SuppressWarnings("unchecked")
+    public static Conditions createSamlv1Conditions(ConditionsBean conditionsBean) {
+        if (conditionsV1Builder == null) {
+            conditionsV1Builder = (SAMLObjectBuilder<Conditions>)
+                    builderFactory.getBuilder(Conditions.DEFAULT_ELEMENT_NAME);
+
+        }
+        Conditions conditions = conditionsV1Builder.buildObject(Conditions.TYPE_NAME);
+
+        if (conditionsBean == null) {
+            DateTime newNotBefore = new DateTime();
+            conditions.setNotBefore(newNotBefore);
+            conditions.setNotOnOrAfter(newNotBefore.plusMinutes(5));
+            return conditions;
+        }
+
+        int tokenPeriodMinutes = conditionsBean.getTokenPeriodMinutes();
+        DateTime notBefore = conditionsBean.getNotBefore();
+        DateTime notAfter = conditionsBean.getNotAfter();
+
+        if (notBefore != null && notAfter != null) {
+            if (notBefore.isAfter(notAfter)) {
+                throw new IllegalStateException(
+                        "The value of notBefore may not be after the value of notAfter"
+                );
+            }
+            conditions.setNotBefore(notBefore);
+            conditions.setNotOnOrAfter(notAfter);
+        } else {
+            DateTime newNotBefore = new DateTime();
+            conditions.setNotBefore(newNotBefore);
+            conditions.setNotOnOrAfter(newNotBefore.plusMinutes(tokenPeriodMinutes));
+        }
+        return conditions;
+    }
+
+    /**
+     * Create SAML 1.1 authentication statement(s)
+     *
+     * @param authBeans A list of AuthenticationStatementBean objects
+     * @return a list of SAML 1.1 authentication statement(s)
+     */
+    @SuppressWarnings("unchecked")
+    public static List<AuthenticationStatement> createSamlv1AuthenticationStatement(
+            List<AuthenticationStatementBean> authBeans
+    ) throws org.opensaml.xml.security.SecurityException, WSSecurityException {
+        List<AuthenticationStatement> authenticationStatements =
+                new ArrayList<AuthenticationStatement>();
+
+        if (authenticationStatementV1Builder == null) {
+            authenticationStatementV1Builder = (SAMLObjectBuilder<AuthenticationStatement>)
+                    builderFactory.getBuilder(AuthenticationStatement.DEFAULT_ELEMENT_NAME);
+        }
+
+        if (authBeans != null && authBeans.size() > 0) {
+            for (AuthenticationStatementBean statementBean : authBeans) {
+                AuthenticationStatement authenticationStatement =
+                        authenticationStatementV1Builder.buildObject(
+                                AuthenticationStatement.DEFAULT_ELEMENT_NAME,
+                                AuthenticationStatement.TYPE_NAME
+                        );
+                Subject authSubject =
+                        SAML1ComponentBuilder.createSaml1v1Subject(statementBean.getSubject());
+                authenticationStatement.setSubject(authSubject);
+
+                if (statementBean.getAuthenticationInstant() != null) {
+                    authenticationStatement.setAuthenticationInstant(
+                            statementBean.getAuthenticationInstant()
+                    );
+                } else {
+                    authenticationStatement.setAuthenticationInstant(new DateTime());
+                }
+
+                authenticationStatement.setAuthenticationMethod(
+                        transformAuthenticationMethod(statementBean.getAuthenticationMethod())
+                );
+                authenticationStatements.add(authenticationStatement);
+            }
+        }
+
+        return authenticationStatements;
+    }
+
+    /**
+     * Method transformAuthenticationMethod transforms the user-supplied authentication method
+     * value into one of the supported specification-compliant values.
+     * NOTE: Only "Password" is supported at this time.
+     *
+     * @param sourceMethod of type String
+     * @return String
+     */
+    private static String transformAuthenticationMethod(String sourceMethod) {
+        String transformedMethod = "";
+
+        if ("Password".equals(sourceMethod)) {
+            transformedMethod = SAML1Constants.AUTH_METHOD_PASSWORD;
+        }
+
+        return transformedMethod;
+    }
+
+    /**
+     * Create SAML 1.1 attribute statement(s)
+     *
+     * @param attributeData A list of AttributeStatementBean instances
+     * @return a list of SAML 1.1 attribute statement(s)
+     */
+    @SuppressWarnings("unchecked")
+    public static List<AttributeStatement> createSamlv1AttributeStatement(
+            List<AttributeStatementBean> attributeData
+    ) throws org.opensaml.xml.security.SecurityException, WSSecurityException {
+        if (attributeStatementV1Builder == null) {
+            attributeStatementV1Builder = (SAMLObjectBuilder<AttributeStatement>)
+                    builderFactory.getBuilder(AttributeStatement.DEFAULT_ELEMENT_NAME);
+        }
+
+        List<AttributeStatement> attributeStatements = new ArrayList<AttributeStatement>();
+
+        if (attributeData != null && attributeData.size() > 0) {
+            for (AttributeStatementBean statementBean : attributeData) {
+                // Create the attribute statementBean and set the subject
+                AttributeStatement attributeStatement = attributeStatementV1Builder.buildObject();
+                Subject attributeSubject =
+                        SAML1ComponentBuilder.createSaml1v1Subject(statementBean.getSubject());
+                attributeStatement.setSubject(attributeSubject);
+                // Add the individual attributes
+                for (AttributeBean values : statementBean.getSamlAttributes()) {
+                    Attribute samlAttribute =
+                            createSamlv1Attribute(
+                                    values.getSimpleName(),
+                                    values.getQualifiedName(),
+                                    values.getAttributeValues()
+                            );
+                    attributeStatement.getAttributes().add(samlAttribute);
+                }
+                // Add the completed attribute statementBean to the collection
+                attributeStatements.add(attributeStatement);
+            }
+        }
+
+        return attributeStatements;
+    }
+
+    /**
+     * Create a SAML 1.1 attribute
+     *
+     * @param attributeName the Attribute Name
+     * @param attributeUrn  the Attribute Qualified Name
+     * @param values        the Attribute Values
+     * @return a SAML 1.1 attribute
+     */
+    @SuppressWarnings("unchecked")
+    public static Attribute createSamlv1Attribute(
+            String attributeName,
+            String attributeUrn,
+            List<String> values
+    ) {
+        if (attributeV1Builder == null) {
+            attributeV1Builder = (SAMLObjectBuilder<Attribute>)
+                    builderFactory.getBuilder(Attribute.DEFAULT_ELEMENT_NAME);
+        }
+        if (stringBuilder == null) {
+            stringBuilder = (XSStringBuilder) builderFactory.getBuilder(XSString.TYPE_NAME);
+        }
+
+        Attribute attribute = attributeV1Builder.buildObject();
+        attribute.setAttributeName(attributeName);
+        attribute.setAttributeNamespace(attributeUrn);
+
+        for (String value : values) {
+            XSString attribute1 =
+                    stringBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
+            attribute1.setValue(value);
+            attribute.getAttributeValues().add(attribute1);
+        }
+
+        return attribute;
+    }
+
+    /**
+     * Create SAML 1.1 Authorization Decision Statement(s)
+     *
+     * @param decisionData of type List<AuthDecisionStatementBean>
+     * @return a list of SAML 1.1 Authorization Decision Statement(s)
+     */
+    @SuppressWarnings("unchecked")
+    public static List<AuthorizationDecisionStatement> createSamlv1AuthorizationDecisionStatement(
+            List<AuthDecisionStatementBean> decisionData)
+            throws org.opensaml.xml.security.SecurityException, WSSecurityException {
+        List<AuthorizationDecisionStatement> authDecisionStatements = new ArrayList();
+        if (authorizationDecisionStatementV1Builder == null) {
+            authorizationDecisionStatementV1Builder =
+                    (SAMLObjectBuilder<AuthorizationDecisionStatement>)
+                            builderFactory.getBuilder(AuthorizationDecisionStatement.DEFAULT_ELEMENT_NAME);
+
+        }
+
+        if (decisionData != null && decisionData.size() > 0) {
+            for (AuthDecisionStatementBean decisionStatementBean : decisionData) {
+                AuthorizationDecisionStatement authDecision =
+                        authorizationDecisionStatementV1Builder.buildObject();
+                Subject authDecisionSubject =
+                        SAML1ComponentBuilder.createSaml1v1Subject(decisionStatementBean.getSubject());
+                authDecision.setSubject(authDecisionSubject);
+
+                authDecision.setResource(decisionStatementBean.getResource());
+                authDecision.setDecision(transformDecisionType(decisionStatementBean.getDecision()));
+
+                for (ActionBean actionBean : decisionStatementBean.getActions()) {
+                    Action actionElement = createSamlv1Action(actionBean);
+                    authDecision.getActions().add(actionElement);
+                }
+                authDecisionStatements.add(authDecision);
+            }
+        }
+
+        return authDecisionStatements;
+    }
+
+    /**
+     * Create an Action object
+     *
+     * @param actionBean of type SamlAction
+     * @return an Action object
+     */
+    @SuppressWarnings("unchecked")
+    public static Action createSamlv1Action(ActionBean actionBean) {
+        if (actionElementV1Builder == null) {
+            actionElementV1Builder = (SAMLObjectBuilder<Action>)
+                    builderFactory.getBuilder(Action.DEFAULT_ELEMENT_NAME);
+        }
+
+        Action actionElement = actionElementV1Builder.buildObject();
+        actionElement.setNamespace(actionBean.getActionNamespace());
+        actionElement.setContents(actionBean.getContents());
+
+        return actionElement;
+    }
+
+    /**
+     * Transform a DecisionType
+     *
+     * @param decision of type Decision
+     * @return DecisionTypeEnumeration
+     */
+    private static DecisionTypeEnumeration transformDecisionType(
+            AuthDecisionStatementBean.Decision decision
+    ) {
+        DecisionTypeEnumeration decisionTypeEnum = DecisionTypeEnumeration.DENY;
+        if (decision.equals(AuthDecisionStatementBean.Decision.PERMIT)) {
+            decisionTypeEnum = DecisionTypeEnumeration.PERMIT;
+        } else if (decision.equals(AuthDecisionStatementBean.Decision.INDETERMINATE)) {
+            decisionTypeEnum = DecisionTypeEnumeration.INDETERMINATE;
+        }
+
+        return decisionTypeEnum;
+    }
+
+}

Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/saml/builder/SAML1ComponentBuilder.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision

Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/saml/builder/SAML1Constants.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/saml/builder/SAML1Constants.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/saml/builder/SAML1Constants.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/saml/builder/SAML1Constants.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,145 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.swssf.impl.saml.builder;
+
+
+/**
+ * Class SAML1Constants provides static constant definitions associated with
+ * the SAML v1.x specification.
+ * <p/>
+ * Created on May 18, 2009
+ */
+public class SAML1Constants {
+
+    //
+    // NAME ID FORMAT
+    //
+
+    public static final String NAMEID_FORMAT_UNSPECIFIED =
+            "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified";
+
+    public static final String NAMEID_FORMAT_EMAIL_ADDRESS =
+            "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress";
+
+    public static final String NAMEID_FORMAT_X509_SUBJECT_NAME =
+            "urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName";
+
+    public static final String NAMEID_FORMAT_WINDOWS_DQN =
+            "urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName";
+
+    //
+    // SUBJECT CONFIRMATION
+    // 
+
+    /**
+     * Assertion Bearer Confirmation Method Identifier
+     */
+    public final static String CONF_BEARER =
+            "urn:oasis:names:tc:SAML:1.0:cm:bearer";
+
+    /**
+     * Holder of Key Confirmation Method Identifier
+     */
+    public final static String CONF_HOLDER_KEY =
+            "urn:oasis:names:tc:SAML:1.0:cm:holder-of-key";
+
+    /**
+     * Sender Vouches Confirmation Method Identifier
+     */
+    public final static String CONF_SENDER_VOUCHES =
+            "urn:oasis:names:tc:SAML:1.0:cm:sender-vouches";
+
+    //
+    // AUTH METHOD
+    //
+
+    /**
+     * The authentication was performed by means of a password.
+     */
+    public static final String AUTH_METHOD_PASSWORD =
+            "urn:oasis:names:tc:SAML:1.0:am:password";
+
+    /**
+     * The authentication was performed by means of the Kerberos protocol [RFC 1510],
+     * an instantiation of the Needham-Schroeder symmetric key authentication mechanism [Needham78].
+     */
+    public static final String AUTH_METHOD_KERBEROS = "urn:ietf:rfc:1510";
+
+    /**
+     * The authentication was performed by means of Secure Remote Password protocol as specified in
+     * [RFC 2945].
+     */
+    public static final String AUTH_METHOD_SRP = "urn:ietf:rfc:2945";
+
+    /**
+     * The authentication was performed by means of an unspecified hardware token.
+     */
+    public static final String AUTH_METHOD_HARDWARE_TOKEN =
+            "urn:oasis:names:tc:SAML:1.0:am:HardwareToken";
+
+    /**
+     * The authentication was performed using either the SSL or TLS protocol with certificate
+     * based client authentication. TLS is described in [RFC 2246].
+     */
+    public static final String AUTH_METHOD_TLS_CLIENT = "urn:ietf:rfc:2246";
+
+    /**
+     * The authentication was performed by some (unspecified) mechanism on a key authenticated by
+     * means of an X.509 PKI [X.500][PKIX]. It may have been one of the mechanisms for which a more
+     * specific identifier has been defined.
+     */
+    public static final String AUTH_METHOD_X509 =
+            "urn:oasis:names:tc:SAML:1.0:am:X509-PKI";
+
+    /**
+     * The authentication was performed by some (unspecified) mechanism on a key authenticated by
+     * means of a PGP web of trust [PGP]. It may have been one of the mechanisms for which a more
+     * specific identifier has been defined.
+     */
+    public static final String AUTH_METHOD_PGP =
+            "urn:oasis:names:tc:SAML:1.0:am:PGP";
+
+    /**
+     * The authentication was performed by some (unspecified) mechanism on a key authenticated by
+     * means of a SPKI PKI [SPKI]. It may have been one of the mechanisms for which a more specific
+     * identifier has been defined.
+     */
+    public static final String AUTH_METHOD_SPKI =
+            "urn:oasis:names:tc:SAML:1.0:am:SPKI";
+
+    /**
+     * The authentication was performed by some (unspecified) mechanism on a key authenticated by
+     * means of a XKMS trust service [XKMS]. It may have been one of the mechanisms for which a more
+     * specific identifier has been defined.
+     */
+    public static final String AUTH_METHOD_XKMS =
+            "urn:oasis:names:tc:SAML:1.0:am:XKMS";
+
+    /**
+     * The authentication was performed by means of an XML digital signature [RFC 3075].
+     */
+    public static final String AUTH_METHOD_DSIG = "urn:ietf:rfc:3075";
+
+    /**
+     * The authentication was performed by an unspecified means.
+     */
+    public static final String AUTH_METHOD_UNSPECIFIED =
+            "urn:oasis:names:tc:SAML:1.0:am:unspecified";
+}

Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/saml/builder/SAML1Constants.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision

Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/saml/builder/SAML2ComponentBuilder.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/saml/builder/SAML2ComponentBuilder.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/saml/builder/SAML2ComponentBuilder.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/saml/builder/SAML2ComponentBuilder.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,562 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.swssf.impl.saml.builder;
+
+import org.joda.time.DateTime;
+import org.opensaml.Configuration;
+import org.opensaml.common.SAMLObjectBuilder;
+import org.opensaml.common.SAMLVersion;
+import org.opensaml.saml2.core.*;
+import org.opensaml.xml.XMLObjectBuilderFactory;
+import org.opensaml.xml.schema.XSString;
+import org.opensaml.xml.schema.impl.XSStringBuilder;
+import org.opensaml.xml.signature.KeyInfo;
+import org.swssf.ext.WSSecurityException;
+import org.swssf.impl.saml.bean.*;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.UUID;
+
+
+/**
+ * Class SAML2ComponentBuilder provides builder methods that can be used
+ * to construct SAML v2.0 statements using the OpenSaml library.
+ * <p/>
+ * Created on May 18, 2009
+ */
+public class SAML2ComponentBuilder {
+    private static SAMLObjectBuilder<Assertion> assertionBuilder;
+
+    private static SAMLObjectBuilder<Issuer> issuerBuilder;
+
+    private static SAMLObjectBuilder<Subject> subjectBuilder;
+
+    private static SAMLObjectBuilder<NameID> nameIdBuilder;
+
+    private static SAMLObjectBuilder<SubjectConfirmation> subjectConfirmationBuilder;
+
+    private static SAMLObjectBuilder<Conditions> conditionsBuilder;
+
+    private static SAMLObjectBuilder<SubjectConfirmationData> subjectConfirmationDataBuilder;
+
+    private static SAMLObjectBuilder<KeyInfoConfirmationDataType> keyInfoConfirmationDataBuilder;
+
+    private static SAMLObjectBuilder<AuthnStatement> authnStatementBuilder;
+
+    private static SAMLObjectBuilder<AuthnContext> authnContextBuilder;
+
+    private static SAMLObjectBuilder<AuthnContextClassRef> authnContextClassRefBuilder;
+
+    private static SAMLObjectBuilder<AttributeStatement> attributeStatementBuilder;
+
+    private static SAMLObjectBuilder<Attribute> attributeBuilder;
+
+    private static XSStringBuilder stringBuilder;
+
+    private static SAMLObjectBuilder<AudienceRestriction> audienceRestrictionBuilder;
+
+    private static SAMLObjectBuilder<Audience> audienceBuilder;
+
+    private static SAMLObjectBuilder<AuthzDecisionStatement> authorizationDecisionStatementBuilder;
+
+    private static SAMLObjectBuilder<Action> actionElementBuilder;
+
+    private static XMLObjectBuilderFactory builderFactory = Configuration.getBuilderFactory();
+
+    /**
+     * Create a SAML 2 assertion
+     *
+     * @return a SAML 2 assertion
+     */
+    @SuppressWarnings("unchecked")
+    public static Assertion createAssertion() {
+        if (assertionBuilder == null) {
+            assertionBuilder = (SAMLObjectBuilder<Assertion>)
+                    builderFactory.getBuilder(Assertion.DEFAULT_ELEMENT_NAME);
+            if (assertionBuilder == null) {
+                throw new IllegalStateException(
+                        "OpenSaml engine not initialized. Please make sure to initialize the OpenSaml engine "
+                                + "prior using it"
+                );
+            }
+        }
+        Assertion assertion =
+                assertionBuilder.buildObject(Assertion.DEFAULT_ELEMENT_NAME, Assertion.TYPE_NAME);
+        assertion.setID(UUID.randomUUID().toString());
+        assertion.setVersion(SAMLVersion.VERSION_20);
+        assertion.setIssueInstant(new DateTime());
+        return assertion;
+    }
+
+    /**
+     * Create an Issuer object
+     *
+     * @param issuerValue of type String
+     * @return an Issuer object
+     */
+    @SuppressWarnings("unchecked")
+    public static Issuer createIssuer(String issuerValue) {
+        if (issuerBuilder == null) {
+            issuerBuilder = (SAMLObjectBuilder<Issuer>)
+                    builderFactory.getBuilder(Issuer.DEFAULT_ELEMENT_NAME);
+
+        }
+        Issuer issuer = issuerBuilder.buildObject();
+        //
+        // The SAML authority that is making the claim(s) in the assertion. The issuer SHOULD 
+        // be unambiguous to the intended relying parties.
+        issuer.setValue(issuerValue);
+        return issuer;
+    }
+
+    /**
+     * Create a Conditions object
+     *
+     * @param conditionsBean A ConditionsBean object
+     * @return a Conditions object
+     */
+    @SuppressWarnings("unchecked")
+    public static Conditions createConditions(ConditionsBean conditionsBean) {
+        if (conditionsBuilder == null) {
+            conditionsBuilder = (SAMLObjectBuilder<Conditions>)
+                    builderFactory.getBuilder(Conditions.DEFAULT_ELEMENT_NAME);
+        }
+
+        Conditions conditions = conditionsBuilder.buildObject();
+
+        if (conditionsBean == null) {
+            DateTime newNotBefore = new DateTime();
+            conditions.setNotBefore(newNotBefore);
+            conditions.setNotOnOrAfter(newNotBefore.plusMinutes(5));
+            return conditions;
+        }
+
+        int tokenPeriodMinutes = conditionsBean.getTokenPeriodMinutes();
+        DateTime notBefore = conditionsBean.getNotBefore();
+        DateTime notAfter = conditionsBean.getNotAfter();
+
+        if (notBefore != null && notAfter != null) {
+            if (notBefore.isAfter(notAfter)) {
+                throw new IllegalStateException(
+                        "The value of notBefore may not be after the value of notAfter"
+                );
+            }
+            conditions.setNotBefore(notBefore);
+            conditions.setNotOnOrAfter(notAfter);
+        } else {
+            DateTime newNotBefore = new DateTime();
+            conditions.setNotBefore(newNotBefore);
+            conditions.setNotOnOrAfter(newNotBefore.plusMinutes(tokenPeriodMinutes));
+        }
+        return conditions;
+    }
+
+    /**
+     * Create an AudienceRestriction object
+     *
+     * @param audienceURI of type String
+     * @return an AudienceRestriction object
+     */
+    @SuppressWarnings("unchecked")
+    public static AudienceRestriction createAudienceRestriction(String audienceURI) {
+        if (audienceRestrictionBuilder == null) {
+            audienceRestrictionBuilder = (SAMLObjectBuilder<AudienceRestriction>)
+                    builderFactory.getBuilder(AudienceRestriction.DEFAULT_ELEMENT_NAME);
+        }
+        if (audienceBuilder == null) {
+            audienceBuilder = (SAMLObjectBuilder<Audience>)
+                    builderFactory.getBuilder(Audience.DEFAULT_ELEMENT_NAME);
+        }
+
+        AudienceRestriction audienceRestriction = audienceRestrictionBuilder.buildObject();
+        Audience audience = audienceBuilder.buildObject();
+        audience.setAudienceURI(audienceURI);
+        audienceRestriction.getAudiences().add(audience);
+        return audienceRestriction;
+    }
+
+    /**
+     * Create SAML 2 Authentication Statement(s).
+     *
+     * @param authBeans A list of AuthenticationStatementBean instances
+     * @return SAML 2 Authentication Statement(s).
+     */
+    @SuppressWarnings("unchecked")
+    public static List<AuthnStatement> createAuthnStatement(
+            List<AuthenticationStatementBean> authBeans
+    ) {
+        List<AuthnStatement> authnStatements = new ArrayList<AuthnStatement>();
+
+        if (authnStatementBuilder == null) {
+            authnStatementBuilder = (SAMLObjectBuilder<AuthnStatement>)
+                    builderFactory.getBuilder(AuthnStatement.DEFAULT_ELEMENT_NAME);
+        }
+        if (authnContextBuilder == null) {
+            authnContextBuilder = (SAMLObjectBuilder<AuthnContext>)
+                    builderFactory.getBuilder(AuthnContext.DEFAULT_ELEMENT_NAME);
+        }
+        if (authnContextClassRefBuilder == null) {
+            authnContextClassRefBuilder = (SAMLObjectBuilder<AuthnContextClassRef>)
+                    builderFactory.getBuilder(AuthnContextClassRef.DEFAULT_ELEMENT_NAME);
+        }
+
+
+        if (authBeans != null && authBeans.size() > 0) {
+            for (AuthenticationStatementBean statementBean : authBeans) {
+                AuthnStatement authnStatement = authnStatementBuilder.buildObject();
+                authnStatement.setAuthnInstant(statementBean.getAuthenticationInstant());
+                //authnStatement.setSessionIndex("b07b804c-7c29-ea16-7300-4f3d6f7928ac");
+
+                AuthnContextClassRef authnContextClassRef = authnContextClassRefBuilder.buildObject();
+                authnContextClassRef.setAuthnContextClassRef(
+                        transformAuthenticationMethod(statementBean.getAuthenticationMethod())
+                );
+                AuthnContext authnContext = authnContextBuilder.buildObject();
+                authnContext.setAuthnContextClassRef(authnContextClassRef);
+                authnStatement.setAuthnContext(authnContext);
+
+                authnStatements.add(authnStatement);
+            }
+        }
+
+        return authnStatements;
+    }
+
+    /**
+     * Transform the user-supplied authentication method value into one of the supported
+     * specification-compliant values.
+     * NOTE: Only "Password" is supported at this time.
+     *
+     * @param sourceMethod of type String
+     * @return String
+     */
+    private static String transformAuthenticationMethod(String sourceMethod) {
+        String transformedMethod = "";
+
+        if ("Password".equalsIgnoreCase(sourceMethod)) {
+            transformedMethod = SAML2Constants.AUTH_CONTEXT_CLASS_REF_PASSWORD;
+        }
+
+        return transformedMethod;
+    }
+
+    /**
+     * Create a SAML2 Attribute
+     *
+     * @param friendlyName of type String
+     * @param name         of type String
+     * @param values       of type ArrayList
+     * @return a SAML2 Attribute
+     */
+    public static Attribute createAttribute(String friendlyName, String name, List<String> values) {
+        if (stringBuilder == null) {
+            stringBuilder = (XSStringBuilder) builderFactory.getBuilder(XSString.TYPE_NAME);
+        }
+        Attribute attribute = createAttribute(friendlyName, name);
+        for (String value : values) {
+            XSString attributeValue =
+                    stringBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
+            attributeValue.setValue(value);
+            attribute.getAttributeValues().add(attributeValue);
+        }
+
+        return attribute;
+    }
+
+    /**
+     * Create a Subject.
+     *
+     * @param subjectBean of type SubjectBean
+     * @return a Subject
+     */
+    @SuppressWarnings("unchecked")
+    public static Subject createSaml2Subject(SubjectBean subjectBean)
+            throws org.opensaml.xml.security.SecurityException, WSSecurityException {
+        if (subjectBuilder == null) {
+            subjectBuilder = (SAMLObjectBuilder<Subject>)
+                    builderFactory.getBuilder(Subject.DEFAULT_ELEMENT_NAME);
+        }
+        Subject subject = subjectBuilder.buildObject();
+
+        NameID nameID = SAML2ComponentBuilder.createNameID(subjectBean);
+        subject.setNameID(nameID);
+
+        SubjectConfirmationData subjectConfData =
+                SAML2ComponentBuilder.createSubjectConfirmationData(
+                        null,
+                        null,
+                        null,
+                        subjectBean.getKeyInfo()
+                );
+
+        String confirmationMethodStr = subjectBean.getSubjectConfirmationMethod();
+        if (confirmationMethodStr == null) {
+            confirmationMethodStr = SAML2Constants.CONF_SENDER_VOUCHES;
+        }
+        SubjectConfirmation subjectConfirmation =
+                SAML2ComponentBuilder.createSubjectConfirmation(
+                        confirmationMethodStr, subjectConfData
+                );
+
+        subject.getSubjectConfirmations().add(subjectConfirmation);
+        return subject;
+    }
+
+    /**
+     * Create a SubjectConfirmationData object
+     *
+     * @param inResponseTo of type String
+     * @param recipient    of type String
+     * @param notOnOrAfter of type DateTime
+     * @param keyInfoBean  of type KeyInfoBean
+     * @return a SubjectConfirmationData object
+     */
+    @SuppressWarnings("unchecked")
+    public static SubjectConfirmationData createSubjectConfirmationData(
+            String inResponseTo,
+            String recipient,
+            DateTime notOnOrAfter,
+            KeyInfoBean keyInfoBean
+    ) throws org.opensaml.xml.security.SecurityException, WSSecurityException {
+        SubjectConfirmationData subjectConfirmationData = null;
+        KeyInfo keyInfo = null;
+        if (keyInfoBean == null) {
+            if (subjectConfirmationDataBuilder == null) {
+                subjectConfirmationDataBuilder = (SAMLObjectBuilder<SubjectConfirmationData>)
+                        builderFactory.getBuilder(SubjectConfirmationData.DEFAULT_ELEMENT_NAME);
+            }
+            subjectConfirmationData = subjectConfirmationDataBuilder.buildObject();
+        } else {
+            if (keyInfoConfirmationDataBuilder == null) {
+                keyInfoConfirmationDataBuilder = (SAMLObjectBuilder<KeyInfoConfirmationDataType>)
+                        builderFactory.getBuilder(KeyInfoConfirmationDataType.TYPE_NAME);
+            }
+            subjectConfirmationData = keyInfoConfirmationDataBuilder.buildObject();
+            keyInfo = SAML1ComponentBuilder.createKeyInfo(keyInfoBean);
+            ((KeyInfoConfirmationDataType) subjectConfirmationData).getKeyInfos().add(keyInfo);
+        }
+
+        if (inResponseTo != null) {
+            subjectConfirmationData.setInResponseTo(inResponseTo);
+        }
+        if (recipient != null) {
+            subjectConfirmationData.setRecipient(recipient);
+        }
+        if (notOnOrAfter != null) {
+            subjectConfirmationData.setNotOnOrAfter(notOnOrAfter);
+        }
+
+        return subjectConfirmationData;
+    }
+
+    /**
+     * Create a SubjectConfirmation object
+     * One of the following subject confirmation methods MUST be used:
+     * urn:oasis:names:tc:SAML:2.0:cm:holder-of-key
+     * urn:oasis:names:tc:SAML:2.0:cm:sender-vouches
+     * urn:oasis:names:tc:SAML:2.0:cm:bearer
+     *
+     * @param method                  of type String
+     * @param subjectConfirmationData of type SubjectConfirmationData
+     * @return a SubjectConfirmation object
+     */
+    @SuppressWarnings("unchecked")
+    public static SubjectConfirmation createSubjectConfirmation(
+            String method,
+            SubjectConfirmationData subjectConfirmationData
+    ) {
+        if (subjectConfirmationBuilder == null) {
+            subjectConfirmationBuilder = (SAMLObjectBuilder<SubjectConfirmation>)
+                    builderFactory.getBuilder(SubjectConfirmation.DEFAULT_ELEMENT_NAME);
+        }
+
+        SubjectConfirmation subjectConfirmation = subjectConfirmationBuilder.buildObject();
+        subjectConfirmation.setMethod(method);
+        subjectConfirmation.setSubjectConfirmationData(subjectConfirmationData);
+        return subjectConfirmation;
+    }
+
+    /**
+     * Create a NameID object
+     * One of the following formats MUST be used:
+     * urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
+     * urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
+     * urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName
+     * urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName
+     * urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos
+     * urn:oasis:names:tc:SAML:2.0:nameid-format:entity
+     * urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
+     * urn:oasis:names:tc:SAML:2.0:nameid-format:transient
+     *
+     * @param subject A SubjectBean instance
+     * @return NameID
+     */
+    @SuppressWarnings("unchecked")
+    public static NameID createNameID(SubjectBean subject) {
+        if (nameIdBuilder == null) {
+            nameIdBuilder = (SAMLObjectBuilder<NameID>)
+                    builderFactory.getBuilder(NameID.DEFAULT_ELEMENT_NAME);
+        }
+        NameID nameID = nameIdBuilder.buildObject();
+        nameID.setNameQualifier(subject.getSubjectNameQualifier());
+        nameID.setFormat(NameID.UNSPECIFIED);
+        nameID.setValue(subject.getSubjectName());
+        return nameID;
+    }
+
+
+    /**
+     * Create SAML2 Attribute Statement(s)
+     *
+     * @param attributeData A list of AttributeStatementBean instances
+     * @return SAML2 Attribute Statement(s)
+     */
+    @SuppressWarnings("unchecked")
+    public static List<AttributeStatement> createAttributeStatement(
+            List<AttributeStatementBean> attributeData
+    ) {
+        List<AttributeStatement> attributeStatements = new ArrayList<AttributeStatement>();
+        if (attributeStatementBuilder == null) {
+            attributeStatementBuilder = (SAMLObjectBuilder<AttributeStatement>)
+                    builderFactory.getBuilder(AttributeStatement.DEFAULT_ELEMENT_NAME);
+        }
+
+        if (attributeData != null && attributeData.size() > 0) {
+            for (AttributeStatementBean statementBean : attributeData) {
+                AttributeStatement attributeStatement = attributeStatementBuilder.buildObject();
+                for (AttributeBean values : statementBean.getSamlAttributes()) {
+                    Attribute samlAttribute =
+                            createAttribute(
+                                    values.getSimpleName(),
+                                    values.getQualifiedName(),
+                                    values.getAttributeValues()
+                            );
+                    attributeStatement.getAttributes().add(samlAttribute);
+                }
+                // Add the completed attribute statementBean to the collection
+                attributeStatements.add(attributeStatement);
+            }
+        }
+
+        return attributeStatements;
+    }
+
+    /**
+     * Create an Attribute object. The name format is of type:
+     * urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified
+     * urn:oasis:names:tc:SAML:2.0:attrname-format:uri
+     * urn:oasis:names:tc:SAML:2.0:attrname-format:basic
+     *
+     * @param friendlyName of type String
+     * @param name         of type String
+     * @return an Attribute object
+     */
+    @SuppressWarnings("unchecked")
+    public static Attribute createAttribute(String friendlyName, String name) {
+        if (attributeBuilder == null) {
+            attributeBuilder = (SAMLObjectBuilder<Attribute>)
+                    builderFactory.getBuilder(Attribute.DEFAULT_ELEMENT_NAME);
+        }
+
+        Attribute attribute = attributeBuilder.buildObject();
+        attribute.setFriendlyName(friendlyName);
+        attribute.setNameFormat(SAML2Constants.ATTRNAME_FORMAT_URI);
+        attribute.setName(name);
+        return attribute;
+    }
+
+    /**
+     * Create SAML2 AuthorizationDecisionStatement(s)
+     *
+     * @param decisionData A list of AuthDecisionStatementBean instances
+     * @return SAML2 AuthorizationDecisionStatement(s)
+     */
+    @SuppressWarnings("unchecked")
+    public static List<AuthzDecisionStatement> createAuthorizationDecisionStatement(
+            List<AuthDecisionStatementBean> decisionData
+    ) {
+        List<AuthzDecisionStatement> authDecisionStatements = new ArrayList();
+        if (authorizationDecisionStatementBuilder == null) {
+            authorizationDecisionStatementBuilder =
+                    (SAMLObjectBuilder<AuthzDecisionStatement>)
+                            builderFactory.getBuilder(AuthzDecisionStatement.DEFAULT_ELEMENT_NAME);
+        }
+
+        if (decisionData != null && decisionData.size() > 0) {
+            for (AuthDecisionStatementBean decisionStatementBean : decisionData) {
+                AuthzDecisionStatement authDecision =
+                        authorizationDecisionStatementBuilder.buildObject();
+                authDecision.setResource(decisionStatementBean.getResource());
+                authDecision.setDecision(
+                        transformDecisionType(decisionStatementBean.getDecision())
+                );
+
+                for (ActionBean actionBean : decisionStatementBean.getActions()) {
+                    Action actionElement = createSamlAction(actionBean);
+                    authDecision.getActions().add(actionElement);
+                }
+                authDecisionStatements.add(authDecision);
+            }
+        }
+
+        return authDecisionStatements;
+    }
+
+
+    /**
+     * Create an Action object
+     *
+     * @param actionBean An ActionBean instance
+     * @return an Action object
+     */
+    @SuppressWarnings("unchecked")
+    public static Action createSamlAction(ActionBean actionBean) {
+        if (actionElementBuilder == null) {
+            actionElementBuilder = (SAMLObjectBuilder<Action>)
+                    builderFactory.getBuilder(Action.DEFAULT_ELEMENT_NAME);
+        }
+        Action actionElement = actionElementBuilder.buildObject();
+        actionElement.setNamespace(actionBean.getActionNamespace());
+        actionElement.setAction(actionBean.getContents());
+
+        return actionElement;
+    }
+
+    /**
+     * Create a DecisionTypeEnumeration object
+     *
+     * @param decision of type Decision
+     * @return a DecisionTypeEnumeration object
+     */
+    private static DecisionTypeEnumeration transformDecisionType(
+            AuthDecisionStatementBean.Decision decision
+    ) {
+        DecisionTypeEnumeration decisionTypeEnum = DecisionTypeEnumeration.DENY;
+        if (decision.equals(AuthDecisionStatementBean.Decision.PERMIT)) {
+            decisionTypeEnum = DecisionTypeEnumeration.PERMIT;
+        } else if (decision.equals(AuthDecisionStatementBean.Decision.INDETERMINATE)) {
+            decisionTypeEnum = DecisionTypeEnumeration.INDETERMINATE;
+        }
+
+        return decisionTypeEnum;
+    }
+
+}

Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/saml/builder/SAML2ComponentBuilder.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision

Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/saml/builder/SAML2Constants.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/saml/builder/SAML2Constants.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/saml/builder/SAML2Constants.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/saml/builder/SAML2Constants.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,162 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.swssf.impl.saml.builder;
+
+
+/**
+ * Class SAML2Constants provides static constant definitions associated with
+ * the SAML v2.x specification.
+ * <p/>
+ * Created on May 18, 2009
+ */
+public class SAML2Constants {
+    //
+    // NAME ID FORMAT
+    //
+
+    public static final String NAMEID_FORMAT_UNSPECIFIED =
+            "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified";
+
+    public static final String NAMEID_FORMAT_EMAIL_ADDRESS =
+            "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress";
+
+    public static final String NAMEID_FORMAT_X509_SUBJECT_NAME =
+            "urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName";
+
+    public static final String NAMEID_FORMAT_WINDOWS_DQN =
+            "urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName";
+
+    public static final String NAMEID_FORMAT_KERBEROS =
+            "urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos";
+
+    public static final String NAMEID_FORMAT_ENTITY =
+            "urn:oasis:names:tc:SAML:2.0:nameid-format:entity";
+
+    public static final String NAMEID_FORMAT_PERSISTENT =
+            "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent";
+
+    public static final String NAMEID_FORMAT_TRANSIENT =
+            "urn:oasis:names:tc:SAML:2.0:nameid-format:transient";
+
+    //
+    // SUBJECT CONFIRMATION
+    //
+
+    public static final String CONF_BEARER =
+            "urn:oasis:names:tc:SAML:2.0:cm:bearer";
+
+    public static final String CONF_HOLDER_KEY =
+            "urn:oasis:names:tc:SAML:2.0:cm:holder-of-key";
+
+    public static final String CONF_SENDER_VOUCHES =
+            "urn:oasis:names:tc:SAML:2.0:cm:sender-vouches";
+
+    //
+    // AUTH CONTEXT CLASS REF
+    //
+
+    public static final String AUTH_CONTEXT_CLASS_REF_INTERNET_PROTOCOL =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocol";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_INTERNET_PROTOCOL_PASSWORD =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_KERBEROS =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:Kerberos";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_MOBILE_ONE_FACTOR_UNREGISTERED =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:MobileOneFactorUnregistered";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_MOBILE_TWO_FACTOR_UNREGISTERED =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorUnregistered";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_MOBILE_ONE_FACTOR_CONTRACT =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:MobileOneFactorContract";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_MOBILE_TWO_FACTOR_CONTRACT =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_PASSWORD =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:Password";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_PASSWORD_PROTECTED_TRANSPORT =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_PREVIOUS_SESSION =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:PreviousSession";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_X509 =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:X509";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_PGP =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:PGP";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_SPKI =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:SPKI";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_XMLDSIG =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:XMLDSig";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_SMARTCARD =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:Smartcard";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_SMARTCARD_PKI =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:SmartcardPKI";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_SOFTWARE_PKI =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:SoftwarePKI";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_TELEPHONY =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:Telephony";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_NOMAD_TELEPHONY =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:NomadTelephony";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_PERSONAL_TELEPHONY =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:PersonalTelephony";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_AUTHENTICATED_TELEPHONY =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:AuthenticatedTelephony";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_SECURED_REMOTE_PASSWORD =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:SecureRemotePassword";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_TLS_CLIENT =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_TIME_SYNC_TOKEN =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_UNSPECIFIED =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified";
+
+    //
+    // ATTRIBUTE NAME FORMAT
+    //
+
+    public static final String ATTRNAME_FORMAT_UNSPECIFIED =
+            "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified";
+
+    public static final String ATTRNAME_FORMAT_URI =
+            "urn:oasis:names:tc:SAML:2.0:attrname-format:uri";
+
+    public static final String ATTRNAME_FORMAT_BASIC =
+            "urn:oasis:names:tc:SAML:2.0:attrname-format:basic";
+}

Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/saml/builder/SAML2Constants.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision

Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/securityToken/AbstractAlgorithmSuiteSecurityEventFiringSecurityToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/securityToken/AbstractAlgorithmSuiteSecurityEventFiringSecurityToken.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/securityToken/AbstractAlgorithmSuiteSecurityEventFiringSecurityToken.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/securityToken/AbstractAlgorithmSuiteSecurityEventFiringSecurityToken.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,78 @@
+ /**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.impl.securityToken;
+
+import org.swssf.crypto.Crypto;
+import org.swssf.ext.Constants;
+import org.swssf.ext.SecurityContext;
+import org.swssf.ext.WSSecurityException;
+import org.swssf.securityEvent.AlgorithmSuiteSecurityEvent;
+import org.swssf.securityEvent.SecurityEvent;
+
+import javax.security.auth.callback.CallbackHandler;
+import java.security.Key;
+import java.security.PublicKey;
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public abstract class AbstractAlgorithmSuiteSecurityEventFiringSecurityToken extends AbstractSecurityToken {
+
+    private boolean fireSecretKeySecurityEvent = true;
+    private boolean firePublicKeySecurityEvent = true;
+    private Map<String, Constants.KeyUsage> firedSecretKeyAlgorithmEvents = new HashMap<String, Constants.KeyUsage>();
+
+    private SecurityContext securityContext;
+
+    public AbstractAlgorithmSuiteSecurityEventFiringSecurityToken(SecurityContext securityContext, Crypto crypto, CallbackHandler callbackHandler, String id, Object processor) {
+        super(crypto, callbackHandler, id, processor);
+        this.securityContext = securityContext;
+    }
+
+    public AbstractAlgorithmSuiteSecurityEventFiringSecurityToken(SecurityContext securityContext, String id, Object processor) {
+        super(null, null, id, processor);
+        this.securityContext = securityContext;
+    }
+
+    public AbstractAlgorithmSuiteSecurityEventFiringSecurityToken(SecurityContext securityContext, String id) {
+        super(id);
+        this.securityContext = securityContext;
+    }
+
+    public Key getSecretKey(String algorithmURI, Constants.KeyUsage keyUsage) throws WSSecurityException {
+        if (fireSecretKeySecurityEvent) {
+            Constants.KeyUsage firedKeyUsage = firedSecretKeyAlgorithmEvents.get(algorithmURI);
+            if (keyUsage == null || firedKeyUsage != keyUsage) {
+                AlgorithmSuiteSecurityEvent algorithmSuiteSecurityEvent = new AlgorithmSuiteSecurityEvent(SecurityEvent.Event.AlgorithmSuite);
+                algorithmSuiteSecurityEvent.setAlgorithmURI(algorithmURI);
+                algorithmSuiteSecurityEvent.setKeyUsage(keyUsage);
+                securityContext.registerSecurityEvent(algorithmSuiteSecurityEvent);
+                firedSecretKeyAlgorithmEvents.put(algorithmURI, keyUsage);
+            }
+        }
+        return null;
+    }
+
+    public PublicKey getPublicKey(Constants.KeyUsage keyUsage) throws WSSecurityException {
+        return null;
+    }
+}

Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/securityToken/AbstractSecurityToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/securityToken/AbstractSecurityToken.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/securityToken/AbstractSecurityToken.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/securityToken/AbstractSecurityToken.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,72 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.impl.securityToken;
+
+import org.swssf.crypto.Crypto;
+import org.swssf.ext.SecurityToken;
+import org.swssf.ext.WSSecurityException;
+
+import javax.security.auth.callback.CallbackHandler;
+import java.security.cert.X509Certificate;
+
+/**
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public abstract class AbstractSecurityToken implements SecurityToken {
+
+    private Crypto crypto;
+    private CallbackHandler callbackHandler;
+    private String id;
+    private Object processor;
+
+    AbstractSecurityToken(Crypto crypto, CallbackHandler callbackHandler, String id, Object processor) {
+        this.crypto = crypto;
+        this.callbackHandler = callbackHandler;
+        this.id = id;
+        this.processor = processor;
+    }
+
+    AbstractSecurityToken(String id) {
+        this.id = id;
+    }
+
+    public String getId() {
+        return this.id;
+    }
+
+    public Object getProcessor() {
+        return processor;
+    }
+
+    public Crypto getCrypto() {
+        return crypto;
+    }
+
+    public CallbackHandler getCallbackHandler() {
+        return callbackHandler;
+    }
+
+    public X509Certificate[] getX509Certificates() throws WSSecurityException {
+        return null;
+    }
+
+    public void verify() throws WSSecurityException {
+    }
+}

Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/securityToken/AbstractSecurityToken.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision

Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/securityToken/DelegatingSecurityToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/securityToken/DelegatingSecurityToken.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/securityToken/DelegatingSecurityToken.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/securityToken/DelegatingSecurityToken.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,93 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.impl.securityToken;
+
+import org.swssf.ext.Constants;
+import org.swssf.ext.SecurityToken;
+import org.swssf.ext.WSSecurityException;
+
+import java.security.Key;
+import java.security.PublicKey;
+import java.security.cert.X509Certificate;
+
+/**
+ * This class wraps a SecurityToken and allows the token KeyIdentifierType to
+ * be set differently by its actual usage
+ *
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public class DelegatingSecurityToken implements SecurityToken {
+
+    private Constants.KeyIdentifierType keyIdentifierType;
+    private SecurityToken securityToken;
+
+    public DelegatingSecurityToken(Constants.KeyIdentifierType keyIdentifierType, SecurityToken securityToken) {
+        this.keyIdentifierType = keyIdentifierType;
+        this.securityToken = securityToken;
+    }
+
+    public Constants.KeyIdentifierType getKeyIdentifierType() {
+        return keyIdentifierType;
+    }
+
+    public SecurityToken getDelegatedSecurityToken() {
+        return securityToken;
+    }
+
+    public String getId() {
+        return securityToken.getId();
+    }
+
+    public Object getProcessor() {
+        return securityToken.getProcessor();
+    }
+
+    public boolean isAsymmetric() {
+        return securityToken.isAsymmetric();
+    }
+
+    public Key getSecretKey(String algorithmURI, Constants.KeyUsage keyUsage) throws WSSecurityException {
+        return securityToken.getSecretKey(algorithmURI, keyUsage);
+    }
+
+    public PublicKey getPublicKey(Constants.KeyUsage keyUsage) throws WSSecurityException {
+        return securityToken.getPublicKey(keyUsage);
+    }
+
+    public X509Certificate[] getX509Certificates() throws WSSecurityException {
+        return securityToken.getX509Certificates();
+    }
+
+    public void verify() throws WSSecurityException {
+        securityToken.verify();
+    }
+
+    public SecurityToken getKeyWrappingToken() {
+        return securityToken.getKeyWrappingToken();
+    }
+
+    public String getKeyWrappingTokenAlgorithm() {
+        return securityToken.getKeyWrappingTokenAlgorithm();
+    }
+
+    public Constants.TokenType getTokenType() {
+        return securityToken.getTokenType();
+    }
+}

Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/securityToken/HttpsSecurityToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/securityToken/HttpsSecurityToken.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/securityToken/HttpsSecurityToken.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/securityToken/HttpsSecurityToken.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,92 @@
+ /**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.impl.securityToken;
+
+import org.swssf.ext.Constants;
+import org.swssf.ext.SecurityToken;
+import org.swssf.ext.WSSecurityException;
+
+import java.security.Key;
+import java.security.PublicKey;
+import java.security.cert.X509Certificate;
+import java.util.UUID;
+
+/**
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public class HttpsSecurityToken extends AbstractSecurityToken {
+
+    private X509Certificate x509Certificate;
+    private String username;
+    private AuthenticationType authenticationType;
+
+    private enum AuthenticationType {
+        httpsClientAuthentication,
+        httpBasicAuthentication,
+        httpDigestAuthentication,
+    }
+
+    public HttpsSecurityToken(X509Certificate x509Certificate) throws WSSecurityException {
+        super(null, null, UUID.randomUUID().toString(), null);
+        this.x509Certificate = x509Certificate;
+        this.authenticationType = AuthenticationType.httpsClientAuthentication;
+    }
+
+    public HttpsSecurityToken(boolean basicAuthentication, String username) throws WSSecurityException {
+        super(null, null, UUID.randomUUID().toString(), null);
+        if (basicAuthentication) {
+            this.authenticationType = AuthenticationType.httpBasicAuthentication;
+        } else {
+            this.authenticationType = AuthenticationType.httpDigestAuthentication;
+        }
+        this.username = username;
+    }
+
+    public X509Certificate[] getX509Certificates() throws WSSecurityException {
+        return new X509Certificate[]{this.x509Certificate};
+    }
+
+    public boolean isAsymmetric() {
+        return true;
+    }
+
+    public Key getSecretKey(String algorithmURI, Constants.KeyUsage keyUsage) throws WSSecurityException {
+        return null;
+    }
+
+    public PublicKey getPublicKey(Constants.KeyUsage keyUsage) throws WSSecurityException {
+        if (x509Certificate != null) {
+            return x509Certificate.getPublicKey();
+        }
+        return null;
+    }
+
+    public SecurityToken getKeyWrappingToken() {
+        return null;
+    }
+
+    public String getKeyWrappingTokenAlgorithm() {
+        return null;
+    }
+
+    public Constants.TokenType getTokenType() {
+        return Constants.TokenType.HttpsToken;
+    }
+}

Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/securityToken/ProcessorInfoSecurityToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/securityToken/ProcessorInfoSecurityToken.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/securityToken/ProcessorInfoSecurityToken.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/securityToken/ProcessorInfoSecurityToken.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,31 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.impl.securityToken;
+
+import org.swssf.ext.OutputProcessor;
+import org.swssf.ext.SecurityToken;
+
+/**
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public interface ProcessorInfoSecurityToken extends SecurityToken {
+
+    public void setProcessor(OutputProcessor outputProcessor);
+}

Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/impl/securityToken/ProcessorInfoSecurityToken.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision



Mime
View raw message