0001: /*
0002: * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
0003: *
0004: * Copyright 1997-2007 Sun Microsystems, Inc. All rights reserved.
0005: *
0006: * The contents of this file are subject to the terms of either the GNU
0007: * General Public License Version 2 only ("GPL") or the Common
0008: * Development and Distribution License("CDDL") (collectively, the
0009: * "License"). You may not use this file except in compliance with the
0010: * License. You can obtain a copy of the License at
0011: * http://www.netbeans.org/cddl-gplv2.html
0012: * or nbbuild/licenses/CDDL-GPL-2-CP. See the License for the
0013: * specific language governing permissions and limitations under the
0014: * License. When distributing the software, include this License Header
0015: * Notice in each file and include the License file at
0016: * nbbuild/licenses/CDDL-GPL-2-CP. Sun designates this
0017: * particular file as subject to the "Classpath" exception as provided
0018: * by Sun in the GPL Version 2 section of the License file that
0019: * accompanied this code. If applicable, add the following below the
0020: * License Header, with the fields enclosed by brackets [] replaced by
0021: * your own identifying information:
0022: * "Portions Copyrighted [year] [name of copyright owner]"
0023: *
0024: * Contributor(s):
0025: *
0026: * The Original Software is NetBeans. The Initial Developer of the Original
0027: * Software is Sun Microsystems, Inc. Portions Copyright 2006 Sun
0028: * Microsystems, Inc. All Rights Reserved.
0029: *
0030: * If you wish your version of this file to be governed by only the CDDL
0031: * or only the GPL Version 2, indicate your decision by adding
0032: * "[Contributor] elects to include this software in this distribution
0033: * under the [CDDL or GPL Version 2] license." If you do not indicate a
0034: * single choice of license, a recipient has the option to distribute
0035: * your version of this file under either the CDDL, the GPL Version 2 or
0036: * to extend the choice of license to its licensees as provided above.
0037: * However, if you add GPL Version 2 code and therefore, elected the GPL
0038: * Version 2 license, then the option applies only if the new code is
0039: * made subject to such option by the copyright holder.
0040: */
0041:
0042: package org.netbeans.modules.websvc.wsitconf.wsdlmodelext;
0043:
0044: import java.util.ArrayList;
0045: import java.util.List;
0046: import org.netbeans.modules.websvc.wsitconf.ui.ComboConstants;
0047: import org.netbeans.modules.websvc.wsitmodelext.addressing.Address10;
0048: import org.netbeans.modules.websvc.wsitmodelext.addressing.Addressing10Metadata;
0049: import org.netbeans.modules.websvc.wsitmodelext.addressing.Addressing10QName;
0050: import org.netbeans.modules.websvc.wsitmodelext.mex.Metadata;
0051: import org.netbeans.modules.websvc.wsitmodelext.mex.MetadataReference;
0052: import org.netbeans.modules.websvc.wsitmodelext.mex.MetadataSection;
0053: import org.netbeans.modules.websvc.wsitmodelext.mex.MexQName;
0054: import org.netbeans.modules.websvc.wsitmodelext.policy.Policy;
0055: import org.netbeans.modules.websvc.wsitmodelext.policy.PolicyQName;
0056: import org.netbeans.modules.websvc.wsitmodelext.security.RequestSecurityTokenTemplate;
0057: import org.netbeans.modules.websvc.wsitmodelext.security.SecurityPolicyQName;
0058: import org.netbeans.modules.websvc.wsitmodelext.security.tokens.TransportToken;
0059: import org.netbeans.modules.websvc.wsitmodelext.security.tokens.WssGssKerberosV5ApReqToken11;
0060: import org.netbeans.modules.websvc.wsitmodelext.security.tokens.WssKerberosV5ApReqToken11;
0061: import org.netbeans.modules.websvc.wsitmodelext.security.tokens.WssSamlV10Token10;
0062: import org.netbeans.modules.websvc.wsitmodelext.trust.KeySize;
0063: import org.netbeans.modules.websvc.wsitmodelext.trust.KeyType;
0064: import org.netbeans.modules.websvc.wsitmodelext.trust.TokenType;
0065: import org.netbeans.modules.websvc.wsitmodelext.trust.TrustQName;
0066: import org.netbeans.modules.websvc.wsitmodelext.security.tokens.EncryptionToken;
0067: import org.netbeans.modules.websvc.wsitmodelext.security.tokens.EndorsingSupportingTokens;
0068: import org.netbeans.modules.websvc.wsitmodelext.security.tokens.HttpsToken;
0069: import org.netbeans.modules.websvc.wsitmodelext.security.tokens.InitiatorToken;
0070: import org.netbeans.modules.websvc.wsitmodelext.security.tokens.IssuedToken;
0071: import org.netbeans.modules.websvc.wsitmodelext.security.tokens.Issuer;
0072: import org.netbeans.modules.websvc.wsitmodelext.security.tokens.KerberosToken;
0073: import org.netbeans.modules.websvc.wsitmodelext.security.tokens.ProtectionToken;
0074: import org.netbeans.modules.websvc.wsitmodelext.security.tokens.RecipientToken;
0075: import org.netbeans.modules.websvc.wsitmodelext.security.tokens.RelToken;
0076: import org.netbeans.modules.websvc.wsitmodelext.security.tokens.SamlToken;
0077: import org.netbeans.modules.websvc.wsitmodelext.security.tokens.SecureConversationToken;
0078: import org.netbeans.modules.websvc.wsitmodelext.security.tokens.SecurityContextToken;
0079: import org.netbeans.modules.websvc.wsitmodelext.security.tokens.SignatureToken;
0080: import org.netbeans.modules.websvc.wsitmodelext.security.tokens.SignedEndorsingSupportingTokens;
0081: import org.netbeans.modules.websvc.wsitmodelext.security.tokens.SignedSupportingTokens;
0082: import org.netbeans.modules.websvc.wsitmodelext.security.tokens.SupportingTokens;
0083: import org.netbeans.modules.websvc.wsitmodelext.security.tokens.TokensQName;
0084: import org.netbeans.modules.websvc.wsitmodelext.security.tokens.UsernameToken;
0085: import org.netbeans.modules.websvc.wsitmodelext.security.tokens.WssSamlV10Token11;
0086: import org.netbeans.modules.websvc.wsitmodelext.security.tokens.WssSamlV11Token10;
0087: import org.netbeans.modules.websvc.wsitmodelext.security.tokens.WssSamlV11Token11;
0088: import org.netbeans.modules.websvc.wsitmodelext.security.tokens.WssSamlV20Token11;
0089: import org.netbeans.modules.websvc.wsitmodelext.security.tokens.WssUsernameToken10;
0090: import org.netbeans.modules.websvc.wsitmodelext.security.tokens.WssUsernameToken11;
0091: import org.netbeans.modules.websvc.wsitmodelext.security.tokens.WssX509Pkcs7Token10;
0092: import org.netbeans.modules.websvc.wsitmodelext.security.tokens.WssX509Pkcs7Token11;
0093: import org.netbeans.modules.websvc.wsitmodelext.security.tokens.WssX509PkiPathV1Token10;
0094: import org.netbeans.modules.websvc.wsitmodelext.security.tokens.WssX509PkiPathV1Token11;
0095: import org.netbeans.modules.websvc.wsitmodelext.security.tokens.WssX509V1Token10;
0096: import org.netbeans.modules.websvc.wsitmodelext.security.tokens.WssX509V1Token11;
0097: import org.netbeans.modules.websvc.wsitmodelext.security.tokens.WssX509V3Token10;
0098: import org.netbeans.modules.websvc.wsitmodelext.security.tokens.WssX509V3Token11;
0099: import org.netbeans.modules.websvc.wsitmodelext.security.tokens.X509Token;
0100: import org.netbeans.modules.xml.wsdl.model.Binding;
0101: import org.netbeans.modules.xml.wsdl.model.BindingFault;
0102: import org.netbeans.modules.xml.wsdl.model.BindingInput;
0103: import org.netbeans.modules.xml.wsdl.model.BindingOperation;
0104: import org.netbeans.modules.xml.wsdl.model.BindingOutput;
0105: import org.netbeans.modules.xml.wsdl.model.ExtensibilityElement;
0106: import org.netbeans.modules.xml.wsdl.model.WSDLComponent;
0107: import org.netbeans.modules.xml.wsdl.model.WSDLComponentFactory;
0108: import org.netbeans.modules.xml.wsdl.model.WSDLModel;
0109: import org.openide.util.NbBundle;
0110:
0111: /**
0112: *
0113: * @author Martin Grebac
0114: */
0115: public class SecurityTokensModelHelper {
0116:
0117: public static final int SUPPORTING = 0;
0118: public static final int SIGNED_SUPPORTING = 1;
0119: public static final int ENDORSING = 2;
0120: public static final int SIGNED_ENDORSING = 3;
0121: public static final int NONE = 4;
0122:
0123: /**
0124: * Creates a new instance of SecurityTokensModelHelper
0125: */
0126: public SecurityTokensModelHelper() {
0127: }
0128:
0129: public static boolean isRequireClientCertificate(HttpsToken token) {
0130: return token.isRequireClientCertificate();
0131: }
0132:
0133: public static void setRequireClientCertificate(HttpsToken token,
0134: boolean require) {
0135: WSDLModel model = token.getModel();
0136: boolean isTransaction = model.isIntransaction();
0137: if (!isTransaction) {
0138: model.startTransaction();
0139: }
0140: try {
0141: token.setRequireClientCertificate(require);
0142: } finally {
0143: if (!isTransaction) {
0144: model.endTransaction();
0145: }
0146: }
0147: }
0148:
0149: public static String getTokenType(WSDLComponent tokenKind) {
0150: if (tokenKind != null) {
0151: WSDLComponent wc = null;
0152: wc = getTokenElement(tokenKind, UsernameToken.class);
0153: if (wc != null)
0154: return ComboConstants.USERNAME;
0155: wc = getTokenElement(tokenKind, X509Token.class);
0156: if (wc != null)
0157: return ComboConstants.X509;
0158: wc = getTokenElement(tokenKind, SamlToken.class);
0159: if (wc != null)
0160: return ComboConstants.SAML;
0161: wc = getTokenElement(tokenKind, RelToken.class);
0162: if (wc != null)
0163: return ComboConstants.REL;
0164: wc = getTokenElement(tokenKind, KerberosToken.class);
0165: if (wc != null)
0166: return ComboConstants.KERBEROS;
0167: wc = getTokenElement(tokenKind, SecurityContextToken.class);
0168: if (wc != null)
0169: return ComboConstants.SECURITYCONTEXT;
0170: wc = getTokenElement(tokenKind,
0171: SecureConversationToken.class);
0172: if (wc != null)
0173: return ComboConstants.SECURECONVERSATION;
0174: wc = getTokenElement(tokenKind, IssuedToken.class);
0175: if (wc != null)
0176: return ComboConstants.ISSUED;
0177: }
0178: return null;
0179: }
0180:
0181: public static WSDLComponent getTokenTypeElement(
0182: WSDLComponent tokenKind) {
0183: if (tokenKind == null)
0184: return null;
0185: WSDLComponent wc = null;
0186: wc = getTokenElement(tokenKind, HttpsToken.class);
0187: if (wc != null)
0188: return wc;
0189: wc = getTokenElement(tokenKind, UsernameToken.class);
0190: if (wc != null)
0191: return wc;
0192: wc = getTokenElement(tokenKind, X509Token.class);
0193: if (wc != null)
0194: return wc;
0195: wc = getTokenElement(tokenKind, SamlToken.class);
0196: if (wc != null)
0197: return wc;
0198: wc = getTokenElement(tokenKind, RelToken.class);
0199: if (wc != null)
0200: return wc;
0201: wc = getTokenElement(tokenKind, KerberosToken.class);
0202: if (wc != null)
0203: return wc;
0204: wc = getTokenElement(tokenKind, SecurityContextToken.class);
0205: if (wc != null)
0206: return wc;
0207: wc = getTokenElement(tokenKind, SecureConversationToken.class);
0208: if (wc != null)
0209: return wc;
0210: wc = getTokenElement(tokenKind, IssuedToken.class);
0211: return wc;
0212: }
0213:
0214: public static String getTokenInclusionLevel(WSDLComponent tokenType) {
0215: String incLevelStr = ((ExtensibilityElement) tokenType)
0216: .getAnyAttribute(TokensQName.INCLUDETOKENATTRIBUTE
0217: .getQName());
0218: if (incLevelStr != null) {
0219: incLevelStr = incLevelStr.substring(incLevelStr
0220: .lastIndexOf('/') + 1, incLevelStr.length()); //NOI18N
0221: return NbBundle.getMessage(ComboConstants.class, "COMBO_"
0222: + incLevelStr); //NOI18N
0223: } else {
0224: return ComboConstants.NONE;
0225: }
0226: }
0227:
0228: public static String getTokenProfileVersion(WSDLComponent tokenType) {
0229: if (tokenType instanceof UsernameToken) {
0230: if (SecurityPolicyModelHelper.isAttributeEnabled(
0231: (ExtensibilityElement) tokenType,
0232: WssUsernameToken10.class)) {
0233: return ComboConstants.WSS10;
0234: }
0235: if (SecurityPolicyModelHelper.isAttributeEnabled(
0236: (ExtensibilityElement) tokenType,
0237: WssUsernameToken11.class)) {
0238: return ComboConstants.WSS11;
0239: }
0240: }
0241: if (tokenType instanceof SamlToken) {
0242: ExtensibilityElement e = (ExtensibilityElement) tokenType;
0243: if (SecurityPolicyModelHelper.isAttributeEnabled(e,
0244: WssSamlV10Token10.class))
0245: return ComboConstants.SAML_V1010;
0246: if (SecurityPolicyModelHelper.isAttributeEnabled(e,
0247: WssSamlV10Token11.class))
0248: return ComboConstants.SAML_V1011;
0249: if (SecurityPolicyModelHelper.isAttributeEnabled(e,
0250: WssSamlV11Token10.class))
0251: return ComboConstants.SAML_V1110;
0252: if (SecurityPolicyModelHelper.isAttributeEnabled(e,
0253: WssSamlV11Token11.class))
0254: return ComboConstants.SAML_V1111;
0255: if (SecurityPolicyModelHelper.isAttributeEnabled(e,
0256: WssSamlV20Token11.class))
0257: return ComboConstants.SAML_V2011;
0258: }
0259: if (tokenType instanceof X509Token) {
0260: ExtensibilityElement e = (ExtensibilityElement) tokenType;
0261: if (SecurityPolicyModelHelper.isAttributeEnabled(e,
0262: WssX509V1Token10.class))
0263: return ComboConstants.X509_V110;
0264: if (SecurityPolicyModelHelper.isAttributeEnabled(e,
0265: WssX509V1Token11.class))
0266: return ComboConstants.X509_V111;
0267: if (SecurityPolicyModelHelper.isAttributeEnabled(e,
0268: WssX509V3Token10.class))
0269: return ComboConstants.X509_V310;
0270: if (SecurityPolicyModelHelper.isAttributeEnabled(e,
0271: WssX509V3Token11.class))
0272: return ComboConstants.X509_V311;
0273: if (SecurityPolicyModelHelper.isAttributeEnabled(e,
0274: WssX509Pkcs7Token10.class))
0275: return ComboConstants.X509_PKCS710;
0276: if (SecurityPolicyModelHelper.isAttributeEnabled(e,
0277: WssX509Pkcs7Token11.class))
0278: return ComboConstants.X509_PKCS711;
0279: if (SecurityPolicyModelHelper.isAttributeEnabled(e,
0280: WssX509PkiPathV1Token10.class))
0281: return ComboConstants.X509_PKIPATHV110;
0282: if (SecurityPolicyModelHelper.isAttributeEnabled(e,
0283: WssX509PkiPathV1Token11.class))
0284: return ComboConstants.X509_PKIPATHV111;
0285: }
0286: return ComboConstants.NONE;
0287: }
0288:
0289: public static WSDLComponent getTokenElement(WSDLComponent e,
0290: Class tokenClass) {
0291: if (e == null)
0292: return null;
0293: List<Policy> policies = e
0294: .getExtensibilityElements(Policy.class);
0295: if ((policies != null) && (!policies.isEmpty())) {
0296: Policy p = policies.get(0);
0297: return PolicyModelHelper.getTopLevelElement(p, tokenClass);
0298: }
0299: return null;
0300: }
0301:
0302: public static WSDLComponent setTokenType(WSDLComponent secBinding,
0303: String tokenKindStr, String tokenTypeStr) {
0304: WSDLModel model = secBinding.getModel();
0305: WSDLComponentFactory wcf = model.getFactory();
0306: WSDLComponent tokenType = null;
0307: WSDLComponent tokenKind = null;
0308:
0309: boolean isTransaction = model.isIntransaction();
0310: if (!isTransaction) {
0311: model.startTransaction();
0312: }
0313:
0314: try {
0315: Policy p = PolicyModelHelper.createElement(secBinding,
0316: PolicyQName.POLICY.getQName(), Policy.class, false);
0317: List<ExtensibilityElement> tokenKinds = p
0318: .getExtensibilityElements();
0319: if ((tokenKinds != null) && (!tokenKinds.isEmpty())) {
0320: for (ExtensibilityElement tkind : tokenKinds) {
0321: if (ComboConstants.PROTECTION.equals(tokenKindStr)
0322: || ComboConstants.TRANSPORT
0323: .equals(tokenKindStr)) {
0324: if (tkind instanceof SignatureToken
0325: || tkind instanceof TransportToken
0326: || tkind instanceof EncryptionToken
0327: || tkind instanceof InitiatorToken
0328: || tkind instanceof ProtectionToken
0329: || tkind instanceof RecipientToken) {
0330: p.removeExtensibilityElement(tkind);
0331: }
0332: } else if (ComboConstants.ENCRYPTION
0333: .equals(tokenKindStr)) {
0334: if (!(tkind instanceof SignatureToken)) {
0335: p.removeExtensibilityElement(tkind);
0336: }
0337: } else if (ComboConstants.SIGNATURE
0338: .equals(tokenKindStr)) {
0339: if (!(tkind instanceof EncryptionToken)) {
0340: p.removeExtensibilityElement(tkind);
0341: }
0342: } else if (ComboConstants.INITIATOR
0343: .equals(tokenKindStr)) {
0344: if (!(tkind instanceof RecipientToken)) {
0345: p.removeExtensibilityElement(tkind);
0346: }
0347: } else if (ComboConstants.RECIPIENT
0348: .equals(tokenKindStr)) {
0349: if (!(tkind instanceof InitiatorToken)) {
0350: p.removeExtensibilityElement(tkind);
0351: }
0352: }
0353: }
0354: }
0355:
0356: if (ComboConstants.PROTECTION.equals(tokenKindStr)) {
0357: tokenKind = wcf.create(p, TokensQName.PROTECTIONTOKEN
0358: .getQName());
0359: }
0360: if (ComboConstants.SIGNATURE.equals(tokenKindStr)) {
0361: tokenKind = wcf.create(p, TokensQName.SIGNATURETOKEN
0362: .getQName());
0363: }
0364: if (ComboConstants.ENCRYPTION.equals(tokenKindStr)) {
0365: tokenKind = wcf.create(p, TokensQName.ENCRYPTIONTOKEN
0366: .getQName());
0367: }
0368: if (ComboConstants.INITIATOR.equals(tokenKindStr)) {
0369: tokenKind = wcf.create(p, TokensQName.INITIATORTOKEN
0370: .getQName());
0371: }
0372: if (ComboConstants.RECIPIENT.equals(tokenKindStr)) {
0373: tokenKind = wcf.create(p, TokensQName.RECIPIENTTOKEN
0374: .getQName());
0375: }
0376: if (ComboConstants.TRANSPORT.equals(tokenKindStr)) {
0377: tokenKind = wcf.create(p, TokensQName.TRANSPORTTOKEN
0378: .getQName());
0379: }
0380:
0381: p.addExtensibilityElement((ExtensibilityElement) tokenKind);
0382:
0383: Policy pinner = (Policy) wcf.create(tokenKind,
0384: PolicyQName.POLICY.getQName());
0385: tokenKind.addExtensibilityElement(pinner);
0386:
0387: if (ComboConstants.HTTPS.equals(tokenTypeStr)) {
0388: tokenType = wcf.create(pinner, TokensQName.HTTPSTOKEN
0389: .getQName());
0390: pinner
0391: .addExtensibilityElement((ExtensibilityElement) tokenType);
0392: ((HttpsToken) tokenType)
0393: .setRequireClientCertificate(false);
0394: }
0395: if (ComboConstants.X509.equals(tokenTypeStr)) {
0396: tokenType = wcf.create(pinner, TokensQName.X509TOKEN
0397: .getQName());
0398: pinner
0399: .addExtensibilityElement((ExtensibilityElement) tokenType);
0400: setTokenProfileVersion(tokenType,
0401: ComboConstants.X509_V310);
0402: }
0403: if (ComboConstants.SAML.equals(tokenTypeStr)) {
0404: tokenType = wcf.create(pinner, TokensQName.SAMLTOKEN
0405: .getQName());
0406: pinner
0407: .addExtensibilityElement((ExtensibilityElement) tokenType);
0408: setTokenProfileVersion(tokenType,
0409: ComboConstants.SAML_V1110);
0410: }
0411: if (ComboConstants.KERBEROS.equals(tokenTypeStr)) {
0412: tokenType = wcf.create(pinner,
0413: TokensQName.KERBEROSTOKEN.getQName());
0414: pinner
0415: .addExtensibilityElement((ExtensibilityElement) tokenType);
0416: setTokenProfileVersion(tokenType,
0417: ComboConstants.KERBEROS_KERBEROSGSS);
0418: }
0419: if (ComboConstants.ISSUED.equals(tokenTypeStr)) {
0420: tokenType = wcf.create(pinner, TokensQName.ISSUEDTOKEN
0421: .getQName());
0422: pinner
0423: .addExtensibilityElement((ExtensibilityElement) tokenType);
0424: RequestSecurityTokenTemplate template = (RequestSecurityTokenTemplate) wcf
0425: .create(
0426: tokenType,
0427: SecurityPolicyQName.REQUESTSECURITYTOKENTEMPLATE
0428: .getQName());
0429: tokenType.addExtensibilityElement(template);
0430:
0431: TokenType trustTokenType = (TokenType) wcf.create(
0432: template, TrustQName.TOKENTYPE.getQName());
0433: template.addExtensibilityElement(trustTokenType);
0434: trustTokenType
0435: .setContent(ComboConstants.ISSUED_TOKENTYPE_SAML11_POLICYSTR);
0436:
0437: KeyType trustKeyType = (KeyType) wcf.create(template,
0438: TrustQName.KEYTYPE.getQName());
0439: template.addExtensibilityElement(trustKeyType);
0440: trustKeyType
0441: .setContent(ComboConstants.ISSUED_KEYTYPE_SYMMETRIC_POLICYSTR);
0442:
0443: KeySize trustKeySize = (KeySize) wcf.create(template,
0444: TrustQName.KEYSIZE.getQName());
0445: template.addExtensibilityElement(trustKeySize);
0446: trustKeySize
0447: .setContent(ComboConstants.ISSUED_KEYSIZE_256);
0448:
0449: SecurityPolicyModelHelper
0450: .enableRequireInternalReference(tokenType, true);
0451: }
0452:
0453: if (ComboConstants.USERNAME.equals(tokenTypeStr)) {
0454: tokenType = wcf.create(pinner,
0455: TokensQName.USERNAMETOKEN.getQName());
0456: pinner
0457: .addExtensibilityElement((ExtensibilityElement) tokenType);
0458: setTokenProfileVersion(tokenType, ComboConstants.WSS10);
0459: }
0460: if (ComboConstants.REL.equals(tokenTypeStr)) {
0461: tokenType = wcf.create(pinner, TokensQName.RELTOKEN
0462: .getQName());
0463: pinner
0464: .addExtensibilityElement((ExtensibilityElement) tokenType);
0465: SecurityPolicyModelHelper.enableRequireDerivedKeys(
0466: tokenType, true);
0467: }
0468: if (ComboConstants.SECURECONVERSATION.equals(tokenTypeStr)) {
0469: tokenType = wcf.create(pinner,
0470: TokensQName.SECURECONVERSATIONTOKEN.getQName());
0471: pinner
0472: .addExtensibilityElement((ExtensibilityElement) tokenType);
0473: SecurityPolicyModelHelper.enableRequireDerivedKeys(
0474: tokenType, true);
0475: // setBootstrapPolicy(tokenType,
0476: // ComboConstants.SYMMETRIC,
0477: // ComboConstants.X509,
0478: // ComboConstants.X509,
0479: // ComboConstants.WSS10);
0480: }
0481: if (ComboConstants.SECURITYCONTEXT.equals(tokenTypeStr)) {
0482: tokenType = wcf.create(pinner,
0483: TokensQName.SECURITYCONTEXTTOKEN.getQName());
0484: pinner
0485: .addExtensibilityElement((ExtensibilityElement) tokenType);
0486: SecurityPolicyModelHelper.enableRequireDerivedKeys(
0487: tokenType, true);
0488: }
0489: if (ComboConstants.SPNEGOCONTEXT.equals(tokenTypeStr)) {
0490: tokenType = wcf.create(pinner,
0491: TokensQName.SPNEGOCONTEXTTOKEN.getQName());
0492: pinner
0493: .addExtensibilityElement((ExtensibilityElement) tokenType);
0494: SecurityPolicyModelHelper.enableRequireDerivedKeys(
0495: tokenType, true);
0496: }
0497:
0498: // setTokenInclusionLevel(tokenType, ComboConstants.ALWAYSRECIPIENT);
0499:
0500: } finally {
0501: if (!isTransaction) {
0502: model.endTransaction();
0503: }
0504: }
0505: return tokenType;
0506: }
0507:
0508: public static void setTokenInclusionLevel(WSDLComponent tokenType,
0509: String incLevel) {
0510: WSDLModel model = tokenType.getModel();
0511:
0512: boolean isTransaction = model.isIntransaction();
0513: if (!isTransaction) {
0514: model.startTransaction();
0515: }
0516:
0517: try {
0518: String levelStr = null;
0519: if (ComboConstants.NEVER.equals(incLevel)) {
0520: levelStr = ComboConstants.NEVER_POLICYSTR;
0521: } else if (ComboConstants.ALWAYS.equals(incLevel)) {
0522: levelStr = ComboConstants.ALWAYS_POLICYSTR;
0523: } else if (ComboConstants.ALWAYSRECIPIENT.equals(incLevel)) {
0524: levelStr = ComboConstants.ALWAYSRECIPIENT_POLICYSTR;
0525: } else if (ComboConstants.ONCE.equals(incLevel)) {
0526: levelStr = ComboConstants.ONCE_POLICYSTR;
0527: }
0528: ((ExtensibilityElement) tokenType).setAnyAttribute(
0529: TokensQName.INCLUDETOKENATTRIBUTE.getQName(),
0530: levelStr);
0531: } finally {
0532: if (!isTransaction) {
0533: model.endTransaction();
0534: }
0535: }
0536: }
0537:
0538: public static void setTokenProfileVersion(WSDLComponent tokenType,
0539: String profileVersion) {
0540: WSDLModel model = tokenType.getModel();
0541: WSDLComponentFactory wcf = model.getFactory();
0542: boolean isTransaction = model.isIntransaction();
0543: if (!isTransaction) {
0544: model.startTransaction();
0545: }
0546: try {
0547: Policy p = PolicyModelHelper.createElement(tokenType,
0548: PolicyQName.POLICY.getQName(), Policy.class, false);
0549: WSDLComponent profileVersionAssertion = null;
0550: List<ExtensibilityElement> tokenAssertions = p
0551: .getExtensibilityElements();
0552:
0553: if (tokenType instanceof UsernameToken) {
0554: if ((tokenAssertions != null)
0555: && (!tokenAssertions.isEmpty())) {
0556: for (ExtensibilityElement e : tokenAssertions) {
0557: if ((e instanceof WssUsernameToken10)
0558: || (e instanceof WssUsernameToken11)) {
0559: p.removeExtensibilityElement(e);
0560: }
0561: }
0562: }
0563: if (ComboConstants.WSS10.equals(profileVersion))
0564: profileVersionAssertion = wcf.create(p,
0565: TokensQName.WSSUSERNAMETOKEN10.getQName());
0566: if (ComboConstants.WSS11.equals(profileVersion))
0567: profileVersionAssertion = wcf.create(p,
0568: TokensQName.WSSUSERNAMETOKEN11.getQName());
0569: }
0570: if (tokenType instanceof SamlToken) {
0571: if ((tokenAssertions != null)
0572: && (!tokenAssertions.isEmpty())) {
0573: for (ExtensibilityElement e : tokenAssertions) {
0574: if ((e instanceof WssSamlV10Token11)
0575: || (e instanceof WssSamlV10Token10)
0576: || (e instanceof WssSamlV11Token10)
0577: || (e instanceof WssSamlV11Token11)
0578: || (e instanceof WssSamlV20Token11)) {
0579: p.removeExtensibilityElement(e);
0580: }
0581: }
0582: }
0583: if (ComboConstants.SAML_V1010.equals(profileVersion))
0584: profileVersionAssertion = wcf.create(p,
0585: TokensQName.WSSSAMLV10TOKEN10.getQName());
0586: if (ComboConstants.SAML_V1011.equals(profileVersion))
0587: profileVersionAssertion = wcf.create(p,
0588: TokensQName.WSSSAMLV10TOKEN11.getQName());
0589: if (ComboConstants.SAML_V1110.equals(profileVersion))
0590: profileVersionAssertion = wcf.create(p,
0591: TokensQName.WSSSAMLV11TOKEN10.getQName());
0592: if (ComboConstants.SAML_V1111.equals(profileVersion))
0593: profileVersionAssertion = wcf.create(p,
0594: TokensQName.WSSSAMLV11TOKEN11.getQName());
0595: if (ComboConstants.SAML_V2011.equals(profileVersion))
0596: profileVersionAssertion = wcf.create(p,
0597: TokensQName.WSSSAMLV20TOKEN11.getQName());
0598: }
0599:
0600: if (tokenType instanceof X509Token) {
0601: if ((tokenAssertions != null)
0602: && (!tokenAssertions.isEmpty())) {
0603: for (ExtensibilityElement e : tokenAssertions) {
0604: if ((e instanceof WssX509V1Token10)
0605: || (e instanceof WssX509V3Token10)
0606: || (e instanceof WssX509V1Token11)
0607: || (e instanceof WssX509V3Token11)
0608: || (e instanceof WssX509Pkcs7Token10)
0609: || (e instanceof WssX509Pkcs7Token11)
0610: || (e instanceof WssX509PkiPathV1Token10)
0611: || (e instanceof WssX509PkiPathV1Token11)) {
0612: p.removeExtensibilityElement(e);
0613: }
0614: }
0615: }
0616:
0617: if (ComboConstants.X509_V110.equals(profileVersion))
0618: profileVersionAssertion = wcf.create(p,
0619: TokensQName.WSSX509V1TOKEN10.getQName());
0620: if (ComboConstants.X509_V310.equals(profileVersion))
0621: profileVersionAssertion = wcf.create(p,
0622: TokensQName.WSSX509V3TOKEN10.getQName());
0623: if (ComboConstants.X509_V111.equals(profileVersion))
0624: profileVersionAssertion = wcf.create(p,
0625: TokensQName.WSSX509V1TOKEN11.getQName());
0626: if (ComboConstants.X509_V311.equals(profileVersion))
0627: profileVersionAssertion = wcf.create(p,
0628: TokensQName.WSSX509V3TOKEN11.getQName());
0629: if (ComboConstants.X509_PKCS710.equals(profileVersion))
0630: profileVersionAssertion = wcf.create(p,
0631: TokensQName.WSSX509PKCS7TOKEN10.getQName());
0632: if (ComboConstants.X509_PKCS711.equals(profileVersion))
0633: profileVersionAssertion = wcf.create(p,
0634: TokensQName.WSSX509PKCS7TOKEN11.getQName());
0635: if (ComboConstants.X509_PKIPATHV110
0636: .equals(profileVersion))
0637: profileVersionAssertion = wcf.create(p,
0638: TokensQName.WSSX509PKIPATHV1TOKEN10
0639: .getQName());
0640: if (ComboConstants.X509_PKIPATHV111
0641: .equals(profileVersion))
0642: profileVersionAssertion = wcf.create(p,
0643: TokensQName.WSSX509PKIPATHV1TOKEN11
0644: .getQName());
0645: }
0646:
0647: if (tokenType instanceof KerberosToken) {
0648: if ((tokenAssertions != null)
0649: && (!tokenAssertions.isEmpty())) {
0650: for (ExtensibilityElement e : tokenAssertions) {
0651: if ((e instanceof WssGssKerberosV5ApReqToken11)
0652: || (e instanceof WssKerberosV5ApReqToken11)) {
0653: p.removeExtensibilityElement(e);
0654: }
0655: }
0656: }
0657: if (ComboConstants.KERBEROS_KERBEROS
0658: .equals(profileVersion))
0659: profileVersionAssertion = wcf.create(p,
0660: TokensQName.WSSKERBEROSV5APREQTOKEN11
0661: .getQName());
0662: if (ComboConstants.KERBEROS_KERBEROSGSS
0663: .equals(profileVersion))
0664: profileVersionAssertion = wcf.create(p,
0665: TokensQName.WSSGSSKERBEROSV5APREQTOKEN11
0666: .getQName());
0667: }
0668:
0669: if (profileVersionAssertion != null)
0670: p
0671: .addExtensibilityElement((ExtensibilityElement) profileVersionAssertion);
0672: } finally {
0673: if (!isTransaction) {
0674: model.endTransaction();
0675: }
0676: }
0677: }
0678:
0679: public static List<WSDLComponent> getSupportingTokens(
0680: WSDLComponent c) {
0681: ArrayList<WSDLComponent> result = new ArrayList<WSDLComponent>(
0682: 1);
0683: if (c == null)
0684: return null;
0685: WSDLComponent p = c;
0686: if ((c instanceof Binding) || (c instanceof BindingOperation)
0687: || (c instanceof BindingInput)
0688: || (c instanceof BindingOutput)
0689: || (c instanceof BindingFault)) {
0690: p = PolicyModelHelper.getPolicyForElement(c);
0691: }
0692: if (p == null)
0693: return null;
0694: Class[] a = { SupportingTokens.class,
0695: SignedSupportingTokens.class,
0696: EndorsingSupportingTokens.class,
0697: SignedEndorsingSupportingTokens.class };
0698: for (Class cl : a) {
0699: WSDLComponent token = PolicyModelHelper.getTopLevelElement(
0700: p, cl);
0701: if (token != null) {
0702: result.add(token);
0703: }
0704: }
0705: return result;
0706: }
0707:
0708: public static WSDLComponent getSupportingToken(WSDLComponent c,
0709: int supportingType) {
0710: if (c == null)
0711: return null;
0712: WSDLComponent p = c;
0713: if ((c instanceof Binding) || (c instanceof BindingOperation)
0714: || (c instanceof BindingInput)
0715: || (c instanceof BindingOutput)
0716: || (c instanceof BindingFault)) {
0717: p = PolicyModelHelper.getPolicyForElement(c);
0718: }
0719: if (p == null)
0720: return null;
0721: if (SUPPORTING == supportingType) {
0722: return PolicyModelHelper.getTopLevelElement(p,
0723: SupportingTokens.class);
0724: }
0725: if (SIGNED_SUPPORTING == supportingType) {
0726: return PolicyModelHelper.getTopLevelElement(p,
0727: SignedSupportingTokens.class);
0728: }
0729: if (ENDORSING == supportingType) {
0730: return PolicyModelHelper.getTopLevelElement(p,
0731: EndorsingSupportingTokens.class);
0732: }
0733: if (SIGNED_ENDORSING == supportingType) {
0734: return PolicyModelHelper.getTopLevelElement(p,
0735: SignedEndorsingSupportingTokens.class);
0736: }
0737: return null;
0738: }
0739:
0740: public static void removeSupportingTokens(WSDLComponent c) {
0741: if (c == null)
0742: return;
0743: WSDLModel model = c.getModel();
0744: WSDLComponent p = c;
0745: if ((c instanceof Binding) || (c instanceof BindingOperation)
0746: || (c instanceof BindingInput)
0747: || (c instanceof BindingOutput)
0748: || (c instanceof BindingFault)) {
0749: p = PolicyModelHelper.getPolicyForElement(c);
0750: }
0751:
0752: if (p == null)
0753: return;
0754:
0755: ExtensibilityElement rem = null;
0756:
0757: boolean isTransaction = model.isIntransaction();
0758: if (!isTransaction) {
0759: model.startTransaction();
0760: }
0761: try {
0762: rem = PolicyModelHelper.getTopLevelElement(p,
0763: SupportingTokens.class);
0764: if (rem != null) {
0765: rem.getParent().removeExtensibilityElement(rem);
0766: }
0767:
0768: rem = PolicyModelHelper.getTopLevelElement(p,
0769: SignedSupportingTokens.class);
0770: if (rem != null) {
0771: rem.getParent().removeExtensibilityElement(rem);
0772: }
0773:
0774: rem = PolicyModelHelper.getTopLevelElement(p,
0775: EndorsingSupportingTokens.class);
0776: if (rem != null) {
0777: rem.getParent().removeExtensibilityElement(rem);
0778: }
0779:
0780: rem = PolicyModelHelper.getTopLevelElement(p,
0781: SignedEndorsingSupportingTokens.class);
0782: if (rem != null) {
0783: rem.getParent().removeExtensibilityElement(rem);
0784: }
0785: } finally {
0786: if (!isTransaction) {
0787: model.endTransaction();
0788: }
0789: }
0790: }
0791:
0792: public static WSDLComponent setSupportingTokens(WSDLComponent c,
0793: String authToken, int supportingType) {
0794: if (c == null)
0795: return null;
0796:
0797: WSDLModel model = c.getModel();
0798: WSDLComponentFactory wcf = model.getFactory();
0799: WSDLComponent tokenType = null;
0800: WSDLComponent tokenKind = null;
0801:
0802: boolean isTransaction = model.isIntransaction();
0803: if (!isTransaction) {
0804: model.startTransaction();
0805: }
0806: try {
0807: for (int i = 0; i < 4; i++) {
0808: tokenKind = getSupportingToken(c, i);
0809: if (tokenKind != null) {
0810: if (ComboConstants.NONE.equals(authToken)
0811: || (authToken == null)) {
0812: if ((i == supportingType)
0813: || (supportingType == NONE)) {
0814: tokenKind
0815: .getParent()
0816: .removeExtensibilityElement(
0817: (ExtensibilityElement) tokenKind);
0818: }
0819: if (supportingType != NONE)
0820: return null;
0821: } else {
0822: if (i == supportingType) {
0823: tokenKind
0824: .getParent()
0825: .removeExtensibilityElement(
0826: (ExtensibilityElement) tokenKind);
0827: }
0828: }
0829: }
0830: }
0831:
0832: if (supportingType == NONE)
0833: return null;
0834:
0835: WSDLComponent topLevel = null;
0836: if (c instanceof Policy) {
0837: topLevel = c;
0838: } else {
0839: topLevel = PolicyModelHelper.createPolicy(c, true);
0840: }
0841:
0842: if (SUPPORTING == supportingType) {
0843: tokenKind = wcf.create(topLevel,
0844: TokensQName.SUPPORTINGTOKENS.getQName());
0845: }
0846: if (SIGNED_SUPPORTING == supportingType) {
0847: tokenKind = wcf.create(topLevel,
0848: TokensQName.SIGNEDSUPPORTINGTOKENS.getQName());
0849: }
0850: if (ENDORSING == supportingType) {
0851: tokenKind = wcf.create(topLevel,
0852: TokensQName.ENDORSINGSUPPORTINGTOKENS
0853: .getQName());
0854: }
0855: if (SIGNED_ENDORSING == supportingType) {
0856: tokenKind = wcf.create(topLevel,
0857: TokensQName.SIGNEDENDORSINGSUPPORTINGTOKENS
0858: .getQName());
0859: }
0860: topLevel
0861: .addExtensibilityElement((ExtensibilityElement) tokenKind);
0862:
0863: if (ComboConstants.USERNAME.equals(authToken)) {
0864: tokenType = PolicyModelHelper.createElement(tokenKind,
0865: TokensQName.USERNAMETOKEN.getQName(),
0866: UsernameToken.class, true);
0867: setTokenProfileVersion(tokenType, ComboConstants.WSS10);
0868: setTokenInclusionLevel(tokenType,
0869: ComboConstants.ALWAYSRECIPIENT);
0870: }
0871: if (ComboConstants.X509.equals(authToken)) {
0872: tokenType = PolicyModelHelper.createElement(tokenKind,
0873: TokensQName.X509TOKEN.getQName(),
0874: X509Token.class, true);
0875: setTokenProfileVersion(tokenType,
0876: ComboConstants.X509_V310);
0877: // SecurityPolicyModelHelper.enableRequireThumbprintReference(tokenType, true);
0878: setTokenInclusionLevel(tokenType,
0879: ComboConstants.ALWAYSRECIPIENT);
0880: }
0881: if (ComboConstants.SAML.equals(authToken)) {
0882: tokenType = PolicyModelHelper.createElement(tokenKind,
0883: TokensQName.SAMLTOKEN.getQName(),
0884: SamlToken.class, true);
0885: setTokenProfileVersion(tokenType,
0886: ComboConstants.SAML_V1110);
0887: setTokenInclusionLevel(tokenType,
0888: ComboConstants.ALWAYSRECIPIENT);
0889: }
0890: if (ComboConstants.SECURECONVERSATION.equals(authToken)) {
0891: tokenType = PolicyModelHelper.createElement(tokenKind,
0892: TokensQName.SECURECONVERSATIONTOKEN.getQName(),
0893: SecureConversationToken.class, true);
0894: setTokenInclusionLevel(tokenType,
0895: ComboConstants.ALWAYSRECIPIENT);
0896: }
0897: if (ComboConstants.ISSUED.equals(authToken)) {
0898: tokenType = PolicyModelHelper.createElement(tokenKind,
0899: TokensQName.ISSUEDTOKEN.getQName(),
0900: IssuedToken.class, true);
0901: setTokenInclusionLevel(tokenType,
0902: ComboConstants.ALWAYSRECIPIENT);
0903:
0904: RequestSecurityTokenTemplate template = (RequestSecurityTokenTemplate) wcf
0905: .create(
0906: tokenType,
0907: SecurityPolicyQName.REQUESTSECURITYTOKENTEMPLATE
0908: .getQName());
0909: tokenType.addExtensibilityElement(template);
0910:
0911: TokenType trustTokenType = PolicyModelHelper
0912: .createElement(template, TrustQName.TOKENTYPE
0913: .getQName(), TokenType.class, false);
0914: trustTokenType
0915: .setContent(ComboConstants.ISSUED_TOKENTYPE_SAML11_POLICYSTR);
0916:
0917: KeyType trustKeyType = PolicyModelHelper.createElement(
0918: template, TrustQName.KEYTYPE.getQName(),
0919: KeyType.class, false);
0920: trustKeyType
0921: .setContent(ComboConstants.ISSUED_KEYTYPE_SYMMETRIC_POLICYSTR);
0922:
0923: KeySize trustKeySize = PolicyModelHelper.createElement(
0924: template, TrustQName.KEYSIZE.getQName(),
0925: KeySize.class, false);
0926: trustKeySize
0927: .setContent(ComboConstants.ISSUED_KEYSIZE_256);
0928:
0929: SecurityPolicyModelHelper
0930: .enableRequireInternalReference(tokenType, true);
0931: }
0932: } finally {
0933: if (!isTransaction) {
0934: model.endTransaction();
0935: }
0936: }
0937: return tokenType;
0938: }
0939:
0940: public static String getIssuedIssuerAddress(WSDLComponent tokenType) {
0941: if (tokenType != null) {
0942: List<Issuer> issuerList = tokenType
0943: .getExtensibilityElements(Issuer.class);
0944: if ((issuerList != null) && (!issuerList.isEmpty())) {
0945: Issuer issuer = issuerList.get(0);
0946: List<Address10> addrs = issuer
0947: .getExtensibilityElements(Address10.class);
0948: if ((addrs != null) && (!addrs.isEmpty())) {
0949: Address10 a = addrs.get(0);
0950: if (a != null) {
0951: return a.getAddress();
0952: }
0953: }
0954: }
0955: }
0956: return null;
0957: }
0958:
0959: public static String getIssuedTokenType(WSDLComponent tokenType) {
0960: if (tokenType != null) {
0961: List<RequestSecurityTokenTemplate> rstList = tokenType
0962: .getExtensibilityElements(RequestSecurityTokenTemplate.class);
0963: if ((rstList != null) && (!rstList.isEmpty())) {
0964: RequestSecurityTokenTemplate rst = rstList.get(0);
0965: TokenType tType = rst.getTokenType();
0966: if (tType != null) {
0967: String type = tType.getContent();
0968: if (ComboConstants.ISSUED_TOKENTYPE_SAML10_POLICYSTR
0969: .equals(type)) {
0970: return ComboConstants.ISSUED_TOKENTYPE_SAML10;
0971: }
0972: if (ComboConstants.ISSUED_TOKENTYPE_SAML11_POLICYSTR
0973: .equals(type)) {
0974: return ComboConstants.ISSUED_TOKENTYPE_SAML11;
0975: }
0976: if (ComboConstants.ISSUED_TOKENTYPE_SAML20_POLICYSTR
0977: .equals(type)) {
0978: return ComboConstants.ISSUED_TOKENTYPE_SAML20;
0979: }
0980: }
0981: }
0982: }
0983: return null;
0984: }
0985:
0986: public static String getIssuedKeyType(WSDLComponent tokenType) {
0987: if (tokenType != null) {
0988: List<RequestSecurityTokenTemplate> rstList = tokenType
0989: .getExtensibilityElements(RequestSecurityTokenTemplate.class);
0990: if ((rstList != null) && (!rstList.isEmpty())) {
0991: RequestSecurityTokenTemplate rst = rstList.get(0);
0992: KeyType kType = rst.getKeyType();
0993: if (kType != null) {
0994: String type = kType.getContent();
0995: if (ComboConstants.ISSUED_KEYTYPE_PUBLIC_POLICYSTR
0996: .equals(type)) {
0997: return ComboConstants.ISSUED_KEYTYPE_PUBLIC;
0998: }
0999: if (ComboConstants.ISSUED_KEYTYPE_SYMMETRIC_POLICYSTR
1000: .equals(type)) {
1001: return ComboConstants.ISSUED_KEYTYPE_SYMMETRIC;
1002: }
1003: }
1004: }
1005: }
1006: return null;
1007: }
1008:
1009: public static String getIssuedKeySize(WSDLComponent tokenType) {
1010: if (tokenType != null) {
1011: List<RequestSecurityTokenTemplate> rstList = tokenType
1012: .getExtensibilityElements(RequestSecurityTokenTemplate.class);
1013: if ((rstList != null) && (!rstList.isEmpty())) {
1014: RequestSecurityTokenTemplate rst = rstList.get(0);
1015: KeySize kSize = rst.getKeySize();
1016: if (kSize != null) {
1017: return kSize.getContent();
1018: }
1019: }
1020: }
1021: return null;
1022: }
1023:
1024: public static String getIssuedIssuerMetadataAddress(
1025: WSDLComponent tokenType) {
1026: if (tokenType != null) {
1027: List<Issuer> issuerList = tokenType
1028: .getExtensibilityElements(Issuer.class);
1029: if ((issuerList != null) && (!issuerList.isEmpty())) {
1030: Issuer issuer = issuerList.get(0);
1031: List<Addressing10Metadata> amdatas = issuer
1032: .getExtensibilityElements(Addressing10Metadata.class);
1033: if ((amdatas != null) && (!amdatas.isEmpty())) {
1034: Addressing10Metadata amdata = amdatas.get(0);
1035: List<Metadata> mdata = amdata
1036: .getExtensibilityElements(Metadata.class);
1037: if ((mdata != null) && (!mdata.isEmpty())) {
1038: Metadata m = mdata.get(0);
1039: if (m != null) {
1040: MetadataSection ms = m.getMetadataSection();
1041: if (ms != null) {
1042: MetadataReference mr = ms
1043: .getMetadataReference();
1044: if (mr != null) {
1045: Address10 a = mr.getAddress();
1046: if (a != null) {
1047: return a.getAddress();
1048: }
1049: }
1050: }
1051: }
1052: }
1053: }
1054: }
1055: }
1056: return null;
1057: }
1058:
1059: public static void setIssuedTokenAddressAttributes(
1060: WSDLComponent token, String address, String metaAddress) {
1061: WSDLModel model = token.getModel();
1062:
1063: boolean isTransaction = model.isIntransaction();
1064: if (!isTransaction) {
1065: model.startTransaction();
1066: }
1067:
1068: try {
1069: Issuer i = PolicyModelHelper.createElement(token,
1070: TokensQName.ISSUER.getQName(), Issuer.class, false);
1071: Address10 a = PolicyModelHelper.createElement(i,
1072: Addressing10QName.ADDRESS.getQName(),
1073: Address10.class, false);
1074: a.setAddress(address);
1075:
1076: Addressing10Metadata am = PolicyModelHelper.createElement(
1077: i, Addressing10QName.ADDRESSINGMETADATA.getQName(),
1078: Addressing10Metadata.class, false);
1079: Metadata m = PolicyModelHelper
1080: .createElement(am, MexQName.METADATA.getQName(),
1081: Metadata.class, false);
1082: MetadataSection ms = PolicyModelHelper.createElement(m,
1083: MexQName.METADATASECTION.getQName(),
1084: MetadataSection.class, false);
1085: MetadataReference mr = PolicyModelHelper.createElement(ms,
1086: MexQName.METADATAREFERENCE.getQName(),
1087: MetadataReference.class, false);
1088: Address10 ma = PolicyModelHelper.createElement(mr,
1089: Addressing10QName.ADDRESS.getQName(),
1090: Address10.class, false);
1091: ma.setAddress(metaAddress);
1092: } finally {
1093: if (!isTransaction) {
1094: model.endTransaction();
1095: }
1096: }
1097: }
1098:
1099: public static void setIssuedTokenRSTAttributes(WSDLComponent token,
1100: String tokenType, String keyType, String keySize) {
1101: WSDLModel model = token.getModel();
1102:
1103: boolean isTransaction = model.isIntransaction();
1104: if (!isTransaction) {
1105: model.startTransaction();
1106: }
1107:
1108: try {
1109: RequestSecurityTokenTemplate rst = PolicyModelHelper
1110: .createElement(
1111: token,
1112: SecurityPolicyQName.REQUESTSECURITYTOKENTEMPLATE
1113: .getQName(),
1114: RequestSecurityTokenTemplate.class, false);
1115:
1116: TokenType t = PolicyModelHelper.createElement(rst,
1117: TrustQName.TOKENTYPE.getQName(), TokenType.class,
1118: false);
1119: if (tokenType
1120: .equals(ComboConstants.ISSUED_TOKENTYPE_SAML20)) {
1121: t
1122: .setContent(ComboConstants.ISSUED_TOKENTYPE_SAML20_POLICYSTR);
1123: }
1124: if (tokenType
1125: .equals(ComboConstants.ISSUED_TOKENTYPE_SAML11)) {
1126: t
1127: .setContent(ComboConstants.ISSUED_TOKENTYPE_SAML11_POLICYSTR);
1128: }
1129: if (tokenType
1130: .equals(ComboConstants.ISSUED_TOKENTYPE_SAML10)) {
1131: t
1132: .setContent(ComboConstants.ISSUED_TOKENTYPE_SAML10_POLICYSTR);
1133: }
1134:
1135: KeyType k = PolicyModelHelper
1136: .createElement(rst, TrustQName.KEYTYPE.getQName(),
1137: KeyType.class, false);
1138: if (keyType.equals(ComboConstants.ISSUED_KEYTYPE_PUBLIC)) {
1139: k
1140: .setContent(ComboConstants.ISSUED_KEYTYPE_PUBLIC_POLICYSTR);
1141: }
1142: if (keyType.equals(ComboConstants.ISSUED_KEYTYPE_SYMMETRIC)) {
1143: k
1144: .setContent(ComboConstants.ISSUED_KEYTYPE_SYMMETRIC_POLICYSTR);
1145: }
1146:
1147: KeySize s = PolicyModelHelper
1148: .createElement(rst, TrustQName.KEYSIZE.getQName(),
1149: KeySize.class, false);
1150: s.setContent(keySize);
1151:
1152: } finally {
1153: if (!isTransaction) {
1154: model.endTransaction();
1155: }
1156: }
1157: }
1158: }
|