private void collectPolicies() {
for (AssertionSet assertionSet : effectivePolicy) {
for (PolicyAssertion assertion : assertionSet) {
if (PolicyUtil.isSignedParts(assertion, spVersion)) {
signedParts.add((SignedParts) assertion);
} else if (PolicyUtil.isEncryptParts(assertion, spVersion)) {
encryptedParts.add((EncryptedParts) assertion);
} else if (PolicyUtil.isSignedElements(assertion, spVersion)) {
signedElements.add((SignedElements) assertion);
} else if (PolicyUtil.isEncryptedElements(assertion, spVersion)) {
encryptedElements.add((EncryptedElements) assertion);
} else if (PolicyUtil.isWSS10(assertion, spVersion)) {
wssAssertion = assertion;
} else if (PolicyUtil.isWSS11(assertion, spVersion)) {
wssAssertion = assertion;
} else if (PolicyUtil.isTrust10(assertion, spVersion)) {
trust10 = (Trust10) assertion;
} else if (PolicyUtil.isTrust13(assertion, spVersion)) {
trust13 = (Trust13) assertion;
} else if (PolicyUtil.isBinding(assertion, spVersion)) {
_binding = (Binding) assertion;
} else if (PolicyUtil.isRequiredElements(assertion, spVersion)) {
reqElements.add((RequiredElements) assertion);
}
}
}
}
private void processNonBindingAssertions(BindingProcessor bindingProcessor)
throws PolicyException {
for (AssertionSet assertionSet : effectivePolicy) {
for (PolicyAssertion assertion : assertionSet) {
if (PolicyUtil.isBinding(assertion, spVersion)) {
continue;
} else if (!ignoreST
&& shouldAddST()
&& PolicyUtil.isSupportingToken(assertion, spVersion)) {
bindingProcessor.processSupportingTokens((SupportingTokens) assertion);
} else if (!ignoreST
&& shouldAddST()
&& PolicyUtil.isSignedSupportingToken(assertion, spVersion)) {
bindingProcessor.processSupportingTokens((SignedSupportingTokens) assertion);
} else if (!ignoreST
&& shouldAddST()
&& PolicyUtil.isEndorsedSupportingToken(assertion, spVersion)) {
bindingProcessor.processSupportingTokens((EndorsingSupportingTokens) assertion);
} else if (!ignoreST
&& shouldAddST()
&& PolicyUtil.isSignedEndorsingSupportingToken(assertion, spVersion)) {
bindingProcessor.processSupportingTokens((SignedEndorsingSupportingTokens) assertion);
} else if (!ignoreST
&& shouldAddST()
&& PolicyUtil.isSignedEncryptedSupportingToken(assertion, spVersion)) {
bindingProcessor.processSupportingTokens((SignedEncryptedSupportingTokens) assertion);
isIssuedTokenAsEncryptedSupportingToken(
bindingProcessor.isIssuedTokenAsEncryptedSupportingToken());
} else if (!ignoreST
&& shouldAddST()
&& PolicyUtil.isEncryptedSupportingToken(assertion, spVersion)) {
bindingProcessor.processSupportingTokens((EncryptedSupportingTokens) assertion);
isIssuedTokenAsEncryptedSupportingToken(
bindingProcessor.isIssuedTokenAsEncryptedSupportingToken());
} else if (!ignoreST
&& shouldAddST()
&& PolicyUtil.isEndorsingEncryptedSupportingToken(assertion, spVersion)) {
bindingProcessor.processSupportingTokens((EndorsingEncryptedSupportingTokens) assertion);
isIssuedTokenAsEncryptedSupportingToken(
bindingProcessor.isIssuedTokenAsEncryptedSupportingToken());
} else if (!ignoreST
&& shouldAddST()
&& PolicyUtil.isSignedEndorsingEncryptedSupportingToken(assertion, spVersion)) {
bindingProcessor.processSupportingTokens(
(SignedEndorsingEncryptedSupportingTokens) assertion);
isIssuedTokenAsEncryptedSupportingToken(
bindingProcessor.isIssuedTokenAsEncryptedSupportingToken());
} else if (PolicyUtil.isWSS10(assertion, spVersion)) {
wssAssertion = assertion;
} else if (PolicyUtil.isWSS11(assertion, spVersion)) {
wssAssertion = assertion;
} else if (PolicyUtil.isTrust10(assertion, spVersion)) {
trust10 = (Trust10) assertion;
} else if (PolicyUtil.isTrust13(assertion, spVersion)) {
trust13 = (Trust13) assertion;
}
}
}
}
public void process() throws PolicyException {
collectPolicies();
PolicyAssertion binding = (PolicyAssertion) getBinding();
policyBinding = (Binding) binding;
if (binding == null) {
// log error.
// logger.log(Level.SEVERE,LogStringsMessages.SP_0105_ERROR_BINDING_ASSR_NOT_PRESENT());
// throw new PolicyException(LogStringsMessages.SP_0105_ERROR_BINDING_ASSR_NOT_PRESENT());
// We handle this now
NilBindingProcessor nbp = new NilBindingProcessor(isServer, isIncoming, _policyContainer);
nbp.process();
processNonBindingAssertions(nbp);
return;
}
if (PolicyUtil.isTransportBinding(binding, spVersion)) {
if (logger.isLoggable(Level.FINE)) {
logger.log(Level.FINE, "TransportBinding was configured in the policy");
}
TransportBindingProcessor tbp =
new TransportBindingProcessor(
(TransportBinding) binding, isServer, isIncoming, _policyContainer);
tbp.process();
processNonBindingAssertions(tbp);
transportBinding = true;
} else {
iAP = new IntegrityAssertionProcessor(_binding.getAlgorithmSuite(), _binding.isSignContent());
eAP = new EncryptionAssertionProcessor(_binding.getAlgorithmSuite(), false);
_policyContainer.setPolicyContainerMode(_binding.getLayout());
if (PolicyUtil.isSymmetricBinding(binding.getName(), spVersion)) {
if (logger.isLoggable(Level.FINE)) {
logger.log(Level.FINE, "SymmetricBinding was configured in the policy");
}
SymmetricBindingProcessor sbp =
new SymmetricBindingProcessor(
(SymmetricBinding) _binding,
_policyContainer,
isServer,
isIncoming,
signedParts,
encryptedParts,
signedElements,
encryptedElements,
spVersion);
if (wssAssertion != null && PolicyUtil.isWSS11(wssAssertion, spVersion)) {
sbp.setWSS11((WSSAssertion) wssAssertion);
}
sbp.process();
processNonBindingAssertions(sbp);
sbp.close();
} else if (PolicyUtil.isAsymmetricBinding(binding.getName(), spVersion)) {
if (logger.isLoggable(Level.FINE)) {
logger.log(Level.FINE, "AsymmetricBinding was configured in the policy");
}
AsymmetricBindingProcessor abp =
new AsymmetricBindingProcessor(
(AsymmetricBinding) _binding,
_policyContainer,
isServer,
isIncoming,
signedParts,
encryptedParts,
signedElements,
encryptedElements,
spVersion);
if (wssAssertion != null && PolicyUtil.isWSS11(wssAssertion, spVersion)) {
abp.setWSS11((WSSAssertion) wssAssertion);
}
abp.process();
processNonBindingAssertions(abp);
abp.close();
}
}
}
