/** * Find Base64 encoded certificate used to sign given message. No default constructor: Once * content has been created, remains unchanged for life of the instance. * * @param msg (received) SOAP message to parse * @exception JAXRException if any problem at all occurs, wrapping problems decoding content (from * Base64) and any caught CertificateException or SOAPException */ public ReceivedCertificate(SOAPMessage msg) throws JAXRException { // @wss:Id attribute value for <BinarySecurityToken/> element of interest final String tokenId = CanonicalConstants.CANONICAL_URI_SENDER_CERT; try { final Name binSecTokenName = SOAPFactory.newInstance().createName("BinarySecurityToken", "wsse", securityNS); SOAPHeader hdr = msg.getSOAPHeader(); Iterator hdrElemIter = hdr.examineAllHeaderElements(); while (hdrElemIter.hasNext()) { Object hdrElemObj = hdrElemIter.next(); if (hdrElemObj instanceof SOAPHeaderElement) { // found a SOAP header element of some type SOAPHeaderElement hdrElem = (SOAPHeaderElement) hdrElemObj; if ((hdrElem.getLocalName().equals("Security")) && (hdrElem.getNamespaceURI().equals(securityNS))) { // found a <wss:Security/> element // Name binSecTokenName = SOAPFactory.newInstance(). // createName("BinarySecurityToken", "wsse", securityNS); Iterator secTokensIter = hdrElem.getChildElements(binSecTokenName); while (secTokensIter.hasNext()) { Object binSecTokenObj = secTokensIter.next(); if (binSecTokenObj instanceof Element) { // found a <BinarySecurityToken/> element Element binSecTokenElem = (Element) binSecTokenObj; String _tokenId = binSecTokenElem.getAttributeNS(securityUtilityNS, "Id"); if (_tokenId.equals(tokenId)) { // found propery identified element if (null == cert) { // found first cert content InputStream is = null; String encodedData = binSecTokenElem.getFirstChild().getNodeValue(); try { try { is = new ByteArrayInputStream(encodedData.getBytes("UTF-8")); is = MimeUtility.decode(is, "base64"); } catch (Exception e) { throw new JAXRException( CommonResourceBundle.getInstance() .getString("message.UnableToDecodeData"), e); } CertificateFactory cf = CertificateFactory.getInstance("X.509"); cert = (X509Certificate) cf.generateCertificate(is); } finally { if (is != null) { try { is.close(); } catch (Exception e) { } } } } else { // found second cert content foundMultiple = true; break; } } } } } } } } catch (SOAPException e) { throw new JAXRException( CommonResourceBundle.getInstance().getString("message.CouldNotGetCertificate"), e); } catch (CertificateException e) { throw new JAXRException( CommonResourceBundle.getInstance().getString("message.CouldNotGetCertificate"), e); } }