List of usage examples for org.w3c.dom Element getNamespaceURI
public String getNamespaceURI();
null if it is unspecified (see ). From source file:org.apache.ws.security.str.EncryptedKeySTRParser.java
/** * Parse a SecurityTokenReference element and extract credentials. * /*from w w w . j a va 2s . c om*/ * @param strElement The SecurityTokenReference element * @param data the RequestData associated with the request * @param wsDocInfo The WSDocInfo object to access previous processing results * @param parameters A set of implementation-specific parameters * @throws WSSecurityException */ public void parseSecurityTokenReference(Element strElement, RequestData data, WSDocInfo wsDocInfo, Map<String, Object> parameters) throws WSSecurityException { Crypto crypto = data.getDecCrypto(); WSSConfig config = data.getWssConfig(); boolean bspCompliant = true; if (config != null) { bspCompliant = config.isWsiBSPCompliant(); } SecurityTokenReference secRef = new SecurityTokenReference(strElement, bspCompliant); String uri = null; if (secRef.containsReference()) { uri = secRef.getReference().getURI(); if (uri.charAt(0) == '#') { uri = uri.substring(1); } referenceType = REFERENCE_TYPE.DIRECT_REF; } else if (secRef.containsKeyIdentifier()) { uri = secRef.getKeyIdentifierValue(); if (SecurityTokenReference.THUMB_URI.equals(secRef.getKeyIdentifierValueType())) { referenceType = REFERENCE_TYPE.THUMBPRINT_SHA1; } else { referenceType = REFERENCE_TYPE.KEY_IDENTIFIER; } } WSSecurityEngineResult result = wsDocInfo.getResult(uri); if (result != null) { processPreviousResult(result, secRef, data, wsDocInfo, bspCompliant); } else if (secRef.containsKeyIdentifier()) { if (WSConstants.WSS_SAML_KI_VALUE_TYPE.equals(secRef.getKeyIdentifierValueType()) || WSConstants.WSS_SAML2_KI_VALUE_TYPE.equals(secRef.getKeyIdentifierValueType())) { AssertionWrapper assertion = SAMLUtil.getAssertionFromKeyIdentifier(secRef, strElement, data, wsDocInfo); if (bspCompliant) { BSPEnforcer.checkSamlTokenBSPCompliance(secRef, assertion); } SAMLKeyInfo samlKi = SAMLUtil.getCredentialFromSubject(assertion, data, wsDocInfo, bspCompliant); certs = samlKi.getCerts(); } else { if (bspCompliant) { BSPEnforcer.checkBinarySecurityBSPCompliance(secRef, null); } certs = secRef.getKeyIdentifier(crypto); } } else if (secRef.containsX509Data() || secRef.containsX509IssuerSerial()) { referenceType = REFERENCE_TYPE.ISSUER_SERIAL; certs = secRef.getX509IssuerSerial(crypto); } else if (secRef.containsReference()) { Element bstElement = secRef.getTokenElement(strElement.getOwnerDocument(), wsDocInfo, data.getCallbackHandler()); // at this point ... check token type: Binary QName el = new QName(bstElement.getNamespaceURI(), bstElement.getLocalName()); if (el.equals(WSSecurityEngine.BINARY_TOKEN)) { X509Security token = new X509Security(bstElement); if (bspCompliant) { BSPEnforcer.checkBinarySecurityBSPCompliance(secRef, token); } certs = new X509Certificate[] { token.getX509Certificate(crypto) }; } else { throw new WSSecurityException(WSSecurityException.UNSUPPORTED_SECURITY_TOKEN, "unsupportedBinaryTokenType", null); } } if (LOG.isDebugEnabled() && certs != null && certs[0] != null) { LOG.debug("cert: " + certs[0]); } }
From source file:org.apache.ws.security.util.WSSecurityUtil.java
/** * create a new element in the same namespace <p/> * //from w w w .j a v a 2 s. c o m * @param parent for the new element * @param localName of the new element * @return the new element */ private static Element createElementInSameNamespace(Element parent, String localName) { String qName = localName; String prefix = parent.getPrefix(); if (prefix != null && prefix.length() > 0) { qName = prefix + ":" + localName; } String nsUri = parent.getNamespaceURI(); return parent.getOwnerDocument().createElementNS(nsUri, qName); }
From source file:org.apache.ws.security.util.WSSecurityUtil.java
/** * find a child element with given namespace and local name <p/> * //from ww w . j av a 2s .c o m * @param parent the node to start the search * @param namespaceUri of the element * @param localName of the element * @return the found element or null if the element does not exist */ private static Element findChildElement(Element parent, String namespaceUri, String localName) { NodeList children = parent.getChildNodes(); int len = children.getLength(); for (int i = 0; i < len; i++) { Node child = children.item(i); if (child.getNodeType() == Node.ELEMENT_NODE) { Element elementChild = (Element) child; if (namespaceUri.equals(elementChild.getNamespaceURI()) && localName.equals(elementChild.getLocalName())) { return elementChild; } } } return null; }
From source file:org.apache.xml.security.c14n.implementations.Canonicalizer11.java
protected void handleParent(Element e, NameSpaceSymbTable ns) { if (!e.hasAttributes() && e.getNamespaceURI() == null) { return;// www . java 2 s . com } xmlattrStack.push(-1); NamedNodeMap attrs = e.getAttributes(); int attrsLength = attrs.getLength(); for (int i = 0; i < attrsLength; i++) { Attr attribute = (Attr) attrs.item(i); String NName = attribute.getLocalName(); String NValue = attribute.getNodeValue(); if (Constants.NamespaceSpecNS.equals(attribute.getNamespaceURI())) { if (!XML.equals(NName) || !Constants.XML_LANG_SPACE_SpecNS.equals(NValue)) { ns.addMapping(NName, NValue, attribute); } } else if (!"id".equals(NName) && XML_LANG_URI.equals(attribute.getNamespaceURI())) { xmlattrStack.addXmlnsAttr(attribute); } } if (e.getNamespaceURI() != null) { String NName = e.getPrefix(); String NValue = e.getNamespaceURI(); String Name; if (NName == null || NName.equals("")) { NName = "xmlns"; Name = "xmlns"; } else { Name = "xmlns:" + NName; } Attr n = e.getOwnerDocument().createAttributeNS("http://www.w3.org/2000/xmlns/", Name); n.setValue(NValue); ns.addMapping(NName, NValue, n); } }
From source file:org.apache.xml.security.keys.keyresolver.implementations.RetrievalMethodResolver.java
/** * Retrieves a x509Certificate from the given information * @param e// w ww . j ava 2 s . c om * @param BaseURI * @param storage * @return * @throws KeyResolverException */ private static X509Certificate resolveCertificate(Element e, String BaseURI, StorageResolver storage) throws KeyResolverException { if (log.isDebugEnabled()) { log.debug("Now we have a {" + e.getNamespaceURI() + "}" + e.getLocalName() + " Element"); } // An element has been provided if (e != null) { return KeyResolver.getX509Certificate(e, BaseURI, storage); } return null; }
From source file:org.apache.xml.security.keys.keyresolver.implementations.RetrievalMethodResolver.java
/** * Retrieves a PublicKey from the given information * @param e//from w ww. ja v a 2 s . c o m * @param BaseURI * @param storage * @return * @throws KeyResolverException */ private static PublicKey resolveKey(Element e, String BaseURI, StorageResolver storage) throws KeyResolverException { if (log.isDebugEnabled()) { log.debug("Now we have a {" + e.getNamespaceURI() + "}" + e.getLocalName() + " Element"); } // An element has been provided if (e != null) { return KeyResolver.getPublicKey(e, BaseURI, storage); } return null; }
From source file:org.apache.xml.security.samples.signature.CreateCollectableSignature.java
/** * Method main// w ww.j a v a 2 s . com * * @param unused * @throws Exception */ public static void main(String unused[]) throws Exception { //J- File signatureFile = new File("collectableSignature.xml"); String BaseURI = signatureFile.toURL().toString(); //J+ javax.xml.parsers.DocumentBuilderFactory dbf = javax.xml.parsers.DocumentBuilderFactory.newInstance(); dbf.setNamespaceAware(true); javax.xml.parsers.DocumentBuilder db = dbf.newDocumentBuilder(); org.w3c.dom.Document doc = db.newDocument(); Element rootElement = doc.createElementNS(null, "root"); doc.appendChild(rootElement); /* Element signedResourceElement = doc.createElementNS("http://custom/", "custom:signedContent"); signedResourceElement.setAttributeNS(Constants.NamespaceNS, "xmlns:custom", "http://custom/"); signedResourceElement.setAttributeNS(null, "Id", "id0"); */ Element signedResourceElement = doc.createElementNS(null, "signedContent"); signedResourceElement.appendChild(doc.createTextNode("Signed Text\n")); rootElement.appendChild(signedResourceElement); XMLSignature sig = new XMLSignature(doc, BaseURI, XMLSignature.ALGO_ID_MAC_HMAC_SHA1); signedResourceElement.appendChild(sig.getElement()); { String rootnamespace = signedResourceElement.getNamespaceURI(); boolean rootprefixed = (rootnamespace != null) && (rootnamespace.length() > 0); String rootlocalname = signedResourceElement.getNodeName(); Transforms transforms = new Transforms(doc); XPathContainer xpath = new XPathContainer(doc); xpath.setXPathNamespaceContext("ds", Constants.SignatureSpecNS); if (rootprefixed) { xpath.setXPathNamespaceContext("root", rootnamespace); } //J- String xpathStr = "\n" + "count( " + "\n" + " ancestor-or-self::" + (rootprefixed ? "root:" : "") + rootlocalname + "" + "\n" + " | " + "\n" + " here()/ancestor::" + (rootprefixed ? "root:" : "") + rootlocalname + "[1] " + "\n" + ") <= count( " + "\n" + " ancestor-or-self::" + (rootprefixed ? "root:" : "") + rootlocalname + "" + "\n" + ") " + "\n" + " and " + "\n" + "count( " + "\n" + " ancestor-or-self::ds:Signature " + "\n" + " | " + "\n" + " here()/ancestor::ds:Signature[1] " + "\n" + ") > count( " + "\n" + " ancestor-or-self::ds:Signature " + "\n" + ") " + "\n" ; //J+ xpath.setXPath(xpathStr); transforms.addTransform(Transforms.TRANSFORM_XPATH, xpath.getElementPlusReturns()); sig.addDocument("", transforms, Constants.ALGO_ID_DIGEST_SHA1); } { sig.getKeyInfo().add(new KeyName(doc, CreateCollectableSignature.passphrase)); System.out.println("Start signing"); sig.sign(sig.createSecretKey(CreateCollectableSignature.passphrase.getBytes())); System.out.println("Finished signing"); } FileOutputStream f = new FileOutputStream(signatureFile); XMLUtils.outputDOMc14nWithComments(doc, f); f.close(); System.out.println("Wrote signature to " + BaseURI); SignedInfo s = sig.getSignedInfo(); for (int i = 0; i < s.getSignedContentLength(); i++) { System.out.println("################ Signed Resource " + i + " ################"); System.out.println(new String(s.getSignedContentItem(i))); System.out.println(); } }
From source file:org.apache.xml.security.signature.Reference.java
/** * Build a {@link Reference} from an {@link Element} * * @param element <code>Reference</code> element * @param BaseURI the URI of the resource where the XML instance was stored * @param manifest is the {@link Manifest} of {@link SignedInfo} in which the Reference occurs. * We need this because the Manifest has the individual {@link ResourceResolver}s which have * been set by the user//from w ww. j av a2s . c o m * @throws XMLSecurityException */ protected Reference(Element element, String BaseURI, Manifest manifest) throws XMLSecurityException { super(element, BaseURI); this.baseURI = BaseURI; Element el = XMLUtils.getNextElement(element.getFirstChild()); if (Constants._TAG_TRANSFORMS.equals(el.getLocalName()) && Constants.SignatureSpecNS.equals(el.getNamespaceURI())) { transforms = new Transforms(el, this.baseURI); el = XMLUtils.getNextElement(el.getNextSibling()); } digestMethodElem = el; digestValueElement = XMLUtils.getNextElement(digestMethodElem.getNextSibling()); this.manifest = manifest; }
From source file:org.apache.xml.security.signature.XMLSignature.java
/** * This will parse the element and construct the Java Objects. * That will allow a user to validate the signature. * * @param element ds:Signature element that contains the whole signature * @param BaseURI URI to be prepended to all relative URIs * @throws XMLSecurityException/*from w w w . j a v a 2 s . c o m*/ * @throws XMLSignatureException if the signature is badly formatted */ public XMLSignature(Element element, String BaseURI) throws XMLSignatureException, XMLSecurityException { super(element, BaseURI); // check out SignedInfo child Element signedInfoElem = XMLUtils.getNextElement(element.getFirstChild()); // check to see if it is there if (signedInfoElem == null) { Object exArgs[] = { Constants._TAG_SIGNEDINFO, Constants._TAG_SIGNATURE }; throw new XMLSignatureException("xml.WrongContent", exArgs); } // create a SignedInfo object from that element this.signedInfo = new SignedInfo(signedInfoElem, BaseURI); // get signedInfoElem again in case it has changed signedInfoElem = XMLUtils.getNextElement(element.getFirstChild()); // check out SignatureValue child this.signatureValueElement = XMLUtils.getNextElement(signedInfoElem.getNextSibling()); // check to see if it exists if (signatureValueElement == null) { Object exArgs[] = { Constants._TAG_SIGNATUREVALUE, Constants._TAG_SIGNATURE }; throw new XMLSignatureException("xml.WrongContent", exArgs); } // <element ref="ds:KeyInfo" minOccurs="0"/> Element keyInfoElem = XMLUtils.getNextElement(signatureValueElement.getNextSibling()); // If it exists use it, but it's not mandatory if (keyInfoElem != null && keyInfoElem.getNamespaceURI().equals(Constants.SignatureSpecNS) && keyInfoElem.getLocalName().equals(Constants._TAG_KEYINFO)) { this.keyInfo = new KeyInfo(keyInfoElem, BaseURI); } this.state = MODE_VERIFY; }
From source file:org.apache.xml.security.utils.IdResolver.java
public static int isElement(Element el, String id, Element[] els) { if (!el.hasAttributes()) { return 0; }/*from w ww . j a v a 2 s.c om*/ NamedNodeMap ns = el.getAttributes(); int elementIndex = names.indexOf(el.getNamespaceURI()); elementIndex = (elementIndex < 0) ? namesLength : elementIndex; for (int length = ns.getLength(), i = 0; i < length; i++) { Attr n = (Attr) ns.item(i); String s = n.getNamespaceURI(); int index = s == null ? elementIndex : names.indexOf(n.getNamespaceURI()); index = (index < 0) ? namesLength : index; String name = n.getLocalName(); if (name == null) { name = n.getName(); } if (name.length() > 2) { continue; } String value = n.getNodeValue(); if (name.charAt(0) == 'I') { char ch = name.charAt(1); if (ch == 'd' && value.equals(id)) { els[index] = el; if (index == 0) { return 1; } } else if (ch == 'D' && value.endsWith(id)) { if (index != 3) { index = namesLength; } els[index] = el; } } else if ("id".equals(name) && value.equals(id)) { if (index != 2) { index = namesLength; } els[index] = el; } } //For an element namespace search for importants if ((elementIndex == 3) && (el.getAttribute("OriginalRequestID").equals(id) || el.getAttribute("RequestID").equals(id) || el.getAttribute("ResponseID").equals(id))) { els[3] = el; } else if ((elementIndex == 4) && (el.getAttribute("AssertionID").equals(id))) { els[4] = el; } else if ((elementIndex == 5) && (el.getAttribute("RequestID").equals(id) || el.getAttribute("ResponseID").equals(id))) { els[5] = el; } return 0; }