List of usage examples for org.w3c.dom Element setIdAttributeNode
public void setIdAttributeNode(Attr idAttr, boolean isId) throws DOMException;
isId is true, this method declares the specified attribute to be a user-determined ID attribute . From source file:org.apache.jcp.xml.dsig.internal.dom.DOMReference.java
/** * Creates a <code>DOMReference</code> from an element. * * @param refElem a Reference element/*from w w w.ja v a 2 s . c o m*/ */ public DOMReference(Element refElem, XMLCryptoContext context, Provider provider) throws MarshalException { Boolean secureValidation = (Boolean) context.getProperty("org.apache.jcp.xml.dsig.secureValidation"); boolean secVal = false; if (secureValidation != null && secureValidation.booleanValue()) { secVal = true; } // unmarshal Transforms, if specified Element nextSibling = DOMUtils.getFirstChildElement(refElem); List<Transform> transforms = new ArrayList<Transform>(5); if (nextSibling.getLocalName().equals("Transforms")) { Element transformElem = DOMUtils.getFirstChildElement(nextSibling); int transformCount = 0; while (transformElem != null) { transforms.add(new DOMTransform(transformElem, context, provider)); transformElem = DOMUtils.getNextSiblingElement(transformElem); transformCount++; if (secVal && (transformCount > MAXIMUM_TRANSFORM_COUNT)) { String error = "A maxiumum of " + MAXIMUM_TRANSFORM_COUNT + " " + "transforms per Reference are allowed with secure validation"; throw new MarshalException(error); } } nextSibling = DOMUtils.getNextSiblingElement(nextSibling); } // unmarshal DigestMethod Element dmElem = nextSibling; this.digestMethod = DOMDigestMethod.unmarshal(dmElem); String digestMethodAlgorithm = this.digestMethod.getAlgorithm(); if (secVal && MessageDigestAlgorithm.ALGO_ID_DIGEST_NOT_RECOMMENDED_MD5.equals(digestMethodAlgorithm)) { throw new MarshalException( "It is forbidden to use algorithm " + digestMethod + " when secure validation is enabled"); } // unmarshal DigestValue try { Element dvElem = DOMUtils.getNextSiblingElement(dmElem); this.digestValue = Base64.decode(dvElem); } catch (Base64DecodingException bde) { throw new MarshalException(bde); } // unmarshal attributes this.uri = DOMUtils.getAttributeValue(refElem, "URI"); Attr attr = refElem.getAttributeNodeNS(null, "Id"); if (attr != null) { this.id = attr.getValue(); refElem.setIdAttributeNode(attr, true); } else { this.id = null; } this.type = DOMUtils.getAttributeValue(refElem, "Type"); this.here = refElem.getAttributeNodeNS(null, "URI"); this.refElem = refElem; this.transforms = transforms; this.allTransforms = transforms; this.appliedTransformData = null; this.provider = provider; }
From source file:test.integ.be.fedict.hsm.ws.WSSecurityTestSOAPHandler.java
private Element addTimestamp(Element wsSecurityHeaderElement) throws SOAPException, DatatypeConfigurationException { if (false == this.addTimestamp) { return null; }/*from w w w. java2 s.c o m*/ Document document = wsSecurityHeaderElement.getOwnerDocument(); Element timestampElement = document.createElementNS(WSU_NAMESPACE, "wsu:Timestamp"); timestampElement.setAttributeNS(WSU_NAMESPACE, "wsu:Id", "TS"); Attr idAttr = timestampElement.getAttributeNodeNS(WSU_NAMESPACE, "Id"); timestampElement.setIdAttributeNode(idAttr, true); Element createdElement = document.createElementNS(WSU_NAMESPACE, "wsu:Created"); DatatypeFactory datatypeFactory = DatatypeFactory.newInstance(); GregorianCalendar gregorianCalendar = new GregorianCalendar(); Date now = new Date(); gregorianCalendar.setTime(now); gregorianCalendar.setTimeZone(TimeZone.getTimeZone("UTC")); XMLGregorianCalendar xmlGregorianCalendar = datatypeFactory.newXMLGregorianCalendar(gregorianCalendar); createdElement.setTextContent(xmlGregorianCalendar.toXMLFormat()); timestampElement.appendChild(createdElement); Element expiresElement = document.createElementNS(WSU_NAMESPACE, "wsu:Expires"); Date expiresDate = new Date(now.getTime() + 1000 * 60 * 5); gregorianCalendar.setTime(expiresDate); xmlGregorianCalendar = datatypeFactory.newXMLGregorianCalendar(gregorianCalendar); expiresElement.setTextContent(xmlGregorianCalendar.toXMLFormat()); timestampElement.appendChild(expiresElement); wsSecurityHeaderElement.appendChild(timestampElement); return timestampElement; }
From source file:test.unit.be.agiv.security.client.TestUtils.java
/** * XMLSEC 1.5 requires us to explicitly mark the Id's within a DOM document. * //w w w . j a v a2s . c o m * @param document */ public static void markAllIdAttributesAsId(Document document) { Element nsElement = document.createElement("nsElement"); nsElement.setAttributeNS(Constants.NamespaceSpecNS, "xmlns:wsu", WSConstants.WS_SECURITY_UTILITY_NAMESPACE); NodeList elementsWithIdNodeList; try { elementsWithIdNodeList = XPathAPI.selectNodeList(document, "//*[@Id or @wsu:Id]", nsElement); } catch (TransformerException e) { throw new RuntimeException(e); } for (int nodeIdx = 0; nodeIdx < elementsWithIdNodeList.getLength(); nodeIdx++) { Element elementWithId = (Element) elementsWithIdNodeList.item(nodeIdx); LOG.debug("element with Id: " + elementWithId.getLocalName()); Attr attributeNode = elementWithId.getAttributeNode("Id"); if (null == attributeNode) { attributeNode = elementWithId.getAttributeNodeNS(WSConstants.WS_SECURITY_UTILITY_NAMESPACE, "Id"); } elementWithId.setIdAttributeNode(attributeNode, true); } }
From source file:test.unit.be.fedict.eid.idp.protocol.saml2.SAML2Test.java
@Test public void testAssertionSigning() throws Exception { // Setup/*from w w w .j ava 2 s. c om*/ DateTime notBefore = new DateTime(); DateTime notAfter = notBefore.plusMonths(1); KeyPair rootKeyPair = generateKeyPair(); X509Certificate rootCertificate = generateSelfSignedCertificate(rootKeyPair, "CN=TestRoot", notBefore, notAfter); KeyPair endKeyPair = generateKeyPair(); X509Certificate endCertificate = generateCertificate(endKeyPair.getPublic(), "CN=Test", notBefore, notAfter, rootCertificate, rootKeyPair.getPrivate()); Certificate[] certChain = { endCertificate, rootCertificate }; KeyStore.PrivateKeyEntry idpIdentity = new KeyStore.PrivateKeyEntry(endKeyPair.getPrivate(), certChain); // Operate: sign Assertion assertion = Saml2Util.getAssertion("test-issuer", "test-in-response-to", "test-audience", "test-recipient", 5, new DateTime(), SamlAuthenticationPolicy.AUTHENTICATION, UUID.randomUUID().toString(), new HashMap<String, be.fedict.eid.idp.common.Attribute>(), null, null); Assertion signedAssertion = (Assertion) Saml2Util.sign(assertion, idpIdentity); // Verify String result = Saml2Util.domToString(Saml2Util.marshall(signedAssertion), true); LOG.debug("DOM signed assertion: " + result); String result2 = Saml2Util.domToString(Saml2Util.marshall(assertion), true); LOG.debug("signed assertion: " + result2); assertEquals(result, result2); // Fix for recent Apache Xmlsec libraries. Element signedAssertionElement = (Element) signedAssertion.getDOM(); String assertionId = assertion.getID(); Element locatedElement = signedAssertionElement.getOwnerDocument().getElementById(assertionId); LOG.debug("element located by ID: " + (null != locatedElement)); Attr attr = signedAssertionElement.getAttributeNode("ID"); signedAssertionElement.setIdAttributeNode(attr, true); signedAssertion.setDOM(signedAssertionElement); // Operate: validate Saml2Util.validateSignature(signedAssertion.getSignature()); }