in src/main/java/org/apache/xml/security/stax/ext/OutboundXMLSec.java [98:191]
private XMLStreamWriter processOutMessage(
Object output, String encoding, SecurityEventListener eventListener) throws XMLSecurityException {
LOG.log(Level.DEBUG, "processOutMessage(output.class={0}, encoding={1}, eventListener={2})",
output.getClass(), encoding, eventListener);
final OutboundSecurityContextImpl outboundSecurityContext = new OutboundSecurityContextImpl();
if (eventListener != null) {
outboundSecurityContext.addSecurityEventListener(eventListener);
}
final DocumentContextImpl documentContext = new DocumentContextImpl();
documentContext.setEncoding(encoding);
OutputProcessorChainImpl outputProcessorChain = new OutputProcessorChainImpl(outboundSecurityContext, documentContext);
SecurePart signEntireRequestPart = null;
SecurePart encryptEntireRequestPart = null;
int actionOrder = 0;
for (XMLSecurityConstants.Action action : securityProperties.getActions()) {
if (XMLSecurityConstants.SIGNATURE.equals(action)) {
XMLSignatureOutputProcessor signatureOutputProcessor = new XMLSignatureOutputProcessor();
initializeOutputProcessor(outputProcessorChain, signatureOutputProcessor, action, actionOrder++);
configureSignatureKeys(outboundSecurityContext);
List<SecurePart> signatureParts = securityProperties.getSignatureSecureParts();
for (SecurePart securePart : signatureParts) {
if (securePart.getIdToSecure() == null && securePart.getName() != null) {
outputProcessorChain.getSecurityContext().putAsMap(
XMLSecurityConstants.SIGNATURE_PARTS,
securePart.getName(),
securePart
);
} else if (securePart.getIdToSecure() != null) {
outputProcessorChain.getSecurityContext().putAsMap(
XMLSecurityConstants.SIGNATURE_PARTS,
securePart.getIdToSecure(),
securePart
);
} else if (securePart.getExternalReference() != null) {
outputProcessorChain.getSecurityContext().putAsMap(
XMLSecurityConstants.SIGNATURE_PARTS,
securePart.getExternalReference(),
securePart
);
} else if (securePart.isSecureEntireRequest()) {
// Special functionality to sign the first element in the request
signEntireRequestPart = securePart;
}
}
} else if (XMLSecurityConstants.ENCRYPTION.equals(action)) {
XMLEncryptOutputProcessor encryptOutputProcessor = new XMLEncryptOutputProcessor();
initializeOutputProcessor(outputProcessorChain, encryptOutputProcessor, action, actionOrder++);
configureEncryptionKeys(outboundSecurityContext);
List<SecurePart> encryptionParts = securityProperties.getEncryptionSecureParts();
for (SecurePart securePart : encryptionParts) {
if (securePart.getIdToSecure() == null && securePart.getName() != null) {
outputProcessorChain.getSecurityContext().putAsMap(
XMLSecurityConstants.ENCRYPTION_PARTS,
securePart.getName(),
securePart
);
} else if (securePart.getIdToSecure() != null) {
outputProcessorChain.getSecurityContext().putAsMap(
XMLSecurityConstants.ENCRYPTION_PARTS,
securePart.getIdToSecure(),
securePart
);
} else if (securePart.isSecureEntireRequest()) {
// Special functionality to encrypt the first element in the request
encryptEntireRequestPart = securePart;
}
}
}
}
if (output instanceof OutputStream) {
final FinalOutputProcessor finalOutputProcessor = new FinalOutputProcessor((OutputStream) output, encoding);
initializeOutputProcessor(outputProcessorChain, finalOutputProcessor, null, -1);
} else if (output instanceof XMLStreamWriter) {
final FinalOutputProcessor finalOutputProcessor = new FinalOutputProcessor((XMLStreamWriter) output);
initializeOutputProcessor(outputProcessorChain, finalOutputProcessor, null, -1);
} else {
throw new IllegalArgumentException(output + " is not supported as output");
}
XMLSecurityStreamWriter streamWriter = new XMLSecurityStreamWriter(outputProcessorChain);
streamWriter.setSignEntireRequestPart(signEntireRequestPart);
streamWriter.setEncryptEntireRequestPart(encryptEntireRequestPart);
return streamWriter;
}