in ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/BinarySecurityTokenOutputProcessor.java [51:138]
public void processEvent(XMLSecEvent xmlSecEvent, OutputProcessorChain outputProcessorChain)
throws XMLStreamException, XMLSecurityException {
try {
GenericOutboundSecurityToken securityToken = null;
XMLSecurityConstants.Action action = getAction();
String tokenId = null;
if (WSSConstants.SIGNATURE.equals(action)
|| WSSConstants.SAML_TOKEN_SIGNED.equals(action)) {
tokenId = outputProcessorChain.getSecurityContext().get(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_SIGNATURE);
} else if (WSSConstants.ENCRYPTION.equals(action)) {
tokenId = outputProcessorChain.getSecurityContext().get(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_ENCRYPTED_KEY);
} else if (WSSConstants.ENCRYPTION_WITH_KERBEROS_TOKEN.equals(getAction())
|| WSSConstants.SIGNATURE_WITH_KERBEROS_TOKEN.equals(getAction())
|| WSSConstants.KERBEROS_TOKEN.equals(getAction())) {
tokenId = outputProcessorChain.getSecurityContext().get(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_KERBEROS);
}
SecurityTokenProvider<OutboundSecurityToken> tokenProvider = null;
if (tokenId != null) {
tokenProvider =
outputProcessorChain.getSecurityContext().getSecurityTokenProvider(tokenId);
if (tokenProvider != null) {
securityToken = (GenericOutboundSecurityToken)tokenProvider.getSecurityToken();
}
}
boolean includeToken = false;
WSSecurityTokenConstants.KeyIdentifier keyIdentifier = null;
if ((WSSConstants.SIGNATURE.equals(action) || WSSConstants.SAML_TOKEN_SIGNED.equals(action))
&& !getSecurityProperties().getSignatureKeyIdentifiers().isEmpty()) {
includeToken = ((WSSSecurityProperties) getSecurityProperties()).isIncludeSignatureToken();
keyIdentifier = getSecurityProperties().getSignatureKeyIdentifiers().get(0);
} else if (WSSConstants.ENCRYPTION.equals(action)) {
includeToken = ((WSSSecurityProperties) getSecurityProperties()).isIncludeEncryptionToken();
keyIdentifier = getSecurityProperties().getEncryptionKeyIdentifier();
}
if (securityToken != null) {
if (WSSConstants.SIGNATURE.equals(action)
&& (includeToken || WSSecurityTokenConstants.KEYIDENTIFIER_SECURITY_TOKEN_DIRECT_REFERENCE.equals(keyIdentifier))
&& (securityToken.getTokenType() == null
|| WSSecurityTokenConstants.X509V3Token.equals(securityToken.getTokenType()))) {
FinalBinarySecurityTokenOutputProcessor finalBinarySecurityTokenOutputProcessor =
new FinalBinarySecurityTokenOutputProcessor(securityToken);
finalBinarySecurityTokenOutputProcessor.setXMLSecurityProperties(getSecurityProperties());
finalBinarySecurityTokenOutputProcessor.setAction(getAction(), getActionOrder());
finalBinarySecurityTokenOutputProcessor.addBeforeProcessor(WSSSignatureOutputProcessor.class);
finalBinarySecurityTokenOutputProcessor.init(outputProcessorChain);
securityToken.setProcessor(finalBinarySecurityTokenOutputProcessor);
} else if (WSSConstants.SAML_TOKEN_SIGNED.equals(action) && includeToken
&& (securityToken.getTokenType() == null
|| WSSecurityTokenConstants.X509V3Token.equals(securityToken.getTokenType()))) {
FinalBinarySecurityTokenOutputProcessor finalBinarySecurityTokenOutputProcessor =
new FinalBinarySecurityTokenOutputProcessor(securityToken);
finalBinarySecurityTokenOutputProcessor.setXMLSecurityProperties(getSecurityProperties());
finalBinarySecurityTokenOutputProcessor.setAction(getAction(), getActionOrder());
finalBinarySecurityTokenOutputProcessor.addBeforeProcessor(WSSSignatureOutputProcessor.class);
finalBinarySecurityTokenOutputProcessor.init(outputProcessorChain);
securityToken.setProcessor(finalBinarySecurityTokenOutputProcessor);
} else if (WSSConstants.ENCRYPTION.equals(action)
&& (includeToken || WSSecurityTokenConstants.KEYIDENTIFIER_SECURITY_TOKEN_DIRECT_REFERENCE.equals(keyIdentifier))
&& (securityToken.getTokenType() == null
|| WSSecurityTokenConstants.X509V3Token.equals(securityToken.getTokenType()))) {
FinalBinarySecurityTokenOutputProcessor finalBinarySecurityTokenOutputProcessor =
new FinalBinarySecurityTokenOutputProcessor(securityToken);
finalBinarySecurityTokenOutputProcessor.setXMLSecurityProperties(getSecurityProperties());
finalBinarySecurityTokenOutputProcessor.setAction(getAction(), getActionOrder());
finalBinarySecurityTokenOutputProcessor.addAfterProcessor(EncryptEndingOutputProcessor.class);
finalBinarySecurityTokenOutputProcessor.init(outputProcessorChain);
securityToken.setProcessor(finalBinarySecurityTokenOutputProcessor);
} else if (WSSConstants.ENCRYPTION_WITH_KERBEROS_TOKEN.equals(getAction())
|| WSSConstants.SIGNATURE_WITH_KERBEROS_TOKEN.equals(getAction())
|| WSSConstants.KERBEROS_TOKEN.equals(getAction())) {
FinalBinarySecurityTokenOutputProcessor finalBinarySecurityTokenOutputProcessor =
new FinalBinarySecurityTokenOutputProcessor(securityToken);
finalBinarySecurityTokenOutputProcessor.setXMLSecurityProperties(getSecurityProperties());
finalBinarySecurityTokenOutputProcessor.setAction(getAction(), getActionOrder());
finalBinarySecurityTokenOutputProcessor.addBeforeProcessor(WSSSignatureOutputProcessor.class);
finalBinarySecurityTokenOutputProcessor.init(outputProcessorChain);
securityToken.setProcessor(finalBinarySecurityTokenOutputProcessor);
}
}
} finally {
outputProcessorChain.removeProcessor(this);
}
outputProcessorChain.processEvent(xmlSecEvent);
}