in ws-security-stax/src/main/java/org/apache/wss4j/stax/setup/WSSec.java [172:283]
public static WSSSecurityProperties validateAndApplyDefaultsToOutboundSecurityProperties(WSSSecurityProperties securityProperties)
throws WSSConfigurationException {
if (securityProperties.getActions() == null || securityProperties.getActions().isEmpty()) {
throw new WSSConfigurationException(WSSConfigurationException.ErrorCode.FAILURE, "noOutputAction");
}
// Check for duplicate actions
if (new HashSet<XMLSecurityConstants.Action>(securityProperties.getActions()).size()
!= securityProperties.getActions().size()) {
throw new WSSConfigurationException(WSSConfigurationException.ErrorCode.FAILURE, "stax.duplicateActions");
}
for (XMLSecurityConstants.Action action : securityProperties.getActions()) {
if (WSSConstants.TIMESTAMP.equals(action)) {
if (securityProperties.getTimestampTTL() == null) {
securityProperties.setTimestampTTL(300);
}
} else if (WSSConstants.SIGNATURE.equals(action)) {
checkOutboundSignatureProperties(securityProperties);
} else if (WSSConstants.ENCRYPT.equals(action)) {
checkOutboundEncryptionProperties(securityProperties);
} else if (WSSConstants.USERNAMETOKEN.equals(action)) {
if (securityProperties.getTokenUser() == null) {
throw new WSSConfigurationException(WSSConfigurationException.ErrorCode.FAILURE, "noTokenUser");
}
if (securityProperties.getCallbackHandler() == null
&& WSSConstants.UsernameTokenPasswordType.PASSWORD_NONE != securityProperties.getUsernameTokenPasswordType()) {
throw new WSSConfigurationException(WSSConfigurationException.ErrorCode.FAILURE, "noCallback");
}
if (securityProperties.getUsernameTokenPasswordType() == null) {
securityProperties.setUsernameTokenPasswordType(WSSConstants.UsernameTokenPasswordType.PASSWORD_DIGEST);
}
} else if (WSSConstants.USERNAMETOKEN_SIGNED.equals(action)) {
if (securityProperties.getTokenUser() == null) {
throw new WSSConfigurationException(WSSConfigurationException.ErrorCode.FAILURE, "noTokenUser");
}
if (securityProperties.getCallbackHandler() == null) {
throw new WSSConfigurationException(WSSConfigurationException.ErrorCode.FAILURE, "noCallback");
}
if (securityProperties.getSignatureAlgorithm() == null) {
securityProperties.setSignatureAlgorithm(WSSConstants.NS_XMLDSIG_HMACSHA1);
}
if (securityProperties.getSignatureDigestAlgorithm() == null) {
securityProperties.setSignatureDigestAlgorithm(WSSConstants.NS_XMLDSIG_SHA1);
}
if (securityProperties.getSignatureCanonicalizationAlgorithm() == null) {
securityProperties.setSignatureCanonicalizationAlgorithm(WSSConstants.NS_C14N_EXCL);
}
securityProperties.setSignatureKeyIdentifier(WSSecurityTokenConstants.KEYIDENTIFIER_USERNAME_TOKEN_REFERENCE);
if (securityProperties.getUsernameTokenPasswordType() == null) {
securityProperties.setUsernameTokenPasswordType(WSSConstants.UsernameTokenPasswordType.PASSWORD_DIGEST);
}
checkDefaultSecureParts(true, securityProperties);
} else if (WSSConstants.SIGNATURE_WITH_DERIVED_KEY.equals(action)) {
checkOutboundSignatureDerivedProperties(securityProperties);
} else if (WSSConstants.ENCRYPTION_WITH_DERIVED_KEY.equals(action)) {
checkOutboundEncryptionDerivedProperties(securityProperties);
} else if (WSSConstants.SAML_TOKEN_SIGNED.equals(action)) {
if (securityProperties.getCallbackHandler() == null) {
throw new WSSConfigurationException(WSSConfigurationException.ErrorCode.FAILURE, "noCallback");
}
if (securityProperties.getSamlCallbackHandler() == null) {
throw new WSSConfigurationException(WSSConfigurationException.ErrorCode.FAILURE, "noSAMLCallbackHandler");
}
if (securityProperties.getSignatureAlgorithm() == null) {
securityProperties.setSignatureAlgorithm(WSSConstants.NS_XMLDSIG_RSASHA1);
}
if (securityProperties.getSignatureDigestAlgorithm() == null) {
securityProperties.setSignatureDigestAlgorithm(WSSConstants.NS_XMLDSIG_SHA1);
}
if (securityProperties.getSignatureCanonicalizationAlgorithm() == null) {
securityProperties.setSignatureCanonicalizationAlgorithm(WSSConstants.NS_C14N_EXCL);
}
if (securityProperties.getSignatureKeyIdentifiers().isEmpty()) {
securityProperties.setSignatureKeyIdentifier(WSSecurityTokenConstants.KEYIDENTIFIER_SECURITY_TOKEN_DIRECT_REFERENCE);
}
checkDefaultSecureParts(true, securityProperties);
} else if (WSSConstants.SAML_TOKEN_UNSIGNED.equals(action)
&& securityProperties.getSamlCallbackHandler() == null) {
throw new WSSConfigurationException(WSSConfigurationException.ErrorCode.FAILURE, "noSAMLCallbackHandler");
} else if (WSSConstants.SIGNATURE_WITH_KERBEROS_TOKEN.equals(action)) {
if (securityProperties.getCallbackHandler() == null) {
throw new WSSConfigurationException(WSSConfigurationException.ErrorCode.FAILURE, "noCallback");
}
if (securityProperties.getSignatureAlgorithm() == null) {
securityProperties.setSignatureAlgorithm(WSSConstants.NS_XMLDSIG_HMACSHA1);
}
if (securityProperties.getSignatureDigestAlgorithm() == null) {
securityProperties.setSignatureDigestAlgorithm(WSSConstants.NS_XMLDSIG_SHA1);
}
if (securityProperties.getSignatureCanonicalizationAlgorithm() == null) {
securityProperties.setSignatureCanonicalizationAlgorithm(WSSConstants.NS_C14N_EXCL);
}
if (securityProperties.getSignatureKeyIdentifiers().isEmpty()) {
securityProperties.setSignatureKeyIdentifier(WSSecurityTokenConstants.KEYIDENTIFIER_SECURITY_TOKEN_DIRECT_REFERENCE);
}
checkDefaultSecureParts(true, securityProperties);
} else if (WSSConstants.ENCRYPTION_WITH_KERBEROS_TOKEN.equals(action)) {
if (securityProperties.getCallbackHandler() == null) {
throw new WSSConfigurationException(WSSConfigurationException.ErrorCode.FAILURE, "noCallback");
}
if (securityProperties.getEncryptionSymAlgorithm() == null) {
securityProperties.setEncryptionSymAlgorithm(WSSConstants.NS_XENC_AES256);
}
if (securityProperties.getSignatureKeyIdentifiers().isEmpty()) {
securityProperties.setSignatureKeyIdentifier(WSSecurityTokenConstants.KEYIDENTIFIER_SECURITY_TOKEN_DIRECT_REFERENCE);
}
checkDefaultSecureParts(false, securityProperties);
}
}
return new WSSSecurityProperties(securityProperties);
}