1 /**
2 * Licensed to the Apache Software Foundation (ASF) under one
3 * or more contributor license agreements. See the NOTICE file
4 * distributed with this work for additional information
5 * regarding copyright ownership. The ASF licenses this file
6 * to you under the Apache License, Version 2.0 (the
7 * "License"); you may not use this file except in compliance
8 * with the License. You may obtain a copy of the License at
9 *
10 * http://www.apache.org/licenses/LICENSE-2.0
11 *
12 * Unless required by applicable law or agreed to in writing,
13 * software distributed under the License is distributed on an
14 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15 * KIND, either express or implied. See the License for the
16 * specific language governing permissions and limitations
17 * under the License.
18 */
19 package org.apache.ws.security.message;
20
21 import org.apache.ws.security.WSConstants;
22 import org.apache.ws.security.WSSecurityException;
23 import org.apache.ws.security.util.WSSecurityUtil;
24 import org.w3c.dom.Document;
25 import org.w3c.dom.Element;
26 import org.w3c.dom.Node;
27
28 /**
29 * This class implements WS Security header.
30 *
31 * Setup a Security header with a specified actor and mustunderstand flag.
32 *
33 * The defaults for actor and mustunderstand are: empty <code>actor</code> and
34 * <code>mustunderstand</code> is true.
35 *
36 * @author Werner Dittmann (Werner.Dittmann@apache.org)
37 */
38 public class WSSecHeader {
39 protected String actor = null;
40
41 protected boolean mustunderstand = true;
42
43 protected boolean doDebug = false;
44
45 private Element securityHeader = null;
46
47 /**
48 * Constructor.
49 */
50 public WSSecHeader() {
51 }
52
53 /**
54 * Constructor.
55 *
56 * @param actor The actor name of the <code>wsse:Security</code> header
57 */
58 public WSSecHeader(String actor) {
59 this(actor, true);
60 }
61
62 /**
63 * Constructor.
64 *
65 * @param act The actor name of the <code>wsse:Security</code> header
66 * @param mu Set <code>mustUnderstand</code> to true or false
67 */
68 public WSSecHeader(String act, boolean mu) {
69 actor = act;
70 mustunderstand = mu;
71 }
72
73 /**
74 * set actor name.
75 *
76 * @param act The actor name of the <code>wsse:Security</code> header
77 */
78 public void setActor(String act) {
79 actor = act;
80 }
81
82 /**
83 * Set the <code>mustUnderstand</code> flag for the
84 * <code>wsse:Security</code> header.
85 *
86 * @param mu Set <code>mustUnderstand</code> to true or false
87 */
88 public void setMustUnderstand(boolean mu) {
89 mustunderstand = mu;
90 }
91
92 /**
93 * Get the security header element of this instance.
94 *
95 * @return The security header element.
96 */
97 public Element getSecurityHeader() {
98 return securityHeader;
99 }
100
101 /**
102 * Returns whether the security header is empty
103 *
104 * @return true if empty or if there is no security header
105 * false if non empty security header
106 */
107 public boolean isEmpty(Document doc) throws WSSecurityException {
108 if (securityHeader == null) {
109 securityHeader =
110 WSSecurityUtil.findWsseSecurityHeaderBlock(
111 doc, doc.getDocumentElement(), actor, false
112 );
113 }
114
115 if (securityHeader == null || securityHeader.getChildNodes().getLength() == 0) {
116 return true;
117 }
118 return false;
119 }
120
121 /**
122 * Creates a security header and inserts it as child into the SOAP Envelope.
123 *
124 * Check if a WS Security header block for an actor is already available in
125 * the document. If a header block is found return it, otherwise a new
126 * wsse:Security header block is created and the attributes set
127 *
128 * @param doc A SOAP envelope as <code>Document</code>
129 * @return A <code>wsse:Security</code> element
130 */
131 public Element insertSecurityHeader(Document doc) throws WSSecurityException {
132 //
133 // If there is already a security header in this instance just return it
134 //
135 if (securityHeader != null) {
136 return securityHeader;
137 }
138 securityHeader =
139 WSSecurityUtil.findWsseSecurityHeaderBlock(
140 doc, doc.getDocumentElement(), actor, true
141 );
142
143 String soapNamespace = WSSecurityUtil.getSOAPNamespace(doc.getDocumentElement());
144 String soapPrefix =
145 WSSecurityUtil.setNamespace(
146 securityHeader, soapNamespace, WSConstants.DEFAULT_SOAP_PREFIX
147 );
148
149 if (actor != null && actor.length() > 0) {
150 String actorLocal = WSConstants.ATTR_ACTOR;
151 if (WSConstants.URI_SOAP12_ENV.equals(soapNamespace)) {
152 actorLocal = WSConstants.ATTR_ROLE;
153 }
154 securityHeader.setAttributeNS(
155 soapNamespace,
156 soapPrefix + ":" + actorLocal,
157 actor
158 );
159 }
160 if (mustunderstand) {
161 String mustUnderstandLocal = "1";
162 if (WSConstants.URI_SOAP12_ENV.equals(soapNamespace)) {
163 mustUnderstandLocal = "true";
164 }
165 securityHeader.setAttributeNS(
166 soapNamespace,
167 soapPrefix + ":" + WSConstants.ATTR_MUST_UNDERSTAND,
168 mustUnderstandLocal
169 );
170 }
171 WSSecurityUtil.setNamespace(securityHeader, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
172
173 return securityHeader;
174 }
175
176 public void removeSecurityHeader(Document doc) throws WSSecurityException {
177 if (securityHeader == null) {
178 securityHeader =
179 WSSecurityUtil.findWsseSecurityHeaderBlock(
180 doc, doc.getDocumentElement(), actor, false
181 );
182 }
183
184 if (securityHeader != null) {
185 Node parent = securityHeader.getParentNode();
186 parent.removeChild(securityHeader);
187 }
188 }
189
190 }