1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.apache.wss4j.common.bsp;
20
21 import java.util.ArrayList;
22 import java.util.Collections;
23 import java.util.List;
24
25 import org.apache.wss4j.common.ext.WSSecurityException;
26
27
28
29
30 public class BSPEnforcer {
31
32 private static final org.slf4j.Logger LOG = org.slf4j.LoggerFactory.getLogger(BSPEnforcer.class);
33
34 private List<BSPRule> ignoredBSPRules = Collections.emptyList();
35
36 private boolean disableBSPRules;
37
38 public BSPEnforcer() {
39
40 }
41
42 public BSPEnforcer(List<BSPRule> bspRules) {
43 ignoredBSPRules = new ArrayList<>(bspRules);
44 }
45
46 public BSPEnforcer(boolean disableBSPRules) {
47 this.disableBSPRules = disableBSPRules;
48 }
49
50 public void handleBSPRule(BSPRule bspRule) throws WSSecurityException {
51 if (disableBSPRules) {
52 return;
53 }
54
55 if (!ignoredBSPRules.contains(bspRule)) {
56 throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY, "empty",
57 new Object[] {"BSP:" + bspRule.name() + ": " + bspRule.getMsg()}
58 );
59 } else {
60 LOG.debug("BSP:{}: {}", bspRule.name(), bspRule.getMsg());
61 }
62 }
63
64 public void setIgnoredBSPRules(List<BSPRule> bspRules) {
65 ignoredBSPRules = new ArrayList<>(bspRules);
66 }
67
68 public void setDisableBSPRules(boolean disableBSPRules) {
69 this.disableBSPRules = disableBSPRules;
70 }
71
72 }