View Javadoc
1   /**
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements. See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership. The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License. You may obtain a copy of the License at
9    *
10   * http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied. See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  package org.apache.wss4j.stax.impl.processor.input;
20  
21  import java.util.List;
22  
23  import javax.xml.namespace.QName;
24  import javax.xml.stream.XMLStreamConstants;
25  import javax.xml.stream.XMLStreamException;
26  
27  import org.apache.wss4j.stax.ext.WSSConstants;
28  import org.apache.wss4j.stax.securityEvent.OperationSecurityEvent;
29  import org.apache.wss4j.stax.utils.WSSUtils;
30  import org.apache.xml.security.exceptions.XMLSecurityException;
31  import org.apache.xml.security.stax.ext.AbstractInputProcessor;
32  import org.apache.xml.security.stax.ext.InputProcessorChain;
33  import org.apache.xml.security.stax.ext.XMLSecurityProperties;
34  import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
35  import org.apache.xml.security.stax.ext.stax.XMLSecStartElement;
36  import org.apache.xml.security.stax.impl.util.IDGenerator;
37  
38  /**
39   * Processor which emits the Operation-Security-Event
40   */
41  public class OperationInputProcessor extends AbstractInputProcessor {
42  
43      public OperationInputProcessor(XMLSecurityProperties securityProperties) {
44          super(securityProperties);
45          this.setPhase(WSSConstants.Phase.POSTPROCESSING);
46          this.addBeforeProcessor(SecurityHeaderInputProcessor.class.getName());
47      }
48  
49      @Override
50      public XMLSecEvent processHeaderEvent(InputProcessorChain inputProcessorChain)
51              throws XMLStreamException, XMLSecurityException {
52          return inputProcessorChain.processHeaderEvent();
53      }
54  
55      @Override
56      public XMLSecEvent processEvent(InputProcessorChain inputProcessorChain)
57              throws XMLStreamException, XMLSecurityException {
58          XMLSecEvent xmlSecEvent = inputProcessorChain.processEvent();
59          if (xmlSecEvent.getEventType() == XMLStreamConstants.START_ELEMENT) {
60              XMLSecStartElement xmlSecStartElement = xmlSecEvent.asStartElement();
61              List<QName> elementPath = xmlSecStartElement.getElementPath();
62              if (elementPath.size() == 3 && WSSUtils.isInSOAPBody(elementPath)) {
63                  OperationSecurityEvent operationSecurityEvent = new OperationSecurityEvent();
64                  operationSecurityEvent.setOperation(xmlSecEvent.asStartElement().getName());
65                  operationSecurityEvent.setCorrelationID(IDGenerator.generateID(null));
66                  inputProcessorChain.getSecurityContext().registerSecurityEvent(operationSecurityEvent);
67                  inputProcessorChain.removeProcessor(this);
68              }
69          }
70          return xmlSecEvent;
71      }
72  }