ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From gi...@apache.org
Subject svn commit: r1210203 [6/16] - in /webservices/wss4j/branches/swssf/rampart-policy: ./ src/main/java/META-INF/ src/main/java/org/apache/ws/secpolicy/ src/main/java/org/apache/ws/secpolicy/builders/ src/main/java/org/apache/ws/secpolicy/model/ src/main/j...
Date Sun, 04 Dec 2011 20:33:12 GMT
Modified: webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/X509TokenBuilder.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/X509TokenBuilder.java?rev=1210203&r1=1197660&r2=1210203&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/X509TokenBuilder.java (original)
+++ webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/X509TokenBuilder.java Sun Dec  4 20:33:05 2011
@@ -1,161 +1,71 @@
-/*
- * Copyright 2001-2004 The Apache Software Foundation.
- * 
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
  */
-package org.apache.ws.secpolicy12.builders;
+package org.apache.ws.secpolicy.builders;
 
-import java.util.Iterator;
-import java.util.List;
-
-import javax.xml.namespace.QName;
-
-import org.apache.axiom.om.OMAttribute;
-import org.apache.axiom.om.OMElement;
 import org.apache.neethi.Assertion;
 import org.apache.neethi.AssertionBuilderFactory;
-import org.apache.neethi.Constants;
 import org.apache.neethi.Policy;
-import org.apache.neethi.PolicyEngine;
 import org.apache.neethi.builders.AssertionBuilder;
+import org.apache.ws.secpolicy.SP11Constants;
+import org.apache.ws.secpolicy.SP13Constants;
 import org.apache.ws.secpolicy.SPConstants;
-import org.apache.ws.secpolicy.SP12Constants;
+import org.apache.ws.secpolicy.SPUtils;
 import org.apache.ws.secpolicy.model.X509Token;
+import org.w3c.dom.Element;
 
-public class X509TokenBuilder implements AssertionBuilder<OMElement> {
-	
-    public final static String USER_CERT_ALIAS_LN = "userCertAlias";
-
-    public final static String ENCRYPTION_USER_LN = "encryptionUser";
-
-    public static final QName RAMPART_CONFIG = new QName("http://ws.apache.org/rampart/policy",
-            "RampartConfig");
-
-    public static final QName USER_CERT_ALIAS = new QName("http://ws.apache.org/rampart/policy",
-            USER_CERT_ALIAS_LN);
-
-    public static final QName ENCRYPTION_USER = new QName("http://ws.apache.org/rampart/policy",
-            ENCRYPTION_USER_LN);
-
-    public Assertion build(OMElement element, AssertionBuilderFactory factory)
-            throws IllegalArgumentException {
-        X509Token x509Token = new X509Token(SPConstants.SP_V12);
-
-        OMElement policyElement = element.getFirstElement();
-        
-        //Process token inclusion
-        OMAttribute  includeAttr = element.getAttribute(SP12Constants.INCLUDE_TOKEN);
-        if(includeAttr != null) {
-            int inclusion = SP12Constants.getInclusionFromAttributeValue(includeAttr.getAttributeValue());
-            x509Token.setInclusion(inclusion);
-        }
-        
-        OMAttribute isOptional = element.getAttribute(Constants.Q_ELEM_OPTIONAL_ATTR);
-		if (isOptional != null) {
-			x509Token.setOptional(Boolean.valueOf(isOptional.getAttributeValue())
-					.booleanValue());
-		}
-
-        if (policyElement != null) {
-            
-            if (policyElement.getFirstChildWithName(SP12Constants.REQUIRE_DERIVED_KEYS) != null) {
-                x509Token.setDerivedKeys(true);
-            } else if (policyElement.getFirstChildWithName(SP12Constants.REQUIRE_IMPLIED_DERIVED_KEYS) != null) {
-                x509Token.setImpliedDerivedKeys(true);
-            } else if (policyElement.getFirstChildWithName(SP12Constants.REQUIRE_EXPLICIT_DERIVED_KEYS) != null) {
-                x509Token.setExplicitDerivedKeys(true);
-            }
-            
-            Policy policy = PolicyEngine.getPolicy(element.getFirstElement());
-            policy = (Policy) policy.normalize(false);
-
-            for (Iterator iterator = policy.getAlternatives(); iterator
-                    .hasNext();) {
-                processAlternative((List) iterator.next(), x509Token);
-                
-                /*
-                 * since there should be only one alternative
-                 */
-                break;
-            }
+import javax.xml.namespace.QName;
+
+/**
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public class X509TokenBuilder implements AssertionBuilder<Element> {
+
+    public Assertion build(Element element, AssertionBuilderFactory factory) throws IllegalArgumentException {
+
+        final SPConstants.SPVersion spVersion = SPConstants.SPVersion.getSPVersion(element.getNamespaceURI());
+        final String includeTokenValue = SPUtils.getAttribute(element, spVersion.getSPConstants().getIncludeToken());
+        final Element issuer = SPUtils.getFirstChildElement(element, spVersion.getSPConstants().getIssuer());
+        if (spVersion == SPConstants.SPVersion.SP11 && issuer != null) {
+            throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
         }
-        
-        if (x509Token != null && policyElement != null) {
-            OMElement ramp = null;
-            ramp = policyElement.getFirstChildWithName(RAMPART_CONFIG);
-            if (ramp != null) {
-                OMElement child = null;
-                if ((child = ramp.getFirstChildWithName(USER_CERT_ALIAS)) != null) {
-                    x509Token.setUserCertAlias(child.getText());
-                }
-                if ((child = ramp.getFirstChildWithName(ENCRYPTION_USER)) != null) {
-                    x509Token.setEncryptionUser(child.getText());
-                }
-            }
+        final String issuerName = SPUtils.getFirstChildElementText(element, spVersion.getSPConstants().getIssuerName());
+        if (spVersion == SPConstants.SPVersion.SP11 && issuerName != null) {
+            throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
         }
-        
+        final Element claims = SPUtils.getFirstChildElement(element, spVersion.getSPConstants().getClaims());
+        final Element nestedPolicyElement = SPUtils.getFirstPolicyChildElement(element);
+        final Policy nestedPolicy = nestedPolicyElement != null ? factory.getPolicyEngine().getPolicy(nestedPolicyElement) : new Policy();
+        X509Token x509Token = new X509Token(
+                spVersion,
+                spVersion.getSPConstants().getInclusionFromAttributeValue(includeTokenValue),
+                issuer,
+                issuerName,
+                claims,
+                nestedPolicy
+        );
+        x509Token.setOptional(SPUtils.isOptional(element));
+        x509Token.setIgnorable(SPUtils.isIgnorable(element));
         return x509Token;
     }
 
-    private void processAlternative(List assertions, X509Token parent) {
-                Assertion assertion;
-        QName name;
-
-        for (Iterator iterator = assertions.iterator(); iterator.hasNext();) {
-            assertion = (Assertion) iterator.next();
-            name = assertion.getName();
-
-            if (SP12Constants.REQUIRE_KEY_IDENTIFIRE_REFERENCE.equals(name)) {
-                parent.setRequireKeyIdentifierReference(true);
-
-            } else if (SP12Constants.REQUIRE_ISSUER_SERIAL_REFERENCE.equals(name)) {
-                parent.setRequireIssuerSerialReference(true);
-
-            } else if (SP12Constants.REQUIRE_EMBEDDED_TOKEN_REFERENCE.equals(name)) {
-                parent.setRequireEmbeddedTokenReference(true);
-
-            } else if (SP12Constants.REQUIRE_THUMBPRINT_REFERENCE.equals(name)) {
-                parent.setRequireThumbprintReference(true);
-
-            } else if (SP12Constants.WSS_X509_V1_TOKEN_10.equals(name)) {
-                parent.setTokenVersionAndType(SPConstants.WSS_X509_V1_TOKEN10);
-
-            } else if (SP12Constants.WSS_X509_V1_TOKEN_11.equals(name)) {
-                parent.setTokenVersionAndType(SPConstants.WSS_X509_V1_TOKEN11);
-
-            } else if (SP12Constants.WSS_X509_V3_TOKEN_10.equals(name)) {
-                parent.setTokenVersionAndType(SPConstants.WSS_X509_V3_TOKEN10);
-
-            } else if (SP12Constants.WSS_X509_V3_TOKEN_11.equals(name)) {
-                parent.setTokenVersionAndType(SPConstants.WSS_X509_V3_TOKEN11);
-
-            } else if (SP12Constants.WSS_X509_PKCS7_TOKEN_10.equals(name)) {
-                parent.setTokenVersionAndType(SPConstants.WSS_X509_PKCS7_TOKEN10);
-                
-            } else if (SP12Constants.WSS_X509_PKCS7_TOKEN_11.equals(name)) {
-                parent.setTokenVersionAndType(SPConstants.WSS_X509_PKCS7_TOKEN11);
-                
-            } else if (SP12Constants.WSS_X509_PKI_PATH_V1_TOKEN_10.equals(name)) {
-                parent.setTokenVersionAndType(SPConstants.WSS_X509_PKI_PATH_V1_TOKEN10);
-                
-            } else if (SP12Constants.WSS_X509_PKI_PATH_V1_TOKEN_11.equals(name)) {
-                parent.setTokenVersionAndType(SPConstants.WSS_X509_PKI_PATH_V1_TOKEN11);
-                
-            }
-        }
-    }
-
     public QName[] getKnownElements() {
-        return new QName[] {SP12Constants.X509_TOKEN};
+        return new QName[]{SP13Constants.X509_TOKEN, SP11Constants.X509_TOKEN};
     }
 }

Propchange: webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/X509TokenBuilder.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision

Copied: webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AbstractBinding.java (from r1197660, axis/axis2/java/rampart/trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/Binding.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AbstractBinding.java?p2=webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AbstractBinding.java&p1=axis/axis2/java/rampart/trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/Binding.java&r1=1197660&r2=1210203&rev=1210203&view=diff
==============================================================================
--- axis/axis2/java/rampart/trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/Binding.java (original)
+++ webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AbstractBinding.java Sun Dec  4 20:33:05 2011
@@ -1,103 +1,124 @@
-/*
- * Copyright 2004,2005 The Apache Software Foundation.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
  *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
  *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
  */
-
 package org.apache.ws.secpolicy.model;
 
+import org.apache.neethi.Assertion;
+import org.apache.neethi.Policy;
+import org.apache.neethi.PolicyComponent;
+import org.apache.neethi.PolicyContainingAssertion;
+import org.apache.ws.secpolicy.SPConstants;
+
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamWriter;
+import java.util.Iterator;
+import java.util.List;
+
 /**
- * @author prabath
- *
+ * @author $Author$
+ * @version $Revision$ $Date$
  */
-public abstract class Binding extends AbstractSecurityAssertion implements AlgorithmWrapper {
+public abstract class AbstractBinding extends AbstractSecurityAssertion implements PolicyContainingAssertion {
 
+    private Policy nestedPolicy;
     private AlgorithmSuite algorithmSuite;
-    private boolean includeTimestamp;
-    private boolean includeTimestampOptional;
     private Layout layout;
-    private SupportingToken signedSupportingToken;
-    private SupportingToken signedEndorsingSupportingTokens;
-    
-    public Binding (int version) {
-        setVersion(version);
-        layout = new Layout(version);
-    }
-        
-    /**
-     * @return Returns the algorithmSuite.
-     */
+    private boolean includeTimestamp;
+
+    protected AbstractBinding(SPConstants.SPVersion version, Policy nestedPolicy) {
+        super(version);
+        this.nestedPolicy = nestedPolicy;
+        parseNestedBindingPolicy(nestedPolicy, this);
+        if (layout == null) {
+            layout = new Layout(version, new Policy());
+        }
+    }
+
+    public Policy getPolicy() {
+        return nestedPolicy;
+    }
+
+    public PolicyComponent normalize() {
+        return super.normalize(getPolicy());
+    }
+
+    public void serialize(XMLStreamWriter writer) throws XMLStreamException {
+        super.serialize(writer, getPolicy());
+    }
+
+    protected void parseNestedBindingPolicy(Policy nestedPolicy, AbstractBinding binding) {
+        Iterator<List<Assertion>> alternatives = nestedPolicy.getAlternatives();
+        //we just process the first alternative
+        //this means that if we have a compact policy only the first alternative is visible
+        //in contrary to a normalized policy where just one alternative exists
+        if (alternatives.hasNext()) {
+            List<Assertion> assertions = alternatives.next();
+            for (int i = 0; i < assertions.size(); i++) {
+                Assertion assertion = assertions.get(i);
+                String assertionName = assertion.getName().getLocalPart();
+                if (SPConstants.ALGORITHM_SUITE.equals(assertionName)) {
+                    if (binding.getAlgorithmSuite() != null) {
+                        throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
+                    }
+                    binding.setAlgorithmSuite((AlgorithmSuite) assertion);
+                    continue;
+                }
+                if (SPConstants.LAYOUT.equals(assertionName)) {
+                    if (binding.getLayout() != null) {
+                        throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
+                    }
+                    Layout layout = (Layout) assertion;
+                    binding.setLayout(layout);
+                    if (layout.getLayoutType() == Layout.LayoutType.LaxTsFirst
+                            || layout.getLayoutType() == Layout.LayoutType.LaxTsLast) {
+                        binding.setIncludeTimestamp(true);
+                    }
+                    continue;
+                }
+                if (SPConstants.INCLUDE_TIMESTAMP.equals(assertionName)) {
+                    binding.setIncludeTimestamp(true);
+                    continue;
+                }
+            }
+        }
+    }
+
     public AlgorithmSuite getAlgorithmSuite() {
         return algorithmSuite;
     }
 
-    /**
-     * @param algorithmSuite The algorithmSuite to set.
-     */
-    public void setAlgorithmSuite(AlgorithmSuite algorithmSuite) {
+    protected void setAlgorithmSuite(AlgorithmSuite algorithmSuite) {
         this.algorithmSuite = algorithmSuite;
     }
 
-    /**
-     * @return Returns the includeTimestamp.
-     */
-    public boolean isIncludeTimestamp() {
-        return includeTimestamp;
-    }
-
-    /**
-     * @param includeTimestamp The includeTimestamp to set.
-     */
-    public void setIncludeTimestamp(boolean includeTimestamp) {
-        this.includeTimestamp = includeTimestamp;
-    }     
-    
-    public boolean isIncludeTimestampOptional() {
-		return includeTimestampOptional;
-	}
-
-	public void setIncludeTimestampOptional(boolean includeTimestampOptional) {
-		this.includeTimestampOptional = includeTimestampOptional;
-	}
-
-	/**
-     * @return Returns the layout.
-     */
     public Layout getLayout() {
         return layout;
     }
 
-    /**
-     * @param layout The layout to set.
-     */
-    public void setLayout(Layout layout) {
+    protected void setLayout(Layout layout) {
         this.layout = layout;
     }
 
-    public SupportingToken getSignedEndorsingSupportingTokens() {
-        return signedEndorsingSupportingTokens;
-    }
-
-    public void setSignedEndorsingSupportingTokens(
-            SupportingToken signedEndorsingSupportingTokens) {
-        this.signedEndorsingSupportingTokens = signedEndorsingSupportingTokens;
-    }
-
-    public SupportingToken getSignedSupportingToken() {
-        return signedSupportingToken;
+    public boolean isIncludeTimestamp() {
+        return includeTimestamp;
     }
 
-    public void setSignedSupportingToken(SupportingToken signedSupportingToken) {
-        this.signedSupportingToken = signedSupportingToken;
+    protected void setIncludeTimestamp(boolean includeTimestamp) {
+        this.includeTimestamp = includeTimestamp;
     }
 }

Propchange: webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AbstractBinding.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision

Modified: webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AbstractSecurityAssertion.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AbstractSecurityAssertion.java?rev=1210203&r1=1210202&r2=1210203&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AbstractSecurityAssertion.java (original)
+++ webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AbstractSecurityAssertion.java Sun Dec  4 20:33:05 2011
@@ -1,81 +1,173 @@
-/*
- * Copyright 2001-2004 The Apache Software Foundation.
- * 
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
  */
 package org.apache.ws.secpolicy.model;
 
-import org.apache.neethi.Assertion;
-import org.apache.neethi.PolicyComponent;
-import org.apache.ws.secpolicy.SP12Constants;
+import org.apache.neethi.*;
+import org.apache.ws.secpolicy.AssertionState;
 import org.apache.ws.secpolicy.SPConstants;
-import org.apache.ws.secpolicy.SP12Constants;
 
+import javax.xml.namespace.QName;
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamWriter;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+
+/**
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
 public abstract class AbstractSecurityAssertion implements Assertion {
 
     private boolean isOptional;
     private boolean isIgnorable;
-    
-    private boolean normalized = true; 
-    
-    protected int version;
+    private boolean normalized = false;
+
+    private SPConstants.SPVersion version;
+
+    protected AbstractSecurityAssertion(SPConstants.SPVersion version) {
+        this.version = version;
+    }
 
     public boolean isOptional() {
         return isOptional;
     }
-    
+
     public void setOptional(boolean isOptional) {
         this.isOptional = isOptional;
     }
+
     public boolean isIgnorable() {
         return isIgnorable;
     }
-    
+
     public void setIgnorable(boolean isIgnorable) {
         this.isIgnorable = isIgnorable;
     }
 
     public short getType() {
         return org.apache.neethi.Constants.TYPE_ASSERTION;
-    }    
-    
+    }
+
     public boolean equal(PolicyComponent policyComponent) {
         throw new UnsupportedOperationException();
     }
-    
+
     public void setNormalized(boolean normalized) {
         this.normalized = normalized;
     }
-    
+
     public boolean isNormalized() {
         return this.normalized;
     }
 
     public PolicyComponent normalize() {
-        
-        /*
-         * TODO: Handling the isOptional:TRUE case
-         */
-        return this;
-    }  
-    
-    public void setVersion(int version) {
-        this.version = version;
+        Policy policy = new Policy();
+        ExactlyOne exactlyOne = new ExactlyOne();
+        policy.addPolicyComponent(exactlyOne);
+
+        if (isOptional()) {
+            exactlyOne.addPolicyComponent(new All());
+        }
+
+        AbstractSecurityAssertion a = clone(null);
+        a.setNormalized(true);
+        a.setOptional(false);
+
+        All all = new All();
+        all.addPolicyComponent(a);
+        exactlyOne.addPolicyComponent(all);
+
+        return policy;
     }
-    
-    public int getVersion() {
+
+    public PolicyComponent normalize(Policy nestedPolicy) {
+        Policy normalizedNestedPolicy = nestedPolicy.normalize(true);
+
+        Policy policy = new Policy();
+        ExactlyOne exactlyOne = new ExactlyOne();
+        policy.addPolicyComponent(exactlyOne);
+
+        if (isOptional()) {
+            exactlyOne.addPolicyComponent(new All());
+        }
+
+        // for all alternatives in normalized nested policy
+        Iterator<List<Assertion>> alternatives = normalizedNestedPolicy.getAlternatives();
+        while (alternatives.hasNext()) {
+            List<Assertion> alternative = alternatives.next();
+
+            Policy ncp = new Policy(nestedPolicy.getPolicyRegistry(), nestedPolicy.getNamespace());
+            ExactlyOne nceo = new ExactlyOne();
+            ncp.addPolicyComponent(nceo);
+
+            All nca = new All();
+            nceo.addPolicyComponent(nca);
+            nca.addPolicyComponents(alternative);
+
+            AbstractSecurityAssertion a = clone(ncp);
+            a.setNormalized(true);
+            a.setOptional(false);
+
+            All all = new All();
+            all.addPolicyComponent(a);
+            exactlyOne.addPolicyComponent(all);
+
+        }
+        return policy;
+    }
+
+    public SPConstants.SPVersion getVersion() {
         return version;
     }
-    
-    
+
+    public void serialize(XMLStreamWriter writer, Policy nestedPolicy) throws XMLStreamException {
+        writer.writeStartElement(getName().getPrefix(), getName().getLocalPart(), getName().getNamespaceURI());
+        writer.writeNamespace(getName().getPrefix(), getName().getNamespaceURI());
+        if (!isNormalized() && isOptional()) {
+            writer.writeAttribute(Constants.ATTR_WSP, writer.getNamespaceContext().getNamespaceURI(Constants.ATTR_WSP), Constants.ATTR_OPTIONAL, "true");
+        }
+        if (isIgnorable()) {
+            writer.writeAttribute(Constants.ATTR_WSP, writer.getNamespaceContext().getNamespaceURI(Constants.ATTR_WSP), Constants.ATTR_IGNORABLE, "true");
+        }
+        nestedPolicy.serialize(writer);
+        writer.writeEndElement();
+    }
+
+    protected abstract AbstractSecurityAssertion cloneAssertion(Policy nestedPolicy);
+
+    public AbstractSecurityAssertion clone(Policy nestedPolicy) {
+        AbstractSecurityAssertion assertion = cloneAssertion(nestedPolicy);
+        assertion.setIgnorable(isIgnorable());
+        assertion.setNormalized(isNormalized());
+        assertion.setOptional(isOptional());
+        return assertion;
+    }
+
+    public boolean isAsserted(Map<QName, List<AssertionState>> assertionStatesMap) {
+        List<AssertionState> assertionStateList = assertionStatesMap.get(getName());
+        for (int i = 0; i < assertionStateList.size(); i++) {
+            AssertionState assertionState = assertionStateList.get(i);
+            if (assertionState.getAssertion() == this && !assertionState.isAsserted()) {
+                return false;
+            }
+        }
+        return true;
+    }
 }

Propchange: webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AbstractSecurityAssertion.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision

Copied: webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AbstractSymmetricAsymmetricBinding.java (from r1197660, axis/axis2/java/rampart/trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SymmetricAsymmetricBindingBase.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AbstractSymmetricAsymmetricBinding.java?p2=webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AbstractSymmetricAsymmetricBinding.java&p1=axis/axis2/java/rampart/trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SymmetricAsymmetricBindingBase.java&r1=1197660&r2=1210203&rev=1210203&view=diff
==============================================================================
--- axis/axis2/java/rampart/trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SymmetricAsymmetricBindingBase.java (original)
+++ webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AbstractSymmetricAsymmetricBinding.java Sun Dec  4 20:33:05 2011
@@ -1,100 +1,138 @@
-/*
- * Copyright 2004,2005 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
  *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+ * http://www.apache.org/licenses/LICENSE-2.0
  *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
  */
-
 package org.apache.ws.secpolicy.model;
 
+import org.apache.neethi.Assertion;
+import org.apache.neethi.Policy;
 import org.apache.ws.secpolicy.SPConstants;
 
-public abstract class SymmetricAsymmetricBindingBase extends Binding {
+import java.util.*;
 
-    private String protectionOrder = SPConstants.SIGN_BEFORE_ENCRYPTING;
-    
-    private boolean signatureProtection;
-    
-    private boolean tokenProtection;
-    
-    private boolean entireHeadersAndBodySignatures;
-    
-    public SymmetricAsymmetricBindingBase(int version) {
-        super(version);
-    }
-
-    /**
-     * @return Returns the entireHeaderAndBodySignatures.
-     */
-    public boolean isEntireHeadersAndBodySignatures() {
-        return entireHeadersAndBodySignatures;
-    }
-
-    /**
-     * @param entireHeaderAndBodySignatures The entireHeaderAndBodySignatures to set.
-     */
-    public void setEntireHeadersAndBodySignatures(
-            boolean entireHeaderAndBodySignatures) {
-        this.entireHeadersAndBodySignatures = entireHeaderAndBodySignatures;
-    }
-
-    /**
-     * @return Returns the protectionOrder.
-     */
-    public String getProtectionOrder() {
-        return protectionOrder;
+/**
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public abstract class AbstractSymmetricAsymmetricBinding extends AbstractBinding {
+
+    public enum ProtectionOrder {
+        EncryptBeforeSigning,
+        SignBeforeEncrypting;
+
+        private static final Map<String, ProtectionOrder> lookup = new HashMap<String, ProtectionOrder>();
+
+        static {
+            for (ProtectionOrder u : EnumSet.allOf(ProtectionOrder.class))
+                lookup.put(u.name(), u);
+        }
+
+        public static ProtectionOrder lookUp(String name) {
+            return lookup.get(name);
+        }
     }
 
-    /**
-     * @param protectionOrder The protectionOrder to set.
-     */
-    public void setProtectionOrder(String protectionOrder) {
-        if(SPConstants.ENCRYPT_BEFORE_SIGNING.equals(protectionOrder) ||
-           SPConstants.SIGN_BEFORE_ENCRYPTING.equals(protectionOrder)) {
-            this.protectionOrder = protectionOrder;
-        } else {
-//            throw new WSSPolicyException("Incorrect protection order value : "
-//                    + protectionOrder);
+    private ProtectionOrder protectionOrder = ProtectionOrder.SignBeforeEncrypting;
+    private boolean encryptSignature = false;
+    private boolean protectTokens = false;
+    private boolean onlySignEntireHeadersAndBody = false;
+
+    protected AbstractSymmetricAsymmetricBinding(SPConstants.SPVersion version, Policy nestedPolicy) {
+        super(version, nestedPolicy);
+
+        parseNestedSymmetricAsymmetricBindingBasePolicy(nestedPolicy, this);
+    }
+
+    protected void parseNestedSymmetricAsymmetricBindingBasePolicy(Policy nestedPolicy, AbstractSymmetricAsymmetricBinding asymmetricBindingBase) {
+        Iterator<List<Assertion>> alternatives = nestedPolicy.getAlternatives();
+        //we just process the first alternative
+        //this means that if we have a compact policy only the first alternative is visible
+        //in contrary to a normalized policy where just one alternative exists
+        if (alternatives.hasNext()) {
+            List<Assertion> assertions = alternatives.next();
+            for (int i = 0; i < assertions.size(); i++) {
+                Assertion assertion = assertions.get(i);
+                String assertionName = assertion.getName().getLocalPart();
+                String assertionNamespace = assertion.getName().getNamespaceURI();
+                ProtectionOrder protectionOrder = ProtectionOrder.lookUp(assertionName);
+                if (protectionOrder != null) {
+                    if (asymmetricBindingBase.getProtectionOrder() == ProtectionOrder.EncryptBeforeSigning) {
+                        throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
+                    }
+                    asymmetricBindingBase.setProtectionOrder(protectionOrder);
+                    continue;
+                }
+                if (getVersion().getSPConstants().getEncryptSignature().getLocalPart().equals(assertionName)
+                        && getVersion().getSPConstants().getEncryptSignature().getNamespaceURI().equals(assertionNamespace)) {
+                    if (asymmetricBindingBase.isEncryptSignature()) {
+                        throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
+                    }
+                    asymmetricBindingBase.setEncryptSignature(true);
+                    continue;
+                }
+                if (getVersion().getSPConstants().getProtectTokens().getLocalPart().equals(assertionName)
+                        && getVersion().getSPConstants().getProtectTokens().getNamespaceURI().equals(assertionNamespace)) {
+                    if (asymmetricBindingBase.isProtectTokens()) {
+                        throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
+                    }
+                    asymmetricBindingBase.setProtectTokens(true);
+                    continue;
+                }
+                if (getVersion().getSPConstants().getOnlySignEntireHeadersAndBody().getLocalPart().equals(assertionName)
+                        && getVersion().getSPConstants().getOnlySignEntireHeadersAndBody().getNamespaceURI().equals(assertionNamespace)) {
+                    if (asymmetricBindingBase.isOnlySignEntireHeadersAndBody()) {
+                        throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
+                    }
+                    asymmetricBindingBase.setOnlySignEntireHeadersAndBody(true);
+                    continue;
+                }
+            }
         }
     }
 
-    /**
-     * @return Returns the signatureProtection.
-     */
-    public boolean isSignatureProtection() {
-        return signatureProtection;
-    }
-
-    /**
-     * @param signatureProtection The signatureProtection to set.
-     */
-    public void setSignatureProtection(boolean signatureProtection) {
-        this.signatureProtection = signatureProtection;
-    }
-
-    /**
-     * @return Returns the tokenProtection.
-     */
-    public boolean isTokenProtection() {
-        return tokenProtection;
-    }
-
-    /**
-     * @param tokenProtection The tokenProtection to set.
-     */
-    public void setTokenProtection(boolean tokenProtection) {
-        this.tokenProtection = tokenProtection;
-    }
-    
-    
-    
+    public ProtectionOrder getProtectionOrder() {
+        return protectionOrder;
+    }
+
+    protected void setProtectionOrder(ProtectionOrder protectionOrder) {
+        this.protectionOrder = protectionOrder;
+    }
+
+    public boolean isEncryptSignature() {
+        return encryptSignature;
+    }
+
+    protected void setEncryptSignature(boolean encryptSignature) {
+        this.encryptSignature = encryptSignature;
+    }
+
+    public boolean isProtectTokens() {
+        return protectTokens;
+    }
+
+    protected void setProtectTokens(boolean protectTokens) {
+        this.protectTokens = protectTokens;
+    }
+
+    public boolean isOnlySignEntireHeadersAndBody() {
+        return onlySignEntireHeadersAndBody;
+    }
+
+    protected void setOnlySignEntireHeadersAndBody(boolean onlySignEntireHeadersAndBody) {
+        this.onlySignEntireHeadersAndBody = onlySignEntireHeadersAndBody;
+    }
 }

Propchange: webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AbstractSymmetricAsymmetricBinding.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision

Copied: webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AbstractToken.java (from r1197660, axis/axis2/java/rampart/trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/Token.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AbstractToken.java?p2=webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AbstractToken.java&p1=axis/axis2/java/rampart/trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/Token.java&r1=1197660&r2=1210203&rev=1210203&view=diff
==============================================================================
--- axis/axis2/java/rampart/trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/Token.java (original)
+++ webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AbstractToken.java Sun Dec  4 20:33:05 2011
@@ -1,91 +1,158 @@
-/*
- * Copyright 2004,2005 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
  *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+ * http://www.apache.org/licenses/LICENSE-2.0
  *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
  */
-
 package org.apache.ws.secpolicy.model;
 
+import org.apache.neethi.Constants;
+import org.apache.neethi.Policy;
+import org.apache.neethi.PolicyComponent;
+import org.apache.neethi.PolicyContainingAssertion;
 import org.apache.ws.secpolicy.SPConstants;
+import org.apache.ws.secpolicy.SPUtils;
+import org.w3c.dom.Element;
+
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamWriter;
+import java.util.EnumSet;
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public abstract class AbstractToken extends AbstractSecurityAssertion implements PolicyContainingAssertion {
+
+    public enum DerivedKeys {
+        RequireDerivedKeys,
+        RequireExplicitDerivedKeys,
+        RequireImpliedDerivedKeys;
+
+        private static final Map<String, X509Token.DerivedKeys> lookup = new HashMap<String, X509Token.DerivedKeys>();
+
+        static {
+            for (DerivedKeys u : EnumSet.allOf(DerivedKeys.class))
+                lookup.put(u.name(), u);
+        }
+
+        public static DerivedKeys lookUp(String name) {
+            return lookup.get(name);
+        }
+    }
+
+    private SPConstants.IncludeTokenType includeTokenType;
+    private Element issuer;
+    private Element claims;
+    private String issuerName;
+    private DerivedKeys derivedKeys;
+    private Policy nestedPolicy;
 
-public abstract class Token extends AbstractSecurityAssertion {
+    protected AbstractToken(SPConstants.SPVersion version, SPConstants.IncludeTokenType includeTokenType,
+                            Element issuer, String issuerName, Element claims, Policy nestedPolicy) {
+        super(version);
+        this.nestedPolicy = nestedPolicy;
+        this.includeTokenType = includeTokenType;
+        this.issuer = issuer;
+        this.issuerName = issuerName;
+        this.claims = claims;
+    }
+
+    public Policy getPolicy() {
+        return nestedPolicy;
+    }
+
+    public PolicyComponent normalize() {
+        return super.normalize(getPolicy());
+    }
 
-    /**
-     * Inclusion property of a TokenAssertion
-     */
-    private int inclusion = SPConstants.INCLUDE_TOEKN_ALWAYS;
-    
-    /**
-     * Whether to derive keys or not
-     */
-    private boolean derivedKeys;
-    
-    private boolean impliedDerivedKeys;
-    
-    private boolean explicitDerivedKeys;
-    
-    /**
-     * @return Returns the inclusion.
-     */
-    public int getInclusion() {
-        return inclusion;
-    }
-
-    /**
-     * @param inclusion The inclusion to set.
-     */
-    public void setInclusion(int inclusion)  {
-        if(SPConstants.INCLUDE_TOEKN_ALWAYS == inclusion || 
-           SPConstants.INCLUDE_TOEKN_ALWAYS_TO_RECIPIENT == inclusion ||
-           SPConstants.INCLUDE_TOEKN_ALWAYS_TO_INITIATOR == inclusion ||
-           SPConstants.INCLUDE_TOKEN_NEVER == inclusion ||
-           SPConstants.INCLUDE_TOKEN_ONCE == inclusion ) {
-            this.inclusion = inclusion;
-        } else {
-            //TODO replace this with a proper (WSSPolicyException) exception
-            throw new RuntimeException("Incorrect inclusion value: " + inclusion);
-        }
-    }
-    
-    /**
-     * @return Returns the derivedKeys.
-     */
-    public boolean isDerivedKeys() {
+    public SPConstants.IncludeTokenType getIncludeTokenType() {
+        return includeTokenType;
+    }
+
+    protected void setIncludeTokenType(SPConstants.IncludeTokenType includeTokenType) {
+        this.includeTokenType = includeTokenType;
+    }
+
+    public Element getIssuer() {
+        return issuer;
+    }
+
+    protected void setIssuer(Element issuer) {
+        this.issuer = issuer;
+    }
+
+    public String getIssuerName() {
+        return issuerName;
+    }
+
+    protected void setIssuerName(String issuerName) {
+        this.issuerName = issuerName;
+    }
+
+    public Element getClaims() {
+        return claims;
+    }
+
+    protected void setClaims(Element claims) {
+        this.claims = claims;
+    }
+
+    public DerivedKeys getDerivedKeys() {
         return derivedKeys;
     }
 
-    /**
-     * @param derivedKeys The derivedKeys to set.
-     */
-    public void setDerivedKeys(boolean derivedKeys) {
+    protected void setDerivedKeys(DerivedKeys derivedKeys) {
         this.derivedKeys = derivedKeys;
-    } 
-    
-    
-    public boolean isExplicitDerivedKeys() {
-        return explicitDerivedKeys;
-    }
-    
-    public void setExplicitDerivedKeys(boolean explicitDerivedKeys) {
-        this.explicitDerivedKeys = explicitDerivedKeys;
-    }
-    
-    public boolean isImpliedDerivedKeys() {
-        return impliedDerivedKeys;
-    }
-    
-    public void setImpliedDerivedKeys(boolean impliedDerivedKeys) {
-        this.impliedDerivedKeys = impliedDerivedKeys;
     }
-    
+
+    public void serialize(XMLStreamWriter writer) throws XMLStreamException {
+        writer.writeStartElement(getName().getPrefix(), getName().getLocalPart(), getName().getNamespaceURI());
+        writer.writeNamespace(getName().getPrefix(), getName().getNamespaceURI());
+        if (getIncludeTokenType() != null) {
+            writer.writeAttribute(
+                    getVersion().getSPConstants().getIncludeToken().getPrefix(),
+                    getVersion().getSPConstants().getIncludeToken().getNamespaceURI(),
+                    getVersion().getSPConstants().getIncludeToken().getLocalPart(),
+                    getVersion().getSPConstants().getAttributeValueFromInclusion(getIncludeTokenType())
+            );
+        }
+        if (!isNormalized() && isOptional()) {
+            writer.writeAttribute(Constants.ATTR_WSP, writer.getNamespaceContext().getNamespaceURI(Constants.ATTR_WSP), Constants.ATTR_OPTIONAL, "true");
+        }
+        if (isIgnorable()) {
+            writer.writeAttribute(Constants.ATTR_WSP, writer.getNamespaceContext().getNamespaceURI(Constants.ATTR_WSP), Constants.ATTR_IGNORABLE, "true");
+        }
+        if (getIssuer() != null) {
+            SPUtils.serialize(getIssuer(), writer);
+        }
+        if (getIssuerName() != null) {
+            writer.writeStartElement(
+                    getVersion().getSPConstants().getIssuerName().getPrefix(),
+                    getVersion().getSPConstants().getIssuerName().getLocalPart(),
+                    getVersion().getSPConstants().getIssuerName().getNamespaceURI()
+            );
+            writer.writeCharacters(getIssuerName());
+            writer.writeEndElement();
+        }
+        if (getClaims() != null) {
+            SPUtils.serialize(getClaims(), writer);
+        }
+        getPolicy().serialize(writer);
+        writer.writeEndElement();
+    }
 }
\ No newline at end of file

Propchange: webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AbstractToken.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision

Copied: webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AbstractTokenWrapper.java (from r1197660, axis/axis2/java/rampart/trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/TokenWrapper.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AbstractTokenWrapper.java?p2=webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AbstractTokenWrapper.java&p1=axis/axis2/java/rampart/trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/TokenWrapper.java&r1=1197660&r2=1210203&rev=1210203&view=diff
==============================================================================
--- axis/axis2/java/rampart/trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/TokenWrapper.java (original)
+++ webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AbstractTokenWrapper.java Sun Dec  4 20:33:05 2011
@@ -1,22 +1,87 @@
-/*
- * Copyright 2004,2005 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
  *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+ * http://www.apache.org/licenses/LICENSE-2.0
  *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
  */
-
 package org.apache.ws.secpolicy.model;
 
-public interface TokenWrapper {
+import org.apache.neethi.Assertion;
+import org.apache.neethi.Policy;
+import org.apache.neethi.PolicyComponent;
+import org.apache.neethi.PolicyContainingAssertion;
+import org.apache.ws.secpolicy.SPConstants;
+
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamWriter;
+import java.util.Iterator;
+import java.util.List;
+
+/**
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public abstract class AbstractTokenWrapper extends AbstractSecurityAssertion implements PolicyContainingAssertion {
+
+    private Policy nestedPolicy;
+    private AbstractToken token;
+
+    protected AbstractTokenWrapper(SPConstants.SPVersion version, Policy nestedPolicy) {
+        super(version);
+        this.nestedPolicy = nestedPolicy;
+
+        parseNestedPolicy(nestedPolicy, this);
+    }
+
+    public Policy getPolicy() {
+        return nestedPolicy;
+    }
+
+    public PolicyComponent normalize() {
+        return super.normalize(getPolicy());
+    }
+
+    public void serialize(XMLStreamWriter writer) throws XMLStreamException {
+        super.serialize(writer, getPolicy());
+    }
+
+    protected void parseNestedPolicy(Policy nestedPolicy, AbstractTokenWrapper tokenWrapper) {
+        Iterator<List<Assertion>> alternatives = nestedPolicy.getAlternatives();
+        //we just process the first alternative
+        //this means that if we have a compact policy only the first alternative is visible
+        //in contrary to a normalized policy where just one alternative exists
+        if (alternatives.hasNext()) {
+            List<Assertion> assertions = alternatives.next();
+            for (int i = 0; i < assertions.size(); i++) {
+                Assertion assertion = assertions.get(i);
+                if (assertion instanceof AbstractToken) {
+                    if (tokenWrapper.getToken() != null) {
+                        throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
+                    }
+                    tokenWrapper.setToken((AbstractToken) assertion);
+                    continue;
+                }
+            }
+        }
+    }
+
+    public AbstractToken getToken() {
+        return token;
+    }
 
-    public void setToken(Token tok);
+    protected void setToken(AbstractToken token) {
+        this.token = token;
+    }
 }

Propchange: webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AbstractTokenWrapper.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision

Added: webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AlgorithmSuite.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AlgorithmSuite.java?rev=1210203&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AlgorithmSuite.java (added)
+++ webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AlgorithmSuite.java Sun Dec  4 20:33:05 2011
@@ -0,0 +1,498 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.ws.secpolicy.model;
+
+import org.apache.neethi.Assertion;
+import org.apache.neethi.Policy;
+import org.apache.neethi.PolicyComponent;
+import org.apache.neethi.PolicyContainingAssertion;
+import org.apache.ws.secpolicy.SPConstants;
+
+import javax.xml.namespace.QName;
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamWriter;
+import java.util.*;
+
+/**
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public class AlgorithmSuite extends AbstractSecurityAssertion implements PolicyContainingAssertion {
+
+    public enum AlgorithmSuiteType {
+        Basic256(
+                SPConstants.SHA1,
+                SPConstants.AES256,
+                SPConstants.KW_AES256,
+                SPConstants.KW_RSA_OAEP,
+                SPConstants.P_SHA1_L256,
+                SPConstants.P_SHA1_L192,
+                256, 192, 256, 256),
+        Basic192(
+                SPConstants.SHA1,
+                SPConstants.AES192,
+                SPConstants.KW_AES192,
+                SPConstants.KW_RSA_OAEP,
+                SPConstants.P_SHA1_L192,
+                SPConstants.P_SHA1_L192,
+                192, 192, 192, 192),
+        Basic128(
+                SPConstants.SHA1,
+                SPConstants.AES128,
+                SPConstants.KW_AES128,
+                SPConstants.KW_RSA_OAEP,
+                SPConstants.P_SHA1_L128,
+                SPConstants.P_SHA1_L128,
+                128, 128, 128, 128),
+        TripleDes(
+                SPConstants.SHA1,
+                SPConstants.TRIPLE_DES,
+                SPConstants.KW_TRIPLE_DES,
+                SPConstants.KW_RSA_OAEP,
+                SPConstants.P_SHA1_L192,
+                SPConstants.P_SHA1_L192,
+                192, 192, 192, 192),
+        Basic256Rsa15(
+                SPConstants.SHA1,
+                SPConstants.AES256,
+                SPConstants.KW_AES256,
+                SPConstants.KW_RSA15,
+                SPConstants.P_SHA1_L256,
+                SPConstants.P_SHA1_L192,
+                256, 192, 256, -1),
+        Basic192Rsa15(
+                SPConstants.SHA1,
+                SPConstants.AES192,
+                SPConstants.KW_AES192,
+                SPConstants.KW_RSA15,
+                SPConstants.P_SHA1_L192,
+                SPConstants.P_SHA1_L192,
+                192, 192, 192, 192),
+        Basic128Rsa15(
+                SPConstants.SHA1,
+                SPConstants.AES128,
+                SPConstants.KW_AES128,
+                SPConstants.KW_RSA15,
+                SPConstants.P_SHA1_L128,
+                SPConstants.P_SHA1_L128,
+                128, 128, 128, 128),
+        TripleDesRsa15(
+                SPConstants.SHA1,
+                SPConstants.TRIPLE_DES,
+                SPConstants.KW_TRIPLE_DES,
+                SPConstants.KW_RSA15,
+                SPConstants.P_SHA1_L192,
+                SPConstants.P_SHA1_L192,
+                192, 192, 192, 192),
+        Basic256Sha256(
+                SPConstants.SHA256,
+                SPConstants.AES256,
+                SPConstants.KW_AES256,
+                SPConstants.KW_RSA_OAEP,
+                SPConstants.P_SHA1_L256,
+                SPConstants.P_SHA1_L192,
+                256, 256, 256, -1),
+        Basic192Sha256(
+                SPConstants.SHA256,
+                SPConstants.AES192,
+                SPConstants.KW_AES192,
+                SPConstants.KW_RSA_OAEP,
+                SPConstants.P_SHA1_L192,
+                SPConstants.P_SHA1_L192,
+                192, 192, 192, 192),
+        Basic128Sha256(
+                SPConstants.SHA256,
+                SPConstants.AES128,
+                SPConstants.KW_AES128,
+                SPConstants.KW_RSA_OAEP,
+                SPConstants.P_SHA1_L128,
+                SPConstants.P_SHA1_L128,
+                128, 128, 128, 128),
+        TripleDesSha256(
+                SPConstants.SHA256,
+                SPConstants.TRIPLE_DES,
+                SPConstants.KW_TRIPLE_DES,
+                SPConstants.KW_RSA_OAEP,
+                SPConstants.P_SHA1_L192,
+                SPConstants.P_SHA1_L192,
+                192, 192, 192, 192),
+        Basic256Sha256Rsa15(
+                SPConstants.SHA256,
+                SPConstants.AES256,
+                SPConstants.KW_AES256,
+                SPConstants.KW_RSA15,
+                SPConstants.P_SHA1_L256,
+                SPConstants.P_SHA1_L192,
+                256, 192, 256, -1),
+        Basic192Sha256Rsa15(
+                SPConstants.SHA256,
+                SPConstants.AES192,
+                SPConstants.KW_AES192,
+                SPConstants.KW_RSA15,
+                SPConstants.P_SHA1_L192,
+                SPConstants.P_SHA1_L192,
+                192, 192, 192, 192),
+        Basic128Sha256Rsa15(
+                SPConstants.SHA256,
+                SPConstants.AES128,
+                SPConstants.KW_AES128,
+                SPConstants.KW_RSA15,
+                SPConstants.P_SHA1_L128,
+                SPConstants.P_SHA1_L128,
+                128, 128, 128, 192),
+        TripleDesSha256Rsa15(
+                SPConstants.SHA256,
+                SPConstants.TRIPLE_DES,
+                SPConstants.KW_TRIPLE_DES,
+                SPConstants.KW_RSA15,
+                SPConstants.P_SHA1_L192,
+                SPConstants.P_SHA1_L192,
+                192, 192, 192, 192);
+
+        private String digest;
+        private String encryption;
+        private String symmetricKeyWrap;
+        private String asymmetricKeyWrap;
+        private String encryptionKeyDerivation;
+        private String signatureKeyDerivation;
+        private int encryptionDerivedKeyLength;
+        private int signatureDerivedKeyLength;
+        private int minimumSymmetricKeyLength;
+        private int maximumSymmetricKeyLength;
+
+        private static final Map<String, AlgorithmSuiteType> lookup = new HashMap<String, AlgorithmSuiteType>();
+
+        static {
+            for (AlgorithmSuiteType u : EnumSet.allOf(AlgorithmSuiteType.class))
+                lookup.put(u.name(), u);
+        }
+
+        public static AlgorithmSuiteType lookUp(String name) {
+            return lookup.get(name);
+        }
+
+        AlgorithmSuiteType(String digest, String encryption, String symmetricKeyWrap, String asymmetricKeyWrap,
+                           String encryptionKeyDerivation, String signatureKeyDerivation, int encryptionDerivedKeyLength,
+                           int signatureDerivedKeyLength, int minimumSymmetricKeyLength,
+                           int maximumSymmetricKeyLength) {
+            this.digest = digest;
+            this.encryption = encryption;
+            this.symmetricKeyWrap = symmetricKeyWrap;
+            this.asymmetricKeyWrap = asymmetricKeyWrap;
+            this.encryptionKeyDerivation = encryptionKeyDerivation;
+            this.signatureKeyDerivation = signatureKeyDerivation;
+            this.encryptionDerivedKeyLength = encryptionDerivedKeyLength;
+            this.signatureDerivedKeyLength = signatureDerivedKeyLength;
+            this.minimumSymmetricKeyLength = minimumSymmetricKeyLength;
+            this.maximumSymmetricKeyLength = maximumSymmetricKeyLength;
+        }
+
+        public String getDigest() {
+            return digest;
+        }
+
+        public String getEncryption() {
+            return encryption;
+        }
+
+        public String getSymmetricKeyWrap() {
+            return symmetricKeyWrap;
+        }
+
+        public String getAsymmetricKeyWrap() {
+            return asymmetricKeyWrap;
+        }
+
+        public String getEncryptionKeyDerivation() {
+            return encryptionKeyDerivation;
+        }
+
+        public String getSignatureKeyDerivation() {
+            return signatureKeyDerivation;
+        }
+
+        public int getEncryptionDerivedKeyLength() {
+            return encryptionDerivedKeyLength;
+        }
+
+        public int getSignatureDerivedKeyLength() {
+            return signatureDerivedKeyLength;
+        }
+
+        public int getMinimumSymmetricKeyLength() {
+            return minimumSymmetricKeyLength;
+        }
+
+        public int getMaximumSymmetricKeyLength() {
+            return maximumSymmetricKeyLength;
+        }
+    }
+
+    public enum XPathType {
+        XPathNone(null),
+        XPath10(SPConstants.XPATH),
+        XPathFilter20(SPConstants.XPATH20),
+        AbsXPath(SPConstants.ABS_XPATH);
+
+        private static final Map<String, XPathType> lookup = new HashMap<String, XPathType>();
+
+        static {
+            for (XPathType u : EnumSet.allOf(XPathType.class))
+                lookup.put(u.name(), u);
+        }
+
+        public static XPathType lookUp(String name) {
+            return lookup.get(name);
+        }
+
+        private String value;
+
+        public String getValue() {
+            return value;
+        }
+
+        XPathType(String value) {
+            this.value = value;
+        }
+    }
+
+    public enum C14NType {
+        ExclusiveC14N(SPConstants.EX_C14N),
+        InclusiveC14N(SPConstants.C14N),
+        InclusiveC14N11(SPConstants.C14N11);
+
+        private static final Map<String, C14NType> lookup = new HashMap<String, C14NType>();
+
+        static {
+            for (C14NType u : EnumSet.allOf(C14NType.class))
+                lookup.put(u.name(), u);
+        }
+
+        private String value;
+
+        public static C14NType lookUp(String name) {
+            return lookup.get(name);
+        }
+
+        public String getValue() {
+            return value;
+        }
+
+        C14NType(String value) {
+            this.value = value;
+        }
+    }
+
+    public enum SOAPNormType {
+        SOAPNormalizationNone(null),
+        SOAPNormalization10(SPConstants.SOAP_NORMALIZATION_10);
+
+        private static final Map<String, SOAPNormType> lookup = new HashMap<String, SOAPNormType>();
+
+        static {
+            for (SOAPNormType u : EnumSet.allOf(SOAPNormType.class))
+                lookup.put(u.name(), u);
+        }
+
+        public static SOAPNormType lookUp(String name) {
+            return lookup.get(name);
+        }
+
+        private String value;
+
+        public String getValue() {
+            return value;
+        }
+
+        SOAPNormType(String value) {
+            this.value = value;
+        }
+    }
+
+    public enum STRType {
+        STRTransformNone(null),
+        STRTransform10(SPConstants.STR_TRANSFORM_10);
+
+        private static final Map<String, STRType> lookup = new HashMap<String, STRType>();
+
+        static {
+            for (STRType u : EnumSet.allOf(STRType.class))
+                lookup.put(u.name(), u);
+        }
+
+        public static STRType lookUp(String name) {
+            return lookup.get(name);
+        }
+
+        private String value;
+
+        public String getValue() {
+            return value;
+        }
+
+        STRType(String value) {
+            this.value = value;
+        }
+    }
+
+    private Policy nestedPolicy;
+    private AlgorithmSuiteType algorithmSuiteType;
+    private C14NType c14n = C14NType.ExclusiveC14N;
+    private SOAPNormType soapNormType = SOAPNormType.SOAPNormalizationNone;
+    private STRType strType = STRType.STRTransformNone;
+    private XPathType xPathType = XPathType.XPathNone;
+
+    private String symmetricSignature = SPConstants.HMAC_SHA1;
+    private String asymmetricSignature = SPConstants.RSA_SHA1;
+    private String computedKey = SPConstants.P_SHA1;
+
+    public AlgorithmSuite(SPConstants.SPVersion version, Policy nestedPolicy) {
+        super(version);
+        this.nestedPolicy = nestedPolicy;
+
+        parseNestedPolicy(nestedPolicy, this);
+    }
+
+    public Policy getPolicy() {
+        return nestedPolicy;
+    }
+
+    public QName getName() {
+        return getVersion().getSPConstants().getAlgorithmSuite();
+    }
+
+    public PolicyComponent normalize() {
+        return super.normalize(getPolicy());
+    }
+
+    public void serialize(XMLStreamWriter writer) throws XMLStreamException {
+        super.serialize(writer, getPolicy());
+    }
+
+    @Override
+    protected AbstractSecurityAssertion cloneAssertion(Policy nestedPolicy) {
+        return new AlgorithmSuite(getVersion(), nestedPolicy);
+    }
+
+    protected void parseNestedPolicy(Policy nestedPolicy, AlgorithmSuite algorithmSuite) {
+        Iterator<List<Assertion>> alternatives = nestedPolicy.getAlternatives();
+        //we just process the first alternative
+        //this means that if we have a compact policy only the first alternative is visible
+        //in contrary to a normalized policy where just one alternative exists
+        if (alternatives.hasNext()) {
+            List<Assertion> assertions = alternatives.next();
+            for (int i = 0; i < assertions.size(); i++) {
+                Assertion assertion = assertions.get(i);
+                String assertionName = assertion.getName().getLocalPart();
+                AlgorithmSuiteType algorithmSuiteType = AlgorithmSuiteType.lookUp(assertionName);
+                if (algorithmSuiteType != null) {
+                    if (algorithmSuite.getAlgorithmSuiteType() != null) {
+                        throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
+                    }
+                    algorithmSuite.setAlgorithmSuiteType(algorithmSuiteType);
+                    continue;
+                }
+                C14NType c14NType = C14NType.lookUp(assertionName);
+                if (c14NType != null) {
+                    if (algorithmSuite.getC14n() == C14NType.InclusiveC14N) {
+                        throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
+                    }
+                    algorithmSuite.setC14n(c14NType);
+                    continue;
+                }
+                SOAPNormType soapNormType = SOAPNormType.lookUp(assertionName);
+                if (soapNormType != null) {
+                    if (algorithmSuite.getSoapNormType() == SOAPNormType.SOAPNormalization10) {
+                        throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
+                    }
+                    algorithmSuite.setSoapNormType(soapNormType);
+                    continue;
+                }
+                STRType strType = STRType.lookUp(assertionName);
+                if (strType != null) {
+                    if (algorithmSuite.getStrType() == STRType.STRTransform10) {
+                        throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
+                    }
+                    algorithmSuite.setStrType(strType);
+                    continue;
+                }
+                XPathType xPathType = XPathType.lookUp(assertionName);
+                if (xPathType != null) {
+                    if (algorithmSuite.getXPathType() != XPathType.XPathNone) {
+                        throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
+                    }
+                    algorithmSuite.setXPathType(xPathType);
+                    continue;
+                }
+            }
+        }
+    }
+
+    public AlgorithmSuiteType getAlgorithmSuiteType() {
+        return algorithmSuiteType;
+    }
+
+    protected void setAlgorithmSuiteType(AlgorithmSuiteType algorithmSuiteType) {
+        this.algorithmSuiteType = algorithmSuiteType;
+    }
+
+    public C14NType getC14n() {
+        return c14n;
+    }
+
+    protected void setC14n(C14NType c14n) {
+        this.c14n = c14n;
+    }
+
+    public SOAPNormType getSoapNormType() {
+        return soapNormType;
+    }
+
+    protected void setSoapNormType(SOAPNormType soapNormType) {
+        this.soapNormType = soapNormType;
+    }
+
+    public STRType getStrType() {
+        return strType;
+    }
+
+    protected void setStrType(STRType strType) {
+        this.strType = strType;
+    }
+
+    public XPathType getXPathType() {
+        return xPathType;
+    }
+
+    protected void setXPathType(XPathType xPathType) {
+        this.xPathType = xPathType;
+    }
+
+    public String getAsymmetricSignature() {
+        return asymmetricSignature;
+    }
+
+    public String getSymmetricSignature() {
+        return symmetricSignature;
+    }
+
+    public String getComputedKey() {
+        return computedKey;
+    }
+}

Propchange: webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AlgorithmSuite.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision

Modified: webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AsymmetricBinding.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AsymmetricBinding.java?rev=1210203&r1=1210202&r2=1210203&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AsymmetricBinding.java (original)
+++ webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AsymmetricBinding.java Sun Dec  4 20:33:05 2011
@@ -1,225 +1,175 @@
-/*
- * Copyright 2004,2005 The Apache Software Foundation.
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
  *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+ * http://www.apache.org/licenses/LICENSE-2.0
  *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
  */
-
 package org.apache.ws.secpolicy.model;
 
+import org.apache.neethi.Assertion;
+import org.apache.neethi.Policy;
+import org.apache.ws.secpolicy.SPConstants;
+
+import javax.xml.namespace.QName;
 import java.util.Iterator;
 import java.util.List;
 
-import javax.xml.namespace.QName;
-import javax.xml.stream.XMLStreamException;
-import javax.xml.stream.XMLStreamWriter;
+/**
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public class AsymmetricBinding extends AbstractSymmetricAsymmetricBinding {
 
-import org.apache.neethi.All;
-import org.apache.neethi.ExactlyOne;
-import org.apache.neethi.Policy;
-import org.apache.neethi.PolicyComponent;
-import org.apache.ws.secpolicy.SP11Constants;
-import org.apache.ws.secpolicy.SP12Constants;
-import org.apache.ws.secpolicy.SPConstants;
+    private InitiatorToken initiatorToken;
+    private InitiatorSignatureToken initiatorSignatureToken;
+    private InitiatorEncryptionToken initiatorEncryptionToken;
+    private RecipientToken recipientToken;
+    private RecipientSignatureToken recipientSignatureToken;
+    private RecipientEncryptionToken recipientEncryptionToken;
 
-public class AsymmetricBinding extends SymmetricAsymmetricBindingBase {
+    public AsymmetricBinding(SPConstants.SPVersion version, Policy nestedPolicy) {
+        super(version, nestedPolicy);
 
-    private InitiatorToken initiatorToken;
+        parseNestedPolicy(nestedPolicy, this);
+    }
 
-    private RecipientToken recipientToken;
-    
-    public AsymmetricBinding(int version) {
-        super(version);
+    public QName getName() {
+        return getVersion().getSPConstants().getAsymmetricBinding();
+    }
+
+    @Override
+    protected AbstractSecurityAssertion cloneAssertion(Policy nestedPolicy) {
+        return new AsymmetricBinding(getVersion(), nestedPolicy);
+    }
+
+    protected void parseNestedPolicy(Policy nestedPolicy, AsymmetricBinding asymmetricBinding) {
+        Iterator<List<Assertion>> alternatives = nestedPolicy.getAlternatives();
+        //we just process the first alternative
+        //this means that if we have a compact policy only the first alternative is visible
+        //in contrary to a normalized policy where just one alternative exists
+        if (alternatives.hasNext()) {
+            List<Assertion> assertions = alternatives.next();
+            for (int i = 0; i < assertions.size(); i++) {
+                Assertion assertion = assertions.get(i);
+                String assertionName = assertion.getName().getLocalPart();
+                String assertionNamespace = assertion.getName().getNamespaceURI();
+                if (getVersion().getSPConstants().getInitiatorToken().getLocalPart().equals(assertionName)
+                        && getVersion().getSPConstants().getInitiatorToken().getNamespaceURI().equals(assertionNamespace)) {
+                    if (asymmetricBinding.getInitiatorToken() != null
+                            || asymmetricBinding.getInitiatorSignatureToken() != null
+                            || asymmetricBinding.getInitiatorEncryptionToken() != null) {
+                        throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
+                    }
+                    asymmetricBinding.setInitiatorToken((InitiatorToken) assertion);
+                    continue;
+                }
+                if (getVersion().getSPConstants().getInitiatorSignatureToken().getLocalPart().equals(assertionName)
+                        && getVersion().getSPConstants().getInitiatorSignatureToken().getNamespaceURI().equals(assertionNamespace)) {
+                    if (asymmetricBinding.getInitiatorToken() != null
+                            || asymmetricBinding.getInitiatorSignatureToken() != null) {
+                        throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
+                    }
+                    asymmetricBinding.setInitiatorSignatureToken((InitiatorSignatureToken) assertion);
+                    continue;
+                }
+                if (getVersion().getSPConstants().getInitiatorEncryptionToken().getLocalPart().equals(assertionName)
+                        && getVersion().getSPConstants().getInitiatorEncryptionToken().getNamespaceURI().equals(assertionNamespace)) {
+                    if (asymmetricBinding.getInitiatorToken() != null
+                            || asymmetricBinding.getInitiatorEncryptionToken() != null) {
+                        throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
+                    }
+                    asymmetricBinding.setInitiatorEncryptionToken((InitiatorEncryptionToken) assertion);
+                    continue;
+                }
+                if (getVersion().getSPConstants().getRecipientToken().getLocalPart().equals(assertionName)
+                        && getVersion().getSPConstants().getRecipientToken().getNamespaceURI().equals(assertionNamespace)) {
+                    if (asymmetricBinding.getRecipientToken() != null
+                            || asymmetricBinding.getRecipientSignatureToken() != null
+                            || asymmetricBinding.getRecipientEncryptionToken() != null) {
+                        throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
+                    }
+                    asymmetricBinding.setRecipientToken((RecipientToken) assertion);
+                    continue;
+                }
+                if (getVersion().getSPConstants().getRecipientSignatureToken().getLocalPart().equals(assertionName)
+                        && getVersion().getSPConstants().getRecipientSignatureToken().getNamespaceURI().equals(assertionNamespace)) {
+                    if (asymmetricBinding.getRecipientToken() != null
+                            || asymmetricBinding.getRecipientSignatureToken() != null) {
+                        throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
+                    }
+                    asymmetricBinding.setRecipientSignatureToken((RecipientSignatureToken) assertion);
+                    continue;
+                }
+                if (getVersion().getSPConstants().getRecipientEncryptionToken().getLocalPart().equals(assertionName)
+                        && getVersion().getSPConstants().getRecipientEncryptionToken().getNamespaceURI().equals(assertionNamespace)) {
+                    if (asymmetricBinding.getRecipientToken() != null
+                            || asymmetricBinding.getRecipientEncryptionToken() != null) {
+                        throw new IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
+                    }
+                    asymmetricBinding.setRecipientEncryptionToken((RecipientEncryptionToken) assertion);
+                    continue;
+                }
+            }
+        }
     }
 
-    /**
-     * @return Returns the initiatorToken.
-     */
     public InitiatorToken getInitiatorToken() {
         return initiatorToken;
     }
 
-    /**
-     * @param initiatorToken
-     *            The initiatorToken to set.
-     */
-    public void setInitiatorToken(InitiatorToken initiatorToken) {
+    protected void setInitiatorToken(InitiatorToken initiatorToken) {
         this.initiatorToken = initiatorToken;
     }
 
-    /**
-     * @return Returns the recipientToken.
-     */
-    public RecipientToken getRecipientToken() {
-        return recipientToken;
+    public InitiatorSignatureToken getInitiatorSignatureToken() {
+        return initiatorSignatureToken;
     }
 
-    /**
-     * @param recipientToken
-     *            The recipientToken to set.
-     */
-    public void setRecipientToken(RecipientToken recipientToken) {
-        this.recipientToken = recipientToken;
+    protected void setInitiatorSignatureToken(InitiatorSignatureToken initiatorSignatureToken) {
+        this.initiatorSignatureToken = initiatorSignatureToken;
     }
 
-    public QName getName() {
-        if (version == SPConstants.SP_V12) {
-            return SP12Constants.ASYMMETRIC_BINDING;
-        } else {
-            return SP11Constants.ASYMMETRIC_BINDING; 
-        }       
+    public InitiatorEncryptionToken getInitiatorEncryptionToken() {
+        return initiatorEncryptionToken;
     }
 
-    public PolicyComponent normalize() {
-
-        if (isNormalized()) {
-            return this;
-        }
-
-        AlgorithmSuite algorithmSuite = getAlgorithmSuite();
-        List configs = algorithmSuite.getConfigurations();
-
-        Policy policy = new Policy();
-        ExactlyOne exactlyOne = new ExactlyOne();
-
-        policy.addPolicyComponent(exactlyOne);
-
-        All wrapper;
-        AsymmetricBinding asymmetricBinding;
-
-        for (Iterator iterator = configs.iterator(); iterator.hasNext();) {
-            wrapper = new All();
-            asymmetricBinding = new AsymmetricBinding(this.version);
-
-            asymmetricBinding.setAlgorithmSuite((AlgorithmSuite) iterator
-                    .next());
-            asymmetricBinding
-                    .setEntireHeadersAndBodySignatures(isEntireHeadersAndBodySignatures());
-            asymmetricBinding.setIncludeTimestamp(isIncludeTimestamp());
-            asymmetricBinding.setInitiatorToken(getInitiatorToken());
-            asymmetricBinding.setLayout(getLayout());
-            asymmetricBinding.setProtectionOrder(getProtectionOrder());
-            asymmetricBinding.setRecipientToken(getRecipientToken());
-            asymmetricBinding.setSignatureProtection(isSignatureProtection());
-            asymmetricBinding
-                    .setSignedEndorsingSupportingTokens(getSignedEndorsingSupportingTokens());
-            asymmetricBinding.setTokenProtection(isTokenProtection());
-
-            asymmetricBinding.setNormalized(true);
-            wrapper.addPolicyComponent(wrapper);
-        }
-
-        return policy;
-
+    protected void setInitiatorEncryptionToken(InitiatorEncryptionToken initiatorEncryptionToken) {
+        this.initiatorEncryptionToken = initiatorEncryptionToken;
     }
 
-    public void serialize(XMLStreamWriter writer) throws XMLStreamException {
-        String localname = getName().getLocalPart();
-        String namespaceURI = getName().getNamespaceURI();
-
-        String prefix = writer.getPrefix(namespaceURI);
-        
-        if (prefix == null) {
-            prefix = getName().getPrefix();
-            writer.setPrefix(prefix, namespaceURI);
-        }
-
-        // <sp:AsymmetricBinding>
-        writer.writeStartElement(prefix, localname, namespaceURI);
-        writer.writeNamespace(prefix, namespaceURI);
-
-        String pPrefix = writer.getPrefix(SPConstants.POLICY.getNamespaceURI());
-        if (pPrefix == null) {
-            pPrefix = SPConstants.POLICY.getPrefix();
-            writer.setPrefix(pPrefix, SPConstants.POLICY.getNamespaceURI());
-        }
-
-        // <wsp:Policy>
-        writer.writeStartElement(pPrefix, SPConstants.POLICY.getLocalPart(),
-                SPConstants.POLICY.getNamespaceURI());
-
-        if (initiatorToken == null) {
-            throw new RuntimeException("InitiatorToken is not set");
-        }
-
-        // <sp:InitiatorToken>
-        initiatorToken.serialize(writer);
-        // </sp:InitiatorToken>
-
-        if (recipientToken == null) {
-            throw new RuntimeException("RecipientToken is not set");
-        }
-
-        // <sp:RecipientToken>
-        recipientToken.serialize(writer);
-        // </sp:RecipientToken>
-
-        AlgorithmSuite algorithmSuite = getAlgorithmSuite();
-        if (algorithmSuite == null) {
-            throw new RuntimeException("AlgorithmSuite is not set");
-        }
-
-        // <sp:AlgorithmSuite>
-        algorithmSuite.serialize(writer);
-        // </sp:AlgorithmSuite>
-
-        Layout layout = getLayout();
-        if (layout != null) {
-            // <sp:Layout>
-            layout.serialize(writer);
-            // </sp:Layout>
-        }
-
-        if (isIncludeTimestamp()) {
-            // <sp:IncludeTimestamp>
-            writer.writeStartElement(prefix, SPConstants.INCLUDE_TIMESTAMP,
-                    namespaceURI);
-            writer.writeEndElement();
-            // </sp:IncludeTimestamp>
-        }
-
-        if (SPConstants.ENCRYPT_BEFORE_SIGNING.equals(getProtectionOrder())) {
-            // <sp:EncryptBeforeSign />
-            writer.writeStartElement(prefix, SPConstants.ENCRYPT_BEFORE_SIGNING,
-                    namespaceURI);
-            writer.writeEndElement();
-        }
+    public RecipientToken getRecipientToken() {
+        return recipientToken;
+    }
 
-        if (isSignatureProtection()) {
-            // <sp:EncryptSignature />
-            // FIXME move the String constants to a QName
-            writer.writeStartElement(prefix, SPConstants.ENCRYPT_SIGNATURE,
-                    namespaceURI);
-            writer.writeEndElement();
-        }
+    protected void setRecipientToken(RecipientToken recipientToken) {
+        this.recipientToken = recipientToken;
+    }
 
-        if (isTokenProtection()) {
-            // <sp:ProtectTokens />
-            writer.writeStartElement(prefix, SPConstants.PROTECT_TOKENS,
-                    namespaceURI);
-            writer.writeEndElement();
-        }
+    public RecipientSignatureToken getRecipientSignatureToken() {
+        return recipientSignatureToken;
+    }
 
-        if (isEntireHeadersAndBodySignatures()) {
-            // <sp:OnlySignEntireHeaderAndBody />
-            writer.writeStartElement(prefix,
-                    SPConstants.ONLY_SIGN_ENTIRE_HEADERS_AND_BODY, namespaceURI);
-            writer.writeEndElement();
-        }
+    protected void setRecipientSignatureToken(RecipientSignatureToken recipientSignatureToken) {
+        this.recipientSignatureToken = recipientSignatureToken;
+    }
 
-        // </wsp:Policy>
-        writer.writeEndElement();
+    public RecipientEncryptionToken getRecipientEncryptionToken() {
+        return recipientEncryptionToken;
+    }
 
-        // </sp:AsymmetircBinding>
-        writer.writeEndElement();
+    protected void setRecipientEncryptionToken(RecipientEncryptionToken recipientEncryptionToken) {
+        this.recipientEncryptionToken = recipientEncryptionToken;
     }
 }

Propchange: webservices/wss4j/branches/swssf/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AsymmetricBinding.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision



Mime
View raw message