This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch coheigea/saml-refactor-new
in repository https://gitbox.apache.org/repos/asf/ws-wss4j.git
The following commit(s) were added to refs/heads/coheigea/saml-refactor-new by
this push:
new a4fbcc479 Moving some XML manipulation logic into ws-security-common
a4fbcc479 is described below
commit a4fbcc479b58584ec409bdb672b656730c73e364
Author: Colm O hEigeartaigh <cohei...@apache.org>
AuthorDate: Tue Jun 17 04:01:30 2025 +0100
Moving some XML manipulation logic into ws-security-common
---
.../org/apache/wss4j/common}/SOAP11Constants.java | 12 +-
.../org/apache/wss4j/common}/SOAP12Constants.java | 12 +-
.../org/apache/wss4j/common}/SOAPConstants.java | 2 +-
.../org/apache/wss4j/common/util/XMLUtils.java | 325 ++++++++++++++++++++
.../wss4j/dom/action/EncryptionDerivedAction.java | 3 +-
.../wss4j/dom/action/SignatureDerivedAction.java | 3 +-
.../org/apache/wss4j/dom/handler/RequestData.java | 2 +-
.../org/apache/wss4j/dom/handler/WSHandler.java | 5 +-
.../org/apache/wss4j/dom/message/Encryptor.java | 6 +-
.../apache/wss4j/dom/message/WSSecDKEncrypt.java | 3 +-
.../wss4j/dom/message/WSSecDerivedKeyBase.java | 3 +-
.../org/apache/wss4j/dom/message/WSSecEncrypt.java | 4 +-
.../wss4j/dom/message/WSSecEncryptedKey.java | 4 +-
.../org/apache/wss4j/dom/message/WSSecHeader.java | 9 +-
.../apache/wss4j/dom/message/WSSecSAMLToken.java | 4 +-
.../dom/message/WSSecSecurityContextToken.java | 4 +-
.../apache/wss4j/dom/message/WSSecSignature.java | 2 +-
.../wss4j/dom/message/WSSecSignatureBase.java | 2 +-
.../dom/message/WSSecSignatureConfirmation.java | 4 +-
.../apache/wss4j/dom/message/WSSecTimestamp.java | 4 +-
.../wss4j/dom/message/WSSecUsernameToken.java | 4 +-
.../wss4j/dom/message/token/DerivedKeyToken.java | 6 +-
.../apache/wss4j/dom/saml/WSSecSignatureSAML.java | 7 +-
.../org/apache/wss4j/dom/util/WSSecurityUtil.java | 333 +--------------------
.../dom/message/EncryptedDataInHeaderTest.java | 3 +-
.../wss4j/dom/message/EncryptionPartsTest.java | 14 +-
.../apache/wss4j/dom/message/EncryptionTest.java | 11 +-
.../apache/wss4j/dom/message/STRSignatureTest.java | 11 +-
.../wss4j/dom/message/SignaturePartsTest.java | 14 +-
.../apache/wss4j/dom/message/SignedBSTTest.java | 5 +-
.../apache/wss4j/dom/message/UTDerivedKeyTest.java | 9 +-
.../wss4j/dom/message/XOPAttachmentTest.java | 2 +-
.../wss4j/dom/message/token/BSTKerberosTest.java | 19 +-
.../dom/message/token/BinarySecurityTokenTest.java | 9 +-
.../org/apache/wss4j/dom/misc/PrincipalTest.java | 3 +-
.../wss4j/dom/saml/SamlTokenDerivedTest.java | 3 +-
.../apache/wss4j/dom/validate/ValidatorTest.java | 3 +-
37 files changed, 429 insertions(+), 440 deletions(-)
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/SOAP11Constants.java
b/ws-security-common/src/main/java/org/apache/wss4j/common/SOAP11Constants.java
similarity index 76%
rename from
ws-security-dom/src/main/java/org/apache/wss4j/dom/SOAP11Constants.java
rename to
ws-security-common/src/main/java/org/apache/wss4j/common/SOAP11Constants.java
index 31b94a107..86d2a4b4b 100644
--- a/ws-security-dom/src/main/java/org/apache/wss4j/dom/SOAP11Constants.java
+++
b/ws-security-common/src/main/java/org/apache/wss4j/common/SOAP11Constants.java
@@ -17,7 +17,7 @@
* under the License.
*/
-package org.apache.wss4j.dom;
+package org.apache.wss4j.common;
import javax.xml.namespace.QName;
@@ -29,12 +29,12 @@ public class SOAP11Constants implements SOAPConstants {
*
*/
private static final long serialVersionUID = 3809268485386395322L;
- private static final QName HEADER_QNAME = new
QName(WSConstants.URI_SOAP11_ENV, WSConstants.ELEM_HEADER);
- private static final QName BODY_QNAME = new
QName(WSConstants.URI_SOAP11_ENV, WSConstants.ELEM_BODY);
- private static final QName ROLE_QNAME = new
QName(WSConstants.URI_SOAP11_ENV, WSConstants.ATTR_ACTOR);
+ private static final QName HEADER_QNAME = new
QName(WSS4JConstants.URI_SOAP11_ENV, WSS4JConstants.ELEM_HEADER);
+ private static final QName BODY_QNAME = new
QName(WSS4JConstants.URI_SOAP11_ENV, WSS4JConstants.ELEM_BODY);
+ private static final QName ROLE_QNAME = new
QName(WSS4JConstants.URI_SOAP11_ENV, WSS4JConstants.ATTR_ACTOR);
public String getEnvelopeURI() {
- return WSConstants.URI_SOAP11_ENV;
+ return WSS4JConstants.URI_SOAP11_ENV;
}
public QName getHeaderQName() {
@@ -56,7 +56,7 @@ public class SOAP11Constants implements SOAPConstants {
* Obtain the "next" role/actor URI
*/
public String getNextRoleURI() {
- return WSConstants.URI_SOAP11_NEXT_ACTOR;
+ return WSS4JConstants.URI_SOAP11_NEXT_ACTOR;
}
/**
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/SOAP12Constants.java
b/ws-security-common/src/main/java/org/apache/wss4j/common/SOAP12Constants.java
similarity index 78%
rename from
ws-security-dom/src/main/java/org/apache/wss4j/dom/SOAP12Constants.java
rename to
ws-security-common/src/main/java/org/apache/wss4j/common/SOAP12Constants.java
index eb6e58115..938760b78 100644
--- a/ws-security-dom/src/main/java/org/apache/wss4j/dom/SOAP12Constants.java
+++
b/ws-security-common/src/main/java/org/apache/wss4j/common/SOAP12Constants.java
@@ -17,7 +17,7 @@
* under the License.
*/
-package org.apache.wss4j.dom;
+package org.apache.wss4j.common;
import javax.xml.namespace.QName;
@@ -29,9 +29,9 @@ public class SOAP12Constants implements SOAPConstants {
*
*/
private static final long serialVersionUID = 3784866613259361834L;
- private static final QName HEADER_QNAME = new
QName(WSConstants.URI_SOAP12_ENV, WSConstants.ELEM_HEADER);
- private static final QName BODY_QNAME = new
QName(WSConstants.URI_SOAP12_ENV, WSConstants.ELEM_BODY);
- private static final QName ROLE_QNAME = new
QName(WSConstants.URI_SOAP12_ENV, WSConstants.ATTR_ROLE);
+ private static final QName HEADER_QNAME = new
QName(WSS4JConstants.URI_SOAP12_ENV, WSS4JConstants.ELEM_HEADER);
+ private static final QName BODY_QNAME = new
QName(WSS4JConstants.URI_SOAP12_ENV, WSS4JConstants.ELEM_BODY);
+ private static final QName ROLE_QNAME = new
QName(WSS4JConstants.URI_SOAP12_ENV, WSS4JConstants.ATTR_ROLE);
// Public constants for SOAP 1.2
@@ -41,7 +41,7 @@ public class SOAP12Constants implements SOAPConstants {
public static final String PROP_WEBMETHOD = "soap12.webmethod";
public String getEnvelopeURI() {
- return WSConstants.URI_SOAP12_ENV;
+ return WSS4JConstants.URI_SOAP12_ENV;
}
public QName getHeaderQName() {
@@ -63,7 +63,7 @@ public class SOAP12Constants implements SOAPConstants {
* Obtain the "next" role/actor URI
*/
public String getNextRoleURI() {
- return WSConstants.URI_SOAP12_NEXT_ROLE;
+ return WSS4JConstants.URI_SOAP12_NEXT_ROLE;
}
/**
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/SOAPConstants.java
b/ws-security-common/src/main/java/org/apache/wss4j/common/SOAPConstants.java
similarity index 98%
rename from
ws-security-dom/src/main/java/org/apache/wss4j/dom/SOAPConstants.java
rename to
ws-security-common/src/main/java/org/apache/wss4j/common/SOAPConstants.java
index e895de484..aac35dca3 100644
--- a/ws-security-dom/src/main/java/org/apache/wss4j/dom/SOAPConstants.java
+++
b/ws-security-common/src/main/java/org/apache/wss4j/common/SOAPConstants.java
@@ -17,7 +17,7 @@
* under the License.
*/
-package org.apache.wss4j.dom;
+package org.apache.wss4j.common;
import javax.xml.namespace.QName;
import java.io.Serializable;
diff --git
a/ws-security-common/src/main/java/org/apache/wss4j/common/util/XMLUtils.java
b/ws-security-common/src/main/java/org/apache/wss4j/common/util/XMLUtils.java
index 136b18410..d09fcb35b 100644
---
a/ws-security-common/src/main/java/org/apache/wss4j/common/util/XMLUtils.java
+++
b/ws-security-common/src/main/java/org/apache/wss4j/common/util/XMLUtils.java
@@ -22,7 +22,14 @@ import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.OutputStream;
+import java.lang.reflect.AccessibleObject;
+import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Method;
import java.nio.charset.StandardCharsets;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
@@ -37,6 +44,11 @@ import javax.xml.transform.sax.SAXSource;
import javax.xml.transform.stream.StreamResult;
import javax.xml.transform.stream.StreamSource;
+import org.apache.wss4j.common.SOAP11Constants;
+import org.apache.wss4j.common.SOAP12Constants;
+import org.apache.wss4j.common.SOAPConstants;
+import org.apache.wss4j.common.WSS4JConstants;
+import org.apache.wss4j.common.ext.WSSecurityException;
import org.w3c.dom.Attr;
import org.w3c.dom.CDATASection;
import org.w3c.dom.Document;
@@ -56,10 +68,94 @@ public final class XMLUtils {
private static final org.slf4j.Logger LOG =
org.slf4j.LoggerFactory.getLogger(XMLUtils.class);
+ private static boolean isSAAJ14 = false;
+
private XMLUtils() {
// complete
}
+ private static final ClassValue<Method> GET_DOM_ELEMENTS_METHODS = new
ClassValue<Method>() {
+ @Override
+ protected Method computeValue(Class<?> type) {
+ try {
+ return getMethod(type, "getDomElement");
+ } catch (NoSuchMethodException e) {
+ //best effort to try, do nothing if NoSuchMethodException
+ return null;
+ }
+ }
+ };
+
+ private static final ClassValue<Method> GET_ENVELOPE_METHODS = new
ClassValue<Method>() {
+ @Override
+ protected Method computeValue(Class<?> type) {
+ try {
+ return getMethod(type, "getEnvelope");
+ } catch (NoSuchMethodException e) {
+ //best effort to try, do nothing if NoSuchMethodException
+ return null;
+ }
+ }
+ };
+
+ static {
+ try {
+ Method[] methods = XMLUtils.class.getClassLoader().
+
loadClass("com.sun.xml.messaging.saaj.soap.SOAPDocumentImpl").getMethods();
+ for (Method method : methods) {
+ if (method.getName().equals("register")) {
+ //this is the 1.4+ SAAJ impl
+ isSAAJ14 = true;
+ break;
+ }
+ }
+ } catch (ClassNotFoundException cnfe) {
+ LOG.debug("Can't load class
com.sun.xml.messaging.saaj.soap.SOAPDocumentImpl", cnfe);
+
+ try {
+ Method[] methods = XMLUtils.class.getClassLoader().
+
loadClass("com.sun.xml.internal.messaging.saaj.soap.SOAPDocumentImpl").getMethods();
+ for (Method method : methods) {
+ if (method.getName().equals("register")) {
+ //this is the SAAJ impl in JDK9
+ isSAAJ14 = true;
+ break;
+ }
+ }
+ } catch (ClassNotFoundException cnfe1) {
+ LOG.debug("can't load class
com.sun.xml.internal.messaging.saaj.soap.SOAPDocumentImpl", cnfe1);
+ }
+ }
+ }
+
+ private static Method getMethod(final Class<?> clazz, final String name,
+ final Class<?>... parameterTypes) throws
NoSuchMethodException {
+ try {
+ return AccessController.doPrivileged(new
PrivilegedExceptionAction<Method>() {
+ public Method run() throws Exception {
+ return clazz.getMethod(name, parameterTypes);
+ }
+ });
+ } catch (PrivilegedActionException pae) {
+ Exception e = pae.getException();
+ if (e instanceof NoSuchMethodException) {
+ throw (NoSuchMethodException)e;
+ }
+ throw new SecurityException(e);
+ }
+ }
+
+ private static <T extends AccessibleObject> T setAccessible(final T o) {
+ return AccessController.doPrivileged(new PrivilegedAction<T>() {
+ public T run() {
+ o.setAccessible(true);
+ return o;
+ }
+ });
+ }
+
+
+
/**
* Gets a direct child with specified localname and namespace. <p/>
*
@@ -505,4 +601,233 @@ public final class XMLUtils {
return foundElement;
}
+ /**
+ * find the first ws-security header block <p/>
+ *
+ * @param doc the DOM document (SOAP request)
+ * @param envelope the SOAP envelope
+ * @param doCreate if true create a new WSS header block if none exists
+ * @return the WSS header or null if none found and doCreate is false
+ */
+ public static Element findWsseSecurityHeaderBlock(
+ Document doc,
+ Element envelope,
+ boolean doCreate
+ ) throws WSSecurityException {
+ return findWsseSecurityHeaderBlock(doc, envelope, null, doCreate);
+ }
+
+ /**
+ * find a WS-Security header block for a given actor <p/>
+ *
+ * @param doc the DOM document (SOAP request)
+ * @param envelope the SOAP envelope
+ * @param actor the actor (role) name of the WSS header
+ * @param doCreate if true create a new WSS header block if none exists
+ * @return the WSS header or null if none found and doCreate is false
+ */
+ public static Element findWsseSecurityHeaderBlock(
+ Document doc,
+ Element envelope,
+ String actor,
+ boolean doCreate
+ ) throws WSSecurityException {
+ String soapNamespace = getSOAPNamespace(doc.getDocumentElement());
+ Element header =
+ XMLUtils.getDirectChildElement(
+ doc.getDocumentElement(),
+ WSS4JConstants.ELEM_HEADER,
+ soapNamespace
+ );
+ if (header == null) { // no SOAP header at all
+ if (doCreate) {
+ if (isSAAJ14) {
+ try {
+ Node node = null;
+ Method method =
GET_ENVELOPE_METHODS.get(doc.getClass());
+ if (method != null) {
+ try {
+ node = (Node)setAccessible(method).invoke(doc);
+ } catch (IllegalAccessException |
IllegalArgumentException | InvocationTargetException e) {
+ throw new
WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY);
+ }
+ }
+ if (node != null) {
+ header = createElementInSameNamespace(node,
WSS4JConstants.ELEM_HEADER);
+ } else {
+ header =
createElementInSameNamespace(doc.getDocumentElement(),
WSS4JConstants.ELEM_HEADER);
+ }
+ header = (Element)doc.importNode(header, true);
+ header = (Element)getDomElement(header);
+ header = prependChildElement(envelope, header);
+
+ } catch (Exception e) {
+ throw new
WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY);
+ }
+
+ } else {
+ header = createElementInSameNamespace(envelope,
WSS4JConstants.ELEM_HEADER);
+ header = prependChildElement(envelope, header);
+ }
+ } else {
+ return null;
+ }
+ }
+
+ String actorLocal = WSS4JConstants.ATTR_ACTOR;
+ if (WSS4JConstants.URI_SOAP12_ENV.equals(soapNamespace)) {
+ actorLocal = WSS4JConstants.ATTR_ROLE;
+ }
+
+ //
+ // Iterate through the security headers
+ //
+ Element foundSecurityHeader = null;
+ for (
+ Node currentChild = header.getFirstChild();
+ currentChild != null;
+ currentChild = currentChild.getNextSibling()
+ ) {
+ if (Node.ELEMENT_NODE == currentChild.getNodeType()
+ && WSS4JConstants.WSSE_LN.equals(currentChild.getLocalName())
+ &&
WSS4JConstants.WSSE_NS.equals(currentChild.getNamespaceURI())) {
+
+ Element elem = (Element)currentChild;
+ Attr attr = elem.getAttributeNodeNS(soapNamespace, actorLocal);
+ String hActor = (attr != null) ? attr.getValue() : null;
+
+ if (isActorEqual(actor, hActor)) {
+ if (foundSecurityHeader != null) {
+ LOG.debug(
+ "Two or more security headers have the same actor
name: {}", actor
+ );
+ throw new
WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY);
+ }
+ foundSecurityHeader = elem;
+ }
+ }
+ }
+ if (foundSecurityHeader != null) {
+ return foundSecurityHeader;
+ } else if (doCreate) {
+ foundSecurityHeader = doc.createElementNS(WSS4JConstants.WSSE_NS,
"wsse:Security");
+ foundSecurityHeader.setAttributeNS(WSS4JConstants.XMLNS_NS,
"xmlns:wsse", WSS4JConstants.WSSE_NS);
+ foundSecurityHeader = (Element)doc.importNode(foundSecurityHeader,
true);
+ foundSecurityHeader = (Element)getDomElement(foundSecurityHeader);
+
+ return prependChildElement(header, foundSecurityHeader);
+ }
+ return null;
+ }
+
+ /**
+ * create a new element in the same namespace <p/>
+ *
+ * @param parent for the new element
+ * @param localName of the new element
+ * @return the new element
+ */
+ private static Element createElementInSameNamespace(Node parent, String
localName) {
+ String qName = localName;
+ String prefix = parent.getPrefix();
+ if (prefix != null && prefix.length() > 0) {
+ qName = prefix + ":" + localName;
+ }
+
+ String nsUri = parent.getNamespaceURI();
+ return parent.getOwnerDocument().createElementNS(nsUri, qName);
+ }
+
+ /**
+ * prepend a child element <p/>
+ *
+ * @param parent element of this child element
+ * @param child the element to append
+ * @return the child element
+ */
+ public static Element prependChildElement(
+ Element parent,
+ Element child
+ ) {
+ Node firstChild = parent.getFirstChild();
+ Element domChild = null;
+ try {
+ domChild = (Element)getDomElement(child);
+ } catch (WSSecurityException e) {
+ LOG.debug("Error when try to get Dom Element from the child", e);
+ }
+ if (firstChild == null) {
+ return (Element)parent.appendChild(domChild);
+ } else {
+ return (Element)parent.insertBefore(domChild, firstChild);
+ }
+ }
+
+ /**
+ * Try to get the DOM Node from the SAAJ Node with JAVA9
+ * @param node The original node we need check
+ * @return The DOM node
+ * @throws WSSecurityException
+ */
+ private static Node getDomElement(Node node) throws WSSecurityException {
+ if (node != null && isSAAJ14) {
+
+ Method method = GET_DOM_ELEMENTS_METHODS.get(node.getClass());
+ if (method != null) {
+ try {
+ return (Node)setAccessible(method).invoke(node);
+ } catch (IllegalAccessException | IllegalArgumentException |
InvocationTargetException e) {
+ throw new
WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY);
+ }
+ }
+ }
+ return node;
+ }
+
+ /**
+ * Compares two actor strings and returns true if these are equal. Takes
+ * care of the null length strings and uses ignore case.
+ *
+ * @param actor
+ * @param hActor
+ * @return true is the actor arguments are equal
+ */
+ public static boolean isActorEqual(String actor, String hActor) {
+ if ((hActor == null || hActor.length() == 0)
+ && (actor == null || actor.length() == 0)) {
+ return true;
+ }
+
+ return hActor != null && actor != null &&
hActor.equalsIgnoreCase(actor);
+ }
+
+ public static SOAPConstants getSOAPConstants(Element startElement) {
+ Document doc = startElement.getOwnerDocument();
+ String ns = doc.getDocumentElement().getNamespaceURI();
+ if (WSS4JConstants.URI_SOAP12_ENV.equals(ns)) {
+ return new SOAP12Constants();
+ }
+ return new SOAP11Constants();
+ }
+
+ public static String getSOAPNamespace(Element startElement) {
+ return getSOAPConstants(startElement).getEnvelopeURI();
+ }
+
+ /**
+ * Register the jakarta.xml.soap.Node with new Cloned Dom Node with java9
+ * @param doc The SOAPDocumentImpl
+ * @param clonedElement The cloned Element
+ * @return new clonedElement which already associated with the SAAJ Node
+ * @throws WSSecurityException
+ */
+ public static Element cloneElement(Document doc, Element clonedElement)
throws WSSecurityException {
+ clonedElement = (Element)clonedElement.cloneNode(true);
+ if (isSAAJ14) {
+ // here we need register the jakarta.xml.soap.Node with new
instance
+ clonedElement = (Element)doc.importNode(clonedElement, true);
+ clonedElement = (Element)getDomElement(clonedElement);
+ }
+ return clonedElement;
+ }
}
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/EncryptionDerivedAction.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/EncryptionDerivedAction.java
index 05345d6fd..4734bd20a 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/EncryptionDerivedAction.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/EncryptionDerivedAction.java
@@ -33,6 +33,7 @@ import
org.apache.wss4j.common.derivedKey.ConversationConstants;
import org.apache.wss4j.common.ext.WSPasswordCallback;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.util.KeyUtils;
+import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.handler.RequestData;
import org.apache.wss4j.dom.handler.WSHandler;
@@ -141,7 +142,7 @@ public class EncryptionDerivedAction extends
AbstractDerivedAction implements Ac
wsEncrypt.addExternalRefElement(externRefList);
if (tokenElement != null) {
-
WSSecurityUtil.prependChildElement(reqData.getSecHeader().getSecurityHeaderElement(),
tokenElement);
+
XMLUtils.prependChildElement(reqData.getSecHeader().getSecurityHeaderElement(),
tokenElement);
}
wsEncrypt.clean();
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SignatureDerivedAction.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SignatureDerivedAction.java
index 97d0324aa..aadab9267 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SignatureDerivedAction.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SignatureDerivedAction.java
@@ -34,6 +34,7 @@ import
org.apache.wss4j.common.derivedKey.ConversationConstants;
import org.apache.wss4j.common.ext.WSPasswordCallback;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.util.KeyUtils;
+import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.handler.RequestData;
import org.apache.wss4j.dom.handler.WSHandler;
@@ -156,7 +157,7 @@ public class SignatureDerivedAction extends
AbstractDerivedAction implements Act
}
if (tokenElement != null) {
-
WSSecurityUtil.prependChildElement(reqData.getSecHeader().getSecurityHeaderElement(),
tokenElement);
+
XMLUtils.prependChildElement(reqData.getSecHeader().getSecurityHeaderElement(),
tokenElement);
}
reqData.getSignatureValues().add(wsSign.getSignatureValue());
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/RequestData.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/RequestData.java
index c878fa048..6339ae10c 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/RequestData.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/RequestData.java
@@ -34,6 +34,7 @@ import javax.xml.namespace.QName;
import org.apache.wss4j.common.ConfigurationConstants;
import org.apache.wss4j.common.EncryptionActionToken;
import org.apache.wss4j.common.SignatureActionToken;
+import org.apache.wss4j.common.SOAPConstants;
import org.apache.wss4j.common.WSS4JConstants;
import org.apache.wss4j.common.bsp.BSPEnforcer;
import org.apache.wss4j.common.bsp.BSPRule;
@@ -42,7 +43,6 @@ import org.apache.wss4j.common.crypto.AlgorithmSuite;
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.crypto.PasswordEncryptor;
import org.apache.wss4j.common.ext.WSSecurityException;
-import org.apache.wss4j.dom.SOAPConstants;
import org.apache.wss4j.dom.WSDocInfo;
import org.apache.wss4j.dom.engine.WSSConfig;
import org.apache.wss4j.dom.message.WSSecHeader;
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/WSHandler.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/WSHandler.java
index 242803038..ddbce894b 100644
--- a/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/WSHandler.java
+++ b/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/WSHandler.java
@@ -44,6 +44,7 @@ import org.apache.wss4j.common.crypto.PasswordEncryptor;
import org.apache.wss4j.common.ext.WSPasswordCallback;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.util.Loader;
+import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.message.WSSecHeader;
import org.apache.wss4j.dom.message.token.SignatureConfirmation;
import org.apache.wss4j.dom.util.WSSecurityUtil;
@@ -109,7 +110,7 @@ public abstract class WSHandler {
WSSecHeader secHeader = new WSSecHeader(actor, mu, doc);
secHeader.insertSecurityHeader();
reqData.setSecHeader(secHeader);
-
reqData.setSoapConstants(WSSecurityUtil.getSOAPConstants(doc.getDocumentElement()));
+
reqData.setSoapConstants(XMLUtils.getSOAPConstants(doc.getDocumentElement()));
// Load CallbackHandler
if (reqData.getCallbackHandler() == null) {
@@ -1317,7 +1318,7 @@ public abstract class WSHandler {
*/
for (WSHandlerResult rResult : results) {
String hActor = rResult.getActor();
- if (!WSSecurityUtil.isActorEqual(reqData.getActor(), hActor)) {
+ if (!XMLUtils.isActorEqual(reqData.getActor(), hActor)) {
continue;
}
List<WSSecurityEngineResult> wsSecEngineResults =
rResult.getResults();
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/Encryptor.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/Encryptor.java
index 3f16391d9..77f407f93 100644
--- a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/Encryptor.java
+++ b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/Encryptor.java
@@ -264,7 +264,7 @@ public class Encryptor {
encryptionMethod.setAttributeNS(null, "Algorithm",
encryptionAlgorithm);
encryptedData.appendChild(encryptionMethod);
- encryptedData.appendChild(WSSecurityUtil.cloneElement(doc,
keyInfo.getElement()));
+ encryptedData.appendChild(XMLUtils.cloneElement(doc,
keyInfo.getElement()));
Element cipherData =
doc.createElementNS(WSConstants.ENC_NS, WSConstants.ENC_PREFIX +
":CipherData");
@@ -371,7 +371,7 @@ public class Encryptor {
encryptionMethod.setAttributeNS(null, "Algorithm",
encryptionAlgorithm);
encryptedData.appendChild(encryptionMethod);
- encryptedData.appendChild(WSSecurityUtil.cloneElement(doc,
keyInfo.getElement()));
+ encryptedData.appendChild(XMLUtils.cloneElement(doc,
keyInfo.getElement()));
Element cipherData =
doc.createElementNS(WSConstants.ENC_NS, WSConstants.ENC_PREFIX
+ ":CipherData");
@@ -452,7 +452,7 @@ public class Encryptor {
String xencEncryptedDataId = idAllocator.createId("ED-",
elementToEncrypt);
try {
if ("Header".equals(modifier)) {
- String soapNamespace =
WSSecurityUtil.getSOAPNamespace(doc.getDocumentElement());
+ String soapNamespace =
XMLUtils.getSOAPNamespace(doc.getDocumentElement());
if
(elementToEncrypt.getParentNode().getNamespaceURI().equals(soapNamespace)
&&
WSConstants.ELEM_HEADER.equals(elementToEncrypt.getParentNode().getLocalName()))
{
createEncryptedHeaderElement(securityHeader,
elementToEncrypt, idAllocator);
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDKEncrypt.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDKEncrypt.java
index 81683dd96..fa6d5fcb8 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDKEncrypt.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDKEncrypt.java
@@ -31,6 +31,7 @@ import org.apache.wss4j.common.token.Reference;
import org.apache.wss4j.common.token.SecurityTokenReference;
import org.apache.wss4j.common.util.FIPSUtils;
import org.apache.wss4j.common.util.KeyUtils;
+import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.apache.xml.security.encryption.Serializer;
@@ -92,7 +93,7 @@ public class WSSecDKEncrypt extends WSSecDerivedKeyBase {
if (attachmentEncryptedDataElements != null) {
for (Element encryptedData : attachmentEncryptedDataElements) {
Element securityHeaderElement =
getSecurityHeader().getSecurityHeaderElement();
- WSSecurityUtil.prependChildElement(securityHeaderElement,
encryptedData);
+ XMLUtils.prependChildElement(securityHeaderElement,
encryptedData);
}
}
}
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDerivedKeyBase.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDerivedKeyBase.java
index c59a3e53f..6377d4146 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDerivedKeyBase.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDerivedKeyBase.java
@@ -38,7 +38,6 @@ import org.apache.wss4j.common.util.UsernameTokenUtil;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.message.token.DerivedKeyToken;
import org.apache.wss4j.dom.message.token.KerberosSecurity;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.apache.xml.security.utils.XMLUtils;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@@ -306,7 +305,7 @@ public abstract class WSSecDerivedKeyBase extends
WSSecSignatureBase {
*/
public void prependDKElementToHeader() {
Element securityHeaderElement =
getSecurityHeader().getSecurityHeaderElement();
- WSSecurityUtil.prependChildElement(securityHeaderElement,
dkt.getElement());
+
org.apache.wss4j.common.util.XMLUtils.prependChildElement(securityHeaderElement,
dkt.getElement());
}
public void appendDKElementToHeader() {
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java
index 3698b4d34..de381d8a9 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java
@@ -274,7 +274,7 @@ public class WSSecEncrypt extends WSSecEncryptedKey {
public void addExternalRefElement(Element dataRef) {
if (dataRef != null) {
Element secHeaderElement =
getSecurityHeader().getSecurityHeaderElement();
- WSSecurityUtil.prependChildElement(secHeaderElement, dataRef);
+ XMLUtils.prependChildElement(secHeaderElement, dataRef);
}
}
@@ -282,7 +282,7 @@ public class WSSecEncrypt extends WSSecEncryptedKey {
if (attachmentEncryptedDataElements != null) {
for (Element encryptedData : attachmentEncryptedDataElements) {
Element secHeaderElement =
getSecurityHeader().getSecurityHeaderElement();
- WSSecurityUtil.prependChildElement(secHeaderElement,
encryptedData);
+ XMLUtils.prependChildElement(secHeaderElement, encryptedData);
}
}
}
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncryptedKey.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncryptedKey.java
index 77e8c80d1..05a81dd7e 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncryptedKey.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncryptedKey.java
@@ -784,7 +784,7 @@ public class WSSecEncryptedKey extends WSSecBase {
*/
public void prependToHeader() {
Element secHeaderElement =
getSecurityHeader().getSecurityHeaderElement();
- WSSecurityUtil.prependChildElement(secHeaderElement,
encryptedKeyElement);
+
org.apache.wss4j.common.util.XMLUtils.prependChildElement(secHeaderElement,
encryptedKeyElement);
}
/**
@@ -810,7 +810,7 @@ public class WSSecEncryptedKey extends WSSecBase {
public void prependBSTElementToHeader() {
if (bstToken != null && !bstAddedToSecurityHeader) {
Element secHeaderElement =
getSecurityHeader().getSecurityHeaderElement();
- WSSecurityUtil.prependChildElement(secHeaderElement,
bstToken.getElement());
+
org.apache.wss4j.common.util.XMLUtils.prependChildElement(secHeaderElement,
bstToken.getElement());
bstAddedToSecurityHeader = true;
}
}
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecHeader.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecHeader.java
index 65ecdb32f..7ec7ea9c0 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecHeader.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecHeader.java
@@ -21,7 +21,6 @@ package org.apache.wss4j.dom.message;
import org.apache.wss4j.common.WSS4JConstants;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.util.XMLUtils;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
@@ -130,7 +129,7 @@ public class WSSecHeader {
}
if (securityHeader == null) {
securityHeader =
- WSSecurityUtil.findWsseSecurityHeaderBlock(
+ XMLUtils.findWsseSecurityHeaderBlock(
doc, doc.getDocumentElement(), actor, false
);
}
@@ -161,11 +160,11 @@ public class WSSecHeader {
}
securityHeader =
- WSSecurityUtil.findWsseSecurityHeaderBlock(
+ XMLUtils.findWsseSecurityHeaderBlock(
doc, doc.getDocumentElement(), actor, true
);
- String soapNamespace =
WSSecurityUtil.getSOAPNamespace(doc.getDocumentElement());
+ String soapNamespace =
XMLUtils.getSOAPNamespace(doc.getDocumentElement());
String soapPrefix =
XMLUtils.setNamespace(
securityHeader, soapNamespace,
WSS4JConstants.DEFAULT_SOAP_PREFIX
@@ -206,7 +205,7 @@ public class WSSecHeader {
}
securityHeader =
- WSSecurityUtil.findWsseSecurityHeaderBlock(
+ XMLUtils.findWsseSecurityHeaderBlock(
doc, doc.getDocumentElement(), actor, false
);
}
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSAMLToken.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSAMLToken.java
index 404552738..e37d67757 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSAMLToken.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSAMLToken.java
@@ -20,8 +20,8 @@
package org.apache.wss4j.dom.message;
import org.apache.wss4j.common.saml.SamlAssertionWrapper;
+import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.common.ext.WSSecurityException;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@@ -74,7 +74,7 @@ public class WSSecSAMLToken extends WSSecBase {
Element element = getElement();
if (element != null) {
Element securityHeaderElement =
getSecurityHeader().getSecurityHeaderElement();
- WSSecurityUtil.prependChildElement(securityHeaderElement,
element);
+ XMLUtils.prependChildElement(securityHeaderElement, element);
}
} catch (WSSecurityException ex) {
throw new RuntimeException(ex.toString(), ex);
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSecurityContextToken.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSecurityContextToken.java
index ecc4fdf8d..6bc86687e 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSecurityContextToken.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSecurityContextToken.java
@@ -21,10 +21,10 @@ package org.apache.wss4j.dom.message;
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.common.derivedKey.ConversationConstants;
import org.apache.wss4j.dom.engine.WSSConfig;
import org.apache.wss4j.dom.message.token.SecurityContextToken;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@@ -93,7 +93,7 @@ public class WSSecSecurityContextToken {
public void prependSCTElementToHeader()
throws WSSecurityException {
Element secHeaderElement = securityHeader.getSecurityHeaderElement();
- WSSecurityUtil.prependChildElement(secHeaderElement, sct.getElement());
+ XMLUtils.prependChildElement(secHeaderElement, sct.getElement());
}
/**
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignature.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignature.java
index e7384610d..3024b0aa4 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignature.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignature.java
@@ -521,7 +521,7 @@ public class WSSecSignature extends WSSecSignatureBase {
public void prependBSTElementToHeader() {
if (bstToken != null && !bstAddedToSecurityHeader) {
Element securityHeaderElement =
getSecurityHeader().getSecurityHeaderElement();
- WSSecurityUtil.prependChildElement(securityHeaderElement,
bstToken);
+ XMLUtils.prependChildElement(securityHeaderElement, bstToken);
bstAddedToSecurityHeader = true;
}
}
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignatureBase.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignatureBase.java
index 5901112a8..6c907165d 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignatureBase.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignatureBase.java
@@ -242,7 +242,7 @@ public class WSSecSignatureBase extends WSSecBase {
clonedElements.add(element);
Document doc = this.getSecurityHeader().getSecurityHeaderDoc();
-
element.getParentNode().appendChild(WSSecurityUtil.cloneElement(doc, element));
+ element.getParentNode().appendChild(XMLUtils.cloneElement(doc,
element));
WSSecurityUtil.inlineAttachments(includeElements,
attachmentCallbackHandler, false);
}
}
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignatureConfirmation.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignatureConfirmation.java
index 3e04ee4ea..6882a9544 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignatureConfirmation.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignatureConfirmation.java
@@ -19,8 +19,8 @@
package org.apache.wss4j.dom.message;
+import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.message.token.SignatureConfirmation;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@@ -78,7 +78,7 @@ public class WSSecSignatureConfirmation extends WSSecBase {
*/
public void prependToHeader() {
Element securityHeaderElement =
getSecurityHeader().getSecurityHeaderElement();
- WSSecurityUtil.prependChildElement(securityHeaderElement,
sc.getElement());
+ XMLUtils.prependChildElement(securityHeaderElement, sc.getElement());
}
/**
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecTimestamp.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecTimestamp.java
index 43eeabd5a..6d3f10e84 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecTimestamp.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecTimestamp.java
@@ -24,8 +24,8 @@ import org.w3c.dom.Element;
import org.apache.wss4j.common.util.WSCurrentTimeSource;
import org.apache.wss4j.common.util.WSTimeSource;
+import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.message.token.Timestamp;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
/**
* Builds a WS Timestamp and inserts it into the SOAP Envelope. Refer to the WS
@@ -88,7 +88,7 @@ public class WSSecTimestamp extends WSSecBase {
*/
public void prependToHeader() {
Element securityHeaderElement =
getSecurityHeader().getSecurityHeaderElement();
- WSSecurityUtil.prependChildElement(securityHeaderElement,
ts.getElement());
+ XMLUtils.prependChildElement(securityHeaderElement, ts.getElement());
}
/**
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecUsernameToken.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecUsernameToken.java
index f0d6562ef..9c70b9e1c 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecUsernameToken.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecUsernameToken.java
@@ -25,8 +25,8 @@ import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.util.UsernameTokenUtil;
import org.apache.wss4j.common.util.WSCurrentTimeSource;
import org.apache.wss4j.common.util.WSTimeSource;
+import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.message.token.UsernameToken;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@@ -195,7 +195,7 @@ public class WSSecUsernameToken extends WSSecBase {
*/
public void prependToHeader() {
Element securityHeaderElement =
getSecurityHeader().getSecurityHeaderElement();
- WSSecurityUtil.prependChildElement(securityHeaderElement,
ut.getElement());
+ XMLUtils.prependChildElement(securityHeaderElement, ut.getElement());
}
/**
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/DerivedKeyToken.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/DerivedKeyToken.java
index eea34fc21..37aa79b6a 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/DerivedKeyToken.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/DerivedKeyToken.java
@@ -36,7 +36,7 @@ import
org.apache.wss4j.common.principal.WSDerivedKeyTokenPrincipal;
import org.apache.wss4j.common.token.SecurityTokenReference;
import org.apache.wss4j.common.util.DOM2Writer;
import org.apache.wss4j.common.util.XMLUtils;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
+
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
@@ -210,12 +210,12 @@ public class DerivedKeyToken {
*/
public void setSecurityTokenReference(SecurityTokenReference ref) {
elementSecurityTokenReference = ref.getElement();
- WSSecurityUtil.prependChildElement(element, ref.getElement());
+ XMLUtils.prependChildElement(element, ref.getElement());
}
public void setSecurityTokenReference(Element elem) {
elementSecurityTokenReference = elem;
- WSSecurityUtil.prependChildElement(element, elem);
+ XMLUtils.prependChildElement(element, elem);
}
/**
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/saml/WSSecSignatureSAML.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/saml/WSSecSignatureSAML.java
index b1e14bf89..deb87b079 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/saml/WSSecSignatureSAML.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/saml/WSSecSignatureSAML.java
@@ -46,6 +46,7 @@ import org.apache.wss4j.common.token.Reference;
import org.apache.wss4j.common.token.SecurityTokenReference;
import org.apache.wss4j.common.token.X509Security;
import org.apache.wss4j.common.util.KeyUtils;
+import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.WSDocInfo;
import org.apache.wss4j.dom.handler.RequestData;
@@ -125,7 +126,7 @@ public class WSSecSignatureSAML extends WSSecSignature {
//
if (secRefID != null) {
String soapNamespace =
-
WSSecurityUtil.getSOAPNamespace(getDocument().getDocumentElement());
+ XMLUtils.getSOAPNamespace(getDocument().getDocumentElement());
WSEncryptionPart encP =
new WSEncryptionPart("STRTransform", soapNamespace, "Content");
encP.setId(secRefID);
@@ -466,10 +467,10 @@ public class WSSecSignatureSAML extends WSSecSignature {
public void prependSAMLElementsToHeader() {
Element securityHeaderElement =
getSecurityHeader().getSecurityHeaderElement();
if (senderVouches) {
- WSSecurityUtil.prependChildElement(securityHeaderElement,
secRefSaml.getElement());
+ XMLUtils.prependChildElement(securityHeaderElement,
secRefSaml.getElement());
}
- WSSecurityUtil.prependChildElement(securityHeaderElement, samlToken);
+ XMLUtils.prependChildElement(securityHeaderElement, samlToken);
}
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java
index 1496a740e..8ef84c00a 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java
@@ -19,9 +19,6 @@
package org.apache.wss4j.dom.util;
-import org.apache.wss4j.dom.SOAP11Constants;
-import org.apache.wss4j.dom.SOAP12Constants;
-import org.apache.wss4j.dom.SOAPConstants;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.callback.CallbackLookup;
import org.apache.wss4j.dom.engine.WSSConfig;
@@ -40,13 +37,6 @@ import org.w3c.dom.Text;
//import com.sun.xml.internal.messaging.saaj.soap.SOAPDocumentImpl;
-import java.lang.reflect.AccessibleObject;
-import java.lang.reflect.InvocationTargetException;
-import java.lang.reflect.Method;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-import java.security.PrivilegedActionException;
-import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
@@ -59,97 +49,16 @@ import javax.security.auth.callback.CallbackHandler;
*/
public final class WSSecurityUtil {
- private static boolean isSAAJ14 = false;
-
private static final org.slf4j.Logger LOG =
org.slf4j.LoggerFactory.getLogger(WSSecurityUtil.class);
- private static final ClassValue<Method> GET_DOM_ELEMENTS_METHODS = new
ClassValue<Method>() {
- @Override
- protected Method computeValue(Class<?> type) {
- try {
- return getMethod(type, "getDomElement");
- } catch (NoSuchMethodException e) {
- //best effort to try, do nothing if NoSuchMethodException
- return null;
- }
- }
- };
-
- private static final ClassValue<Method> GET_ENVELOPE_METHODS = new
ClassValue<Method>() {
- @Override
- protected Method computeValue(Class<?> type) {
- try {
- return getMethod(type, "getEnvelope");
- } catch (NoSuchMethodException e) {
- //best effort to try, do nothing if NoSuchMethodException
- return null;
- }
- }
- };
-
- static {
- try {
- Method[] methods = WSSecurityUtil.class.getClassLoader().
-
loadClass("com.sun.xml.messaging.saaj.soap.SOAPDocumentImpl").getMethods();
- for (Method method : methods) {
- if (method.getName().equals("register")) {
- //this is the 1.4+ SAAJ impl
- isSAAJ14 = true;
- break;
- }
- }
- } catch (ClassNotFoundException cnfe) {
- LOG.debug("Can't load class
com.sun.xml.messaging.saaj.soap.SOAPDocumentImpl", cnfe);
-
- try {
- Method[] methods = WSSecurityUtil.class.getClassLoader().
-
loadClass("com.sun.xml.internal.messaging.saaj.soap.SOAPDocumentImpl").getMethods();
- for (Method method : methods) {
- if (method.getName().equals("register")) {
- //this is the SAAJ impl in JDK9
- isSAAJ14 = true;
- break;
- }
- }
- } catch (ClassNotFoundException cnfe1) {
- LOG.debug("can't load class
com.sun.xml.internal.messaging.saaj.soap.SOAPDocumentImpl", cnfe1);
- }
- }
- }
private WSSecurityUtil() {
// Complete
}
- private static Method getMethod(final Class<?> clazz, final String name,
- final Class<?>... parameterTypes) throws
NoSuchMethodException {
- try {
- return AccessController.doPrivileged(new
PrivilegedExceptionAction<Method>() {
- public Method run() throws Exception {
- return clazz.getMethod(name, parameterTypes);
- }
- });
- } catch (PrivilegedActionException pae) {
- Exception e = pae.getException();
- if (e instanceof NoSuchMethodException) {
- throw (NoSuchMethodException)e;
- }
- throw new SecurityException(e);
- }
- }
-
- private static <T extends AccessibleObject> T setAccessible(final T o) {
- return AccessController.doPrivileged(new PrivilegedAction<T>() {
- public T run() {
- o.setAccessible(true);
- return o;
- }
- });
- }
-
public static Element getSOAPHeader(Document doc) {
- String soapNamespace =
WSSecurityUtil.getSOAPNamespace(doc.getDocumentElement());
+ String soapNamespace =
XMLUtils.getSOAPNamespace(doc.getDocumentElement());
return
XMLUtils.getDirectChildElement(
doc.getDocumentElement(), WSConstants.ELEM_HEADER,
soapNamespace
@@ -171,7 +80,7 @@ public final class WSSecurityUtil {
return null;
}
- String soapNamespace =
WSSecurityUtil.getSOAPNamespace(doc.getDocumentElement());
+ String soapNamespace =
XMLUtils.getSOAPNamespace(doc.getDocumentElement());
return getSecurityHeader(soapHeaderElement, actor,
WSConstants.URI_SOAP12_ENV.equals(soapNamespace));
}
@@ -207,7 +116,7 @@ public final class WSSecurityUtil {
Attr attr = elem.getAttributeNodeNS(soapNamespace, actorLocal);
String hActor = (attr != null) ? attr.getValue() : null;
- if (WSSecurityUtil.isActorEqual(actor, hActor)) {
+ if (XMLUtils.isActorEqual(actor, hActor)) {
if (foundSecurityHeader != null) {
LOG.debug(
"Two or more security headers have the same actor
name: {}", actor
@@ -221,24 +130,6 @@ public final class WSSecurityUtil {
return foundSecurityHeader;
}
-
- /**
- * Compares two actor strings and returns true if these are equal. Takes
- * care of the null length strings and uses ignore case.
- *
- * @param actor
- * @param hActor
- * @return true is the actor arguments are equal
- */
- public static boolean isActorEqual(String actor, String hActor) {
- if ((hActor == null || hActor.length() == 0)
- && (actor == null || actor.length() == 0)) {
- return true;
- }
-
- return hActor != null && actor != null &&
hActor.equalsIgnoreCase(actor);
- }
-
/**
* Gets all direct children with specified localname and namespace. <p/>
*
@@ -315,175 +206,10 @@ public final class WSSecurityUtil {
*/
public static WSEncryptionPart getDefaultEncryptionPart(Document doc) {
String soapNamespace =
- WSSecurityUtil.getSOAPNamespace(doc.getDocumentElement());
+ XMLUtils.getSOAPNamespace(doc.getDocumentElement());
return new WSEncryptionPart(WSConstants.ELEM_BODY, soapNamespace,
"Content");
}
- /**
- * create a new element in the same namespace <p/>
- *
- * @param parent for the new element
- * @param localName of the new element
- * @return the new element
- */
- private static Element createElementInSameNamespace(Node parent, String
localName) {
- String qName = localName;
- String prefix = parent.getPrefix();
- if (prefix != null && prefix.length() > 0) {
- qName = prefix + ":" + localName;
- }
-
- String nsUri = parent.getNamespaceURI();
- return parent.getOwnerDocument().createElementNS(nsUri, qName);
- }
-
-
-
-
- /**
- * prepend a child element <p/>
- *
- * @param parent element of this child element
- * @param child the element to append
- * @return the child element
- */
- public static Element prependChildElement(
- Element parent,
- Element child
- ) {
- Node firstChild = parent.getFirstChild();
- Element domChild = null;
- try {
- domChild = (Element)getDomElement(child);
- } catch (WSSecurityException e) {
- LOG.debug("Error when try to get Dom Element from the child", e);
- }
- if (firstChild == null) {
- return (Element)parent.appendChild(domChild);
- } else {
- return (Element)parent.insertBefore(domChild, firstChild);
- }
- }
-
-
- /**
- * find the first ws-security header block <p/>
- *
- * @param doc the DOM document (SOAP request)
- * @param envelope the SOAP envelope
- * @param doCreate if true create a new WSS header block if none exists
- * @return the WSS header or null if none found and doCreate is false
- */
- public static Element findWsseSecurityHeaderBlock(
- Document doc,
- Element envelope,
- boolean doCreate
- ) throws WSSecurityException {
- return findWsseSecurityHeaderBlock(doc, envelope, null, doCreate);
- }
-
- /**
- * find a WS-Security header block for a given actor <p/>
- *
- * @param doc the DOM document (SOAP request)
- * @param envelope the SOAP envelope
- * @param actor the actor (role) name of the WSS header
- * @param doCreate if true create a new WSS header block if none exists
- * @return the WSS header or null if none found and doCreate is false
- */
- public static Element findWsseSecurityHeaderBlock(
- Document doc,
- Element envelope,
- String actor,
- boolean doCreate
- ) throws WSSecurityException {
- String soapNamespace =
WSSecurityUtil.getSOAPNamespace(doc.getDocumentElement());
- Element header =
- XMLUtils.getDirectChildElement(
- doc.getDocumentElement(),
- WSConstants.ELEM_HEADER,
- soapNamespace
- );
- if (header == null) { // no SOAP header at all
- if (doCreate) {
- if (isSAAJ14) {
- try {
- Node node = null;
- Method method =
GET_ENVELOPE_METHODS.get(doc.getClass());
- if (method != null) {
- try {
- node = (Node)setAccessible(method).invoke(doc);
- } catch (IllegalAccessException |
IllegalArgumentException | InvocationTargetException e) {
- throw new
WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY);
- }
- }
- if (node != null) {
- header = createElementInSameNamespace(node,
WSConstants.ELEM_HEADER);
- } else {
- header =
createElementInSameNamespace(doc.getDocumentElement(), WSConstants.ELEM_HEADER);
- }
- header = (Element)doc.importNode(header, true);
- header = (Element)getDomElement(header);
- header = prependChildElement(envelope, header);
-
- } catch (Exception e) {
- throw new
WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY);
- }
-
- } else {
- header = createElementInSameNamespace(envelope,
WSConstants.ELEM_HEADER);
- header = prependChildElement(envelope, header);
- }
- } else {
- return null;
- }
- }
-
- String actorLocal = WSConstants.ATTR_ACTOR;
- if (WSConstants.URI_SOAP12_ENV.equals(soapNamespace)) {
- actorLocal = WSConstants.ATTR_ROLE;
- }
-
- //
- // Iterate through the security headers
- //
- Element foundSecurityHeader = null;
- for (
- Node currentChild = header.getFirstChild();
- currentChild != null;
- currentChild = currentChild.getNextSibling()
- ) {
- if (Node.ELEMENT_NODE == currentChild.getNodeType()
- && WSConstants.WSSE_LN.equals(currentChild.getLocalName())
- && WSConstants.WSSE_NS.equals(currentChild.getNamespaceURI()))
{
-
- Element elem = (Element)currentChild;
- Attr attr = elem.getAttributeNodeNS(soapNamespace, actorLocal);
- String hActor = (attr != null) ? attr.getValue() : null;
-
- if (WSSecurityUtil.isActorEqual(actor, hActor)) {
- if (foundSecurityHeader != null) {
- LOG.debug(
- "Two or more security headers have the same actor
name: {}", actor
- );
- throw new
WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY);
- }
- foundSecurityHeader = elem;
- }
- }
- }
- if (foundSecurityHeader != null) {
- return foundSecurityHeader;
- } else if (doCreate) {
- foundSecurityHeader = doc.createElementNS(WSConstants.WSSE_NS,
"wsse:Security");
- foundSecurityHeader.setAttributeNS(WSConstants.XMLNS_NS,
"xmlns:wsse", WSConstants.WSSE_NS);
- foundSecurityHeader = (Element)doc.importNode(foundSecurityHeader,
true);
- foundSecurityHeader = (Element)getDomElement(foundSecurityHeader);
-
- return prependChildElement(header, foundSecurityHeader);
- }
- return null;
- }
/**
* create a base64 test node <p/>
@@ -496,19 +222,6 @@ public final class WSSecurityUtil {
return
doc.createTextNode(org.apache.xml.security.utils.XMLUtils.encodeToString(data));
}
- public static SOAPConstants getSOAPConstants(Element startElement) {
- Document doc = startElement.getOwnerDocument();
- String ns = doc.getDocumentElement().getNamespaceURI();
- if (WSConstants.URI_SOAP12_ENV.equals(ns)) {
- return new SOAP12Constants();
- }
- return new SOAP11Constants();
- }
-
- public static String getSOAPNamespace(Element startElement) {
- return getSOAPConstants(startElement).getEnvelopeURI();
- }
-
public static List<Integer> decodeAction(String action) throws
WSSecurityException {
String actionToParse = action;
if (actionToParse == null) {
@@ -643,44 +356,6 @@ public final class WSSecurityUtil {
}
}
- /**
- * Register the jakarta.xml.soap.Node with new Cloned Dom Node with java9
- * @param doc The SOAPDocumentImpl
- * @param clonedElement The cloned Element
- * @return new clonedElement which already associated with the SAAJ Node
- * @throws WSSecurityException
- */
- public static Element cloneElement(Document doc, Element clonedElement)
throws WSSecurityException {
- clonedElement = (Element)clonedElement.cloneNode(true);
- if (isSAAJ14) {
- // here we need register the jakarta.xml.soap.Node with new
instance
- clonedElement = (Element)doc.importNode(clonedElement, true);
- clonedElement = (Element)getDomElement(clonedElement);
- }
- return clonedElement;
- }
-
- /**
- * Try to get the DOM Node from the SAAJ Node with JAVA9
- * @param node The original node we need check
- * @return The DOM node
- * @throws WSSecurityException
- */
- private static Node getDomElement(Node node) throws WSSecurityException {
- if (node != null && isSAAJ14) {
-
- Method method = GET_DOM_ELEMENTS_METHODS.get(node.getClass());
- if (method != null) {
- try {
- return (Node)setAccessible(method).invoke(node);
- } catch (IllegalAccessException | IllegalArgumentException |
InvocationTargetException e) {
- throw new
WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY);
- }
- }
- }
- return node;
- }
-
public static byte[] getBytesFromAttachment(
String xopUri, RequestData data
) throws WSSecurityException {
diff --git
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/EncryptedDataInHeaderTest.java
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/EncryptedDataInHeaderTest.java
index 732fe5ba3..49f82b4c3 100644
---
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/EncryptedDataInHeaderTest.java
+++
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/EncryptedDataInHeaderTest.java
@@ -36,7 +36,6 @@ import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.crypto.CryptoFactory;
import org.apache.wss4j.common.util.KeyUtils;
import org.apache.wss4j.common.util.XMLUtils;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.junit.jupiter.api.Test;
import org.w3c.dom.Document;
@@ -83,7 +82,7 @@ public class EncryptedDataInHeaderTest {
new WSEncryptionPart(
"Timestamp", WSConstants.WSU_NS, "");
encrypt.getParts().add(encP);
- String soapNamespace =
WSSecurityUtil.getSOAPNamespace(doc.getDocumentElement());
+ String soapNamespace =
XMLUtils.getSOAPNamespace(doc.getDocumentElement());
encP =
new WSEncryptionPart(
WSConstants.ELEM_BODY, soapNamespace, "Content"
diff --git
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/EncryptionPartsTest.java
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/EncryptionPartsTest.java
index d53d89335..ae041a67e 100644
---
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/EncryptionPartsTest.java
+++
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/EncryptionPartsTest.java
@@ -19,8 +19,8 @@
package org.apache.wss4j.dom.message;
+import org.apache.wss4j.common.SOAPConstants;
import org.apache.wss4j.common.util.SOAPUtil;
-import org.apache.wss4j.dom.SOAPConstants;
import org.apache.wss4j.dom.WSDataRef;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.common.KeystoreCallbackHandler;
@@ -165,7 +165,7 @@ public class EncryptionPartsTest {
"");
encP.setRequired(false);
encrypt.getParts().add(encP);
- String soapNamespace =
WSSecurityUtil.getSOAPNamespace(doc.getDocumentElement());
+ String soapNamespace =
XMLUtils.getSOAPNamespace(doc.getDocumentElement());
encP =
new WSEncryptionPart(
WSConstants.ELEM_BODY,
@@ -204,7 +204,7 @@ public class EncryptionPartsTest {
"");
encP.setRequired(false);
encrypt.getParts().add(encP);
- String soapNamespace =
WSSecurityUtil.getSOAPNamespace(doc.getDocumentElement());
+ String soapNamespace =
XMLUtils.getSOAPNamespace(doc.getDocumentElement());
encP =
new WSEncryptionPart(
WSConstants.ELEM_BODY,
@@ -242,7 +242,7 @@ public class EncryptionPartsTest {
"urn:foo.bar",
"");
encrypt.getParts().add(encP);
- String soapNamespace =
WSSecurityUtil.getSOAPNamespace(doc.getDocumentElement());
+ String soapNamespace =
XMLUtils.getSOAPNamespace(doc.getDocumentElement());
encP =
new WSEncryptionPart(
WSConstants.ELEM_BODY,
@@ -430,8 +430,7 @@ public class EncryptionPartsTest {
@Test
public void testSOAPHeaderAndBody() throws Exception {
Document doc = SOAPUtil.toSOAPPart(SOAPMSG);
- SOAPConstants soapConstants =
- WSSecurityUtil.getSOAPConstants(doc.getDocumentElement());
+ SOAPConstants soapConstants =
XMLUtils.getSOAPConstants(doc.getDocumentElement());
WSSecHeader secHeader = new WSSecHeader(doc);
secHeader.insertSecurityHeader();
@@ -502,8 +501,7 @@ public class EncryptionPartsTest {
@Test
public void testEncryptionPartDOMElement() throws Exception {
Document doc = SOAPUtil.toSOAPPart(SOAPMSG);
- SOAPConstants soapConstants =
- WSSecurityUtil.getSOAPConstants(doc.getDocumentElement());
+ SOAPConstants soapConstants =
XMLUtils.getSOAPConstants(doc.getDocumentElement());
WSSecHeader secHeader = new WSSecHeader(doc);
secHeader.insertSecurityHeader();
diff --git
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/EncryptionTest.java
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/EncryptionTest.java
index 6e44a441b..9bca837c1 100644
---
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/EncryptionTest.java
+++
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/EncryptionTest.java
@@ -29,6 +29,7 @@ import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.security.auth.callback.CallbackHandler;
+import org.apache.wss4j.common.SOAPConstants;
import org.apache.wss4j.common.WSEncryptionPart;
import org.apache.wss4j.common.WSS4JConstants;
import org.apache.wss4j.common.bsp.BSPRule;
@@ -37,7 +38,6 @@ import org.apache.wss4j.common.crypto.CryptoFactory;
import org.apache.wss4j.common.crypto.CryptoType;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.util.*;
-import org.apache.wss4j.dom.SOAPConstants;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.WSDataRef;
import org.apache.wss4j.dom.common.CustomHandler;
@@ -52,7 +52,6 @@ import org.apache.wss4j.dom.handler.RequestData;
import org.apache.wss4j.dom.handler.WSHandlerConstants;
import org.apache.wss4j.dom.handler.WSHandlerResult;
import org.apache.wss4j.dom.str.STRParser.REFERENCE_TYPE;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.apache.xml.security.encryption.params.HKDFParams;
import org.apache.xml.security.utils.EncryptionConstants;
import org.junit.jupiter.api.AfterEach;
@@ -728,7 +727,7 @@ public class EncryptionTest {
/*
* Set up the parts structure to encrypt the body
*/
- SOAPConstants soapConstants = WSSecurityUtil.getSOAPConstants(doc
+ SOAPConstants soapConstants = XMLUtils.getSOAPConstants(doc
.getDocumentElement());
WSEncryptionPart encP = new WSEncryptionPart(soapConstants
.getBodyQName().getLocalPart(), soapConstants.getEnvelopeURI(),
@@ -799,7 +798,7 @@ public class EncryptionTest {
/*
* Set up the parts structure to encrypt the body
*/
- SOAPConstants soapConstants = WSSecurityUtil.getSOAPConstants(doc
+ SOAPConstants soapConstants = XMLUtils.getSOAPConstants(doc
.getDocumentElement());
java.util.List<WSEncryptionPart> parts = new ArrayList<>();
WSEncryptionPart encP = new WSEncryptionPart(soapConstants
@@ -822,7 +821,7 @@ public class EncryptionTest {
*/
Element encryptedKeyElement = builder.getEncryptedKeyElement();
encryptedKeyElement.setAttributeNS(null, "Type", "SomeType");
-
WSSecurityUtil.prependChildElement(secHeader.getSecurityHeaderElement(),
encryptedKeyElement);
+ XMLUtils.prependChildElement(secHeader.getSecurityHeaderElement(),
encryptedKeyElement);
builder.prependBSTElementToHeader();
@@ -869,7 +868,7 @@ public class EncryptionTest {
builder.prepare(crypto, symmetricKey);
builder.setEmbedEncryptedKey(true);
- SOAPConstants soapConstants = WSSecurityUtil.getSOAPConstants(doc
+ SOAPConstants soapConstants = XMLUtils.getSOAPConstants(doc
.getDocumentElement());
java.util.List<WSEncryptionPart> parts = new ArrayList<>();
WSEncryptionPart encP = new WSEncryptionPart(soapConstants
diff --git
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/STRSignatureTest.java
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/STRSignatureTest.java
index c769b7441..711acf471 100644
---
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/STRSignatureTest.java
+++
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/STRSignatureTest.java
@@ -19,10 +19,9 @@
package org.apache.wss4j.dom.message;
+import org.apache.wss4j.common.SOAPConstants;
import org.apache.wss4j.common.util.SOAPUtil;
-import org.apache.wss4j.dom.SOAPConstants;
import org.apache.wss4j.dom.WSConstants;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.junit.jupiter.api.Test;
@@ -61,7 +60,7 @@ public class STRSignatureTest {
@Test
public void testX509SignatureDirectSTR() throws Exception {
Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
- SOAPConstants soapConstants =
WSSecurityUtil.getSOAPConstants(doc.getDocumentElement());
+ SOAPConstants soapConstants =
XMLUtils.getSOAPConstants(doc.getDocumentElement());
WSSecHeader secHeader = new WSSecHeader(doc);
secHeader.insertSecurityHeader();
@@ -109,7 +108,7 @@ public class STRSignatureTest {
@Test
public void testWSS96() throws Exception {
Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
- SOAPConstants soapConstants =
WSSecurityUtil.getSOAPConstants(doc.getDocumentElement());
+ SOAPConstants soapConstants =
XMLUtils.getSOAPConstants(doc.getDocumentElement());
WSSecHeader secHeader = new WSSecHeader(doc);
secHeader.insertSecurityHeader();
@@ -166,7 +165,7 @@ public class STRSignatureTest {
@Test
public void testX509SignatureISSTR() throws Exception {
Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
- SOAPConstants soapConstants =
WSSecurityUtil.getSOAPConstants(doc.getDocumentElement());
+ SOAPConstants soapConstants =
XMLUtils.getSOAPConstants(doc.getDocumentElement());
WSSecHeader secHeader = new WSSecHeader(doc);
secHeader.insertSecurityHeader();
@@ -218,7 +217,7 @@ public class STRSignatureTest {
@Test
public void testX509SignatureSKISTR() throws Exception {
Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
- SOAPConstants soapConstants =
WSSecurityUtil.getSOAPConstants(doc.getDocumentElement());
+ SOAPConstants soapConstants =
XMLUtils.getSOAPConstants(doc.getDocumentElement());
WSSecHeader secHeader = new WSSecHeader(doc);
secHeader.insertSecurityHeader();
diff --git
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignaturePartsTest.java
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignaturePartsTest.java
index 09e01c654..073e28172 100644
---
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignaturePartsTest.java
+++
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignaturePartsTest.java
@@ -19,10 +19,10 @@
package org.apache.wss4j.dom.message;
+import org.apache.wss4j.common.SOAPConstants;
import org.apache.wss4j.common.WSEncryptionPart;
import org.apache.wss4j.common.saml.SamlAssertionWrapper;
import org.apache.wss4j.common.util.SOAPUtil;
-import org.apache.wss4j.dom.SOAPConstants;
import org.apache.wss4j.dom.WSDataRef;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.common.CustomHandler;
@@ -178,7 +178,7 @@ public class SignaturePartsTest {
"");
encP.setRequired(false);
sign.getParts().add(encP);
- String soapNamespace =
WSSecurityUtil.getSOAPNamespace(doc.getDocumentElement());
+ String soapNamespace =
XMLUtils.getSOAPNamespace(doc.getDocumentElement());
encP =
new WSEncryptionPart(
WSConstants.ELEM_BODY,
@@ -215,7 +215,7 @@ public class SignaturePartsTest {
"");
encP.setRequired(false);
sign.getParts().add(encP);
- String soapNamespace =
WSSecurityUtil.getSOAPNamespace(doc.getDocumentElement());
+ String soapNamespace =
XMLUtils.getSOAPNamespace(doc.getDocumentElement());
encP =
new WSEncryptionPart(
WSConstants.ELEM_BODY,
@@ -251,7 +251,7 @@ public class SignaturePartsTest {
"urn:foo.bar",
"");
sign.getParts().add(encP);
- String soapNamespace =
WSSecurityUtil.getSOAPNamespace(doc.getDocumentElement());
+ String soapNamespace =
XMLUtils.getSOAPNamespace(doc.getDocumentElement());
encP =
new WSEncryptionPart(
WSConstants.ELEM_BODY,
@@ -419,8 +419,7 @@ public class SignaturePartsTest {
sign.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
sign.setKeyIdentifierType(WSConstants.ISSUER_SERIAL);
- SOAPConstants soapConstants =
- WSSecurityUtil.getSOAPConstants(doc.getDocumentElement());
+ SOAPConstants soapConstants =
XMLUtils.getSOAPConstants(doc.getDocumentElement());
WSEncryptionPart encP =
new WSEncryptionPart(
@@ -489,8 +488,7 @@ public class SignaturePartsTest {
sign.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
sign.setKeyIdentifierType(WSConstants.ISSUER_SERIAL);
- SOAPConstants soapConstants =
- WSSecurityUtil.getSOAPConstants(doc.getDocumentElement());
+ SOAPConstants soapConstants =
XMLUtils.getSOAPConstants(doc.getDocumentElement());
// Give wrong names to make sure it's picking up the element
WSEncryptionPart encP =
diff --git
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignedBSTTest.java
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignedBSTTest.java
index d420deaa4..473b92bfb 100644
---
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignedBSTTest.java
+++
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignedBSTTest.java
@@ -39,7 +39,6 @@ import org.apache.wss4j.dom.handler.HandlerAction;
import org.apache.wss4j.dom.handler.RequestData;
import org.apache.wss4j.dom.handler.WSHandlerConstants;
import org.apache.wss4j.dom.handler.WSHandlerResult;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.junit.jupiter.api.Test;
import org.w3c.dom.Document;
@@ -80,7 +79,7 @@ public class SignedBSTTest {
String certUri =
WSSConfig.getNewInstance().getIdAllocator().createSecureId("X509-", certs[0]);
bst.setX509Certificate(certs[0]);
bst.setID(certUri);
-
WSSecurityUtil.prependChildElement(secHeader.getSecurityHeaderElement(),
bst.getElement());
+ XMLUtils.prependChildElement(secHeader.getSecurityHeaderElement(),
bst.getElement());
// Add the signature
WSSecSignature sign = new WSSecSignature(secHeader);
@@ -90,7 +89,7 @@ public class SignedBSTTest {
sign.setX509Certificate(certs[0]);
// Add SOAP Body
- String soapNamespace =
WSSecurityUtil.getSOAPNamespace(doc.getDocumentElement());
+ String soapNamespace =
XMLUtils.getSOAPNamespace(doc.getDocumentElement());
WSEncryptionPart encP =
new WSEncryptionPart(
WSConstants.ELEM_BODY, soapNamespace, "Content"
diff --git
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/UTDerivedKeyTest.java
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/UTDerivedKeyTest.java
index aa6e4f701..2929b99c8 100644
---
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/UTDerivedKeyTest.java
+++
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/UTDerivedKeyTest.java
@@ -43,7 +43,6 @@ import org.apache.wss4j.dom.engine.WSSecurityEngineResult;
import org.apache.wss4j.dom.handler.RequestData;
import org.apache.wss4j.dom.handler.WSHandlerResult;
import org.apache.wss4j.dom.message.token.UsernameToken;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.junit.jupiter.api.Test;
import org.w3c.dom.Document;
@@ -93,7 +92,7 @@ public class UTDerivedKeyTest {
usernameToken.addIteration(doc, 500);
assertTrue(usernameToken.getIteration() == 500);
- WSSecurityUtil.prependChildElement(
+ XMLUtils.prependChildElement(
secHeader.getSecurityHeaderElement(), usernameToken.getElement()
);
@@ -573,7 +572,7 @@ public class UTDerivedKeyTest {
encrBuilder.setCustomValueType(WSConstants.WSS_USERNAME_TOKEN_VALUE_TYPE);
Document encryptedDoc = encrBuilder.build(derivedKey);
- WSSecurityUtil.prependChildElement(
+ XMLUtils.prependChildElement(
secHeader.getSecurityHeaderElement(), usernameToken.getElement()
);
@@ -623,7 +622,7 @@ public class UTDerivedKeyTest {
encrBuilder.setCustomValueType(WSConstants.WSS_USERNAME_TOKEN_VALUE_TYPE);
Document encryptedDoc = encrBuilder.build(derivedKey);
- WSSecurityUtil.prependChildElement(
+ XMLUtils.prependChildElement(
secHeader.getSecurityHeaderElement(), usernameToken.getElement()
);
@@ -674,7 +673,7 @@ public class UTDerivedKeyTest {
encrBuilder.setCustomValueType(WSConstants.WSS_USERNAME_TOKEN_VALUE_TYPE);
Document encryptedDoc = encrBuilder.build(derivedKey);
- WSSecurityUtil.prependChildElement(
+ XMLUtils.prependChildElement(
secHeader.getSecurityHeaderElement(), usernameToken.getElement()
);
diff --git
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/XOPAttachmentTest.java
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/XOPAttachmentTest.java
index aa04ce570..e2f426209 100644
---
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/XOPAttachmentTest.java
+++
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/XOPAttachmentTest.java
@@ -157,7 +157,7 @@ public class XOPAttachmentTest {
// Remove EncryptedData structure from the security header (which
encrypted the attachment
// in the first place)
Element securityHeader =
- WSSecurityUtil.findWsseSecurityHeaderBlock(encryptedDoc,
encryptedDoc.getDocumentElement(), false);
+ XMLUtils.findWsseSecurityHeaderBlock(encryptedDoc,
encryptedDoc.getDocumentElement(), false);
Element encryptedAttachmentData =
XMLUtils.getDirectChildElement(securityHeader, "EncryptedData",
WSConstants.ENC_NS);
assertNotNull(encryptedAttachmentData);
diff --git
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/token/BSTKerberosTest.java
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/token/BSTKerberosTest.java
index ad9f04af7..fd1b73480 100644
---
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/token/BSTKerberosTest.java
+++
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/token/BSTKerberosTest.java
@@ -39,7 +39,6 @@ import org.apache.wss4j.dom.message.WSSecEncrypt;
import org.apache.wss4j.dom.message.WSSecSignature;
import org.apache.wss4j.dom.message.WSSecHeader;
import org.apache.wss4j.dom.message.WSSecTimestamp;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.apache.wss4j.dom.validate.Credential;
import org.apache.wss4j.dom.validate.Validator;
@@ -89,7 +88,7 @@ public class BSTKerberosTest {
bst.setValueType(AP_REQ);
bst.setEncodingType(BASE64_NS);
bst.setToken("12345678".getBytes());
-
WSSecurityUtil.prependChildElement(secHeader.getSecurityHeaderElement(),
bst.getElement());
+ XMLUtils.prependChildElement(secHeader.getSecurityHeaderElement(),
bst.getElement());
if (LOG.isDebugEnabled()) {
String outputString =
@@ -118,7 +117,7 @@ public class BSTKerberosTest {
bst.setEncodingType(BASE64_NS);
bst.setToken("12345678".getBytes());
bst.setID("Id-" + bst.hashCode());
-
WSSecurityUtil.prependChildElement(secHeader.getSecurityHeaderElement(),
bst.getElement());
+ XMLUtils.prependChildElement(secHeader.getSecurityHeaderElement(),
bst.getElement());
WSSecSignature sign = new WSSecSignature(secHeader);
sign.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
@@ -154,7 +153,7 @@ public class BSTKerberosTest {
bst.setEncodingType(BASE64_NS);
bst.setToken("12345678".getBytes());
bst.setID("Id-" + bst.hashCode());
-
WSSecurityUtil.prependChildElement(secHeader.getSecurityHeaderElement(),
bst.getElement());
+ XMLUtils.prependChildElement(secHeader.getSecurityHeaderElement(),
bst.getElement());
WSSecTimestamp timestamp = new WSSecTimestamp(secHeader);
timestamp.setTimeToLive(600);
@@ -192,7 +191,7 @@ public class BSTKerberosTest {
bst.setValueType(AP_REQ);
bst.setEncodingType(BASE64_NS);
bst.setToken("12345678".getBytes());
-
WSSecurityUtil.prependChildElement(secHeader.getSecurityHeaderElement(),
bst.getElement());
+ XMLUtils.prependChildElement(secHeader.getSecurityHeaderElement(),
bst.getElement());
if (LOG.isDebugEnabled()) {
String outputString =
@@ -226,7 +225,7 @@ public class BSTKerberosTest {
bst.setValueType(AP_REQ);
bst.setEncodingType(BASE64_NS);
bst.setToken("12345678".getBytes());
-
WSSecurityUtil.prependChildElement(secHeader.getSecurityHeaderElement(),
bst.getElement());
+ XMLUtils.prependChildElement(secHeader.getSecurityHeaderElement(),
bst.getElement());
if (LOG.isDebugEnabled()) {
String outputString =
@@ -270,7 +269,7 @@ public class BSTKerberosTest {
bst.setToken(keyData);
bst.setID("Id-" + bst.hashCode());
-
WSSecurityUtil.prependChildElement(secHeader.getSecurityHeaderElement(),
bst.getElement());
+ XMLUtils.prependChildElement(secHeader.getSecurityHeaderElement(),
bst.getElement());
WSSecSignature sign = new WSSecSignature(secHeader);
sign.setSignatureAlgorithm(SignatureMethod.HMAC_SHA1);
@@ -309,7 +308,7 @@ public class BSTKerberosTest {
bst.setToken(keyData);
bst.setID("Id-" + bst.hashCode());
-
WSSecurityUtil.prependChildElement(secHeader.getSecurityHeaderElement(),
bst.getElement());
+ XMLUtils.prependChildElement(secHeader.getSecurityHeaderElement(),
bst.getElement());
WSSecSignature sign = new WSSecSignature(secHeader);
sign.setSignatureAlgorithm(SignatureMethod.HMAC_SHA1);
@@ -350,7 +349,7 @@ public class BSTKerberosTest {
bst.setToken(keyData);
bst.setID("Id-" + bst.hashCode());
-
WSSecurityUtil.prependChildElement(secHeader.getSecurityHeaderElement(),
bst.getElement());
+ XMLUtils.prependChildElement(secHeader.getSecurityHeaderElement(),
bst.getElement());
WSSecEncrypt builder = new WSSecEncrypt(secHeader);
builder.setSymmetricEncAlgorithm(WSConstants.AES_128);
@@ -387,7 +386,7 @@ public class BSTKerberosTest {
bst.setToken(keyData);
bst.setID("Id-" + bst.hashCode());
-
WSSecurityUtil.prependChildElement(secHeader.getSecurityHeaderElement(),
bst.getElement());
+ XMLUtils.prependChildElement(secHeader.getSecurityHeaderElement(),
bst.getElement());
WSSecEncrypt builder = new WSSecEncrypt(secHeader);
builder.setSymmetricEncAlgorithm(WSConstants.AES_128);
diff --git
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/token/BinarySecurityTokenTest.java
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/token/BinarySecurityTokenTest.java
index 402549d15..cded61581 100644
---
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/token/BinarySecurityTokenTest.java
+++
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/token/BinarySecurityTokenTest.java
@@ -36,7 +36,6 @@ import org.apache.wss4j.common.token.PKIPathSecurity;
import org.apache.wss4j.common.token.X509Security;
import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.message.WSSecHeader;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.junit.jupiter.api.Test;
import org.w3c.dom.Document;
@@ -75,7 +74,7 @@ public class BinarySecurityTokenTest {
X509Certificate[] certs = crypto.getX509Certificates(cryptoType);
bst.setX509Certificate(certs[0]);
-
WSSecurityUtil.prependChildElement(secHeader.getSecurityHeaderElement(),
bst.getElement());
+ XMLUtils.prependChildElement(secHeader.getSecurityHeaderElement(),
bst.getElement());
if (LOG.isDebugEnabled()) {
LOG.debug("BST output");
@@ -116,7 +115,7 @@ public class BinarySecurityTokenTest {
X509Certificate[] certs = crypto.getX509Certificates(cryptoType);
bst.setX509Certificates(certs, crypto);
-
WSSecurityUtil.prependChildElement(secHeader.getSecurityHeaderElement(),
bst.getElement());
+ XMLUtils.prependChildElement(secHeader.getSecurityHeaderElement(),
bst.getElement());
if (LOG.isDebugEnabled()) {
LOG.debug("PKIPath output");
@@ -150,7 +149,7 @@ public class BinarySecurityTokenTest {
BinarySecurity bst = new BinarySecurity(doc);
bst.setToken("12435677".getBytes());
-
WSSecurityUtil.prependChildElement(secHeader.getSecurityHeaderElement(),
bst.getElement());
+ XMLUtils.prependChildElement(secHeader.getSecurityHeaderElement(),
bst.getElement());
if (LOG.isDebugEnabled()) {
LOG.debug("Custom Token output");
@@ -175,7 +174,7 @@ public class BinarySecurityTokenTest {
bst.setValueType("http://custom_value_Type";);
secHeader = new WSSecHeader(doc);
secHeader.insertSecurityHeader();
-
WSSecurityUtil.prependChildElement(secHeader.getSecurityHeaderElement(),
bst.getElement());
+ XMLUtils.prependChildElement(secHeader.getSecurityHeaderElement(),
bst.getElement());
WSHandlerResult results =
secEngine.processSecurityHeader(doc, null, null, crypto);
diff --git
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/misc/PrincipalTest.java
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/misc/PrincipalTest.java
index e834e45bb..8b9ac2b9d 100644
--- a/ws-security-dom/src/test/java/org/apache/wss4j/dom/misc/PrincipalTest.java
+++ b/ws-security-dom/src/test/java/org/apache/wss4j/dom/misc/PrincipalTest.java
@@ -52,7 +52,6 @@ import org.apache.wss4j.dom.handler.WSHandlerResult;
import org.apache.wss4j.dom.message.WSSecHeader;
import org.apache.wss4j.dom.message.WSSecSAMLToken;
import org.apache.wss4j.dom.message.WSSecUsernameToken;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.apache.wss4j.dom.validate.Credential;
import org.apache.wss4j.dom.validate.Validator;
@@ -281,7 +280,7 @@ public class PrincipalTest {
X509Certificate[] certs = crypto.getX509Certificates(cryptoType);
bst.setX509Certificate(certs[0]);
-
WSSecurityUtil.prependChildElement(secHeader.getSecurityHeaderElement(),
bst.getElement());
+ XMLUtils.prependChildElement(secHeader.getSecurityHeaderElement(),
bst.getElement());
if (LOG.isDebugEnabled()) {
String outputString =
diff --git
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenDerivedTest.java
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenDerivedTest.java
index 4a44e9bc0..44dae2cbb 100644
---
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenDerivedTest.java
+++
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenDerivedTest.java
@@ -48,7 +48,6 @@ import org.apache.wss4j.dom.handler.RequestData;
import org.apache.wss4j.dom.handler.WSHandlerResult;
import org.apache.wss4j.dom.message.WSSecDKSign;
import org.apache.wss4j.dom.message.WSSecHeader;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.junit.jupiter.api.Test;
import org.w3c.dom.Document;
@@ -183,7 +182,7 @@ public class SamlTokenDerivedTest {
WSSecDKSign sigBuilder = new WSSecDKSign(secHeader);
sigBuilder.setStrElem(secToken.getElement());
sigBuilder.setSignatureAlgorithm(WSConstants.HMAC_SHA1);
- String soapNamespace =
WSSecurityUtil.getSOAPNamespace(doc.getDocumentElement());
+ String soapNamespace =
XMLUtils.getSOAPNamespace(doc.getDocumentElement());
WSEncryptionPart encP =
new WSEncryptionPart(
WSConstants.ELEM_BODY,
diff --git
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/validate/ValidatorTest.java
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/validate/ValidatorTest.java
index 662f3d552..51e31445e 100644
---
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/validate/ValidatorTest.java
+++
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/validate/ValidatorTest.java
@@ -50,7 +50,6 @@ import org.apache.wss4j.dom.message.WSSecHeader;
import org.apache.wss4j.dom.message.WSSecSignature;
import org.apache.wss4j.dom.message.WSSecTimestamp;
import org.apache.wss4j.dom.message.WSSecUsernameToken;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.junit.jupiter.api.Test;
import org.w3c.dom.Document;
@@ -199,7 +198,7 @@ public class ValidatorTest {
X509Certificate[] certs = crypto.getX509Certificates(cryptoType);
bst.setX509Certificate(certs[0]);
-
WSSecurityUtil.prependChildElement(secHeader.getSecurityHeaderElement(),
bst.getElement());
+ XMLUtils.prependChildElement(secHeader.getSecurityHeaderElement(),
bst.getElement());
if (LOG.isDebugEnabled()) {
LOG.debug("BST output");
