1 /*
2  * @(#) $Id: WSSecurityExtn.java,v 1.2 2003/07/08 08:13:52 pankaj Exp $
3  *
4  * Copyright (c) 2002-03 by Pankaj Kumar (http://www.pankaj-k.net). 
5  * All rights reserved.
6  *
7  * The license governing the use of this file can be found in the 
8  * root directory of the containing software.
9  */
10
11import org.w3c.dom.Document;
12import com.verisign.domutil.DOMWriteCursor;
13import com.verisign.domutil.DOMCursor;
14import com.verisign.messaging.XmlMessageException;
15import com.verisign.util.Namespaces;
16
17public class WSSecurityExtn {
18    private static final String WSSE_URI =
19        "http://schemas.xmlsoap.org/ws/2002/07/secext";
20    private static final String WSSE_PREFIX = "wsse";
21    private static final String WSU_URI =
22        "http://schemas.xmlsoap.org/ws/2002/07/utility";
23    private static final String WSU_PREFIX = "wsu";
24    private static final String SOAP_URI = Namespaces.SOAPENV.getUri();
25    private static final String SOAP_PREFIX = Namespaces.SOAPENV.getPrefix();
26    private static final String XMLSIG_URI = Namespaces.XMLSIG.getUri();
27    private static final String XMLSIG_PREFIX = Namespaces.XMLSIG.getPrefix();
28    private static final String XMLENC_URI = Namespaces.XMLENC.getUri();
29    private static final String XMLENC_PREFIX = Namespaces.XMLENC.getPrefix();
30    private static final String SOAP_ENVELOPE = "Envelope";
31    private static final String SOAP_HEADER = "Header";
32    private static final String SOAP_BODY = "Body";
33    private static final String SOAP_FAULT = "Fault";
34    private static final boolean USE_WSU_FOR_SECURITY_TOKEN_ID = false;
35
36    public static void removeWSSEncryptedKey(Document message) throws XmlMessageException {
37        DOMWriteCursor c = new DOMWriteCursor(message);
38        checkEnvelope(c);
39
40        // Remove EncryptedKey elem. from WS-Security Header Element
41        if (c.moveToChild(SOAP_URI, SOAP_HEADER)) {
42            if (c.moveToChild(WSSE_URI, "Security")) {
43                if (c.moveToChild(XMLENC_URI, "EncryptedKey")) {
44                    c.remove();
45                }
46            }
47        }
48    }
49
50    public static void removeWSSInfo(Document message) throws XmlMessageException {
51        DOMWriteCursor c = new DOMWriteCursor(message);
52        checkEnvelope(c);
53
54        // Remove WS-Security Header Element
55        if (c.moveToChild(SOAP_URI, SOAP_HEADER)) {
56            if (c.moveToChild(WSSE_URI, "Security")) {
57                c.remove();
58            }
59        }
60
61        // Remove Timestamp Header Element
62        c.moveToTop();
63        if (c.moveToChild(SOAP_URI, SOAP_HEADER)) {
64            if (c.moveToChild(WSU_URI, "Timestamp")) {
65                c.remove();
66            }
67        }
68
69        // Remove wsu:Id attribute from Body Element
70        c.moveToTop();
71        if (c.moveToChild(SOAP_URI, SOAP_BODY)) {
72            c.setAttribute(WSU_URI, WSU_PREFIX, "Id", null);
73        }
74    }
75
76    private static void checkEnvelope(DOMCursor c) throws XmlMessageException {
77        c.moveToTop();
78        if (!c.atElement(SOAP_URI, SOAP_ENVELOPE)) {
79            throw new XmlMessageException("Missing SOAP envelope");
80        }
81    }
82}