1 /*
2  * @(#) $Id: WSSecurityExtn.java,v 1.2 2003/07/08 08:13:52 pankaj Exp $
3  *
4  * Copyright (c) 2002-03 by Pankaj Kumar (http://www.pankaj-k.net). 
5  * All rights reserved.
6  *
7  * The license governing the use of this file can be found in the 
8  * root directory of the containing software.
9  */
10package org.jstk.wss4axis;
11
12import org.w3c.dom.Document;
13import com.verisign.domutil.DOMWriteCursor;
14import com.verisign.domutil.DOMCursor;
15import com.verisign.messaging.XmlMessageException;
16import com.verisign.util.Namespaces;
17
18public class WSSecurityExtn {
19    private static final String WSSE_URI =
20    "http://schemas.xmlsoap.org/ws/2002/07/secext";
21    private static final String WSSE_PREFIX = "wsse";
22    private static final String WSU_URI =
23    "http://schemas.xmlsoap.org/ws/2002/07/utility";
24    private static final String WSU_PREFIX = "wsu";
25    private static final String SOAP_URI = Namespaces.SOAPENV.getUri();
26    private static final String SOAP_PREFIX = Namespaces.SOAPENV.getPrefix();
27    private static final String XMLSIG_URI = Namespaces.XMLSIG.getUri();
28    private static final String XMLSIG_PREFIX = Namespaces.XMLSIG.getPrefix();
29    private static final String XMLENC_URI = Namespaces.XMLENC.getUri();
30    private static final String XMLENC_PREFIX = Namespaces.XMLENC.getPrefix();
31    private static final String SOAP_ENVELOPE = "Envelope";
32    private static final String SOAP_HEADER = "Header";
33    private static final String SOAP_BODY = "Body";
34    private static final String SOAP_FAULT = "Fault";
35    private static final boolean USE_WSU_FOR_SECURITY_TOKEN_ID = false;
36
37    public static void removeWSSEncryptedKey(Document message) throws XmlMessageException {
38        DOMWriteCursor c = new DOMWriteCursor(message);
39        checkEnvelope(c);
40
41        // Remove EncryptedKey elem. from WS-Security Header Element
42        if (c.moveToChild(SOAP_URI, SOAP_HEADER)) {
43            if (c.moveToChild(WSSE_URI, "Security")) {
44                if (c.moveToChild(XMLENC_URI, "EncryptedKey")) {
45                    c.remove();
46                }
47            }
48        }
49    }
50
51    public static void removeWSSInfo(Document message) throws XmlMessageException {
52        DOMWriteCursor c = new DOMWriteCursor(message);
53        checkEnvelope(c);
54
55        // Remove WS-Security Header Element
56        if (c.moveToChild(SOAP_URI, SOAP_HEADER)) {
57            if (c.moveToChild(WSSE_URI, "Security")) {
58                c.remove();
59            }
60        }
61
62        // Remove Timestamp Header Element
63        c.moveToTop();
64        if (c.moveToChild(SOAP_URI, SOAP_HEADER)) {
65            if (c.moveToChild(WSU_URI, "Timestamp")) {
66                c.remove();
67            }
68        }
69
70        // Remove wsu:Id attribute from Body Element
71        c.moveToTop();
72        if (c.moveToChild(SOAP_URI, SOAP_BODY)) {
73            c.setAttribute(WSU_URI, WSU_PREFIX, "Id", null);
74        }
75    }
76
77    private static void checkEnvelope(DOMCursor c) throws XmlMessageException {
78        c.moveToTop();
79        if (!c.atElement(SOAP_URI, SOAP_ENVELOPE)) {
80            throw new XmlMessageException("Missing SOAP envelope");
81        }
82    }
83}