ESBCOMP-100 Protect security policies by hidding informations

2015-03-06 10:27:48 +01:00 · 2015-03-06 10:27:48 +01:00 · e7c774df18
parent d093011697
commit e7c774df18
1 changed files with 39 additions and 0 deletions
--- a/ojc-core/httpsoapbc/httpsoapbcimpl/src/com/sun/jbi/httpsoapbc/WsdlQueryHelper.java
+++ b/ojc-core/httpsoapbc/httpsoapbcimpl/src/com/sun/jbi/httpsoapbc/WsdlQueryHelper.java
@ -51,6 +51,12 @@ import com.ibm.wsdl.factory.WSDLFactoryImpl;
 import com.ibm.wsdl.util.xml.DOMUtils;
 import com.ibm.wsdl.util.xml.QNameUtils;
 import com.sun.jbi.internationalization.Messages;
+import javax.xml.xpath.XPath;
+import javax.xml.xpath.XPathConstants;
+import javax.xml.xpath.XPathFactory;
+import org.w3c.dom.NamedNodeMap;
+import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;

 /**
 * @author Sujit Biswas
@ -183,6 +189,9 @@ public class WsdlQueryHelper {
                
                // ESBCOMP-34 : Bad location URL in soap address
                updateSoapAddressDom(doc.getDocumentElement());
+                
+                // ESBCOMP-100 : key locations and passwords should be hidden in wsdl
+                updateSecurityPolicies(doc.getDocumentElement());
            } catch (Exception ex) {
                ex.printStackTrace();
                System.out.println("Exception : " + ex);
@ -486,6 +495,36 @@ public class WsdlQueryHelper {
        }
        return result;
    }
+    
+    private void updateSecurityPolicies(Element el) throws Exception {
+        XPath xPath = XPathFactory.newInstance().newXPath();
+        String policiesExpression = "/*[local-name()='definitions']/*[local-name()='Policy']/*[local-name()='ExactlyOne']/*[local-name()='All']/*";
+
+        NodeList policyChildNode = (NodeList) xPath.compile(policiesExpression).evaluate(el, XPathConstants.NODESET);
+        if (policyChildNode != null) {
+            for (int i = 0; i < policyChildNode.getLength(); i++) {
+                Node childrenNode = policyChildNode.item(i);
+
+                if (childrenNode.getNodeType() == Node.ELEMENT_NODE) {
+                    String nodeName = childrenNode.getLocalName();
+                    NamedNodeMap attrs = childrenNode.getAttributes();
+
+                    if ("KeyStore".equalsIgnoreCase(nodeName) || "TrustStore".equalsIgnoreCase(nodeName)) {
+                        protectAttribute(attrs, "keypass");
+                        protectAttribute(attrs, "location");
+                        protectAttribute(attrs, "storepass");
+                    }
+                }
+            }
+        }
+    }
+    
+    private void protectAttribute(NamedNodeMap attributes, String attributeName) {
+        Node attr = attributes.getNamedItem(attributeName);
+        if (attr != null) {
+            attr.setTextContent("******");
+        }
+    }

    private void updateImportDom(Element el) throws Exception {
        Element tempEl = DOMUtils.getFirstChildElement(el);