KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > netbeans > modules > websvc > wsitconf > wsdlmodelext > ProfilesModelHelper


1 /*
2  * The contents of this file are subject to the terms of the Common Development
3  * and Distribution License (the License). You may not use this file except in
4  * compliance with the License.
5  *
6  * You can obtain a copy of the License at http://www.netbeans.org/cddl.html
7  * or http://www.netbeans.org/cddl.txt.
8  *
9  * When distributing Covered Code, include this CDDL Header Notice in each file
10  * and include the License file at http://www.netbeans.org/cddl.txt.
11  * If applicable, add the following below the CDDL Header, with the fields
12  * enclosed by brackets [] replaced by your own identifying information:
13  * "Portions Copyrighted [year] [name of copyright owner]"
14  *
15  * The Original Software is NetBeans. The Initial Developer of the Original
16  * Software is Sun Microsystems, Inc. Portions Copyright 2006 Sun
17  * Microsystems, Inc. All Rights Reserved.
18  */

19
20 package org.netbeans.modules.websvc.wsitconf.wsdlmodelext;
21
22 import java.util.Collection JavaDoc;
23 import java.util.Set JavaDoc;
24 import org.netbeans.modules.websvc.wsitconf.spi.SecurityProfile;
25 import org.netbeans.modules.websvc.wsitconf.spi.SecurityProfileRegistry;
26 import org.netbeans.modules.websvc.wsitmodelext.policy.PolicyQName;
27 import org.netbeans.modules.websvc.wsitmodelext.security.BootstrapPolicy;
28 import org.netbeans.modules.websvc.wsitmodelext.security.SecurityPolicyQName;
29 import org.netbeans.modules.websvc.wsitmodelext.security.TrustElement;
30 import org.netbeans.modules.websvc.wsitconf.ui.ComboConstants;
31 import org.netbeans.modules.websvc.wsitconf.ui.security.listmodels.*;
32 import org.netbeans.modules.websvc.wsitmodelext.policy.All;
33 import org.netbeans.modules.websvc.wsitmodelext.policy.Policy;
34 import org.netbeans.modules.websvc.wsitmodelext.security.AsymmetricBinding;
35 import org.netbeans.modules.websvc.wsitmodelext.security.SymmetricBinding;
36 import org.netbeans.modules.websvc.wsitmodelext.security.TransportBinding;
37 import org.netbeans.modules.websvc.wsitmodelext.security.WssElement;
38 import org.netbeans.modules.websvc.wsitmodelext.security.tokens.InitiatorToken;
39 import org.netbeans.modules.websvc.wsitmodelext.security.tokens.ProtectionToken;
40 import org.netbeans.modules.websvc.wsitmodelext.security.tokens.RecipientToken;
41 import org.netbeans.modules.websvc.wsitmodelext.security.tokens.SecureConversationToken;
42 import org.netbeans.modules.xml.wsdl.model.*;
43 import java.util.Vector JavaDoc;
44
45 /**
46  *
47  * @author Martin Grebac
48  */

49 public class ProfilesModelHelper {
50
51     private static Vector JavaDoc<Vector JavaDoc> DEFAULT_TARGETS = new Vector JavaDoc();
52     
53     static {
54         Vector JavaDoc row = new Vector JavaDoc();
55         row.add(new MessageBody());
56         row.add(Boolean.TRUE); row.add(Boolean.TRUE); row.add(Boolean.FALSE);
57         DEFAULT_TARGETS.add(row);
58         
59         row = new Vector JavaDoc();
60         row.add(new MessageHeader(MessageHeader.ADDRESSING_TO));
61         row.add(Boolean.TRUE); row.add(Boolean.FALSE); row.add(Boolean.FALSE);
62         DEFAULT_TARGETS.add(row);
63         
64         row = new Vector JavaDoc();
65         row.add(new MessageHeader(MessageHeader.ADDRESSING_FROM));
66         row.add(Boolean.TRUE); row.add(Boolean.FALSE); row.add(Boolean.FALSE);
67         DEFAULT_TARGETS.add(row);
68         
69         row = new Vector JavaDoc();
70         row.add(new MessageHeader(MessageHeader.ADDRESSING_FAULTTO));
71         row.add(Boolean.TRUE); row.add(Boolean.FALSE); row.add(Boolean.FALSE);
72         DEFAULT_TARGETS.add(row);
73
74         row = new Vector JavaDoc();
75         row.add(new MessageHeader(MessageHeader.ADDRESSING_REPLYTO));
76         row.add(Boolean.TRUE); row.add(Boolean.FALSE); row.add(Boolean.FALSE);
77         DEFAULT_TARGETS.add(row);
78
79         row = new Vector JavaDoc();
80         row.add(new MessageHeader(MessageHeader.ADDRESSING_MESSAGEID));
81         row.add(Boolean.TRUE); row.add(Boolean.FALSE); row.add(Boolean.FALSE);
82         DEFAULT_TARGETS.add(row);
83
84         row = new Vector JavaDoc();
85         row.add(new MessageHeader(MessageHeader.ADDRESSING_RELATESTO));
86         row.add(Boolean.TRUE); row.add(Boolean.FALSE); row.add(Boolean.FALSE);
87         DEFAULT_TARGETS.add(row);
88
89         row = new Vector JavaDoc();
90         row.add(new MessageHeader(MessageHeader.ADDRESSING_ACTION));
91         row.add(Boolean.TRUE); row.add(Boolean.FALSE); row.add(Boolean.FALSE);
92         DEFAULT_TARGETS.add(row);
93     }
94     
95     /**
96      * Creates a new instance of ProfilesModelHelper
97      */

98     public ProfilesModelHelper() { }
99     
100     /**
101      * Returns security profile for Binding or BindingOperation
102      */

103     public static String JavaDoc getSecurityProfile(WSDLComponent c) {
104         assert ((c instanceof BindingOperation) || (c instanceof Binding));
105
106         Set JavaDoc<SecurityProfile> profiles = SecurityProfileRegistry.getDefault().getSecurityProfiles();
107         for (SecurityProfile profile : profiles) {
108             if (profile.isCurrentProfile(c)) {
109                 return profile.getDisplayName();
110             }
111         }
112         
113         return ComboConstants.PROF_GENERIC;
114     }
115
116     /**
117      * Checks whether Secure Conversation is enabled
118      */

119     public static boolean isSCEnabled(WSDLComponent c) {
120         assert ((c instanceof BindingOperation) || (c instanceof Binding));
121         Policy p = PolicyModelHelper.getPolicyForElement(c);
122         SymmetricBinding sb = (SymmetricBinding)PolicyModelHelper.getTopLevelElement(p, SymmetricBinding.class);
123         if (sb == null) return false;
124         WSDLComponent protTokenKind = SecurityTokensModelHelper.getTokenElement(sb, ProtectionToken.class);
125         if (protTokenKind == null) return false;
126         WSDLComponent protToken = SecurityTokensModelHelper.getTokenTypeElement(protTokenKind);
127         if (protToken == null) return false;
128         boolean secConv = (protToken instanceof SecureConversationToken);
129         return secConv;
130     }
131
132     public static String JavaDoc getWSITSecurityProfile(WSDLComponent c) {
133         if ((c instanceof Binding) || (c instanceof BindingOperation)) {
134             Policy p = PolicyModelHelper.getPolicyForElement(c);
135
136             SymmetricBinding sb = (SymmetricBinding)PolicyModelHelper.getTopLevelElement(p, SymmetricBinding.class);
137             WSDLComponent protTokenKind = SecurityTokensModelHelper.getTokenElement(sb, ProtectionToken.class);
138             WSDLComponent protToken = SecurityTokensModelHelper.getTokenTypeElement(protTokenKind);
139             WSDLComponent secConvSecBinding = null;
140             boolean secConv = (protToken instanceof SecureConversationToken);
141
142             WSDLComponent bootPolicy = null;
143             
144             if (secConv) {
145                 bootPolicy = SecurityTokensModelHelper.getTokenElement(protToken, BootstrapPolicy.class);
146                 secConvSecBinding = SecurityPolicyModelHelper.getSecurityBindingTypeElement(bootPolicy);
147             }
148             
149             TransportBinding tb = null;
150             if (secConv && (secConvSecBinding instanceof TransportBinding)) {
151                 tb = (TransportBinding) secConvSecBinding;
152             } else {
153                 tb = (TransportBinding)PolicyModelHelper.getTopLevelElement(p, TransportBinding.class);
154             }
155             if (tb != null) { // profiles 1,2,3
156
// depends on message level policy
157
if (c instanceof BindingOperation) {
158                     BindingInput input = ((BindingOperation)c).getBindingInput();
159                     WSDLComponent tokenKind = SecurityTokensModelHelper.getSupportingToken(input, SecurityTokensModelHelper.SIGNED_SUPPORTING);
160                     String JavaDoc tokenType = SecurityTokensModelHelper.getTokenType(tokenKind);
161                     if (ComboConstants.SAML.equals(tokenType)) { // profile3
162
return ComboConstants.PROF_SAMLSSL;
163                     } else if ((ComboConstants.USERNAME.equals(tokenType)) || (ComboConstants.X509.equals(tokenType))) { // profile2
164
return ComboConstants.PROF_MSGAUTHSSL;
165                     }
166                     return ComboConstants.PROF_TRANSPORT;
167                 } else {
168                     WSDLComponent tokenKind = null;
169                     if (secConv) {
170                         Policy pp = PolicyModelHelper.getTopLevelElement(bootPolicy, Policy.class);
171                         tokenKind = SecurityTokensModelHelper.getSupportingToken(pp, SecurityTokensModelHelper.SIGNED_SUPPORTING);
172                     } else {
173                         tokenKind = SecurityTokensModelHelper.getSupportingToken(c, SecurityTokensModelHelper.SIGNED_SUPPORTING);
174                     }
175                     String JavaDoc tokenType = SecurityTokensModelHelper.getTokenType(tokenKind);
176                     if (ComboConstants.SAML.equals(tokenType)) { // profile3
177
return ComboConstants.PROF_SAMLSSL;
178                     } else if ((ComboConstants.USERNAME.equals(tokenType)) || (ComboConstants.X509.equals(tokenType))) { // profile2
179
return ComboConstants.PROF_MSGAUTHSSL;
180                     }
181                     return ComboConstants.PROF_TRANSPORT;
182                 }
183             }
184
185             if (secConv && (secConvSecBinding instanceof SymmetricBinding)) {
186                 sb = (SymmetricBinding) secConvSecBinding;
187             } else {
188                 sb = (SymmetricBinding)PolicyModelHelper.getTopLevelElement(p, SymmetricBinding.class);
189             }
190             if (sb != null) { // profiles 4,6,9,10,12
191
protToken = (ProtectionToken) SecurityTokensModelHelper.getTokenElement(sb, ProtectionToken.class);
192                 if (protToken != null) {
193                     String JavaDoc tokenType = SecurityTokensModelHelper.getTokenType(protToken);
194                     if (ComboConstants.ISSUED.equals(tokenType)) { // profile 10
195
return ComboConstants.PROF_STSISSUED;
196                     }
197                     if (ComboConstants.KERBEROS.equals(tokenType)) { // profile 9
198
return ComboConstants.PROF_KERBEROS;
199                     }
200                     if (ComboConstants.X509.equals(tokenType)) { // profile 12, 6, 4
201
WSDLComponent tokenKind = null;
202                         if (secConv) {
203                             Policy pp = PolicyModelHelper.getTopLevelElement(bootPolicy, Policy.class);
204                             tokenKind = SecurityTokensModelHelper.getSupportingToken(pp, SecurityTokensModelHelper.ENDORSING);
205                         } else {
206                             tokenKind = SecurityTokensModelHelper.getSupportingToken(c, SecurityTokensModelHelper.ENDORSING);
207                         }
208                         
209                         tokenType = SecurityTokensModelHelper.getTokenType(tokenKind);
210                         if (ComboConstants.ISSUED.equals(tokenType)) { // profile 12
211
return ComboConstants.PROF_STSISSUEDENDORSE;
212                         }
213                         if (ComboConstants.X509.equals(tokenType)) { // profile 6
214
return ComboConstants.PROF_ENDORSCERT;
215                         }
216                         if (tokenType == null) { // profile 4
217
return ComboConstants.PROF_USERNAME;
218                         }
219                     }
220                 }
221             }
222
223             AsymmetricBinding ab = null;
224             if (secConv && (secConvSecBinding instanceof AsymmetricBinding)) {
225                 ab = (AsymmetricBinding) secConvSecBinding;
226             } else {
227                 ab = (AsymmetricBinding)PolicyModelHelper.getTopLevelElement(p, AsymmetricBinding.class);
228             }
229             if (ab != null) { // profiles 5,7,8,11
230
InitiatorToken initToken = (InitiatorToken) SecurityTokensModelHelper.getTokenElement(ab, InitiatorToken.class);
231                 RecipientToken recipToken = (RecipientToken) SecurityTokensModelHelper.getTokenElement(ab, RecipientToken.class);
232                 if ((initToken != null) && (recipToken!= null)) {
233                     String JavaDoc initTokenType = SecurityTokensModelHelper.getTokenType(initToken);
234                     String JavaDoc recipTokenType = SecurityTokensModelHelper.getTokenType(recipToken);
235                     if ((ComboConstants.X509.equals(initTokenType)) && (ComboConstants.X509.equals(recipTokenType))) { // profile 5, 7
236
if (c instanceof BindingOperation) {
237                             BindingInput input = ((BindingOperation)c).getBindingInput();
238                             WSDLComponent tokenKind = SecurityTokensModelHelper.getSupportingToken(input, SecurityTokensModelHelper.SIGNED_SUPPORTING);
239                             String JavaDoc tokenType = SecurityTokensModelHelper.getTokenType(tokenKind);
240                             if (ComboConstants.SAML.equals(tokenType)) { // profile7
241
return ComboConstants.PROF_SAMLSENDER;
242                             } else if (tokenType == null) { // profile5
243
return ComboConstants.PROF_MUTUALCERT;
244                             }
245                         } else {
246                             WSDLComponent tokenKind = null;
247                             if (secConv) {
248                                 Policy pp = PolicyModelHelper.getTopLevelElement(bootPolicy, Policy.class);
249                                 tokenKind = SecurityTokensModelHelper.getSupportingToken(pp, SecurityTokensModelHelper.SIGNED_SUPPORTING);
250                             } else {
251                                 tokenKind = SecurityTokensModelHelper.getSupportingToken(c, SecurityTokensModelHelper.SIGNED_SUPPORTING);
252                             }
253                             String JavaDoc tokenType = SecurityTokensModelHelper.getTokenType(tokenKind);
254                             if (ComboConstants.SAML.equals(tokenType)) { // profile7
255
return ComboConstants.PROF_SAMLSENDER;
256                             } else if (tokenType == null) { // profile5
257
return ComboConstants.PROF_MUTUALCERT;
258                             }
259                         }
260                     }
261                     if ((ComboConstants.SAML.equals(initTokenType)) && (ComboConstants.X509.equals(recipTokenType))) { // profile 8,
262
return ComboConstants.PROF_SAMLHOLDER;
263                     }
264                     if ((ComboConstants.ISSUED.equals(initTokenType)) && (ComboConstants.X509.equals(recipTokenType))) { // profile 11
265
return ComboConstants.PROF_STSISSUEDCERT;
266                     }
267                 }
268             }
269         }
270         
271         return ComboConstants.PROF_GENERIC;
272     }
273
274     /** Sets security profile on Binding or BindingOperation
275      */

276     public static void setSecurityProfile(WSDLComponent c, String JavaDoc profile, String JavaDoc oldProfile) {
277         assert (c != null);
278         assert (profile != null);
279         assert ((c instanceof BindingOperation) || (c instanceof Binding));
280
281         SecurityProfile newP = SecurityProfileRegistry.getDefault().getProfile(profile);
282         SecurityProfile oldP = SecurityProfileRegistry.getDefault().getProfile(oldProfile);
283         
284         if (oldP != null) {
285             oldP.profileDeselected(c);
286         }
287         newP.profileSelected(c);
288         
289         return;
290     }
291         
292     /** Sets security profile on Binding or BindingOperation
293      */

294     public static void setSecurityProfile(WSDLComponent c, String JavaDoc profile) {
295         WSDLModel model = c.getModel();
296         
297         boolean isTransaction = model.isIntransaction();
298         if (!isTransaction) {
299             model.startTransaction();
300         }
301
302         All a = PolicyModelHelper.createPolicy(c);
303         try {
304             // Profile #1
305
if (ComboConstants.PROF_TRANSPORT.equals(profile)) {
306                 WSDLComponent bt = SecurityPolicyModelHelper.setSecurityBindingType(c, ComboConstants.TRANSPORT);
307                 SecurityTokensModelHelper.setTokenType(bt, ComboConstants.TRANSPORT, ComboConstants.HTTPS);
308                 SecurityPolicyModelHelper.setLayout(bt, ComboConstants.LAX);
309                 SecurityPolicyModelHelper.enableIncludeTimestamp(bt, true);
310                 AlgoSuiteModelHelper.setAlgorithmSuite(bt, ComboConstants.BASIC128);
311                 WssElement wss = SecurityPolicyModelHelper.enableWss(c, false);
312                 SecurityPolicyModelHelper.disableTrust10(c);
313                 SecurityTokensModelHelper.removeSupportingTokens(c);
314                 setMessageLevelSecurityProfilePolicies(c, profile);
315                 return;
316             }
317             // Profile #2
318
if (ComboConstants.PROF_MSGAUTHSSL.equals(profile)) {
319                 WSDLComponent bt = SecurityPolicyModelHelper.setSecurityBindingType(c, ComboConstants.TRANSPORT);
320                 SecurityTokensModelHelper.setTokenType(bt, ComboConstants.TRANSPORT, ComboConstants.HTTPS);
321                 SecurityPolicyModelHelper.setLayout(bt, ComboConstants.LAX);
322                 SecurityPolicyModelHelper.enableIncludeTimestamp(bt, true);
323                 AlgoSuiteModelHelper.setAlgorithmSuite(bt, ComboConstants.BASIC128);
324                 WssElement wss = SecurityPolicyModelHelper.enableWss(c, false);
325                 SecurityPolicyModelHelper.disableTrust10(c);
326                 SecurityPolicyModelHelper.enableMustSupportRefKeyIdentifier(wss, true);
327                 SecurityTokensModelHelper.removeSupportingTokens(c);
328                 SecurityTokensModelHelper.setSupportingTokens(c, ComboConstants.USERNAME, SecurityTokensModelHelper.SIGNED_SUPPORTING);
329                 setMessageLevelSecurityProfilePolicies(c, profile);
330                 return;
331             }
332             // Profile #3
333
if (ComboConstants.PROF_SAMLSSL.equals(profile)) {
334                 WSDLComponent bt = SecurityPolicyModelHelper.setSecurityBindingType(c, ComboConstants.TRANSPORT);
335                 SecurityTokensModelHelper.setTokenType(bt, ComboConstants.TRANSPORT, ComboConstants.HTTPS);
336                 SecurityPolicyModelHelper.setLayout(bt, ComboConstants.LAX);
337                 SecurityPolicyModelHelper.enableIncludeTimestamp(bt, true);
338                 AlgoSuiteModelHelper.setAlgorithmSuite(bt, ComboConstants.BASIC128);
339                 WssElement wss = SecurityPolicyModelHelper.enableWss(c, false);
340                 SecurityPolicyModelHelper.disableTrust10(c);
341                 SecurityPolicyModelHelper.enableMustSupportRefKeyIdentifier(wss, true);
342                 SecurityTokensModelHelper.removeSupportingTokens(c);
343                 SecurityTokensModelHelper.setSupportingTokens(c, ComboConstants.SAML, SecurityTokensModelHelper.SIGNED_SUPPORTING);
344                 setMessageLevelSecurityProfilePolicies(c, profile);
345                 return;
346             }
347             // Profile #4
348
if (ComboConstants.PROF_USERNAME.equals(profile)) {
349                 WSDLComponent bt = SecurityPolicyModelHelper.setSecurityBindingType(c, ComboConstants.SYMMETRIC);
350                 WSDLComponent tokenType = SecurityTokensModelHelper.setTokenType(bt, ComboConstants.PROTECTION, ComboConstants.X509);
351 // SecurityPolicyModelHelper.enableRequireThumbprintReference(tokenType, true);
352
SecurityTokensModelHelper.setTokenInclusionLevel(tokenType, ComboConstants.NEVER);
353                 SecurityPolicyModelHelper.setLayout(bt, ComboConstants.STRICT);
354                 SecurityPolicyModelHelper.enableIncludeTimestamp(bt, true);
355                 SecurityPolicyModelHelper.enableSignEntireHeadersAndBody(bt, true);
356                 AlgoSuiteModelHelper.setAlgorithmSuite(bt, ComboConstants.BASIC128);
357                 WssElement wss = SecurityPolicyModelHelper.enableWss(c, true);
358                 SecurityPolicyModelHelper.disableTrust10(c);
359                 SecurityPolicyModelHelper.enableMustSupportRefKeyIdentifier(wss, true);
360                 SecurityPolicyModelHelper.enableMustSupportRefIssuerSerial(wss, true);
361                 SecurityPolicyModelHelper.enableMustSupportRefThumbprint(wss, true);
362                 SecurityPolicyModelHelper.enableMustSupportRefEncryptedKey(wss, true);
363                 SecurityTokensModelHelper.removeSupportingTokens(c);
364                 SecurityTokensModelHelper.setSupportingTokens(c, ComboConstants.USERNAME, SecurityTokensModelHelper.SIGNED_SUPPORTING);
365                 setMessageLevelSecurityProfilePolicies(c, profile);
366                 return;
367             }
368             // Profile #5
369
if (ComboConstants.PROF_MUTUALCERT.equals(profile)) {
370                 WSDLComponent bt = SecurityPolicyModelHelper.setSecurityBindingType(c, ComboConstants.ASYMMETRIC);
371                 WSDLComponent tokenType = SecurityTokensModelHelper.setTokenType(bt, ComboConstants.INITIATOR, ComboConstants.X509);
372                 SecurityTokensModelHelper.setTokenInclusionLevel(tokenType, ComboConstants.ALWAYSRECIPIENT);
373                 tokenType = SecurityTokensModelHelper.setTokenType(bt, ComboConstants.RECIPIENT, ComboConstants.X509);
374                 SecurityTokensModelHelper.setTokenInclusionLevel(tokenType, ComboConstants.NEVER);
375                 SecurityPolicyModelHelper.setLayout(bt, ComboConstants.STRICT);
376                 SecurityPolicyModelHelper.enableIncludeTimestamp(bt, true);
377                 SecurityPolicyModelHelper.enableSignEntireHeadersAndBody(bt, true);
378                 AlgoSuiteModelHelper.setAlgorithmSuite(bt, ComboConstants.BASIC128);
379                 WssElement wss = SecurityPolicyModelHelper.enableWss(c, false);
380                 SecurityPolicyModelHelper.disableTrust10(c);
381                 SecurityPolicyModelHelper.enableMustSupportRefKeyIdentifier(wss, true);
382                 SecurityPolicyModelHelper.enableMustSupportRefIssuerSerial(wss, true);
383                 SecurityTokensModelHelper.removeSupportingTokens(c);
384                 setMessageLevelSecurityProfilePolicies(c, profile);
385                 return;
386             }
387             // Profile #6
388
if (ComboConstants.PROF_ENDORSCERT.equals(profile)) {
389                 WSDLComponent bt = SecurityPolicyModelHelper.setSecurityBindingType(c, ComboConstants.SYMMETRIC);
390                 WSDLComponent tokenType = SecurityTokensModelHelper.setTokenType(bt, ComboConstants.PROTECTION, ComboConstants.X509);
391                 SecurityTokensModelHelper.setTokenInclusionLevel(tokenType, ComboConstants.NEVER);
392 // SecurityPolicyModelHelper.enableRequireThumbprintReference(tokenType, true);
393
SecurityPolicyModelHelper.setLayout(bt, ComboConstants.LAX);
394                 SecurityPolicyModelHelper.enableIncludeTimestamp(bt, true);
395                 SecurityPolicyModelHelper.enableSignEntireHeadersAndBody(bt, true);
396                 AlgoSuiteModelHelper.setAlgorithmSuite(bt, ComboConstants.BASIC128);
397                 //wss
398
WssElement wss = SecurityPolicyModelHelper.enableWss(c, true);
399                 SecurityPolicyModelHelper.disableTrust10(c);
400                 SecurityPolicyModelHelper.enableMustSupportRefKeyIdentifier(wss, true);
401                 SecurityPolicyModelHelper.enableMustSupportRefIssuerSerial(wss, true);
402                 SecurityPolicyModelHelper.enableMustSupportRefThumbprint(wss, true);
403                 SecurityPolicyModelHelper.enableMustSupportRefEncryptedKey(wss, true);
404                 //endorsing supporting token
405
SecurityTokensModelHelper.removeSupportingTokens(c);
406                 tokenType = SecurityTokensModelHelper.setSupportingTokens(c, ComboConstants.X509, SecurityTokensModelHelper.ENDORSING);
407                 setMessageLevelSecurityProfilePolicies(c, profile);
408                 return;
409             }
410             // Profile #7
411
if (ComboConstants.PROF_SAMLSENDER.equals(profile)) {
412                 WSDLComponent bt = SecurityPolicyModelHelper.setSecurityBindingType(c, ComboConstants.ASYMMETRIC);
413                 WSDLComponent tokenType = SecurityTokensModelHelper.setTokenType(bt, ComboConstants.INITIATOR, ComboConstants.X509);
414                 SecurityTokensModelHelper.setTokenInclusionLevel(tokenType, ComboConstants.ALWAYSRECIPIENT);
415                 tokenType = SecurityTokensModelHelper.setTokenType(bt, ComboConstants.RECIPIENT, ComboConstants.X509);
416                 SecurityTokensModelHelper.setTokenInclusionLevel(tokenType, ComboConstants.NEVER);
417                 SecurityPolicyModelHelper.setLayout(bt, ComboConstants.STRICT);
418                 SecurityPolicyModelHelper.enableIncludeTimestamp(bt, true);
419                 SecurityPolicyModelHelper.enableSignEntireHeadersAndBody(bt, true);
420                 AlgoSuiteModelHelper.setAlgorithmSuite(bt, ComboConstants.BASIC128);
421                 //wss
422
WssElement wss = SecurityPolicyModelHelper.enableWss(c, false);
423                 SecurityPolicyModelHelper.disableTrust10(c);
424                 SecurityPolicyModelHelper.enableMustSupportRefKeyIdentifier(wss, true);
425                 SecurityPolicyModelHelper.enableMustSupportRefIssuerSerial(wss, true);
426                 SecurityTokensModelHelper.removeSupportingTokens(c);
427                 SecurityTokensModelHelper.setSupportingTokens(c, ComboConstants.SAML, SecurityTokensModelHelper.SIGNED_SUPPORTING);
428                 setMessageLevelSecurityProfilePolicies(c, profile);
429                 return;
430             }
431             // Profile #8
432
if (ComboConstants.PROF_SAMLHOLDER.equals(profile)) {
433                 WSDLComponent bt = SecurityPolicyModelHelper.setSecurityBindingType(c, ComboConstants.ASYMMETRIC);
434                 WSDLComponent tokenType = SecurityTokensModelHelper.setTokenType(bt, ComboConstants.INITIATOR, ComboConstants.SAML);
435                 SecurityTokensModelHelper.setTokenInclusionLevel(tokenType, ComboConstants.ALWAYSRECIPIENT);
436                 tokenType = SecurityTokensModelHelper.setTokenType(bt, ComboConstants.RECIPIENT, ComboConstants.X509);
437                 SecurityTokensModelHelper.setTokenInclusionLevel(tokenType, ComboConstants.NEVER);
438                 SecurityPolicyModelHelper.setLayout(bt, ComboConstants.STRICT);
439                 SecurityPolicyModelHelper.enableIncludeTimestamp(bt, true);
440                 SecurityPolicyModelHelper.enableSignEntireHeadersAndBody(bt, true);
441                 AlgoSuiteModelHelper.setAlgorithmSuite(bt, ComboConstants.BASIC128);
442                 //wss
443
WssElement wss = SecurityPolicyModelHelper.enableWss(c, false);
444                 SecurityPolicyModelHelper.disableTrust10(c);
445                 SecurityPolicyModelHelper.enableMustSupportRefKeyIdentifier(wss, true);
446                 SecurityPolicyModelHelper.enableMustSupportRefIssuerSerial(wss, true);
447                 SecurityTokensModelHelper.removeSupportingTokens(c);
448                 setMessageLevelSecurityProfilePolicies(c, profile);
449                 return;
450             }
451             // Profile #9
452
if (ComboConstants.PROF_KERBEROS.equals(profile)) {
453                 WSDLComponent bt = SecurityPolicyModelHelper.setSecurityBindingType(c, ComboConstants.SYMMETRIC);
454                 WSDLComponent tokenType = SecurityTokensModelHelper.setTokenType(bt, ComboConstants.PROTECTION, ComboConstants.KERBEROS);
455                 SecurityTokensModelHelper.setTokenInclusionLevel(tokenType, ComboConstants.ONCE);
456                 SecurityPolicyModelHelper.setLayout(bt, ComboConstants.LAX);
457                 SecurityPolicyModelHelper.enableIncludeTimestamp(bt, true);
458                 SecurityPolicyModelHelper.enableSignEntireHeadersAndBody(bt, true);
459                 AlgoSuiteModelHelper.setAlgorithmSuite(bt, ComboConstants.BASIC128);
460                 //wss
461
WssElement wss = SecurityPolicyModelHelper.enableWss(c, true);
462                 SecurityPolicyModelHelper.disableTrust10(c);
463                 SecurityPolicyModelHelper.enableMustSupportRefKeyIdentifier(wss, true);
464                 SecurityPolicyModelHelper.enableMustSupportRefIssuerSerial(wss, true);
465                 SecurityPolicyModelHelper.enableMustSupportRefThumbprint(wss, true);
466                 SecurityPolicyModelHelper.enableMustSupportRefEncryptedKey(wss, true);
467                 SecurityTokensModelHelper.removeSupportingTokens(c);
468                 setMessageLevelSecurityProfilePolicies(c, profile);
469                 return;
470             }
471             // Profile #10
472
if (ComboConstants.PROF_STSISSUED.equals(profile)) {
473                 WSDLComponent bt = SecurityPolicyModelHelper.setSecurityBindingType(c, ComboConstants.SYMMETRIC);
474                 WSDLComponent tokenType = SecurityTokensModelHelper.setTokenType(bt, ComboConstants.PROTECTION, ComboConstants.ISSUED);
475                 SecurityTokensModelHelper.setTokenInclusionLevel(tokenType, ComboConstants.ALWAYSRECIPIENT);
476                 SecurityPolicyModelHelper.setLayout(bt, ComboConstants.LAX);
477                 SecurityPolicyModelHelper.enableIncludeTimestamp(bt, true);
478                 SecurityPolicyModelHelper.enableSignEntireHeadersAndBody(bt, true);
479                 AlgoSuiteModelHelper.setAlgorithmSuite(bt, ComboConstants.BASIC128);
480                 //wss
481
WssElement wss = SecurityPolicyModelHelper.enableWss(c, true);
482                 SecurityPolicyModelHelper.enableMustSupportRefKeyIdentifier(wss, true);
483                 SecurityPolicyModelHelper.enableMustSupportRefIssuerSerial(wss, true);
484                 SecurityPolicyModelHelper.enableMustSupportRefThumbprint(wss, true);
485                 SecurityPolicyModelHelper.enableMustSupportRefEncryptedKey(wss, true);
486                 //trust10
487
TrustElement trust = SecurityPolicyModelHelper.enableTrust10(c);
488                 SecurityPolicyModelHelper.enableMustSupportIssuedTokens(trust, true);
489                 SecurityPolicyModelHelper.enableRequireClientEntropy(trust, true);
490                 SecurityPolicyModelHelper.enableRequireServerEntropy(trust, true);
491                 SecurityTokensModelHelper.removeSupportingTokens(c);
492                 setMessageLevelSecurityProfilePolicies(c, profile);
493                 return;
494             }
495             // Profile #11
496
if (ComboConstants.PROF_STSISSUEDCERT.equals(profile)) {
497                 WSDLComponent bt = SecurityPolicyModelHelper.setSecurityBindingType(c, ComboConstants.ASYMMETRIC);
498                 WSDLComponent tokenType = SecurityTokensModelHelper.setTokenType(bt, ComboConstants.INITIATOR, ComboConstants.ISSUED);
499                 SecurityTokensModelHelper.setTokenInclusionLevel(tokenType, ComboConstants.ALWAYSRECIPIENT);
500                 tokenType = SecurityTokensModelHelper.setTokenType(bt, ComboConstants.RECIPIENT, ComboConstants.X509);
501                 SecurityTokensModelHelper.setTokenInclusionLevel(tokenType, ComboConstants.NEVER);
502                 SecurityPolicyModelHelper.setLayout(bt, ComboConstants.LAX);
503                 SecurityPolicyModelHelper.enableIncludeTimestamp(bt, true);
504                 SecurityPolicyModelHelper.enableSignEntireHeadersAndBody(bt, true);
505                 AlgoSuiteModelHelper.setAlgorithmSuite(bt, ComboConstants.BASIC128);
506                 //wss
507
WssElement wss = SecurityPolicyModelHelper.enableWss(c, true);
508                 SecurityPolicyModelHelper.enableMustSupportRefKeyIdentifier(wss, true);
509                 SecurityPolicyModelHelper.enableMustSupportRefIssuerSerial(wss, true);
510                 SecurityPolicyModelHelper.enableMustSupportRefThumbprint(wss, true);
511                 SecurityPolicyModelHelper.enableMustSupportRefEncryptedKey(wss, true);
512                 //trust10
513
TrustElement trust = SecurityPolicyModelHelper.enableTrust10(c);
514                 SecurityPolicyModelHelper.enableMustSupportIssuedTokens(trust, true);
515                 SecurityPolicyModelHelper.enableRequireClientEntropy(trust, true);
516                 SecurityPolicyModelHelper.enableRequireServerEntropy(trust, true);
517                 SecurityTokensModelHelper.removeSupportingTokens(c);
518                 setMessageLevelSecurityProfilePolicies(c, profile);
519                 return;
520             }
521             // Profile #12
522
if (ComboConstants.PROF_STSISSUEDENDORSE.equals(profile)) {
523                 WSDLComponent bt = SecurityPolicyModelHelper.setSecurityBindingType(c, ComboConstants.SYMMETRIC);
524                 WSDLComponent tokenType = SecurityTokensModelHelper.setTokenType(bt, ComboConstants.PROTECTION, ComboConstants.X509);
525                 SecurityTokensModelHelper.setTokenInclusionLevel(tokenType, ComboConstants.ALWAYS);
526 // SecurityPolicyModelHelper.enableRequireThumbprintReference(tokenType, true);
527
SecurityPolicyModelHelper.setLayout(bt, ComboConstants.LAX);
528                 SecurityPolicyModelHelper.enableIncludeTimestamp(bt, true);
529                 SecurityPolicyModelHelper.enableSignEntireHeadersAndBody(bt, true);
530                 AlgoSuiteModelHelper.setAlgorithmSuite(bt, ComboConstants.BASIC128);
531                 //wss
532
WssElement wss = SecurityPolicyModelHelper.enableWss(c, true);
533                 SecurityPolicyModelHelper.enableMustSupportRefKeyIdentifier(wss, true);
534                 SecurityPolicyModelHelper.enableMustSupportRefIssuerSerial(wss, true);
535                 SecurityPolicyModelHelper.enableMustSupportRefThumbprint(wss, true);
536                 SecurityPolicyModelHelper.enableMustSupportRefEncryptedKey(wss, true);
537                 //trust10
538
TrustElement trust = SecurityPolicyModelHelper.enableTrust10(c);
539                 SecurityPolicyModelHelper.enableMustSupportIssuedTokens(trust, true);
540                 SecurityPolicyModelHelper.enableRequireClientEntropy(trust, true);
541                 SecurityPolicyModelHelper.enableRequireServerEntropy(trust, true);
542                 //endorsing supporting token
543
SecurityTokensModelHelper.removeSupportingTokens(c);
544                 tokenType = SecurityTokensModelHelper.setSupportingTokens(c, ComboConstants.ISSUED, SecurityTokensModelHelper.ENDORSING);
545                 setMessageLevelSecurityProfilePolicies(c, profile);
546                 return;
547             }
548         } finally {
549             if (!isTransaction) {
550                 model.endTransaction();
551             }
552         }
553     }
554
555     public static void setMessageLevelSecurityProfilePolicies(WSDLComponent c, String JavaDoc profile) {
556         assert ((c instanceof BindingOperation) || (c instanceof Binding));
557         
558         if (c instanceof Binding) {
559             Collection JavaDoc<BindingOperation> ops = ((Binding)c).getBindingOperations();
560             for (BindingOperation o : ops) {
561                 if (!SecurityPolicyModelHelper.isSecurityEnabled(o)) {
562                     setMessageLevelSecurityProfilePolicies(o, profile);
563                 }
564             }
565         } else {
566             setMessageLevelSecurityProfilePolicies((BindingOperation)c, profile);
567         }
568     }
569     
570     public static void setMessageLevelSecurityProfilePolicies(BindingOperation o, String JavaDoc profile) {
571         assert (o != null);
572         
573         WSDLModel model = o.getModel();
574         
575         BindingInput input = o.getBindingInput();
576         BindingOutput output = o.getBindingOutput();
577                
578         boolean isTransaction = model.isIntransaction();
579         if (!isTransaction) {
580             model.startTransaction();
581         }
582
583         try {
584             if (input != null) PolicyModelHelper.removePolicyForElement(input);
585             if (output != null) PolicyModelHelper.removePolicyForElement(output);
586
587             // Profile #1
588
if (ComboConstants.PROF_TRANSPORT.equals(profile)) {
589                 // do nothing, there are no msg level policies
590
return;
591             }
592             // Profile #2
593
if (ComboConstants.PROF_MSGAUTHSSL.equals(profile)) {
594 // SecurityTokensModelHelper.setSupportingTokens(input, null, SecurityTokensModelHelper.SIGNED_SUPPORTING);
595
return;
596             }
597             // Profile #3
598
if (ComboConstants.PROF_SAMLSSL.equals(profile)) {
599 // SecurityTokensModelHelper.setSupportingTokens(input, null, SecurityTokensModelHelper.SIGNED_SUPPORTING);
600
return;
601             }
602             // Profile #4
603
if (ComboConstants.PROF_USERNAME.equals(profile)) {
604 // SecurityTokensModelHelper.setSupportingTokens(input, null, SecurityTokensModelHelper.SIGNED_SUPPORTING);
605
SecurityPolicyModelHelper.setTargets(input, DEFAULT_TARGETS);
606                 SecurityPolicyModelHelper.setTargets(output, DEFAULT_TARGETS);
607                 return;
608             }
609             // Profile #5
610
if (ComboConstants.PROF_MUTUALCERT.equals(profile)) {
611                 SecurityPolicyModelHelper.setTargets(input, DEFAULT_TARGETS);
612                 SecurityPolicyModelHelper.setTargets(output, DEFAULT_TARGETS);
613                 return;
614             }
615             // Profile #6
616
if (ComboConstants.PROF_ENDORSCERT.equals(profile)) {
617                 SecurityPolicyModelHelper.setTargets(input, DEFAULT_TARGETS);
618                 SecurityPolicyModelHelper.setTargets(output, DEFAULT_TARGETS);
619                 return;
620             }
621             // Profile #7
622
if (ComboConstants.PROF_SAMLSENDER.equals(profile)) {
623 // SecurityTokensModelHelper.setSupportingTokens(input, null, SecurityTokensModelHelper.SIGNED_SUPPORTING);
624
SecurityPolicyModelHelper.setTargets(input, DEFAULT_TARGETS);
625                 SecurityPolicyModelHelper.setTargets(output, DEFAULT_TARGETS);
626                 return;
627             }
628             // Profile #8
629
if (ComboConstants.PROF_SAMLHOLDER.equals(profile)) {
630                 SecurityPolicyModelHelper.setTargets(input, DEFAULT_TARGETS);
631                 SecurityPolicyModelHelper.setTargets(output, DEFAULT_TARGETS);
632                 return;
633             }
634             // Profile #9
635
if (ComboConstants.PROF_KERBEROS.equals(profile)) {
636                 SecurityPolicyModelHelper.setTargets(input, DEFAULT_TARGETS);
637                 SecurityPolicyModelHelper.setTargets(output, DEFAULT_TARGETS);
638                 return;
639             }
640             // Profile #10
641
if (ComboConstants.PROF_STSISSUED.equals(profile)) {
642                 SecurityPolicyModelHelper.setTargets(input, DEFAULT_TARGETS);
643                 SecurityPolicyModelHelper.setTargets(output, DEFAULT_TARGETS);
644                 return;
645             }
646             // Profile #11
647
if (ComboConstants.PROF_STSISSUEDCERT.equals(profile)) {
648                 SecurityPolicyModelHelper.setTargets(input, DEFAULT_TARGETS);
649                 SecurityPolicyModelHelper.setTargets(output, DEFAULT_TARGETS);
650                 return;
651             }
652             // Profile #12
653
if (ComboConstants.PROF_STSISSUEDENDORSE.equals(profile)) {
654                 SecurityPolicyModelHelper.setTargets(input, DEFAULT_TARGETS);
655                 SecurityPolicyModelHelper.setTargets(output, DEFAULT_TARGETS);
656                 return;
657             }
658         } finally {
659             if (!isTransaction) {
660                 model.endTransaction();
661             }
662         }
663     }
664
665     public static void enableSecureConversation(WSDLComponent c, boolean enable, String JavaDoc profile) {
666         assert (c != null);
667         assert ((c instanceof BindingOperation) || (c instanceof Binding));
668
669         WSDLModel model = c.getModel();
670         WSDLComponentFactory wcf = model.getFactory();
671         
672         boolean isTransaction = model.isIntransaction();
673         if (!isTransaction) {
674             model.startTransaction();
675         }
676
677         try {
678             if (enable) {
679                 WSDLComponent secBinding = SecurityPolicyModelHelper.getSecurityBindingTypeElement(c);
680                 WSDLComponent par = secBinding.getParent();
681                 
682                 boolean onlySign = SecurityPolicyModelHelper.isSignEntireHeadersAndBody(c);
683                 boolean includeTimestamp = SecurityPolicyModelHelper.isSignEntireHeadersAndBody(c);
684                 String JavaDoc algoSuite = AlgoSuiteModelHelper.getAlgorithmSuite(c);
685                         
686                 BootstrapPolicy bp = (BootstrapPolicy) wcf.create(par, SecurityPolicyQName.BOOTSTRAPPOLICY.getQName());
687                 par.addExtensibilityElement(bp);
688                 Policy p = PolicyModelHelper.createElement(bp, PolicyQName.POLICY.getQName(), Policy.class, false);
689                 p.addExtensibilityElement((ExtensibilityElement) secBinding.copy(p));
690
691                 for (int suppTokenType=0; suppTokenType < 3; suppTokenType++) {
692                     ExtensibilityElement suppToken =
693                             (ExtensibilityElement) SecurityTokensModelHelper.getSupportingToken(c, suppTokenType);
694                     if (suppToken == null) continue;
695                     p.addExtensibilityElement((ExtensibilityElement) suppToken.copy(p));
696                     suppToken.getParent().removeExtensibilityElement(suppToken);
697                 }
698
699                 WSDLComponent bType = SecurityPolicyModelHelper.setSecurityBindingType(c, ComboConstants.SYMMETRIC);
700                 SecureConversationToken tType = (SecureConversationToken) SecurityTokensModelHelper.setTokenType(
701                         bType, ComboConstants.PROTECTION, ComboConstants.SECURECONVERSATION);
702                 p = PolicyModelHelper.createElement(tType, PolicyQName.POLICY.getQName(), Policy.class, false);
703                 ExtensibilityElement bpcopy = (ExtensibilityElement) bp.copy(p);
704                 p.addExtensibilityElement(bpcopy);
705                 par.removeExtensibilityElement(bp);
706                 p = PolicyModelHelper.getTopLevelElement(bpcopy, Policy.class);
707                 WSDLComponent wss10 = SecurityPolicyModelHelper.getWss10(par);
708                 if (wss10 != null) {
709                     p.addExtensibilityElement((ExtensibilityElement) wss10.copy(p));
710                 }
711                 WssElement wss11 = SecurityPolicyModelHelper.getWss11(par);
712                 if (wss11 != null) {
713                     p.addExtensibilityElement((ExtensibilityElement) wss11.copy(p));
714                 }
715                 TrustElement trust = SecurityPolicyModelHelper.getTrust10(par);
716                 if (trust != null) {
717                     p.addExtensibilityElement((ExtensibilityElement) trust.copy(p));
718                 }
719
720                 // set top level secure conversation policy
721
SecurityPolicyModelHelper.setLayout(bType, ComboConstants.STRICT);
722                 if (algoSuite != null) {
723                     AlgoSuiteModelHelper.setAlgorithmSuite(bType, algoSuite);
724                 } else {
725                     AlgoSuiteModelHelper.setAlgorithmSuite(bType, ComboConstants.BASIC128);
726                 }
727                 if (includeTimestamp) {
728                     SecurityPolicyModelHelper.enableIncludeTimestamp(bType, true);
729                 }
730                 if (onlySign) {
731                     SecurityPolicyModelHelper.enableSignEntireHeadersAndBody(bType, true);
732                 }
733                 
734                 SecurityPolicyModelHelper.setTargets(p, DEFAULT_TARGETS);
735                 
736                 SecurityPolicyModelHelper.disableWss(par);
737                 WssElement wss = SecurityPolicyModelHelper.enableWss(par, true);
738                 SecurityPolicyModelHelper.enableMustSupportRefKeyIdentifier(wss, true);
739                 SecurityPolicyModelHelper.enableMustSupportRefIssuerSerial(wss, true);
740                 SecurityPolicyModelHelper.enableMustSupportRefThumbprint(wss, true);
741                 SecurityPolicyModelHelper.enableMustSupportRefEncryptedKey(wss, true);
742
743                 SecurityPolicyModelHelper.disableTrust10(par);
744                 trust = SecurityPolicyModelHelper.enableTrust10(par);
745                 SecurityPolicyModelHelper.enableRequireClientEntropy(trust, true);
746                 SecurityPolicyModelHelper.enableRequireServerEntropy(trust, true);
747                 SecurityPolicyModelHelper.enableMustSupportIssuedTokens(trust, true);
748
749             } else {
750                 WSDLComponent topSecBinding = SecurityPolicyModelHelper.getSecurityBindingTypeElement(c);
751                 WSDLComponent protTokenKind = SecurityTokensModelHelper.getTokenElement(topSecBinding, ProtectionToken.class);
752                 WSDLComponent protToken = SecurityTokensModelHelper.getTokenTypeElement(protTokenKind);
753                 WSDLComponent bootPolicy = SecurityTokensModelHelper.getTokenElement(protToken, BootstrapPolicy.class);
754                 WSDLComponent secBinding = SecurityPolicyModelHelper.getSecurityBindingTypeElement(bootPolicy);
755
756                 WSDLComponent par = topSecBinding.getParent().getParent();
757
758                 par.addExtensibilityElement((ExtensibilityElement) secBinding.copy(par));
759
760                 for (int suppTokenType=0; suppTokenType < 3; suppTokenType++) {
761                     ExtensibilityElement suppToken =
762                             (ExtensibilityElement) SecurityTokensModelHelper.getSupportingToken(secBinding.getParent(), suppTokenType);
763                     if (suppToken == null) continue;
764                     par.addExtensibilityElement((ExtensibilityElement) suppToken.copy(par));
765                     suppToken.getParent().removeExtensibilityElement(suppToken);
766                 }
767                 
768                 WssElement wss10 = SecurityPolicyModelHelper.getWss10(secBinding.getParent());
769                 if (wss10 != null) {
770                     par.addExtensibilityElement((ExtensibilityElement) wss10.copy(par));
771                 }
772                 WssElement wss11 = SecurityPolicyModelHelper.getWss11(secBinding.getParent());
773                 if (wss11 != null) {
774                     par.addExtensibilityElement((ExtensibilityElement) wss11.copy(par));
775                 }
776                 TrustElement trust = SecurityPolicyModelHelper.getTrust10(secBinding.getParent());
777                 if (trust != null) {
778                     par.addExtensibilityElement((ExtensibilityElement) trust.copy(par));
779                 }
780                 
781                 SecurityPolicyModelHelper.setSecurityBindingType(c, null);
782                 SecurityPolicyModelHelper.disableWss(c);
783                 SecurityPolicyModelHelper.disableTrust10(c);
784                 
785                 WSDLComponent copyto = PolicyModelHelper.getTopLevelElement(par, All.class);
786                 WSDLComponent bType = SecurityPolicyModelHelper.getSecurityBindingTypeElement(par);
787                 copyto.addExtensibilityElement((ExtensibilityElement) bType.copy(copyto));
788                 bType.getParent().removeExtensibilityElement((ExtensibilityElement) bType);
789                 wss10 = SecurityPolicyModelHelper.getWss10(par);
790                 if (wss10 != null) {
791                     copyto.addExtensibilityElement((ExtensibilityElement) wss10.copy(copyto));
792                     wss10.getParent().removeExtensibilityElement(wss10);
793                 }
794                 wss11 = SecurityPolicyModelHelper.getWss11(par);
795                 if (wss11 != null) {
796                     copyto.addExtensibilityElement((ExtensibilityElement) wss11.copy(copyto));
797                     wss11.getParent().removeExtensibilityElement(wss11);
798                 }
799                 trust = SecurityPolicyModelHelper.getTrust10(par);
800                 if (trust != null) {
801                     copyto.addExtensibilityElement((ExtensibilityElement) trust.copy(copyto));
802                     trust.getParent().removeExtensibilityElement(trust);
803                 }
804                 for (int suppTokenType=0; suppTokenType < 3; suppTokenType++) {
805                     ExtensibilityElement suppToken =
806                             (ExtensibilityElement) SecurityTokensModelHelper.getSupportingToken(par, suppTokenType);
807                     if (suppToken == null) continue;
808                     copyto.addExtensibilityElement((ExtensibilityElement) suppToken.copy(copyto));
809                     suppToken.getParent().removeExtensibilityElement(suppToken);
810                 }
811             }
812         } finally {
813             if (!isTransaction) {
814                 model.endTransaction();
815             }
816         }
817         
818     }
819 }
820
Popular Tags