List of usage examples for javax.xml.parsers DocumentBuilderFactory setAttribute
public abstract void setAttribute(String name, Object value) throws IllegalArgumentException;
From source file:org.wso2.carbon.identity.authenticator.saml2.sso.common.Util.java
/** * Constructing the XMLObject Object from a String * * @param authReqStr//from w ww . j a v a2 s . c o m * @return Corresponding XMLObject which is a SAML2 object * @throws SAML2SSOUIAuthenticatorException */ public static XMLObject unmarshall(String authReqStr) throws SAML2SSOUIAuthenticatorException { try { doBootstrap(); DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance(); documentBuilderFactory.setNamespaceAware(true); documentBuilderFactory.setExpandEntityReferences(false); documentBuilderFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); SecurityManager securityManager = new SecurityManager(); securityManager.setEntityExpansionLimit(ENTITY_EXPANSION_LIMIT); documentBuilderFactory.setAttribute(SECURITY_MANAGER_PROPERTY, securityManager); DocumentBuilder docBuilder = documentBuilderFactory.newDocumentBuilder(); docBuilder.setEntityResolver(new CarbonEntityResolver()); Document document = docBuilder.parse(new ByteArrayInputStream(authReqStr.trim().getBytes())); Element element = document.getDocumentElement(); UnmarshallerFactory unmarshallerFactory = Configuration.getUnmarshallerFactory(); Unmarshaller unmarshaller = unmarshallerFactory.getUnmarshaller(element); return unmarshaller.unmarshall(element); } catch (Exception e) { log.error("Error in constructing AuthRequest from the encoded String", e); throw new SAML2SSOUIAuthenticatorException( "Error in constructing AuthRequest from " + "the encoded String ", e); } }
From source file:org.wso2.carbon.identity.authenticator.saml2.sso.util.Util.java
/** * Constructing the XMLObject Object from a String * * @param authReqStr//from ww w. j av a2 s . co m * @return Corresponding XMLObject which is a SAML2 object * @throws org.wso2.carbon.identity.authenticator.saml2.sso.SAML2SSOAuthenticatorException */ public static XMLObject unmarshall(String authReqStr) throws SAML2SSOAuthenticatorException { XMLObject response; try { doBootstrap(); DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance(); documentBuilderFactory.setNamespaceAware(true); documentBuilderFactory.setExpandEntityReferences(false); documentBuilderFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); SecurityManager securityManager = new SecurityManager(); securityManager.setEntityExpansionLimit(ENTITY_EXPANSION_LIMIT); documentBuilderFactory.setAttribute(SECURITY_MANAGER_PROPERTY, securityManager); DocumentBuilder docBuilder = documentBuilderFactory.newDocumentBuilder(); docBuilder.setEntityResolver(new CarbonEntityResolver()); Document document = docBuilder.parse(new ByteArrayInputStream(authReqStr.trim().getBytes())); Element element = document.getDocumentElement(); UnmarshallerFactory unmarshallerFactory = Configuration.getUnmarshallerFactory(); Unmarshaller unmarshaller = unmarshallerFactory.getUnmarshaller(element); response = unmarshaller.unmarshall(element); // Check for duplicate samlp:Response NodeList list = response.getDOM().getElementsByTagNameNS(SAMLConstants.SAML20P_NS, "Response"); if (list.getLength() > 0) { log.error("Invalid schema for the SAML2 reponse"); throw new SAML2SSOAuthenticatorException("Error occured while processing saml2 response"); } return response; } catch (ParserConfigurationException e) { log.error("Error occured while processing saml2 response"); throw new SAML2SSOAuthenticatorException("Error occured while processing saml2 response", e); } catch (SAXException e) { log.error("Error occured while processing saml2 response"); throw new SAML2SSOAuthenticatorException("Error occured while processing saml2 response", e); } catch (IOException e) { log.error("Error occured while processing saml2 response"); throw new SAML2SSOAuthenticatorException("Error occured while processing saml2 response", e); } catch (UnmarshallingException e) { log.error("Error occured while processing saml2 response"); throw new SAML2SSOAuthenticatorException("Error occured while processing saml2 response", e); } }
From source file:org.wso2.carbon.identity.core.util.IdentityUtil.java
/** * Constructing the SAML or XACML Objects from a String * * @param xmlString Decoded SAML or XACML String * @return SAML or XACML Object//from w ww .j av a 2 s . co m * @throws org.wso2.carbon.identity.base.IdentityException */ public static XMLObject unmarshall(String xmlString) throws IdentityException { try { DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance(); documentBuilderFactory.setNamespaceAware(true); documentBuilderFactory.setExpandEntityReferences(false); documentBuilderFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); org.apache.xerces.util.SecurityManager securityManager = new SecurityManager(); securityManager.setEntityExpansionLimit(ENTITY_EXPANSION_LIMIT); documentBuilderFactory.setAttribute(SECURITY_MANAGER_PROPERTY, securityManager); DocumentBuilder docBuilder = documentBuilderFactory.newDocumentBuilder(); docBuilder.setEntityResolver(new CarbonEntityResolver()); Document document = docBuilder .parse(new ByteArrayInputStream(xmlString.trim().getBytes(Charsets.UTF_8))); Element element = document.getDocumentElement(); UnmarshallerFactory unmarshallerFactory = Configuration.getUnmarshallerFactory(); Unmarshaller unmarshaller = unmarshallerFactory.getUnmarshaller(element); return unmarshaller.unmarshall(element); } catch (ParserConfigurationException | UnmarshallingException | SAXException | IOException e) { String message = "Error in constructing XML Object from the encoded String"; throw new IdentityException(message, e); } }
From source file:org.wso2.carbon.identity.entitlement.common.InMemoryPersistenceManager.java
/** * * This method provides a secured document builder which will secure XXE attacks. * * @return DocumentBuilder// w w w . j a v a 2 s .c o m * @throws ParserConfigurationException */ private DocumentBuilder getSecuredDocumentBuilder() throws ParserConfigurationException { DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance(); documentBuilderFactory.setNamespaceAware(true); documentBuilderFactory.setExpandEntityReferences(false); documentBuilderFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); SecurityManager securityManager = new SecurityManager(); securityManager.setEntityExpansionLimit(ENTITY_EXPANSION_LIMIT); documentBuilderFactory.setAttribute(SECURITY_MANAGER_PROPERTY, securityManager); DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder(); documentBuilder.setEntityResolver(new CarbonEntityResolver()); return documentBuilder; }
From source file:org.wso2.carbon.identity.entitlement.EntitlementUtil.java
/** * * This method provides a secured document builder which will secure XXE attacks. * * @param setIgnoreComments whether to set setIgnoringComments in DocumentBuilderFactory. * @return DocumentBuilder/* w w w . j a v a 2 s . c o m*/ * @throws ParserConfigurationException */ private static DocumentBuilder getSecuredDocumentBuilder(boolean setIgnoreComments) throws ParserConfigurationException { DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance(); documentBuilderFactory.setIgnoringComments(setIgnoreComments); documentBuilderFactory.setNamespaceAware(true); documentBuilderFactory.setExpandEntityReferences(false); documentBuilderFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); SecurityManager securityManager = new SecurityManager(); securityManager.setEntityExpansionLimit(ENTITY_EXPANSION_LIMIT); documentBuilderFactory.setAttribute(SECURITY_MANAGER_PROPERTY, securityManager); DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder(); documentBuilder.setEntityResolver(new CarbonEntityResolver()); return documentBuilder; }
From source file:org.wso2.carbon.identity.entitlement.pap.PAPPolicyReader.java
private PAPPolicyReader(PolicyFinder policyFinder) { this.policyFinder = policyFinder; // create the factory DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance(); documentBuilderFactory.setIgnoringComments(true); documentBuilderFactory.setNamespaceAware(true); documentBuilderFactory.setExpandEntityReferences(false); SecurityManager securityManager = new SecurityManager(); securityManager.setEntityExpansionLimit(ENTITY_EXPANSION_LIMIT); documentBuilderFactory.setAttribute(SECURITY_MANAGER_PROPERTY, securityManager); // now use the factory to create the document builder try {// w w w.jav a 2s.c o m documentBuilderFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); builder = documentBuilderFactory.newDocumentBuilder(); builder.setEntityResolver(new CarbonEntityResolver()); builder.setErrorHandler(this); } catch (ParserConfigurationException pce) { throw new IllegalArgumentException("Filed to setup repository: "); } }
From source file:org.wso2.carbon.identity.entitlement.policy.PolicyRequestBuilder.java
/** * creates DOM representation of the XACML request * * @param request XACML request as a String object * @return XACML request as a DOM element * @throws EntitlementException throws, if fails *//*from w w w . jav a 2 s .c o m*/ public Element getXacmlRequest(String request) throws EntitlementException { ByteArrayInputStream inputStream; DocumentBuilderFactory documentBuilderFactory; Document doc; inputStream = new ByteArrayInputStream(request.getBytes()); documentBuilderFactory = DocumentBuilderFactory.newInstance(); documentBuilderFactory.setNamespaceAware(true); documentBuilderFactory.setExpandEntityReferences(false); SecurityManager securityManager = new SecurityManager(); securityManager.setEntityExpansionLimit(ENTITY_EXPANSION_LIMIT); documentBuilderFactory.setAttribute(SECURITY_MANAGER_PROPERTY, securityManager); DocumentBuilder documentBuilder; try { documentBuilderFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); documentBuilder = documentBuilderFactory.newDocumentBuilder(); documentBuilder.setEntityResolver(new CarbonEntityResolver()); doc = documentBuilder.parse(inputStream); } catch (SAXException e) { throw new EntitlementException("Error while creating DOM from XACML request"); } catch (IOException e) { throw new EntitlementException("Error while creating DOM from XACML request"); } catch (ParserConfigurationException e) { throw new EntitlementException("Error while creating DOM from XACML request"); } finally { try { inputStream.close(); } catch (IOException e) { log.error("Error in closing input stream of XACML request"); } } return doc.getDocumentElement(); }
From source file:org.wso2.carbon.identity.entitlement.proxy.wsxacml.WSXACMLEntitlementServiceClient.java
/** * Constructing the SAML or XACML Objects from a String * * @param xmlString Decoded SAML or XACML String * @return SAML or XACML Object/*from w ww . j a va2 s .co m*/ * @throws EntitlementProxyException */ private XMLObject unmarshall(String xmlString) throws EntitlementProxyException { try { doBootstrap(); DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance(); documentBuilderFactory.setNamespaceAware(true); documentBuilderFactory.setExpandEntityReferences(false); documentBuilderFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); SecurityManager securityManager = new SecurityManager(); securityManager.setEntityExpansionLimit(ENTITY_EXPANSION_LIMIT); documentBuilderFactory.setAttribute(SECURITY_MANAGER_PROPERTY, securityManager); DocumentBuilder docBuilder = documentBuilderFactory.newDocumentBuilder(); docBuilder.setEntityResolver(new CarbonEntityResolver()); Document document = docBuilder .parse(new ByteArrayInputStream(xmlString.trim().getBytes(Charset.forName("UTF-8")))); Element element = document.getDocumentElement(); UnmarshallerFactory unmarshallerFactory = Configuration.getUnmarshallerFactory(); Unmarshaller unmarshaller = unmarshallerFactory.getUnmarshaller(element); return unmarshaller.unmarshall(element); } catch (Exception e) { log.error("Error in constructing XML(SAML or XACML) Object from the encoded String", e); throw new EntitlementProxyException("Error in constructing XML(SAML or XACML) from the encoded String", e); } }
From source file:org.wso2.carbon.identity.entitlement.wsxacml.WSXACMLMessageReceiver.java
/** * Constructing the SAML or XACML Objects from a String * * @param xmlString Decoded SAML or XACML String * @return SAML or XACML Object/* w w w . jav a 2s.c o m*/ * @throws org.wso2.carbon.identity.entitlement.EntitlementException */ public XMLObject unmarshall(String xmlString) throws EntitlementException { try { doBootstrap(); DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance(); documentBuilderFactory.setNamespaceAware(true); documentBuilderFactory.setExpandEntityReferences(false); documentBuilderFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); SecurityManager securityManager = new SecurityManager(); securityManager.setEntityExpansionLimit(ENTITY_EXPANSION_LIMIT); documentBuilderFactory.setAttribute(SECURITY_MANAGER_PROPERTY, securityManager); DocumentBuilder docBuilder = documentBuilderFactory.newDocumentBuilder(); docBuilder.setEntityResolver(new CarbonEntityResolver()); Document document = docBuilder.parse(new ByteArrayInputStream(xmlString.trim().getBytes())); Element element = document.getDocumentElement(); UnmarshallerFactory unmarshallerFactory = Configuration.getUnmarshallerFactory(); Unmarshaller unmarshaller = unmarshallerFactory.getUnmarshaller(element); return unmarshaller.unmarshall(element); } catch (Exception e) { log.error("Error in constructing XML(SAML or XACML) Object from the encoded String", e); throw new EntitlementException("Error in constructing XML(SAML or XACML) from the encoded String ", e); } }
From source file:org.wso2.carbon.identity.query.saml.util.SAMLQueryRequestUtil.java
/** * Create DocumentBuilderFactory with the XXE and XEE prevention measurements. * * @return DocumentBuilderFactory instance *//*from w w w .ja v a 2 s. c o m*/ public static DocumentBuilderFactory getSecuredDocumentBuilderFactory() throws IdentitySAML2QueryException { DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); dbf.setNamespaceAware(true); dbf.setXIncludeAware(false); dbf.setExpandEntityReferences(false); try { dbf.setFeature(Constants.SAX_FEATURE_PREFIX + Constants.EXTERNAL_GENERAL_ENTITIES_FEATURE, false); dbf.setFeature(Constants.SAX_FEATURE_PREFIX + Constants.EXTERNAL_PARAMETER_ENTITIES_FEATURE, false); dbf.setFeature(Constants.XERCES_FEATURE_PREFIX + Constants.LOAD_EXTERNAL_DTD_FEATURE, false); dbf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); dbf.setNamespaceAware(true); dbf.setExpandEntityReferences(false); dbf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); } catch (ParserConfigurationException e) { log.error("Failed to load XML Processor Feature " + Constants.EXTERNAL_GENERAL_ENTITIES_FEATURE + " or " + Constants.EXTERNAL_PARAMETER_ENTITIES_FEATURE + " or " + Constants.LOAD_EXTERNAL_DTD_FEATURE + " or secure-processing."); throw new IdentitySAML2QueryException( "Failed to load XML Processor Feature " + Constants.EXTERNAL_GENERAL_ENTITIES_FEATURE + " or " + Constants.EXTERNAL_PARAMETER_ENTITIES_FEATURE + " or " + Constants.LOAD_EXTERNAL_DTD_FEATURE + " or secure-processing.", e); } SecurityManager securityManager = new SecurityManager(); securityManager.setEntityExpansionLimit(ENTITY_EXPANSION_LIMIT); dbf.setAttribute(Constants.XERCES_PROPERTY_PREFIX + Constants.SECURITY_MANAGER_PROPERTY, securityManager); return dbf; }