/** * Initializes the OWASPI ESAPI library. */ protected static void initializeESAPI() { Logger log = getLogger(); String systemPropertyKey = "org.owasp.esapi.SecurityConfiguration"; String opensamlConfigImpl = ESAPISecurityConfig.class.getName(); String currentValue = System.getProperty(systemPropertyKey); if (currentValue == null || currentValue.isEmpty()) { log.debug("Setting ESAPI SecurityConfiguration impl to OpenSAML internal class: {}", opensamlConfigImpl); System.setProperty(systemPropertyKey, opensamlConfigImpl); // We still need to call ESAPI.initialize() despite setting the system property, b/c within the ESAPI class // the property is only evaluated once in a static initializer and stored. The initialize method however // does overwrite the statically-set value from the system property. But still set the system property for // consistency, so other callers can see what has been set. ESAPI.initialize(opensamlConfigImpl); } else { log.debug("ESAPI SecurityConfiguration impl was already set non-null and non-empty via system property, leaving existing value in place: {}", currentValue); } }
/** * Initializes the Apache XMLSecurity libary. * * @throws ConfigurationException thrown is there is a problem initializing the library */ protected static void initializeXMLSecurity() throws ConfigurationException { Logger log = getLogger(); String lineBreakPropName = "org.apache.xml.security.ignoreLineBreaks"; // Don't override if it was set explicitly if (System.getProperty(lineBreakPropName) == null) { System.setProperty(lineBreakPropName, "true"); } if (!Init.isInitialized()) { log.debug("Initializing Apache XMLSecurity library"); Init.init(); } }
/** * Initializes the XMLTooling library with an explicitly supplied set of object providers. * * @param providerConfigs list of provider configuration files located on the classpath * * @throws ConfigurationException thrown if there is a problem loading the configuration files */ protected static void initializeXMLTooling(String[] providerConfigs) throws ConfigurationException { Logger log = getLogger(); Class clazz = Configuration.class; XMLConfigurator configurator = new XMLConfigurator(); for (String config : providerConfigs) { log.debug("Loading XMLTooling configuration {}", config); configurator.load(clazz.getResourceAsStream(config)); } }
/** * Initializes the artifact factories for SAML 1 and SAML 2 artifacts. * * @throws ConfigurationException thrown if there is a problem initializing the artifact factory */ protected static void initializeArtifactBuilderFactories() throws ConfigurationException { Logger log = getLogger(); log.debug("Initializing SAML Artifact builder factories"); Configuration.setSAML1ArtifactBuilderFactory(new SAML1ArtifactBuilderFactory()); Configuration.setSAML2ArtifactBuilderFactory(new SAML2ArtifactBuilderFactory()); }