File Doc Category Size Date Package
SecurityPipeBase.java API Doc Example 67330 Mon Jun 04 22:45:56 BST 2007 com.sun.xml.wss.jaxws.impl

SecurityPipeBase

java.lang.Object

public abstract class SecurityPipeBase extends Object implements com.sun.xml.ws.api.pipe.Pipe

author: Vbkumar.Jayanti@Sun.COM, K.Venugopal@sun.com

Fields Summary
protected static final Logger
log
protected com.sun.xml.ws.api.pipe.Pipe
nextPipe
protected boolean
optimized
protected boolean
transportOptimization
protected Hashtable
issuedTokenContextMap
protected com.sun.xml.ws.assembler.PipeConfiguration
pipeConfig
protected static final JAXBContext
jaxbContext
protected boolean
disablePayloadBuffer
protected com.sun.xml.ws.security.policy.AlgorithmSuite
bindingLevelAlgSuite
private final QName
optServerSecurity
private final QName
optClientSecurity
private final QName
disableSPBuffering
private final QName
disableCPBuffering
protected boolean
disableIncPrefix
private final QName
disableIncPrefixServer
private final QName
disableIncPrefixClient
protected boolean
encHeaderContent
private final QName
encHeaderContentServer
private final QName
encHeaderContentClient
private final QName
bsp10Server
private final QName
bsp10Client
protected boolean
bsp10
protected static final ArrayList
securityPolicyNamespaces
protected static final List
EMPTY_LIST
protected com.sun.xml.wss.SecurityEnvironment
secEnv
protected static final boolean
debug
protected boolean
isSOAP12
protected com.sun.xml.ws.api.SOAPVersion
soapVersion
protected SOAPFactory
soapFactory
protected com.sun.xml.ws.policy.PolicyMap
wsPolicyMap
protected HashMap
outMessagePolicyMap
protected HashMap
inMessagePolicyMap
protected HashMap
outProtocolPM
protected HashMap
inProtocolPM
public static final URI
ISSUE_REQUEST_URI
public static final URI
CANCEL_REQUEST_URI
protected com.sun.xml.ws.policy.Policy
bpMSP
protected long
timestampTimeOut
protected com.sun.xml.ws.api.model.wsdl.WSDLBoundOperation
cachedOperation
Constants for RM Security Processing
protected com.sun.xml.ws.policy.Policy
wsitConfig
protected Marshaller
marshaller
protected Unmarshaller
unmarshaller
boolean
hasIssuedTokens
boolean
hasSecureConversation
boolean
hasReliableMessaging
AddressingVersion
addVer
Constructors Summary
public SecurityPipeBase(com.sun.xml.ws.assembler.PipeConfiguration config, com.sun.xml.ws.api.pipe.Pipe nextPipe)
//flag used as temporary variable for each run //boolean isTrustOrSCMessage = false; try { //TODO: system property maynot be appropriate for server side. debug = Boolean.valueOf(System.getProperty("DebugSecurity")); ISSUE_REQUEST_URI = new URI(WSTrustConstants.REQUEST_SECURITY_TOKEN_ISSUE_ACTION); CANCEL_REQUEST_URI = new URI(WSTrustConstants.CANCEL_REQUEST); jaxbContext = WSTrustElementFactory.getContext(); ; securityPolicyNamespaces = new ArrayList<String>(); securityPolicyNamespaces.add(SECURITY_POLICY_2005_07_NAMESPACE); } catch (Exception e) { throw new RuntimeException(e); } this.nextPipe= nextPipe; this.pipeConfig = config; this.inMessagePolicyMap = new HashMap<WSDLBoundOperation,SecurityPolicyHolder>(); this.outMessagePolicyMap = new HashMap<WSDLBoundOperation,SecurityPolicyHolder>(); soapVersion = pipeConfig.getBinding().getSOAPVersion(); //addressingEnabled = (pipeConfig.getBinding().getAddressingVersion() == null) ? false : true; isSOAP12 = (soapVersion == SOAPVersion.SOAP_12) ? true : false; wsPolicyMap = pipeConfig.getPolicyMap(); soapFactory = pipeConfig.getBinding().getSOAPVersion().saajSoapFactory; this.inProtocolPM = new HashMap<String,SecurityPolicyHolder>(); this.outProtocolPM = new HashMap<String,SecurityPolicyHolder>(); //unmarshaller as instance variable of the pipe try { this.marshaller = jaxbContext.createMarshaller(); this.unmarshaller = jaxbContext.createUnmarshaller(); }catch (javax.xml.bind.JAXBException ex) { log.log(Level.SEVERE, LogStringsMessages.WSSPIPE_0001_PROBLEM_MAR_UNMAR(), ex); throw new RuntimeException(LogStringsMessages.WSSPIPE_0001_PROBLEM_MAR_UNMAR(), ex); } if(wsPolicyMap != null){ collectPolicies(); } //unmarshaller = jaxbContext.createUnmarshaller(); // check whether Service Port has RM hasReliableMessaging = isReliableMessagingEnabled(wsPolicyMap, pipeConfig.getWSDLModel()); // opResolver = new OperationResolverImpl(inMessagePolicyMap,pipeConfig.getWSDLModel().getBinding());
protected SecurityPipeBase(SecurityPipeBase that)
nextPipe = that.nextPipe; pipeConfig = that.pipeConfig; transportOptimization = that.transportOptimization; optimized = that.optimized; disableIncPrefix = that.disableIncPrefix; encHeaderContent = that.encHeaderContent; issuedTokenContextMap = that.issuedTokenContextMap; secEnv = that.secEnv; isSOAP12 = that.isSOAP12; soapVersion = that.soapVersion; this.soapFactory = that.soapFactory; this.addVer = that.addVer; wsPolicyMap = that.wsPolicyMap; outMessagePolicyMap = that.outMessagePolicyMap; inMessagePolicyMap = that.inMessagePolicyMap; bindingLevelAlgSuite = that.bindingLevelAlgSuite; this.inProtocolPM = that.inProtocolPM; this.outProtocolPM = that.outProtocolPM; this.hasIssuedTokens = that.hasIssuedTokens; this.hasSecureConversation = that.hasSecureConversation; this.hasReliableMessaging = that.hasReliableMessaging; //this.opResolver = that.opResolver; this.timestampTimeOut = that.timestampTimeOut; try { this.marshaller = jaxbContext.createMarshaller(); this.unmarshaller = jaxbContext.createUnmarshaller(); }catch (javax.xml.bind.JAXBException ex) { log.log(Level.SEVERE, LogStringsMessages.WSSPIPE_0001_PROBLEM_MAR_UNMAR(), ex); throw new RuntimeException("Problem creating JAXB Marshaller/Unmarshaller", ex); }
Methods Summary
private void addConfigAssertions(com.sun.xml.ws.policy.Policy policy, com.sun.xml.ws.security.impl.policyconv.SecurityPolicyHolder sph)
//ArrayList<PolicyAssertion> tokenList = new ArrayList<PolicyAssertion>(); for(AssertionSet assertionSet : policy){ for(PolicyAssertion assertion:assertionSet){ if(PolicyUtil.isConfigPolicyAssertion(assertion)){ sph.addConfigAssertions(assertion); } } }
protected abstract void addIncomingFaultPolicy(com.sun.xml.ws.policy.Policy effectivePolicy, com.sun.xml.ws.security.impl.policyconv.SecurityPolicyHolder sph, com.sun.xml.ws.api.model.wsdl.WSDLFault fault)
protected abstract com.sun.xml.ws.security.impl.policyconv.SecurityPolicyHolder addIncomingMP(com.sun.xml.ws.api.model.wsdl.WSDLBoundOperation operation, com.sun.xml.ws.policy.Policy policy)
protected abstract void addIncomingProtocolPolicy(com.sun.xml.ws.policy.Policy effectivePolicy, java.lang.String protocol)
protected abstract void addOutgoingFaultPolicy(com.sun.xml.ws.policy.Policy effectivePolicy, com.sun.xml.ws.security.impl.policyconv.SecurityPolicyHolder sph, com.sun.xml.ws.api.model.wsdl.WSDLFault fault)
protected abstract com.sun.xml.ws.security.impl.policyconv.SecurityPolicyHolder addOutgoingMP(com.sun.xml.ws.api.model.wsdl.WSDLBoundOperation operation, com.sun.xml.ws.policy.Policy policy)
protected abstract void addOutgoingProtocolPolicy(com.sun.xml.ws.policy.Policy effectivePolicy, java.lang.String protocol)
private void addToken(com.sun.xml.ws.security.policy.Token token, java.util.ArrayList list)
if(PolicyUtil.isSecureConversationToken((PolicyAssertion)token) || PolicyUtil.isIssuedToken((PolicyAssertion)token)){ list.add((PolicyAssertion)token); }
protected boolean bindingHasIssuedTokenPolicy()
return hasIssuedTokens;
protected boolean bindingHasRMPolicy()
return hasReliableMessaging;
protected boolean bindingHasSecureConversationPolicy()
return hasSecureConversation;
protected void buildProtocolPolicy(com.sun.xml.ws.policy.Policy endpointPolicy)
if(endpointPolicy == null ){ return; } try{ RMPolicyResolver rr = new RMPolicyResolver(); Policy msgLevelPolicy = rr.getOperationLevelPolicy(); PolicyMerger merger = PolicyMerger.getMerger(); ArrayList<Policy> pList = new ArrayList<Policy>(2); pList.add(endpointPolicy); pList.add(msgLevelPolicy); Policy effectivePolicy = merger.merge(pList); addIncomingProtocolPolicy(effectivePolicy,"RM"); addOutgoingProtocolPolicy(effectivePolicy,"RM"); pList.remove(msgLevelPolicy); pList.add(getMessageBootstrapPolicy()); PolicyMerger pm = PolicyMerger.getMerger(); //add secure conversation policy. Policy ep = pm.merge(pList); addIncomingProtocolPolicy(ep,"SC"); addOutgoingProtocolPolicy(ep,"SC"); }catch(IOException ie){ log.log(Level.SEVERE, LogStringsMessages.WSSPIPE_0008_PROBLEM_BUILDING_PROTOCOL_POLICY(), ie); throw new PolicyException( LogStringsMessages.WSSPIPE_0008_PROBLEM_BUILDING_PROTOCOL_POLICY(), ie); }
protected void cacheMessage(com.sun.xml.ws.api.message.Packet packet)
Message message = null; if(!optimized){ try{ message = packet.getMessage(); message= Messages.create(message.readAsSOAPMessage()); packet.setMessage(message); }catch(SOAPException se){ // internal error log.log(Level.SEVERE, LogStringsMessages.WSSPIPE_0005_PROBLEM_PROC_SOAP_MESSAGE(), se); throw new WebServiceException(LogStringsMessages.WSSPIPE_0005_PROBLEM_PROC_SOAP_MESSAGE(), se); } }
protected final void cacheOperation(com.sun.xml.ws.api.message.Message msg)
cachedOperation = msg.getOperation(pipeConfig.getWSDLModel());
protected void collectPolicies()
Summary from Section 4.2, WS-Security Policy spec( version 1.1 July 2005 ). MessagePolicySubject : policy can be attached to 1) wsdl:binding/wsdl:operation/wsdl:input, ./wsdl:output, or ./wsdl:fault OperationPolicySubject : policy can be attached to 1)wsdl:binding/wsdl:operation EndpointPolicySubject : policy can be attached to 1)wsdl:port 2)wsdl:Binding
try{ if (wsPolicyMap == null) { return; } //To check: Is this sufficient, any edge cases I need to take care QName serviceName = pipeConfig.getWSDLModel().getOwner().getName(); QName portName = pipeConfig.getWSDLModel().getName(); //Review: will this take care of EndpointPolicySubject PolicyMerger policyMerge = PolicyMerger.getMerger(); PolicyMapKey endpointKey =wsPolicyMap.createWsdlEndpointScopeKey(serviceName,portName); //createWsdlEndpointScopeKey(serviceName,portName); //Review:Will getEffectivePolicy return null or empty policy ?. Policy endpointPolicy = wsPolicyMap.getEndpointEffectivePolicy(endpointKey); if (endpointPolicy != null){ if (endpointPolicy.contains(AddressingVersion.W3C.policyNsUri)){ addVer = AddressingVersion.W3C; } else if (endpointPolicy.contains(AddressingVersion.MEMBER.policyNsUri)){ addVer = AddressingVersion.MEMBER; } if(endpointPolicy.contains(optServerSecurity) || endpointPolicy.contains(optClientSecurity)){ optimized = false; } if(endpointPolicy.contains(disableCPBuffering) || endpointPolicy.contains(disableSPBuffering)){ disablePayloadBuffer = true; } if(endpointPolicy.contains(disableIncPrefixServer) || endpointPolicy.contains(disableIncPrefixClient)){ disableIncPrefix = true; } if(endpointPolicy.contains(encHeaderContentServer) || endpointPolicy.contains(encHeaderContentClient)){ encHeaderContent = true; } } if(endpointPolicy.contains(bsp10Client) || endpointPolicy.contains(bsp10Server)){ bsp10 = true; } buildProtocolPolicy(endpointPolicy); ArrayList<Policy> policyList = new ArrayList<Policy>(); if(endpointPolicy != null){ policyList.add(endpointPolicy); } for( WSDLBoundOperation operation: pipeConfig.getWSDLModel().getBinding().getBindingOperations()){ QName operationName = operation.getName(); WSDLOperation wsdlOperation = operation.getOperation(); WSDLInput input = wsdlOperation.getInput(); WSDLOutput output = wsdlOperation.getOutput(); QName inputMessageName = input.getMessage().getName(); QName outputMessageName = null; if(output != null){ outputMessageName = output.getMessage().getName(); } PolicyMapKey messageKey = wsPolicyMap.createWsdlMessageScopeKey( serviceName,portName,operationName); PolicyMapKey operationKey = wsPolicyMap.createWsdlOperationScopeKey(serviceName,portName,operationName); //Review:Not sure if this is need and what is the //difference between operation and message level key. //securityPolicyNamespaces Policy operationPolicy = wsPolicyMap.getOperationEffectivePolicy(operationKey); if(operationPolicy != null ){ policyList.add(operationPolicy); }else{ //log fine message //System.out.println("Operation Level Security policy is null"); } Policy imPolicy = null; imPolicy = wsPolicyMap.getInputMessageEffectivePolicy(messageKey); if(imPolicy != null ){ policyList.add(imPolicy); } //input message effective policy to be used. Policy elements at various //scopes merged. Policy imEP = policyMerge.merge(policyList); SecurityPolicyHolder outPH = addOutgoingMP(operation,imEP); if(imPolicy != null){ policyList.remove(imPolicy); } //one way SecurityPolicyHolder inPH = null; //TODO: Venu to verify this fix later /*if(output != null){*/ Policy omPolicy = null; omPolicy = wsPolicyMap.getOutputMessageEffectivePolicy(messageKey); if(omPolicy != null){ policyList.add(omPolicy); } //ouput message effective policy to be used. Policy elements at various //scopes merged. Policy omEP = policyMerge.merge(policyList); if(omPolicy != null){ policyList.remove(omPolicy); } inPH = addIncomingMP(operation,omEP); /*}*/ Iterator faults = operation.getOperation().getFaults().iterator(); ArrayList<Policy> faultPL = new ArrayList<Policy>(); faultPL.add(endpointPolicy); if(operationPolicy != null){ faultPL.add(operationPolicy); } while(faults.hasNext()){ WSDLFault fault = (WSDLFault) faults.next(); PolicyMapKey fKey = null; fKey = wsPolicyMap.createWsdlFaultMessageScopeKey( serviceName,portName,operationName,fault.getMessage().getName()); Policy fPolicy = wsPolicyMap.getFaultMessageEffectivePolicy(fKey); if(fPolicy != null){ faultPL.add(fPolicy); }else{ continue; } Policy ep = policyMerge.merge(faultPL); if(inPH != null){ addIncomingFaultPolicy(ep,inPH,fault); } if(outPH != null){ addOutgoingFaultPolicy(ep,outPH,fault); } faultPL.remove(fPolicy); } } }catch(PolicyException pe){ throw generateInternalError(pe); }
protected com.sun.xml.ws.security.impl.policyconv.SecurityPolicyHolder constructPolicyHolder(com.sun.xml.ws.policy.Policy effectivePolicy, boolean isServer, boolean isIncoming)
return constructPolicyHolder(effectivePolicy,isServer,isIncoming,false);
protected com.sun.xml.ws.security.impl.policyconv.SecurityPolicyHolder constructPolicyHolder(com.sun.xml.ws.policy.Policy effectivePolicy, boolean isServer, boolean isIncoming, boolean ignoreST)
XWSSPolicyGenerator xwssPolicyGenerator = new XWSSPolicyGenerator(effectivePolicy,isServer,isIncoming); xwssPolicyGenerator.process(ignoreST); this.bindingLevelAlgSuite = xwssPolicyGenerator.getBindingLevelAlgSuite(); MessagePolicy messagePolicy = xwssPolicyGenerator.getXWSSPolicy(); SecurityPolicyHolder sph = new SecurityPolicyHolder(); sph.setMessagePolicy(messagePolicy); sph.setBindingLevelAlgSuite(xwssPolicyGenerator.getBindingLevelAlgSuite()); List<PolicyAssertion> tokenList = getTokens(effectivePolicy); addConfigAssertions(effectivePolicy,sph); for(PolicyAssertion token:tokenList){ if(PolicyUtil.isSecureConversationToken(token)){ NestedPolicy bootstrapPolicy = ((SecureConversationToken)token).getBootstrapPolicy(); Policy effectiveBP = null; if(hasTargets(bootstrapPolicy)){ effectiveBP = bootstrapPolicy; }else{ effectiveBP = getEffectiveBootstrapPolicy(bootstrapPolicy); } xwssPolicyGenerator = new XWSSPolicyGenerator(effectiveBP,isServer,isIncoming); xwssPolicyGenerator.process(ignoreST); MessagePolicy bmp = xwssPolicyGenerator.getXWSSPolicy(); if(isServer && isIncoming){ EncryptionPolicy optionalPolicy = new EncryptionPolicy(); EncryptionPolicy.FeatureBinding fb = (EncryptionPolicy.FeatureBinding) optionalPolicy.getFeatureBinding(); optionalPolicy.newX509CertificateKeyBinding(); EncryptionTarget target = new EncryptionTarget(); target.setQName(new QName(MessageConstants.SAML_v1_1_NS,MessageConstants.SAML_ASSERTION_LNAME)); target.setEnforce(false); fb.addTargetBinding(target); /* try { bmp.prepend(optionalPolicy); } catch (PolicyGenerationException ex) { throw new PolicyException(ex); }*/ } PolicyAssertion sct = new SCTokenWrapper(token,bmp); sph.addSecureConversationToken(sct); hasSecureConversation = true; // if the bootstrap has issued tokens then set hasIssuedTokens=true List<PolicyAssertion> iList = this.getIssuedTokenPoliciesFromBootstrapPolicy((Token)sct); if (!iList.isEmpty()) { hasIssuedTokens = true; } }else if(PolicyUtil.isIssuedToken(token)){ sph.addIssuedToken(token); hasIssuedTokens = true; } } return sph;
protected java.lang.RuntimeException generateInternalError(com.sun.xml.ws.policy.PolicyException ex)
SOAPFault fault = null; try { if (isSOAP12) { fault = soapFactory.createFault(ex.getMessage(),SOAPConstants.SOAP_SENDER_FAULT); fault.appendFaultSubcode(MessageConstants.WSSE_INTERNAL_SERVER_ERROR); } else { fault = soapFactory.createFault(ex.getMessage(), MessageConstants.WSSE_INTERNAL_SERVER_ERROR); } } catch (Exception e) { log.log(Level.SEVERE, LogStringsMessages.WSSPIPE_0002_INTERNAL_SERVER_ERROR(), e); throw new RuntimeException(LogStringsMessages.WSSPIPE_0002_INTERNAL_SERVER_ERROR(), e); } return new SOAPFaultException(fault);
protected java.lang.String getAction(com.sun.xml.ws.api.message.Packet packet)
// if ("true".equals(packet.invocationProperties.get(WSTrustConstants.IS_TRUST_MESSAGE))){ // return (String)packet.invocationProperties.get(WSTrustConstants.REQUEST_SECURITY_TOKEN_ISSUE_ACTION); //} HeaderList hl = packet.getMessage().getHeaders(); //String action = hl.getAction(pipeConfig.getBinding().getAddressingVersion(), pipeConfig.getBinding().getSOAPVersion()); String action = hl.getAction(addVer, pipeConfig.getBinding().getSOAPVersion()); return action;
protected abstract java.lang.String getAction(com.sun.xml.ws.api.model.wsdl.WSDLOperation operation, boolean isIncomming)
protected com.sun.xml.wss.impl.AlgorithmSuite getAlgoSuite(com.sun.xml.ws.security.policy.AlgorithmSuite suite)
if (suite == null) { return null; } com.sun.xml.wss.impl.AlgorithmSuite als = new com.sun.xml.wss.impl.AlgorithmSuite( suite.getDigestAlgorithm(), suite.getEncryptionAlgorithm(), suite.getSymmetricKeyAlgorithm(), suite.getAsymmetricKeyAlgorithm()); return als;
protected com.sun.xml.ws.security.policy.AlgorithmSuite getBindingAlgorithmSuite(com.sun.xml.ws.api.message.Packet packet)
return bindingLevelAlgSuite;
protected com.sun.xml.ws.policy.Policy getEffectiveBootstrapPolicy(com.sun.xml.ws.policy.NestedPolicy bp)
try { ArrayList<Policy> pl = new ArrayList<Policy>(); pl.add(bp); Policy mbp = getMessageBootstrapPolicy(); if ( mbp != null ) { pl.add(mbp); } PolicyMerger pm = PolicyMerger.getMerger(); Policy ep = pm.merge(pl); return ep; } catch (Exception e) { log.log(Level.SEVERE, LogStringsMessages.WSSPIPE_0007_PROBLEM_GETTING_EFF_BOOT_POLICY(), e); throw new PolicyException(LogStringsMessages.WSSPIPE_0007_PROBLEM_GETTING_EFF_BOOT_POLICY(), e); }
protected java.util.List getInBoundSCP(com.sun.xml.ws.api.message.Message message)
if (inMessagePolicyMap == null) { return Collections.emptyList(); } SecurityPolicyHolder sph = null; Collection coll = inMessagePolicyMap.values(); Iterator itr = coll.iterator(); while(itr.hasNext()){ SecurityPolicyHolder ph = (SecurityPolicyHolder) itr.next(); if(ph != null){ sph = ph; break; } } if(sph == null){ return EMPTY_LIST; } return sph.getSecureConversationTokens();
protected com.sun.xml.wss.impl.policy.mls.MessagePolicy getInboundXWSBootstrapPolicy(com.sun.xml.ws.security.policy.Token scAssertion)
return ((SCTokenWrapper)scAssertion).getMessagePolicy();
protected java.util.List getIssuedTokenPoliciesFromBootstrapPolicy(com.sun.xml.ws.security.policy.Token scAssertion)
SCTokenWrapper token = (SCTokenWrapper)scAssertion; return token.getIssuedTokens();
private com.sun.xml.ws.policy.Policy getMessageBootstrapPolicy()
if(bpMSP == null){ PolicySourceModel model = unmarshalPolicy( "com/sun/xml/ws/security/impl/policyconv/"+"boot-msglevel-policy.xml"); bpMSP = PolicyModelTranslator.getTranslator().translate(model); } return bpMSP;
private com.sun.xml.ws.policy.Policy getMessageLevelBSP()
QName serviceName = pipeConfig.getWSDLModel().getOwner().getName(); QName portName = pipeConfig.getWSDLModel().getName(); PolicyMapKey operationKey = wsPolicyMap.createWsdlOperationScopeKey(serviceName, portName, bsOperationName); Policy operationLevelEP = wsPolicyMap.getOperationEffectivePolicy(operationKey); return operationLevelEP;
protected com.sun.xml.ws.api.model.wsdl.WSDLBoundOperation getOperation(com.sun.xml.ws.api.message.Message message)
if(cachedOperation == null){ cachedOperation = message.getOperation(pipeConfig.getWSDLModel()); } return cachedOperation;
protected com.sun.xml.ws.policy.PolicyMapKey getOperationKey(com.sun.xml.ws.api.message.Message message)
WSDLBoundOperation operation = message.getOperation(pipeConfig.getWSDLModel()); WSDLOperation wsdlOperation = operation.getOperation(); QName serviceName = pipeConfig.getWSDLModel().getOwner().getName(); QName portName = pipeConfig.getWSDLModel().getName(); //WSDLInput input = wsdlOperation.getInput(); //WSDLOutput output = wsdlOperation.getOutput(); //QName inputMessageName = input.getMessage().getName(); //QName outputMessageName = output.getMessage().getName(); PolicyMapKey messageKey = wsPolicyMap.createWsdlMessageScopeKey( serviceName,portName,wsdlOperation.getName()); return messageKey;
protected java.util.List getOutBoundSCP(com.sun.xml.ws.api.message.Message message)
if (outMessagePolicyMap == null) { return Collections.emptyList(); } SecurityPolicyHolder sph = null; Collection coll = outMessagePolicyMap.values(); Iterator itr = coll.iterator(); while(itr.hasNext()){ SecurityPolicyHolder ph = (SecurityPolicyHolder) itr.next(); if(ph != null){ sph = ph; break; } } if(sph == null){ return EMPTY_LIST; } return sph.getSecureConversationTokens();
protected com.sun.xml.wss.impl.policy.mls.MessagePolicy getOutgoingXWSBootstrapPolicy(com.sun.xml.ws.security.policy.Token scAssertion)
return ((SCTokenWrapper)scAssertion).getMessagePolicy();
protected com.sun.xml.wss.impl.policy.mls.MessagePolicy getOutgoingXWSSecurityPolicy(com.sun.xml.ws.api.message.Packet packet, boolean isSCMessage)
if (isSCMessage) { Token scToken = (Token)packet.invocationProperties.get(SC_ASSERTION); return getOutgoingXWSBootstrapPolicy(scToken); } Message message = packet.getMessage(); WSDLBoundOperation operation = null; if(isTrustMessage(packet)){ operation = getWSDLOpFromAction(packet,false); }else{ operation =message.getOperation(pipeConfig.getWSDLModel()); } //Review : Will this return operation name in all cases , doclit,rpclit, wrap / non wrap ? MessagePolicy mp = null; //if(operation == null){ //Body could be encrypted. Security will have to infer the //policy from the message till the Body is decrypted. // mp = new MessagePolicy(); //} if (outMessagePolicyMap == null) { //empty message policy return new MessagePolicy(); } SecurityPolicyHolder sph = (SecurityPolicyHolder) outMessagePolicyMap.get(operation); if(sph == null){ return new MessagePolicy(); } mp = sph.getMessagePolicy(); return mp;
protected javax.xml.soap.SOAPFault getSOAPFault(com.sun.xml.wss.impl.WssSoapFaultException sfe)
SOAPFault fault = null; try { if (isSOAP12) { fault = soapFactory.createFault(sfe.getFaultString(),SOAPConstants.SOAP_SENDER_FAULT); fault.appendFaultSubcode(sfe.getFaultCode()); } else { fault = soapFactory.createFault(sfe.getFaultString(), sfe.getFaultCode()); } } catch (Exception e) { log.log(Level.SEVERE, LogStringsMessages.WSSPIPE_0002_INTERNAL_SERVER_ERROR()); throw new RuntimeException(LogStringsMessages.WSSPIPE_0002_INTERNAL_SERVER_ERROR(), e); } return fault;
protected javax.xml.ws.soap.SOAPFaultException getSOAPFaultException(com.sun.xml.wss.impl.WssSoapFaultException sfe)
SOAPFault fault = null; try { if (isSOAP12) { fault = soapFactory.createFault(sfe.getFaultString(),SOAPConstants.SOAP_SENDER_FAULT); fault.appendFaultSubcode(sfe.getFaultCode()); } else { fault = soapFactory.createFault(sfe.getFaultString(), sfe.getFaultCode()); } } catch (Exception e) { log.log(Level.SEVERE, LogStringsMessages.WSSPIPE_0002_INTERNAL_SERVER_ERROR()); throw new RuntimeException(LogStringsMessages.WSSPIPE_0002_INTERNAL_SERVER_ERROR(), e); } return new SOAPFaultException(fault);
protected javax.xml.ws.soap.SOAPFaultException getSOAPFaultException(com.sun.xml.wss.XWSSecurityException xwse)
QName qname = null; if (xwse.getCause() instanceof PolicyViolationException) qname = MessageConstants.WSSE_RECEIVER_POLICY_VIOLATION; else qname = MessageConstants.WSSE_FAILED_AUTHENTICATION; com.sun.xml.wss.impl.WssSoapFaultException wsfe = SecurableSoapMessage.newSOAPFaultException( qname, xwse.getMessage(), xwse); return getSOAPFaultException(wsfe);
protected java.util.List getSecureConversationPolicies(com.sun.xml.ws.api.message.Message message, java.lang.String scope)
if (outMessagePolicyMap == null) { return Collections.emptyList(); } SecurityPolicyHolder sph = null; Collection coll = outMessagePolicyMap.values(); Iterator itr = coll.iterator(); while(itr.hasNext()){ SecurityPolicyHolder ph = (SecurityPolicyHolder) itr.next(); if(ph != null){ sph = ph; break; } } if(sph == null){ return EMPTY_LIST; } return sph.getSecureConversationTokens();
protected java.util.ArrayList getTokens(com.sun.xml.ws.policy.Policy policy)
ArrayList<PolicyAssertion> tokenList = new ArrayList<PolicyAssertion>(); for(AssertionSet assertionSet : policy){ for(PolicyAssertion assertion:assertionSet){ if(PolicyUtil.isAsymmetricBinding(assertion)){ AsymmetricBinding sb = (AsymmetricBinding)assertion; addToken(sb.getInitiatorToken(),tokenList); addToken(sb.getRecipientToken(),tokenList); }else if(PolicyUtil.isSymmetricBinding(assertion)){ SymmetricBinding sb = (SymmetricBinding)assertion; Token token = sb.getProtectionToken(); if(token != null){ addToken(token,tokenList); }else{ addToken(sb.getEncryptionToken(),tokenList); addToken(sb.getSignatureToken(),tokenList); } }else if(PolicyUtil.isSupportingTokens(assertion)){ SupportingTokens st = (SupportingTokens)assertion; Iterator itr = st.getTokens(); while(itr.hasNext()){ addToken((Token)itr.next(),tokenList); } } } } return tokenList;
protected com.sun.xml.ws.api.model.wsdl.WSDLBoundOperation getWSDLOpFromAction(com.sun.xml.ws.api.message.Packet packet, boolean isIncomming)
String uriValue = getAction(packet); Set <WSDLBoundOperation>keys = outMessagePolicyMap.keySet(); for(WSDLBoundOperation wbo : keys){ WSDLOperation wo = wbo.getOperation(); // WsaWSDLOperationExtension extensions = wo.getExtension(WsaWSDLOperationExtension.class); String action = getAction(wo, isIncomming); if(action != null && action.equals(uriValue)){ return wbo; } } return null;
protected com.sun.xml.wss.impl.WSSAssertion getWssAssertion(com.sun.xml.ws.security.policy.WSSAssertion asser)
com.sun.xml.wss.impl.WSSAssertion assertion = new com.sun.xml.wss.impl.WSSAssertion( asser.getRequiredProperties(), asser.getType()); return assertion;
private boolean hasTargets(com.sun.xml.ws.policy.NestedPolicy policy)
AssertionSet as = policy.getAssertionSet(); //Iterator<PolicyAssertion> paItr = as.iterator(); boolean foundTargets = false; for(PolicyAssertion assertion : as){ if(PolicyUtil.isSignedParts(assertion) || PolicyUtil.isEncryptParts(assertion)){ foundTargets = true; break; } } return foundTargets;
protected com.sun.xml.wss.ProcessingContext initializeInboundProcessingContext(com.sun.xml.ws.api.message.Packet packet)
ProcessingContextImpl ctx = null; if(optimized){ ctx = new JAXBFilterProcessingContext(packet.invocationProperties); ((JAXBFilterProcessingContext)ctx).setAddressingVersion(addVer); ((JAXBFilterProcessingContext)ctx).setSOAPVersion(soapVersion); ((JAXBFilterProcessingContext)ctx).setSecure(packet.wasTransportSecure); ((JAXBFilterProcessingContext)ctx).setBSP(bsp10); }else{ ctx = new ProcessingContextImpl( packet.invocationProperties); } ctx.setTimestampTimeout(this.timestampTimeOut); ctx.setIssuedTokenContextMap(issuedTokenContextMap); ctx.setAlgorithmSuite(getAlgoSuite(getBindingAlgorithmSuite(packet))); // setting a flag if issued tokens present ctx.hasIssuedToken(bindingHasIssuedTokenPolicy()); ctx.setSecurityEnvironment(secEnv); ctx.isInboundMessage(true); return ctx;
protected com.sun.xml.wss.ProcessingContext initializeOutgoingProcessingContext(com.sun.xml.ws.api.message.Packet packet, boolean isSCMessage)
ProcessingContextImpl ctx = null; if(optimized){ ctx = new JAXBFilterProcessingContext(packet.invocationProperties); ((JAXBFilterProcessingContext)ctx).setAddressingVersion(addVer); ((JAXBFilterProcessingContext)ctx).setSOAPVersion(soapVersion); ((JAXBFilterProcessingContext)ctx).setBSP(bsp10); }else{ ctx = new ProcessingContextImpl( packet.invocationProperties); } // set the policy, issued-token-map, and extraneous properties ctx.setIssuedTokenContextMap(issuedTokenContextMap); ctx.setAlgorithmSuite(getAlgoSuite(getBindingAlgorithmSuite(packet))); try { MessagePolicy policy = null; if (isRMMessage(packet)) { SecurityPolicyHolder holder = outProtocolPM.get("RM"); policy = holder.getMessagePolicy(); }else if(isSCCancel(packet)){ SecurityPolicyHolder holder = outProtocolPM.get("SC"); policy = holder.getMessagePolicy(); }else { policy = getOutgoingXWSSecurityPolicy(packet, isSCMessage); } if (debug) { policy.dumpMessages(true); } if (policy.getAlgorithmSuite() != null) { //override the binding level suite ctx.setAlgorithmSuite(policy.getAlgorithmSuite()); } ctx.setWSSAssertion(policy.getWSSAssertion()); ctx.setSecurityPolicy(policy); ctx.setSecurityEnvironment(secEnv); ctx.isInboundMessage(false); } catch (XWSSecurityException e) { log.log(Level.SEVERE, LogStringsMessages.WSSPIPE_0006_PROBLEM_INIT_OUT_PROC_CONTEXT(), e); throw new RuntimeException(LogStringsMessages.WSSPIPE_0006_PROBLEM_INIT_OUT_PROC_CONTEXT(), e); } return ctx;
protected boolean isAddressingEnabled()
return (addVer != null);
protected boolean isRMMessage(com.sun.xml.ws.api.message.Packet packet)
if (!isAddressingEnabled()) { return false; } if (!bindingHasRMPolicy()) { return false; } String action = getAction(packet); if (RM_CREATE_SEQ.equals(action) || RM_CREATE_SEQ_RESP.equals(action) || RM_SEQ_ACK.equals(action) || RM_TERMINATE_SEQ.equals(action) || RM_LAST_MESSAGE.equals(action)) { return true; } return false;
private boolean isReliableMessagingEnabled(com.sun.xml.ws.policy.PolicyMap policyMap, com.sun.xml.ws.api.model.wsdl.WSDLPort port)
if (policyMap == null) return false; try { PolicyMapKey endpointKey = policyMap.createWsdlEndpointScopeKey(port.getOwner().getName(), port.getName()); Policy policy = policyMap.getEndpointEffectivePolicy(endpointKey); return (policy != null) && policy.contains(Constants.version); } catch (PolicyException e) { log.log(Level.SEVERE, LogStringsMessages.WSSPIPE_0012_PROBLEM_CHECKING_RELIABLE_MESSAGE_ENABLE(), e); throw new WebServiceException(LogStringsMessages.WSSPIPE_0012_PROBLEM_CHECKING_RELIABLE_MESSAGE_ENABLE(), e); }
protected boolean isSCCancel(com.sun.xml.ws.api.message.Packet packet)
if (!bindingHasSecureConversationPolicy()) { return false; } if (!isAddressingEnabled()) { return false; } String action = getAction(packet); if(WSSCConstants.CANCEL_SECURITY_CONTEXT_TOKEN_RESPONSE_ACTION.equals(action) || WSSCConstants.CANCEL_SECURITY_CONTEXT_TOKEN_ACTION .equals(action)) { return true; } return false;
protected boolean isSCMessage(com.sun.xml.ws.api.message.Packet packet)
if (!bindingHasSecureConversationPolicy()) { return false; } if (!isAddressingEnabled()) { return false; } String action = getAction(packet); if (rstSCTURI.equals(action)){ return true; } return false;
protected boolean isTrustMessage(com.sun.xml.ws.api.message.Packet packet)
if (!isAddressingEnabled()) { return false; } String action = getAction(packet); if(WSTrustConstants.REQUEST_SECURITY_TOKEN_ISSUE_ACTION.equals(action) || WSTrustConstants.REQUEST_SECURITY_TOKEN_RESPONSE_ISSUE_ACTION.equals(action)){ return true; } return false;
protected java.lang.Class loadClass(java.lang.String classname)
if (classname == null) { return null; } Class ret = null; ClassLoader loader = Thread.currentThread().getContextClassLoader(); if (loader != null) { try { ret = loader.loadClass(classname); return ret; } catch (ClassNotFoundException e) { // ignore } } // if context classloader didnt work, try this loader = this.getClass().getClassLoader(); try { ret = loader.loadClass(classname); return ret; } catch (ClassNotFoundException e) { // ignore } log.log(Level.FINE, LogStringsMessages.WSSPIPE_0011_COULD_NOT_FIND_USER_CLASS(), classname); throw new XWSSecurityException(LogStringsMessages.WSSPIPE_0011_COULD_NOT_FIND_USER_CLASS());
private java.lang.String populateCallbackHandlerProps(java.util.Properties props, com.sun.xml.ws.security.policy.CallbackHandlerConfiguration conf)
//check if timestamp timeout has been set if (conf.getTimestampTimeout() != null) { //in milliseconds this.timestampTimeOut = Long.parseLong(conf.getTimestampTimeout()) * 1000; } Iterator it = conf.getCallbackHandlers(); for (; it.hasNext();) { PolicyAssertion p = (PolicyAssertion)it.next(); com.sun.xml.ws.security.impl.policy.CallbackHandler hd = (com.sun.xml.ws.security.impl.policy.CallbackHandler)p; String name = hd.getHandlerName(); String ret = hd.getHandler(); if ("xwssCallbackHandler".equals(name)) { if (ret != null && !"".equals(ret)) { return ret; } else { log.log(Level.SEVERE, LogStringsMessages.WSSPIPE_0018_NULL_OR_EMPTY_XWSS_CALLBACK_HANDLER_CLASSNAME()); throw new RuntimeException(LogStringsMessages.WSSPIPE_0018_NULL_OR_EMPTY_XWSS_CALLBACK_HANDLER_CLASSNAME()); } } else if ("usernameHandler".equals(name)) { if (ret != null && !"".equals(ret)) { props.put(DefaultCallbackHandler.USERNAME_CBH, ret); } else { QName qname = new QName("default"); String def = hd.getAttributeValue(qname); if (def != null && !"".equals(def)) { props.put(DefaultCallbackHandler.MY_USERNAME, def); } else { log.log(Level.SEVERE, LogStringsMessages.WSSPIPE_0019_NULL_OR_EMPTY_USERNAME_HANDLER_CLASSNAME()); throw new RuntimeException(LogStringsMessages.WSSPIPE_0019_NULL_OR_EMPTY_USERNAME_HANDLER_CLASSNAME()); } } } else if ("passwordHandler".equals(name)) { if (ret != null && !"".equals(ret)) { props.put(DefaultCallbackHandler.PASSWORD_CBH, ret); } else { QName qname = new QName("default"); String def = hd.getAttributeValue(qname); if (def != null && !"".equals(def)) { props.put(DefaultCallbackHandler.MY_PASSWORD, def); } else { log.log(Level.SEVERE, LogStringsMessages.WSSPIPE_0020_NULL_OR_EMPTY_PASSWORD_HANDLER_CLASSNAME()); throw new RuntimeException(LogStringsMessages.WSSPIPE_0020_NULL_OR_EMPTY_PASSWORD_HANDLER_CLASSNAME()); } } } else if ("samlHandler".equals(name)) { if (ret == null || "".equals(ret)) { log.log(Level.SEVERE, LogStringsMessages.WSSPIPE_0021_NULL_OR_EMPTY_SAML_HANDLER_CLASSNAME()); throw new RuntimeException(LogStringsMessages.WSSPIPE_0021_NULL_OR_EMPTY_SAML_HANDLER_CLASSNAME()); } props.put(DefaultCallbackHandler.SAML_CBH, ret); } else { log.log(Level.SEVERE, LogStringsMessages.WSSPIPE_0009_UNSUPPORTED_CALLBACK_TYPE_ENCOUNTERED(name)); throw new RuntimeException(LogStringsMessages.WSSPIPE_0009_UNSUPPORTED_CALLBACK_TYPE_ENCOUNTERED(name)); } } return null;
private void populateCertStoreProps(java.util.Properties props, com.sun.xml.ws.security.policy.CertStoreConfig certStoreConfig)
if (certStoreConfig.getCallbackHandlerClassName() != null) { props.put(DefaultCallbackHandler.CERTSTORE_CBH, certStoreConfig.getCallbackHandlerClassName()); } if (certStoreConfig.getCertSelectorClassName() != null) { props.put(DefaultCallbackHandler.CERTSTORE_CERTSELECTOR,certStoreConfig.getCertSelectorClassName()); } if (certStoreConfig.getCRLSelectorClassName() != null) { props.put(DefaultCallbackHandler.CERTSTORE_CRLSELECTOR,certStoreConfig.getCRLSelectorClassName()); }
protected java.lang.String populateConfigProperties(java.util.Set configAssertions, java.util.Properties props)
if (configAssertions == null) { return null; } Iterator it = configAssertions.iterator(); for (; it.hasNext();) { PolicyAssertion as = (PolicyAssertion)it.next(); if ("KeyStore".equals(as.getName().getLocalPart())) { populateKeystoreProps(props, (KeyStore)as); } else if ("TrustStore".equals(as.getName().getLocalPart())) { populateTruststoreProps(props, (TrustStore)as); } else if ("CallbackHandlerConfiguration".equals(as.getName().getLocalPart())) { String ret = populateCallbackHandlerProps(props, (CallbackHandlerConfiguration)as); if (ret != null) { return ret; } } else if ("ValidatorConfiguration".equals(as.getName().getLocalPart())) { populateValidatorProps(props, (ValidatorConfiguration)as); } else if ("CertStore".equals(as.getName().getLocalPart())) { populateCertStoreProps(props, (CertStoreConfig)as); } } return null;
private void populateKeystoreProps(java.util.Properties props, com.sun.xml.ws.security.policy.KeyStore store)
if (store.getLocation() != null) { props.put(DefaultCallbackHandler.KEYSTORE_URL, store.getLocation()); } else { //throw RuntimeException for now log.log(Level.SEVERE, LogStringsMessages.WSSPIPE_0014_KEYSTORE_URL_NULL_CONFIG_ASSERTION()); throw new RuntimeException(LogStringsMessages.WSSPIPE_0014_KEYSTORE_URL_NULL_CONFIG_ASSERTION()); } if (store.getType() != null) { props.put(DefaultCallbackHandler.KEYSTORE_TYPE, store.getType()); } else { props.put(DefaultCallbackHandler.KEYSTORE_TYPE, "JKS"); } if (store.getPassword() != null) { props.put(DefaultCallbackHandler.KEYSTORE_PASSWORD, new String(store.getPassword())); } else { log.log(Level.SEVERE, LogStringsMessages.WSSPIPE_0015_KEYSTORE_PASSWORD_NULL_CONFIG_ASSERTION()); throw new RuntimeException(LogStringsMessages.WSSPIPE_0015_KEYSTORE_PASSWORD_NULL_CONFIG_ASSERTION() ); } if (store.getAlias() != null) { props.put(DefaultCallbackHandler.MY_ALIAS, store.getAlias()); } else { // use default alias //throw new RuntimeException("KeyStore Alias was obtained as NULL from ConfigAssertion"); } if (store.getKeyPassword() != null) { props.put(DefaultCallbackHandler.KEY_PASSWORD, store.getKeyPassword()); } if (store.getAliasSelectorClassName() != null) { props.put(DefaultCallbackHandler.KEYSTORE_CERTSELECTOR, store.getAliasSelectorClassName()); }
private void populateTruststoreProps(java.util.Properties props, com.sun.xml.ws.security.policy.TrustStore store)
if (store.getLocation() != null) { props.put(DefaultCallbackHandler.TRUSTSTORE_URL, store.getLocation()); } else { //throw RuntimeException for now log.log(Level.SEVERE, LogStringsMessages.WSSPIPE_0016_TRUSTSTORE_URL_NULL_CONFIG_ASSERTION()); throw new RuntimeException(LogStringsMessages.WSSPIPE_0016_TRUSTSTORE_URL_NULL_CONFIG_ASSERTION() ); } if (store.getType() != null) { props.put(DefaultCallbackHandler.TRUSTSTORE_TYPE, store.getType()); } else { props.put(DefaultCallbackHandler.TRUSTSTORE_TYPE, "JKS"); } if (store.getPassword() != null) { props.put(DefaultCallbackHandler.TRUSTSTORE_PASSWORD, new String(store.getPassword())); } else { log.log(Level.SEVERE, LogStringsMessages.WSSPIPE_0017_TRUSTSTORE_PASSWORD_NULL_CONFIG_ASSERTION()); throw new RuntimeException(LogStringsMessages.WSSPIPE_0017_TRUSTSTORE_PASSWORD_NULL_CONFIG_ASSERTION() ); } if (store.getPeerAlias() != null) { props.put(DefaultCallbackHandler.PEER_ENTITY_ALIAS, store.getPeerAlias()); } if (store.getSTSAlias() != null) { props.put(DefaultCallbackHandler.STS_ALIAS, store.getSTSAlias()); } if (store.getServiceAlias() != null) { props.put(DefaultCallbackHandler.SERVICE_ALIAS, store.getServiceAlias()); } if (store.getCertSelectorClassName() != null) { props.put(DefaultCallbackHandler.TRUSTSTORE_CERTSELECTOR, store.getCertSelectorClassName()); }
private void populateValidatorProps(java.util.Properties props, com.sun.xml.ws.security.policy.ValidatorConfiguration conf)
if (conf.getMaxClockSkew() != null) { props.put(DefaultCallbackHandler.MAX_CLOCK_SKEW_PROPERTY, conf.getMaxClockSkew()); } if (conf.getTimestampFreshnessLimit() != null) { props.put(DefaultCallbackHandler.TIMESTAMP_FRESHNESS_LIMIT_PROPERTY, conf.getTimestampFreshnessLimit()); } if (conf.getMaxNonceAge() != null) { props.put(DefaultCallbackHandler.MAX_NONCE_AGE_PROPERTY, conf.getMaxNonceAge()); } if (conf.getRevocationEnabled() != null) { props.put(DefaultCallbackHandler.REVOCATION_ENABLED, conf.getRevocationEnabled()); } Iterator it = conf.getValidators(); for (; it.hasNext();) { PolicyAssertion p = (PolicyAssertion)it.next(); Validator v = (Validator)p; String name = v.getValidatorName(); String validator = v.getValidator(); if (validator == null || "".equals(validator)) { log.log(Level.SEVERE, LogStringsMessages.WSSPIPE_0022_NULL_OR_EMPTY_VALIDATOR_CLASSNAME(name)); throw new RuntimeException(LogStringsMessages.WSSPIPE_0022_NULL_OR_EMPTY_VALIDATOR_CLASSNAME(name)); } if ("usernameValidator".equals(name)) { props.put(DefaultCallbackHandler.USERNAME_VALIDATOR, validator); } else if ("timestampValidator".equals(name)) { props.put(DefaultCallbackHandler.TIMESTAMP_VALIDATOR, validator); } else if ("certificateValidator".equals(name)) { props.put(DefaultCallbackHandler.CERTIFICATE_VALIDATOR, validator); } else if ("samlAssertionValidator".equals(name)) { props.put(DefaultCallbackHandler.SAML_VALIDATOR, validator); } else { log.log(Level.SEVERE, LogStringsMessages.WSSPIPE_0010_UNKNOWN_VALIDATOR_TYPE_CONFIG(name)); throw new RuntimeException(LogStringsMessages.WSSPIPE_0010_UNKNOWN_VALIDATOR_TYPE_CONFIG(name)); } }
protected final void resetCachedOperation()
cachedOperation = null;
protected javax.xml.soap.SOAPMessage secureOutboundMessage(javax.xml.soap.SOAPMessage message, com.sun.xml.wss.ProcessingContext ctx)
try { ctx.setSOAPMessage(message); SecurityAnnotator.secureMessage(ctx); return ctx.getSOAPMessage(); } catch (WssSoapFaultException soapFaultException) { throw getSOAPFaultException(soapFaultException); } catch (XWSSecurityException xwse) { WssSoapFaultException wsfe = SecurableSoapMessage.newSOAPFaultException( MessageConstants.WSSE_INTERNAL_SERVER_ERROR, xwse.getMessage(), xwse); throw getSOAPFaultException(wsfe); }
protected com.sun.xml.ws.api.message.Message secureOutboundMessage(com.sun.xml.ws.api.message.Message message, com.sun.xml.wss.ProcessingContext ctx)
try{ JAXBFilterProcessingContext context = (JAXBFilterProcessingContext)ctx; context.setSOAPVersion(soapVersion); context.setJAXWSMessage(message, soapVersion); context.isOneWayMessage(message.isOneWay(this.pipeConfig.getWSDLModel())); context.setDisableIncPrefix(disableIncPrefix); context.setEncHeaderContent(encHeaderContent); context.setBSP(bsp10); SecurityAnnotator.secureMessage(context); return context.getJAXWSMessage(); } catch(XWSSecurityException xwse){ WssSoapFaultException wsfe = SecurableSoapMessage.newSOAPFaultException( MessageConstants.WSSE_INTERNAL_SERVER_ERROR, xwse.getMessage(), xwse); throw getSOAPFaultException(wsfe); }
public void setNextPipe(com.sun.xml.ws.api.pipe.Pipe pipe)
nextPipe = pipe;
protected com.sun.xml.ws.policy.sourcemodel.PolicySourceModel unmarshalPolicy(java.lang.String resource)
InputStream is = Thread.currentThread().getContextClassLoader().getResourceAsStream(resource); if (is == null) return null; Reader reader = new InputStreamReader(is); PolicySourceModel model = PolicyModelUnmarshaller.getXmlUnmarshaller().unmarshalModel(reader); reader.close(); return model;
protected javax.xml.soap.SOAPMessage verifyInboundMessage(javax.xml.soap.SOAPMessage message, com.sun.xml.wss.ProcessingContext ctx)
try { ctx.setSOAPMessage(message); if (debug) { DumpFilter.process(ctx); } NewSecurityRecipient.validateMessage(ctx); return ctx.getSOAPMessage(); } catch (WssSoapFaultException soapFaultException) { throw getSOAPFaultException(soapFaultException); } catch (XWSSecurityException xwse) { WssSoapFaultException wsfe = SecurableSoapMessage.newSOAPFaultException( MessageConstants.WSSE_INTERNAL_SERVER_ERROR, xwse.getMessage(), xwse); throw getSOAPFaultException(wsfe); }
protected com.sun.xml.ws.api.message.Message verifyInboundMessage(com.sun.xml.ws.api.message.Message message, com.sun.xml.wss.ProcessingContext ctx)
JAXBFilterProcessingContext context = (JAXBFilterProcessingContext)ctx; context.setDisablePayloadBuffering(disablePayloadBuffer); context.setDisableIncPrefix(disableIncPrefix); context.setEncHeaderContent(encHeaderContent); context.setBSP(bsp10); // context.setJAXWSMessage(message, soapVersion); if(debug){ try { ((LazyStreamBasedMessage)message).print(); } catch (XMLStreamException ex) { log.log(Level.SEVERE, LogStringsMessages.WSSPIPE_0003_PROBLEM_PRINTING_MSG(), ex); throw new XWSSecurityException(LogStringsMessages.WSSPIPE_0003_PROBLEM_PRINTING_MSG(), ex); } } com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient recipient = new com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient(((LazyStreamBasedMessage)message).readMessage(),soapVersion); return recipient.validateMessage(context);