File Doc Category Size Date Package
ClientSecurityPipe.java API Doc Glassfish v2 API 8245 Tue Jul 24 05:01:36 BST 2007 com.sun.enterprise.webservice

ClientSecurityPipe

java.lang.Object
- com.sun.xml.ws.api.pipe.helper.AbstractFilterPipeImpl

public class ClientSecurityPipe extends com.sun.xml.ws.api.pipe.helper.AbstractFilterPipeImpl implements com.sun.xml.ws.security.secconv.SecureConversationInitiator

This pipe is used to do client side security for app server

Fields Summary
protected com.sun.enterprise.security.jmac.config.PipeHelper
helper
protected static final Logger
_logger
protected static final com.sun.enterprise.util.LocalStringManagerImpl
localStrings
Constructors Summary
public ClientSecurityPipe(Map props, com.sun.xml.ws.api.pipe.Pipe next)
super(next); props.put(PipeConstants.SECURITY_PIPE,this); WSDLPort wsdlModel = (WSDLPort)props.get(PipeConstants.WSDL_MODEL); if (wsdlModel != null) { props.put(PipeConstants.WSDL_SERVICE, wsdlModel.getOwner().getName()); } this.helper = new PipeHelper(PipeConstants.SOAP_LAYER,props,null);
protected ClientSecurityPipe(ClientSecurityPipe that, com.sun.xml.ws.api.pipe.PipeCloner cloner)
super(that, cloner); this.helper = that.helper;
Methods Summary
public final com.sun.xml.ws.api.pipe.Pipe copy(com.sun.xml.ws.api.pipe.PipeCloner cloner)
return new ClientSecurityPipe(this, cloner);
private static javax.security.auth.Subject getClientSubject(com.sun.xml.ws.api.message.Packet p)
Subject s = null; if (p != null) { s = (Subject) p.invocationProperties.get(PipeConstants.CLIENT_SUBJECT); } if (s == null) { s = PipeHelper.getClientSubject(); if (p != null) { p.invocationProperties.put(PipeConstants.CLIENT_SUBJECT,s); } } return s;
public com.sun.enterprise.security.jmac.config.PipeHelper getPipeHelper()
return helper;
public void preDestroy()
helper.disable();
public com.sun.xml.ws.api.message.Packet process(com.sun.xml.ws.api.message.Packet request)
/* * XXX should there be code like the following? if(isHttpBinding) { return next.process(request); } */ PacketMessageInfo info= new PacketMapMessageInfo(request,new Packet()); info.getMap().put(javax.xml.ws.Endpoint.WSDL_SERVICE, helper.getProperty(PipeConstants.WSDL_SERVICE)); AuthStatus status = AuthStatus.SEND_SUCCESS; Subject clientSubject = getClientSubject(request); ClientAuthContext cAC = null; try { cAC = helper.getClientAuthContext(info,clientSubject); if (cAC != null) { // proceed to process message sescurity status = cAC.secureRequest(info, clientSubject); } } catch(Exception e) { _logger.log(Level.SEVERE,"ws.error_secure_request", e); throw new WebServiceException (localStrings.getLocalString ("enterprise.webservice.cantSecureRequst", "Cannot secure request for {0}", new Object[] { helper.getModelName() }),e); } Packet response = null; if (status == AuthStatus.FAILURE) { if (_logger.isLoggable(Level.FINE)) { _logger.log(Level.FINE,"ws.status_secure_request", status); } response = info.getResponsePacket(); } else { response = processSecureRequest(info,cAC,clientSubject); } // may return a security fault even if the MEP was one-way return response;
private com.sun.xml.ws.api.message.Packet processSecureRequest(com.sun.enterprise.security.jmac.PacketMessageInfo info, ClientAuthContext cAC, javax.security.auth.Subject clientSubject)
// send the request Packet response = next.process(info.getRequestPacket()); // check for response Message m = response.getMessage(); if (m != null) { if (cAC != null) { AuthStatus status = AuthStatus.SUCCESS; info.setResponsePacket(response); try { status = cAC.validateResponse(info,clientSubject,null); } catch (Exception e) { throw new WebServiceException (localStrings.getLocalString ("enterprise.webservice.cantValidateResponse", "Cannot validate response for {0}", new Object[] { helper.getModelName() }),e); } if (status == AuthStatus.SEND_CONTINUE) { response = processSecureRequest(info, cAC, clientSubject); } else { response = info.getResponsePacket(); } } } return response;
public javax.xml.bind.JAXBElement startSecureConversation(com.sun.xml.ws.api.message.Packet packet)
PacketMessageInfo info = new PacketMapMessageInfo(packet,new Packet()); JAXBElement token = null; try { // gets the subject from the packet (puts one there if not found) Subject clientSubject = getClientSubject(packet); // put MessageInfo in properties map, since MessageInfo // is not passed to getAuthContext, key idicates function HashMap map = new HashMap(); map.put(PipeConstants.SECURITY_TOKEN,info); helper.getSessionToken(map,info,clientSubject); // helper returns token in map of msgInfo, using same key Object o = info.getMap().get(PipeConstants.SECURITY_TOKEN); if (o != null && o instanceof JAXBElement) { token = (JAXBElement) o; } } catch(Exception e) { if (e instanceof WSSecureConversationException) { throw (WSSecureConversationException) e; } else { throw new WSSecureConversationException ("Secure Conversation failure: ", e); } } return token;