0001: /*
0002: * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
0003: *
0004: * Copyright 1997-2007 Sun Microsystems, Inc. All rights reserved.
0005: *
0006: * The contents of this file are subject to the terms of either the GNU
0007: * General Public License Version 2 only ("GPL") or the Common Development
0008: * and Distribution License("CDDL") (collectively, the "License"). You
0009: * may not use this file except in compliance with the License. You can obtain
0010: * a copy of the License at https://glassfish.dev.java.net/public/CDDL+GPL.html
0011: * or glassfish/bootstrap/legal/LICENSE.txt. See the License for the specific
0012: * language governing permissions and limitations under the License.
0013: *
0014: * When distributing the software, include this License Header Notice in each
0015: * file and include the License file at glassfish/bootstrap/legal/LICENSE.txt.
0016: * Sun designates this particular file as subject to the "Classpath" exception
0017: * as provided by Sun in the GPL Version 2 section of the License file that
0018: * accompanied this code. If applicable, add the following below the License
0019: * Header, with the fields enclosed by brackets [] replaced by your own
0020: * identifying information: "Portions Copyrighted [year]
0021: * [name of copyright owner]"
0022: *
0023: * Contributor(s):
0024: *
0025: * If you wish your version of this file to be governed by only the CDDL or
0026: * only the GPL Version 2, indicate your decision by adding "[Contributor]
0027: * elects to include this software in this distribution under the [CDDL or GPL
0028: * Version 2] license." If you don't indicate a single choice of license, a
0029: * recipient has the option to distribute your version of this file under
0030: * either the CDDL, the GPL Version 2 or to extend the choice of license to
0031: * its licensees as provided above. However, if you add GPL Version 2 code
0032: * and therefore, elected the GPL Version 2 license, then the option applies
0033: * only if the new code is made subject to such option by the copyright
0034: * holder.
0035: */
0036:
0037: package com.sun.xml.wss.jaxws.impl;
0038:
0039: import com.sun.xml.ws.api.model.wsdl.WSDLFault;
0040: import com.sun.xml.ws.message.stream.LazyStreamBasedMessage;
0041: import com.sun.xml.ws.security.impl.policyconv.XWSSPolicyGenerator;
0042: import com.sun.xml.ws.security.opt.impl.JAXBFilterProcessingContext;
0043: import com.sun.xml.ws.security.policy.CertStoreConfig;
0044: import com.sun.xml.ws.security.secconv.WSSCConstants;
0045: import com.sun.xml.wss.impl.policy.mls.EncryptionPolicy;
0046: import com.sun.xml.wss.impl.policy.mls.EncryptionTarget;
0047: import java.io.IOException;
0048: import java.io.InputStream;
0049: import java.io.Reader;
0050: import java.util.Collection;
0051: import java.util.Collections;
0052: import java.util.HashMap;
0053: import java.util.List;
0054: import java.io.InputStreamReader;
0055: import java.util.ArrayList;
0056: import java.util.Iterator;
0057: import java.util.Hashtable;
0058: import javax.xml.namespace.QName;
0059: import java.net.URI;
0060: import javax.xml.stream.XMLStreamException;
0061: import javax.xml.ws.WebServiceException;
0062: import java.util.Set;
0063: import com.sun.xml.ws.api.message.Messages;
0064: import com.sun.xml.ws.api.message.Packet;
0065: import com.sun.xml.ws.api.message.Message;
0066: import com.sun.xml.ws.api.message.HeaderList;
0067: import com.sun.xml.ws.api.SOAPVersion;
0068: import com.sun.xml.ws.api.model.wsdl.WSDLBoundOperation;
0069: import com.sun.xml.ws.api.model.wsdl.WSDLInput;
0070: import com.sun.xml.ws.api.model.wsdl.WSDLOperation;
0071: import com.sun.xml.ws.api.model.wsdl.WSDLOutput;
0072: import com.sun.xml.ws.api.model.wsdl.WSDLPort;
0073: import com.sun.xml.ws.policy.NestedPolicy;
0074: import com.sun.xml.ws.security.impl.policyconv.SCTokenWrapper;
0075: import com.sun.xml.ws.security.impl.policyconv.SecurityPolicyHolder;
0076: import com.sun.xml.ws.api.pipe.Pipe;
0077: import com.sun.xml.ws.policy.AssertionSet;
0078: import com.sun.xml.ws.policy.Policy;
0079: import com.sun.xml.ws.policy.PolicyException;
0080: import com.sun.xml.ws.policy.PolicyMap;
0081: import com.sun.xml.ws.policy.PolicyMapKey;
0082: import com.sun.xml.ws.policy.PolicyMerger;
0083: import com.sun.xml.ws.assembler.PipeConfiguration;
0084: import com.sun.xml.ws.security.policy.AsymmetricBinding;
0085: import com.sun.xml.ws.security.policy.AlgorithmSuite;
0086: import com.sun.xml.ws.security.policy.SecureConversationToken;
0087: import com.sun.xml.ws.security.policy.SupportingTokens;
0088: import com.sun.xml.ws.security.policy.SymmetricBinding;
0089: import com.sun.xml.ws.security.impl.policy.PolicyUtil;
0090: import com.sun.xml.ws.security.IssuedTokenContext;
0091: import com.sun.xml.ws.policy.sourcemodel.PolicySourceModel;
0092: import com.sun.xml.ws.policy.sourcemodel.PolicyModelTranslator;
0093: import javax.xml.soap.SOAPException;
0094: import javax.xml.soap.SOAPMessage;
0095: import javax.xml.soap.SOAPFault;
0096: import javax.xml.soap.SOAPFactory;
0097: import javax.xml.ws.soap.SOAPFaultException;
0098: import javax.xml.soap.SOAPConstants;
0099: import com.sun.xml.wss.XWSSecurityException;
0100: import com.sun.xml.wss.SecurityEnvironment;
0101: import com.sun.xml.wss.impl.policy.mls.MessagePolicy;
0102: import com.sun.xml.wss.impl.ProcessingContextImpl;
0103: import com.sun.xml.wss.impl.SecurityAnnotator;
0104: import com.sun.xml.wss.impl.NewSecurityRecipient;
0105: import com.sun.xml.wss.impl.PolicyViolationException;
0106: import com.sun.xml.ws.policy.sourcemodel.PolicyModelUnmarshaller;
0107: import com.sun.xml.ws.security.trust.WSTrustElementFactory;
0108: import com.sun.xml.ws.policy.PolicyAssertion;
0109: import com.sun.xml.ws.security.policy.Token;
0110: import javax.xml.bind.JAXBContext;
0111: import javax.xml.bind.Marshaller;
0112: import javax.xml.bind.Unmarshaller;
0113: import com.sun.xml.wss.impl.MessageConstants;
0114: import com.sun.xml.wss.ProcessingContext;
0115: import com.sun.xml.wss.impl.SecurableSoapMessage;
0116: import com.sun.xml.wss.impl.WssSoapFaultException;
0117: import com.sun.xml.wss.impl.misc.DefaultCallbackHandler;
0118: import com.sun.xml.ws.security.trust.WSTrustConstants;
0119: import com.sun.xml.ws.security.policy.KeyStore;
0120: import com.sun.xml.ws.security.policy.TrustStore;
0121: import com.sun.xml.ws.security.policy.CallbackHandlerConfiguration;
0122: import com.sun.xml.ws.security.policy.Validator;
0123: import com.sun.xml.ws.security.policy.ValidatorConfiguration;
0124: import com.sun.xml.ws.security.policy.WSSAssertion;
0125: import java.util.Properties;
0126: import com.sun.xml.ws.api.addressing.*;
0127: import com.sun.xml.ws.rm.Constants;
0128: import com.sun.xml.wss.impl.filter.DumpFilter;
0129: import static com.sun.xml.wss.jaxws.impl.Constants.BINDING_SCOPE;
0130: import static com.sun.xml.wss.jaxws.impl.Constants.rstSCTURI;
0131: import static com.sun.xml.wss.jaxws.impl.Constants.SC_ASSERTION;
0132: import static com.sun.xml.wss.jaxws.impl.Constants.bsOperationName;
0133: import static com.sun.xml.wss.jaxws.impl.Constants.SECURITY_POLICY_2005_07_NAMESPACE;
0134: import static com.sun.xml.wss.jaxws.impl.Constants.XENC_NS;
0135: import static com.sun.xml.wss.jaxws.impl.Constants.ENCRYPTED_DATA_LNAME;
0136: import static com.sun.xml.wss.jaxws.impl.Constants.EMPTY_LIST;
0137: import static com.sun.xml.wss.jaxws.impl.Constants.RM_CREATE_SEQ;
0138: import static com.sun.xml.wss.jaxws.impl.Constants.RM_CREATE_SEQ_RESP;
0139: import static com.sun.xml.wss.jaxws.impl.Constants.RM_SEQ_ACK;
0140: import static com.sun.xml.wss.jaxws.impl.Constants.RM_TERMINATE_SEQ;
0141: import static com.sun.xml.wss.jaxws.impl.Constants.RM_LAST_MESSAGE;
0142:
0143: import java.util.logging.Level;
0144: import java.util.logging.Logger;
0145: import com.sun.xml.wss.jaxws.impl.logging.LogDomainConstants;
0146: import com.sun.xml.wss.jaxws.impl.logging.LogStringsMessages;
0147:
0148: /**
0149: *
0150: * @author Vbkumar.Jayanti@Sun.COM, K.Venugopal@sun.com
0151: */
0152: public abstract class SecurityPipeBase implements Pipe {
0153:
0154: protected static final Logger log = Logger.getLogger(
0155: LogDomainConstants.WSS_JAXWS_IMPL_DOMAIN,
0156: LogDomainConstants.WSS_JAXWS_IMPL_DOMAIN_BUNDLE);
0157:
0158: protected Pipe nextPipe;
0159:
0160: // TODO: Optimized flag to be set based on some conditions (no SignedElements/EncryptedElements)
0161: protected boolean optimized = true;
0162: protected boolean transportOptimization = false;
0163:
0164: // Per-Proxy State for SecureConversation sessions
0165: // as well as IssuedTokenContext returned by invoking a Trust-Plugin
0166: // This map stores IssuedTokenContext against the Policy-Id
0167: protected Hashtable<String, IssuedTokenContext> issuedTokenContextMap = new Hashtable<String, IssuedTokenContext>();
0168:
0169: protected PipeConfiguration pipeConfig = null;
0170:
0171: //static JAXBContext used across the Pipe
0172: protected static final JAXBContext jaxbContext;
0173: protected boolean disablePayloadBuffer = false;
0174: protected AlgorithmSuite bindingLevelAlgSuite = null;
0175:
0176: private final QName optServerSecurity = new QName(
0177: "http://schemas.sun.com/2006/03/wss/server",
0178: "DisableStreamingSecurity");
0179: private final QName optClientSecurity = new QName(
0180: "http://schemas.sun.com/2006/03/wss/client",
0181: "DisableStreamingSecurity");
0182: private final QName disableSPBuffering = new QName(
0183: "http://schemas.sun.com/2006/03/wss/server",
0184: "DisablePayloadBuffering");
0185: private final QName disableCPBuffering = new QName(
0186: "http://schemas.sun.com/2006/03/wss/client",
0187: "DisablePayloadBuffering");
0188:
0189: protected boolean disableIncPrefix = false;
0190: private final QName disableIncPrefixServer = new QName(
0191: "http://schemas.sun.com/2006/03/wss/server",
0192: "DisableInclusivePrefixList");
0193: private final QName disableIncPrefixClient = new QName(
0194: "http://schemas.sun.com/2006/03/wss/client",
0195: "DisableInclusivePrefixList");
0196:
0197: protected boolean encHeaderContent = false;
0198: private final QName encHeaderContentServer = new QName(
0199: "http://schemas.sun.com/2006/03/wss/server",
0200: "EncryptHeaderContent");
0201: private final QName encHeaderContentClient = new QName(
0202: "http://schemas.sun.com/2006/03/wss/client",
0203: "EncryptHeaderContent");
0204:
0205: private final QName bsp10Server = new QName(
0206: "http://schemas.sun.com/2006/03/wss/server", "BSP10");
0207: private final QName bsp10Client = new QName(
0208: "http://schemas.sun.com/2006/03/wss/client", "BSP10");
0209: protected boolean bsp10 = false;
0210: protected static final ArrayList<String> securityPolicyNamespaces;
0211: protected static final List<PolicyAssertion> EMPTY_LIST = Collections
0212: .emptyList();
0213:
0214: // Security Environment reference initialized with a JAAS CallbackHandler
0215: protected SecurityEnvironment secEnv = null;
0216:
0217: // debug the Secure SOAP Messages (enable dumping)
0218: protected static final boolean debug;
0219:
0220: // SOAP version
0221: protected boolean isSOAP12 = false;
0222:
0223: protected SOAPVersion soapVersion = null;
0224:
0225: // SOAP Factory
0226: protected SOAPFactory soapFactory = null;
0227:
0228: protected PolicyMap wsPolicyMap = null;
0229:
0230: protected HashMap<WSDLBoundOperation, SecurityPolicyHolder> outMessagePolicyMap = null;
0231: protected HashMap<WSDLBoundOperation, SecurityPolicyHolder> inMessagePolicyMap = null;
0232: protected HashMap<String, SecurityPolicyHolder> outProtocolPM = null;
0233: protected HashMap<String, SecurityPolicyHolder> inProtocolPM = null;
0234: public static final URI ISSUE_REQUEST_URI;
0235: public static final URI CANCEL_REQUEST_URI;
0236: protected Policy bpMSP = null;
0237: //milliseconds
0238: protected long timestampTimeOut = 0;
0239: /**
0240: * Constants for RM Security Processing
0241: */
0242:
0243: protected WSDLBoundOperation cachedOperation = null;
0244:
0245: protected Policy wsitConfig = null;
0246: // store as instance variable
0247: protected Marshaller marshaller = null;
0248: protected Unmarshaller unmarshaller = null;
0249: // store operation resolver
0250: // protected OperationResolver opResolver = null;
0251:
0252: //store instance variable(s): Binding has IssuedToken/RM/SC Policy
0253: boolean hasIssuedTokens = false;
0254: boolean hasSecureConversation = false;
0255: boolean hasReliableMessaging = false;
0256: //boolean addressingEnabled = false;
0257:
0258: AddressingVersion addVer = null;
0259:
0260: //flag used as temporary variable for each run
0261: //boolean isTrustOrSCMessage = false;
0262:
0263: static {
0264: try {
0265: //TODO: system property maynot be appropriate for server side.
0266: debug = Boolean
0267: .valueOf(System.getProperty("DebugSecurity"));
0268: ISSUE_REQUEST_URI = new URI(
0269: WSTrustConstants.REQUEST_SECURITY_TOKEN_ISSUE_ACTION);
0270: CANCEL_REQUEST_URI = new URI(
0271: WSTrustConstants.CANCEL_REQUEST);
0272: jaxbContext = WSTrustElementFactory.getContext();
0273: ;
0274: securityPolicyNamespaces = new ArrayList<String>();
0275: securityPolicyNamespaces
0276: .add(SECURITY_POLICY_2005_07_NAMESPACE);
0277:
0278: } catch (Exception e) {
0279: throw new RuntimeException(e);
0280: }
0281: }
0282:
0283: public SecurityPipeBase(PipeConfiguration config, Pipe nextPipe) {
0284:
0285: this .nextPipe = nextPipe;
0286: this .pipeConfig = config;
0287: this .inMessagePolicyMap = new HashMap<WSDLBoundOperation, SecurityPolicyHolder>();
0288: this .outMessagePolicyMap = new HashMap<WSDLBoundOperation, SecurityPolicyHolder>();
0289: soapVersion = pipeConfig.getBinding().getSOAPVersion();
0290: //addressingEnabled = (pipeConfig.getBinding().getAddressingVersion() == null) ? false : true;
0291: isSOAP12 = (soapVersion == SOAPVersion.SOAP_12) ? true : false;
0292: wsPolicyMap = pipeConfig.getPolicyMap();
0293: soapFactory = pipeConfig.getBinding().getSOAPVersion().saajSoapFactory;
0294: this .inProtocolPM = new HashMap<String, SecurityPolicyHolder>();
0295: this .outProtocolPM = new HashMap<String, SecurityPolicyHolder>();
0296: //unmarshaller as instance variable of the pipe
0297: try {
0298: this .marshaller = jaxbContext.createMarshaller();
0299: this .unmarshaller = jaxbContext.createUnmarshaller();
0300: } catch (javax.xml.bind.JAXBException ex) {
0301: log.log(Level.SEVERE, LogStringsMessages
0302: .WSSPIPE_0001_PROBLEM_MAR_UNMAR(), ex);
0303: throw new RuntimeException(LogStringsMessages
0304: .WSSPIPE_0001_PROBLEM_MAR_UNMAR(), ex);
0305: }
0306:
0307: if (wsPolicyMap != null) {
0308: collectPolicies();
0309: }
0310:
0311: //unmarshaller = jaxbContext.createUnmarshaller();
0312: // check whether Service Port has RM
0313: hasReliableMessaging = isReliableMessagingEnabled(wsPolicyMap,
0314: pipeConfig.getWSDLModel());
0315: // opResolver = new OperationResolverImpl(inMessagePolicyMap,pipeConfig.getWSDLModel().getBinding());
0316:
0317: }
0318:
0319: protected SecurityPipeBase(SecurityPipeBase that) {
0320: nextPipe = that.nextPipe;
0321: pipeConfig = that.pipeConfig;
0322: transportOptimization = that.transportOptimization;
0323: optimized = that.optimized;
0324: disableIncPrefix = that.disableIncPrefix;
0325: encHeaderContent = that.encHeaderContent;
0326: issuedTokenContextMap = that.issuedTokenContextMap;
0327: secEnv = that.secEnv;
0328: isSOAP12 = that.isSOAP12;
0329: soapVersion = that.soapVersion;
0330: this .soapFactory = that.soapFactory;
0331: this .addVer = that.addVer;
0332: wsPolicyMap = that.wsPolicyMap;
0333: outMessagePolicyMap = that.outMessagePolicyMap;
0334: inMessagePolicyMap = that.inMessagePolicyMap;
0335: bindingLevelAlgSuite = that.bindingLevelAlgSuite;
0336: this .inProtocolPM = that.inProtocolPM;
0337: this .outProtocolPM = that.outProtocolPM;
0338: this .hasIssuedTokens = that.hasIssuedTokens;
0339: this .hasSecureConversation = that.hasSecureConversation;
0340: this .hasReliableMessaging = that.hasReliableMessaging;
0341: //this.opResolver = that.opResolver;
0342: this .timestampTimeOut = that.timestampTimeOut;
0343:
0344: try {
0345: this .marshaller = jaxbContext.createMarshaller();
0346: this .unmarshaller = jaxbContext.createUnmarshaller();
0347: } catch (javax.xml.bind.JAXBException ex) {
0348: log.log(Level.SEVERE, LogStringsMessages
0349: .WSSPIPE_0001_PROBLEM_MAR_UNMAR(), ex);
0350: throw new RuntimeException(
0351: "Problem creating JAXB Marshaller/Unmarshaller", ex);
0352: }
0353: }
0354:
0355: protected SOAPMessage secureOutboundMessage(SOAPMessage message,
0356: ProcessingContext ctx) {
0357: try {
0358: ctx.setSOAPMessage(message);
0359: SecurityAnnotator.secureMessage(ctx);
0360: return ctx.getSOAPMessage();
0361: } catch (WssSoapFaultException soapFaultException) {
0362: throw getSOAPFaultException(soapFaultException);
0363: } catch (XWSSecurityException xwse) {
0364: WssSoapFaultException wsfe = SecurableSoapMessage
0365: .newSOAPFaultException(
0366: MessageConstants.WSSE_INTERNAL_SERVER_ERROR,
0367: xwse.getMessage(), xwse);
0368: throw getSOAPFaultException(wsfe);
0369: }
0370: }
0371:
0372: protected RuntimeException generateInternalError(PolicyException ex) {
0373: SOAPFault fault = null;
0374: try {
0375: if (isSOAP12) {
0376: fault = soapFactory.createFault(ex.getMessage(),
0377: SOAPConstants.SOAP_SENDER_FAULT);
0378: fault
0379: .appendFaultSubcode(MessageConstants.WSSE_INTERNAL_SERVER_ERROR);
0380: } else {
0381: fault = soapFactory.createFault(ex.getMessage(),
0382: MessageConstants.WSSE_INTERNAL_SERVER_ERROR);
0383: }
0384: } catch (Exception e) {
0385: log.log(Level.SEVERE, LogStringsMessages
0386: .WSSPIPE_0002_INTERNAL_SERVER_ERROR(), e);
0387: throw new RuntimeException(LogStringsMessages
0388: .WSSPIPE_0002_INTERNAL_SERVER_ERROR(), e);
0389: }
0390: return new SOAPFaultException(fault);
0391: }
0392:
0393: protected Message secureOutboundMessage(Message message,
0394: ProcessingContext ctx) {
0395: try {
0396: JAXBFilterProcessingContext context = (JAXBFilterProcessingContext) ctx;
0397: context.setSOAPVersion(soapVersion);
0398: context.setJAXWSMessage(message, soapVersion);
0399: context.isOneWayMessage(message.isOneWay(this .pipeConfig
0400: .getWSDLModel()));
0401: context.setDisableIncPrefix(disableIncPrefix);
0402: context.setEncHeaderContent(encHeaderContent);
0403: context.setBSP(bsp10);
0404: SecurityAnnotator.secureMessage(context);
0405: return context.getJAXWSMessage();
0406: } catch (XWSSecurityException xwse) {
0407: WssSoapFaultException wsfe = SecurableSoapMessage
0408: .newSOAPFaultException(
0409: MessageConstants.WSSE_INTERNAL_SERVER_ERROR,
0410: xwse.getMessage(), xwse);
0411: throw getSOAPFaultException(wsfe);
0412: }
0413: }
0414:
0415: protected SOAPMessage verifyInboundMessage(SOAPMessage message,
0416: ProcessingContext ctx) throws WssSoapFaultException,
0417: XWSSecurityException {
0418: try {
0419: ctx.setSOAPMessage(message);
0420: if (debug) {
0421: DumpFilter.process(ctx);
0422: }
0423: NewSecurityRecipient.validateMessage(ctx);
0424: return ctx.getSOAPMessage();
0425: } catch (WssSoapFaultException soapFaultException) {
0426: throw getSOAPFaultException(soapFaultException);
0427: } catch (XWSSecurityException xwse) {
0428: WssSoapFaultException wsfe = SecurableSoapMessage
0429: .newSOAPFaultException(
0430: MessageConstants.WSSE_INTERNAL_SERVER_ERROR,
0431: xwse.getMessage(), xwse);
0432: throw getSOAPFaultException(wsfe);
0433: }
0434: }
0435:
0436: protected Message verifyInboundMessage(Message message,
0437: ProcessingContext ctx) throws XWSSecurityException {
0438: JAXBFilterProcessingContext context = (JAXBFilterProcessingContext) ctx;
0439: context.setDisablePayloadBuffering(disablePayloadBuffer);
0440: context.setDisableIncPrefix(disableIncPrefix);
0441: context.setEncHeaderContent(encHeaderContent);
0442: context.setBSP(bsp10);
0443: // context.setJAXWSMessage(message, soapVersion);
0444: if (debug) {
0445: try {
0446: ((LazyStreamBasedMessage) message).print();
0447: } catch (XMLStreamException ex) {
0448: log.log(Level.SEVERE, LogStringsMessages
0449: .WSSPIPE_0003_PROBLEM_PRINTING_MSG(), ex);
0450: throw new XWSSecurityException(LogStringsMessages
0451: .WSSPIPE_0003_PROBLEM_PRINTING_MSG(), ex);
0452: }
0453: }
0454: com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient recipient = new com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient(
0455: ((LazyStreamBasedMessage) message).readMessage(),
0456: soapVersion);
0457:
0458: return recipient.validateMessage(context);
0459: }
0460:
0461: public void setNextPipe(Pipe pipe) {
0462: nextPipe = pipe;
0463: }
0464:
0465: protected List<PolicyAssertion> getIssuedTokenPoliciesFromBootstrapPolicy(
0466: Token scAssertion) {
0467: SCTokenWrapper token = (SCTokenWrapper) scAssertion;
0468: return token.getIssuedTokens();
0469: }
0470:
0471: protected MessagePolicy getOutgoingXWSSecurityPolicy(Packet packet,
0472: boolean isSCMessage) {
0473:
0474: if (isSCMessage) {
0475: Token scToken = (Token) packet.invocationProperties
0476: .get(SC_ASSERTION);
0477: return getOutgoingXWSBootstrapPolicy(scToken);
0478: }
0479: Message message = packet.getMessage();
0480: WSDLBoundOperation operation = null;
0481: if (isTrustMessage(packet)) {
0482: operation = getWSDLOpFromAction(packet, false);
0483: } else {
0484: operation = message.getOperation(pipeConfig.getWSDLModel());
0485: }
0486:
0487: //Review : Will this return operation name in all cases , doclit,rpclit, wrap / non wrap ?
0488:
0489: MessagePolicy mp = null;
0490: //if(operation == null){
0491: //Body could be encrypted. Security will have to infer the
0492: //policy from the message till the Body is decrypted.
0493: // mp = new MessagePolicy();
0494: //}
0495: if (outMessagePolicyMap == null) {
0496: //empty message policy
0497: return new MessagePolicy();
0498: }
0499: SecurityPolicyHolder sph = (SecurityPolicyHolder) outMessagePolicyMap
0500: .get(operation);
0501: if (sph == null) {
0502: return new MessagePolicy();
0503: }
0504: mp = sph.getMessagePolicy();
0505: return mp;
0506: }
0507:
0508: protected WSDLBoundOperation getOperation(Message message) {
0509: if (cachedOperation == null) {
0510: cachedOperation = message.getOperation(pipeConfig
0511: .getWSDLModel());
0512: }
0513: return cachedOperation;
0514: }
0515:
0516: protected MessagePolicy getInboundXWSBootstrapPolicy(
0517: Token scAssertion) {
0518: return ((SCTokenWrapper) scAssertion).getMessagePolicy();
0519: }
0520:
0521: protected MessagePolicy getOutgoingXWSBootstrapPolicy(
0522: Token scAssertion) {
0523: return ((SCTokenWrapper) scAssertion).getMessagePolicy();
0524: }
0525:
0526: protected ProcessingContext initializeInboundProcessingContext(
0527: Packet packet /*, boolean isSCMessage*/) {
0528: ProcessingContextImpl ctx = null;
0529: if (optimized) {
0530: ctx = new JAXBFilterProcessingContext(
0531: packet.invocationProperties);
0532: ((JAXBFilterProcessingContext) ctx)
0533: .setAddressingVersion(addVer);
0534: ((JAXBFilterProcessingContext) ctx)
0535: .setSOAPVersion(soapVersion);
0536: ((JAXBFilterProcessingContext) ctx)
0537: .setSecure(packet.wasTransportSecure);
0538: ((JAXBFilterProcessingContext) ctx).setBSP(bsp10);
0539:
0540: } else {
0541: ctx = new ProcessingContextImpl(packet.invocationProperties);
0542: }
0543: ctx.setTimestampTimeout(this .timestampTimeOut);
0544: ctx.setIssuedTokenContextMap(issuedTokenContextMap);
0545: ctx
0546: .setAlgorithmSuite(getAlgoSuite(getBindingAlgorithmSuite(packet)));
0547:
0548: // setting a flag if issued tokens present
0549: ctx.hasIssuedToken(bindingHasIssuedTokenPolicy());
0550: ctx.setSecurityEnvironment(secEnv);
0551: ctx.isInboundMessage(true);
0552:
0553: return ctx;
0554: }
0555:
0556: protected boolean bindingHasIssuedTokenPolicy() {
0557: return hasIssuedTokens;
0558: }
0559:
0560: protected boolean bindingHasSecureConversationPolicy() {
0561: return hasSecureConversation;
0562: }
0563:
0564: protected boolean bindingHasRMPolicy() {
0565: return hasReliableMessaging;
0566: }
0567:
0568: protected ProcessingContext initializeOutgoingProcessingContext(
0569: Packet packet, boolean isSCMessage) {
0570: ProcessingContextImpl ctx = null;
0571: if (optimized) {
0572: ctx = new JAXBFilterProcessingContext(
0573: packet.invocationProperties);
0574: ((JAXBFilterProcessingContext) ctx)
0575: .setAddressingVersion(addVer);
0576: ((JAXBFilterProcessingContext) ctx)
0577: .setSOAPVersion(soapVersion);
0578: ((JAXBFilterProcessingContext) ctx).setBSP(bsp10);
0579: } else {
0580: ctx = new ProcessingContextImpl(packet.invocationProperties);
0581: }
0582: // set the policy, issued-token-map, and extraneous properties
0583: ctx.setIssuedTokenContextMap(issuedTokenContextMap);
0584: ctx
0585: .setAlgorithmSuite(getAlgoSuite(getBindingAlgorithmSuite(packet)));
0586: try {
0587: MessagePolicy policy = null;
0588: if (isRMMessage(packet)) {
0589: SecurityPolicyHolder holder = outProtocolPM.get("RM");
0590: policy = holder.getMessagePolicy();
0591: } else if (isSCCancel(packet)) {
0592: SecurityPolicyHolder holder = outProtocolPM.get("SC");
0593: policy = holder.getMessagePolicy();
0594: } else {
0595: policy = getOutgoingXWSSecurityPolicy(packet,
0596: isSCMessage);
0597: }
0598: if (debug) {
0599: policy.dumpMessages(true);
0600: }
0601: if (policy.getAlgorithmSuite() != null) {
0602: //override the binding level suite
0603: ctx.setAlgorithmSuite(policy.getAlgorithmSuite());
0604: }
0605: ctx.setWSSAssertion(policy.getWSSAssertion());
0606: ctx.setSecurityPolicy(policy);
0607: ctx.setSecurityEnvironment(secEnv);
0608: ctx.isInboundMessage(false);
0609: } catch (XWSSecurityException e) {
0610: log.log(Level.SEVERE, LogStringsMessages
0611: .WSSPIPE_0006_PROBLEM_INIT_OUT_PROC_CONTEXT(), e);
0612: throw new RuntimeException(LogStringsMessages
0613: .WSSPIPE_0006_PROBLEM_INIT_OUT_PROC_CONTEXT(), e);
0614: }
0615: return ctx;
0616: }
0617:
0618: protected SOAPFault getSOAPFault(WssSoapFaultException sfe) {
0619:
0620: SOAPFault fault = null;
0621: try {
0622: if (isSOAP12) {
0623: fault = soapFactory.createFault(sfe.getFaultString(),
0624: SOAPConstants.SOAP_SENDER_FAULT);
0625: fault.appendFaultSubcode(sfe.getFaultCode());
0626: } else {
0627: fault = soapFactory.createFault(sfe.getFaultString(),
0628: sfe.getFaultCode());
0629: }
0630: } catch (Exception e) {
0631: log.log(Level.SEVERE, LogStringsMessages
0632: .WSSPIPE_0002_INTERNAL_SERVER_ERROR());
0633: throw new RuntimeException(LogStringsMessages
0634: .WSSPIPE_0002_INTERNAL_SERVER_ERROR(), e);
0635: }
0636: return fault;
0637: }
0638:
0639: protected SOAPFaultException getSOAPFaultException(
0640: WssSoapFaultException sfe) {
0641:
0642: SOAPFault fault = null;
0643: try {
0644: if (isSOAP12) {
0645: fault = soapFactory.createFault(sfe.getFaultString(),
0646: SOAPConstants.SOAP_SENDER_FAULT);
0647: fault.appendFaultSubcode(sfe.getFaultCode());
0648: } else {
0649: fault = soapFactory.createFault(sfe.getFaultString(),
0650: sfe.getFaultCode());
0651: }
0652: } catch (Exception e) {
0653: log.log(Level.SEVERE, LogStringsMessages
0654: .WSSPIPE_0002_INTERNAL_SERVER_ERROR());
0655: throw new RuntimeException(LogStringsMessages
0656: .WSSPIPE_0002_INTERNAL_SERVER_ERROR(), e);
0657: }
0658: return new SOAPFaultException(fault);
0659:
0660: }
0661:
0662: protected SOAPFaultException getSOAPFaultException(
0663: XWSSecurityException xwse) {
0664: QName qname = null;
0665: if (xwse.getCause() instanceof PolicyViolationException)
0666: qname = MessageConstants.WSSE_RECEIVER_POLICY_VIOLATION;
0667: else
0668: qname = MessageConstants.WSSE_FAILED_AUTHENTICATION;
0669:
0670: com.sun.xml.wss.impl.WssSoapFaultException wsfe = SecurableSoapMessage
0671: .newSOAPFaultException(qname, xwse.getMessage(), xwse);
0672:
0673: return getSOAPFaultException(wsfe);
0674: }
0675:
0676: /**
0677: * Summary from Section 4.2, WS-Security Policy spec( version 1.1 July 2005 ).
0678: * MessagePolicySubject : policy can be attached to
0679: * 1) wsdl:binding/wsdl:operation/wsdl:input, ./wsdl:output, or ./wsdl:fault
0680: *
0681: * OperationPolicySubject : policy can be attached to
0682: * 1)wsdl:binding/wsdl:operation
0683: *
0684: * EndpointPolicySubject : policy can be attached to
0685: * 1)wsdl:port
0686: * 2)wsdl:Binding
0687: */
0688:
0689: protected void collectPolicies() {
0690: try {
0691: if (wsPolicyMap == null) {
0692: return;
0693: }
0694: //To check: Is this sufficient, any edge cases I need to take care
0695: QName serviceName = pipeConfig.getWSDLModel().getOwner()
0696: .getName();
0697: QName portName = pipeConfig.getWSDLModel().getName();
0698: //Review: will this take care of EndpointPolicySubject
0699: PolicyMerger policyMerge = PolicyMerger.getMerger();
0700: PolicyMapKey endpointKey = wsPolicyMap
0701: .createWsdlEndpointScopeKey(serviceName, portName);
0702: //createWsdlEndpointScopeKey(serviceName,portName);
0703: //Review:Will getEffectivePolicy return null or empty policy ?.
0704: Policy endpointPolicy = wsPolicyMap
0705: .getEndpointEffectivePolicy(endpointKey);
0706:
0707: if (endpointPolicy != null) {
0708: if (endpointPolicy
0709: .contains(AddressingVersion.W3C.policyNsUri)) {
0710: addVer = AddressingVersion.W3C;
0711: } else if (endpointPolicy
0712: .contains(AddressingVersion.MEMBER.policyNsUri)) {
0713: addVer = AddressingVersion.MEMBER;
0714: }
0715: if (endpointPolicy.contains(optServerSecurity)
0716: || endpointPolicy.contains(optClientSecurity)) {
0717: optimized = false;
0718: }
0719: if (endpointPolicy.contains(disableCPBuffering)
0720: || endpointPolicy.contains(disableSPBuffering)) {
0721: disablePayloadBuffer = true;
0722: }
0723: if (endpointPolicy.contains(disableIncPrefixServer)
0724: || endpointPolicy
0725: .contains(disableIncPrefixClient)) {
0726: disableIncPrefix = true;
0727: }
0728: if (endpointPolicy.contains(encHeaderContentServer)
0729: || endpointPolicy
0730: .contains(encHeaderContentClient)) {
0731: encHeaderContent = true;
0732: }
0733: if (endpointPolicy.contains(bsp10Client)
0734: || endpointPolicy.contains(bsp10Server)) {
0735: bsp10 = true;
0736: }
0737: }
0738:
0739: buildProtocolPolicy(endpointPolicy);
0740: ArrayList<Policy> policyList = new ArrayList<Policy>();
0741: if (endpointPolicy != null) {
0742: policyList.add(endpointPolicy);
0743: }
0744: for (WSDLBoundOperation operation : pipeConfig
0745: .getWSDLModel().getBinding().getBindingOperations()) {
0746: QName operationName = operation.getName();
0747: WSDLOperation wsdlOperation = operation.getOperation();
0748: WSDLInput input = wsdlOperation.getInput();
0749: WSDLOutput output = wsdlOperation.getOutput();
0750:
0751: QName inputMessageName = input.getMessage().getName();
0752: QName outputMessageName = null;
0753: if (output != null) {
0754: outputMessageName = output.getMessage().getName();
0755: }
0756:
0757: PolicyMapKey messageKey = wsPolicyMap
0758: .createWsdlMessageScopeKey(serviceName,
0759: portName, operationName);
0760:
0761: PolicyMapKey operationKey = wsPolicyMap
0762: .createWsdlOperationScopeKey(serviceName,
0763: portName, operationName);
0764:
0765: //Review:Not sure if this is need and what is the
0766: //difference between operation and message level key.
0767: //securityPolicyNamespaces
0768:
0769: Policy operationPolicy = wsPolicyMap
0770: .getOperationEffectivePolicy(operationKey);
0771: if (operationPolicy != null) {
0772: policyList.add(operationPolicy);
0773: } else {
0774: //log fine message
0775:
0776: //System.out.println("Operation Level Security policy is null");
0777: }
0778:
0779: Policy imPolicy = null;
0780:
0781: imPolicy = wsPolicyMap
0782: .getInputMessageEffectivePolicy(messageKey);
0783: if (imPolicy != null) {
0784: policyList.add(imPolicy);
0785: }
0786: //input message effective policy to be used. Policy elements at various
0787: //scopes merged.
0788:
0789: Policy imEP = policyMerge.merge(policyList);
0790: SecurityPolicyHolder outPH = addOutgoingMP(operation,
0791: imEP);
0792: if (imPolicy != null) {
0793: policyList.remove(imPolicy);
0794: }
0795: //one way
0796: SecurityPolicyHolder inPH = null;
0797: //TODO: Venu to verify this fix later
0798: /*if(output != null){*/
0799: Policy omPolicy = null;
0800: omPolicy = wsPolicyMap
0801: .getOutputMessageEffectivePolicy(messageKey);
0802: if (omPolicy != null) {
0803: policyList.add(omPolicy);
0804: }
0805: //ouput message effective policy to be used. Policy elements at various
0806: //scopes merged.
0807:
0808: Policy omEP = policyMerge.merge(policyList);
0809: if (omPolicy != null) {
0810: policyList.remove(omPolicy);
0811: }
0812: inPH = addIncomingMP(operation, omEP);
0813: /*}*/
0814: Iterator faults = operation.getOperation().getFaults()
0815: .iterator();
0816: ArrayList<Policy> faultPL = new ArrayList<Policy>();
0817: faultPL.add(endpointPolicy);
0818: if (operationPolicy != null) {
0819: faultPL.add(operationPolicy);
0820: }
0821: while (faults.hasNext()) {
0822: WSDLFault fault = (WSDLFault) faults.next();
0823:
0824: PolicyMapKey fKey = null;
0825: fKey = wsPolicyMap.createWsdlFaultMessageScopeKey(
0826: serviceName, portName, operationName,
0827: new QName(operationName.getNamespaceURI(),
0828: fault.getName()));
0829: Policy fPolicy = wsPolicyMap
0830: .getFaultMessageEffectivePolicy(fKey);
0831:
0832: if (fPolicy != null) {
0833: faultPL.add(fPolicy);
0834: } else {
0835: continue;
0836: }
0837: Policy ep = policyMerge.merge(faultPL);
0838: if (inPH != null) {
0839: addIncomingFaultPolicy(ep, inPH, fault);
0840: }
0841: if (outPH != null) {
0842: addOutgoingFaultPolicy(ep, outPH, fault);
0843: }
0844: faultPL.remove(fPolicy);
0845: }
0846: }
0847: } catch (PolicyException pe) {
0848: throw generateInternalError(pe);
0849: }
0850: }
0851:
0852: protected List<PolicyAssertion> getInBoundSCP(Message message) {
0853: if (inMessagePolicyMap == null) {
0854: return Collections.emptyList();
0855: }
0856: SecurityPolicyHolder sph = null;
0857: Collection coll = inMessagePolicyMap.values();
0858: Iterator itr = coll.iterator();
0859:
0860: while (itr.hasNext()) {
0861: SecurityPolicyHolder ph = (SecurityPolicyHolder) itr.next();
0862: if (ph != null) {
0863: sph = ph;
0864: break;
0865: }
0866: }
0867: if (sph == null) {
0868: return EMPTY_LIST;
0869: }
0870: return sph.getSecureConversationTokens();
0871: }
0872:
0873: protected List<PolicyAssertion> getOutBoundSCP(Message message) {
0874:
0875: if (outMessagePolicyMap == null) {
0876: return Collections.emptyList();
0877: }
0878: SecurityPolicyHolder sph = null;
0879: Collection coll = outMessagePolicyMap.values();
0880: Iterator itr = coll.iterator();
0881:
0882: while (itr.hasNext()) {
0883: SecurityPolicyHolder ph = (SecurityPolicyHolder) itr.next();
0884: if (ph != null) {
0885: sph = ph;
0886: break;
0887: }
0888: }
0889: if (sph == null) {
0890: return EMPTY_LIST;
0891: }
0892: return sph.getSecureConversationTokens();
0893:
0894: }
0895:
0896: protected List<PolicyAssertion> getSecureConversationPolicies(
0897: Message message, String scope) {
0898:
0899: if (outMessagePolicyMap == null) {
0900: return Collections.emptyList();
0901: }
0902: SecurityPolicyHolder sph = null;
0903: Collection coll = outMessagePolicyMap.values();
0904: Iterator itr = coll.iterator();
0905:
0906: while (itr.hasNext()) {
0907: SecurityPolicyHolder ph = (SecurityPolicyHolder) itr.next();
0908: if (ph != null) {
0909: sph = ph;
0910: break;
0911: }
0912: }
0913: if (sph == null) {
0914: return EMPTY_LIST;
0915: }
0916: return sph.getSecureConversationTokens();
0917:
0918: }
0919:
0920: //TODO :: Refactor
0921: protected ArrayList<PolicyAssertion> getTokens(Policy policy) {
0922: ArrayList<PolicyAssertion> tokenList = new ArrayList<PolicyAssertion>();
0923: for (AssertionSet assertionSet : policy) {
0924: for (PolicyAssertion assertion : assertionSet) {
0925: if (PolicyUtil.isAsymmetricBinding(assertion)) {
0926: AsymmetricBinding sb = (AsymmetricBinding) assertion;
0927: addToken(sb.getInitiatorToken(), tokenList);
0928: addToken(sb.getRecipientToken(), tokenList);
0929: } else if (PolicyUtil.isSymmetricBinding(assertion)) {
0930: SymmetricBinding sb = (SymmetricBinding) assertion;
0931: Token token = sb.getProtectionToken();
0932: if (token != null) {
0933: addToken(token, tokenList);
0934: } else {
0935: addToken(sb.getEncryptionToken(), tokenList);
0936: addToken(sb.getSignatureToken(), tokenList);
0937: }
0938: } else if (PolicyUtil.isSupportingTokens(assertion)) {
0939: SupportingTokens st = (SupportingTokens) assertion;
0940: Iterator itr = st.getTokens();
0941: while (itr.hasNext()) {
0942: addToken((Token) itr.next(), tokenList);
0943: }
0944: }
0945: }
0946: }
0947: return tokenList;
0948: }
0949:
0950: private void addConfigAssertions(Policy policy,
0951: SecurityPolicyHolder sph) {
0952: //ArrayList<PolicyAssertion> tokenList = new ArrayList<PolicyAssertion>();
0953: for (AssertionSet assertionSet : policy) {
0954: for (PolicyAssertion assertion : assertionSet) {
0955: if (PolicyUtil.isConfigPolicyAssertion(assertion)) {
0956: sph.addConfigAssertions(assertion);
0957: }
0958: }
0959: }
0960: }
0961:
0962: private void addToken(Token token, ArrayList<PolicyAssertion> list) {
0963: if (PolicyUtil
0964: .isSecureConversationToken((PolicyAssertion) token)
0965: || PolicyUtil.isIssuedToken((PolicyAssertion) token)) {
0966: list.add((PolicyAssertion) token);
0967: }
0968: }
0969:
0970: protected PolicyMapKey getOperationKey(Message message) {
0971: WSDLBoundOperation operation = message.getOperation(pipeConfig
0972: .getWSDLModel());
0973: WSDLOperation wsdlOperation = operation.getOperation();
0974: QName serviceName = pipeConfig.getWSDLModel().getOwner()
0975: .getName();
0976: QName portName = pipeConfig.getWSDLModel().getName();
0977: //WSDLInput input = wsdlOperation.getInput();
0978: //WSDLOutput output = wsdlOperation.getOutput();
0979: //QName inputMessageName = input.getMessage().getName();
0980: //QName outputMessageName = output.getMessage().getName();
0981: PolicyMapKey messageKey = wsPolicyMap
0982: .createWsdlMessageScopeKey(serviceName, portName,
0983: wsdlOperation.getName());
0984: return messageKey;
0985:
0986: }
0987:
0988: protected abstract SecurityPolicyHolder addOutgoingMP(
0989: WSDLBoundOperation operation, Policy policy)
0990: throws PolicyException;
0991:
0992: protected abstract SecurityPolicyHolder addIncomingMP(
0993: WSDLBoundOperation operation, Policy policy)
0994: throws PolicyException;
0995:
0996: protected AlgorithmSuite getBindingAlgorithmSuite(Packet packet) {
0997: return bindingLevelAlgSuite;
0998: }
0999:
1000: protected void cacheMessage(Packet packet) {
1001: Message message = null;
1002: if (!optimized) {
1003: try {
1004: message = packet.getMessage();
1005: message = Messages.create(message.readAsSOAPMessage());
1006: packet.setMessage(message);
1007: } catch (SOAPException se) {
1008: // internal error
1009: log.log(Level.SEVERE, LogStringsMessages
1010: .WSSPIPE_0005_PROBLEM_PROC_SOAP_MESSAGE(), se);
1011: throw new WebServiceException(LogStringsMessages
1012: .WSSPIPE_0005_PROBLEM_PROC_SOAP_MESSAGE(), se);
1013: }
1014: }
1015: }
1016:
1017: private boolean hasTargets(NestedPolicy policy) {
1018: AssertionSet as = policy.getAssertionSet();
1019: //Iterator<PolicyAssertion> paItr = as.iterator();
1020: boolean foundTargets = false;
1021: for (PolicyAssertion assertion : as) {
1022: if (PolicyUtil.isSignedParts(assertion)
1023: || PolicyUtil.isEncryptParts(assertion)) {
1024: foundTargets = true;
1025: break;
1026: }
1027: }
1028: return foundTargets;
1029: }
1030:
1031: protected Policy getEffectiveBootstrapPolicy(NestedPolicy bp)
1032: throws PolicyException {
1033: try {
1034: ArrayList<Policy> pl = new ArrayList<Policy>();
1035: pl.add(bp);
1036: Policy mbp = getMessageBootstrapPolicy();
1037: if (mbp != null) {
1038: pl.add(mbp);
1039: }
1040:
1041: PolicyMerger pm = PolicyMerger.getMerger();
1042: Policy ep = pm.merge(pl);
1043: return ep;
1044: } catch (Exception e) {
1045: log.log(Level.SEVERE, LogStringsMessages
1046: .WSSPIPE_0007_PROBLEM_GETTING_EFF_BOOT_POLICY(), e);
1047: throw new PolicyException(LogStringsMessages
1048: .WSSPIPE_0007_PROBLEM_GETTING_EFF_BOOT_POLICY(), e);
1049: }
1050:
1051: }
1052:
1053: private Policy getMessageBootstrapPolicy() throws PolicyException,
1054: IOException {
1055: if (bpMSP == null) {
1056: PolicySourceModel model = unmarshalPolicy("com/sun/xml/ws/security/impl/policyconv/"
1057: + "boot-msglevel-policy.xml");
1058: bpMSP = PolicyModelTranslator.getTranslator().translate(
1059: model);
1060: }
1061: return bpMSP;
1062: }
1063:
1064: private Policy getMessageLevelBSP() throws PolicyException {
1065: QName serviceName = pipeConfig.getWSDLModel().getOwner()
1066: .getName();
1067: QName portName = pipeConfig.getWSDLModel().getName();
1068: PolicyMapKey operationKey = wsPolicyMap
1069: .createWsdlOperationScopeKey(serviceName, portName,
1070: bsOperationName);
1071:
1072: Policy operationLevelEP = wsPolicyMap
1073: .getOperationEffectivePolicy(operationKey);
1074: return operationLevelEP;
1075: }
1076:
1077: protected PolicySourceModel unmarshalPolicy(String resource)
1078: throws PolicyException, IOException {
1079: InputStream is = Thread.currentThread().getContextClassLoader()
1080: .getResourceAsStream(resource);
1081: if (is == null)
1082: return null;
1083: Reader reader = new InputStreamReader(is);
1084: PolicySourceModel model = PolicyModelUnmarshaller
1085: .getXmlUnmarshaller().unmarshalModel(reader);
1086: reader.close();
1087: return model;
1088: }
1089:
1090: protected final void cacheOperation(Message msg) {
1091: cachedOperation = msg.getOperation(pipeConfig.getWSDLModel());
1092: }
1093:
1094: protected final void resetCachedOperation() {
1095: cachedOperation = null;
1096: }
1097:
1098: protected boolean isSCMessage(Packet packet) {
1099:
1100: if (!bindingHasSecureConversationPolicy()) {
1101: return false;
1102: }
1103:
1104: if (!isAddressingEnabled()) {
1105: return false;
1106: }
1107:
1108: String action = getAction(packet);
1109: if (rstSCTURI.equals(action)) {
1110: return true;
1111: }
1112: return false;
1113: }
1114:
1115: protected boolean isSCCancel(Packet packet) {
1116:
1117: if (!bindingHasSecureConversationPolicy()) {
1118: return false;
1119: }
1120:
1121: if (!isAddressingEnabled()) {
1122: return false;
1123: }
1124:
1125: String action = getAction(packet);
1126: if (WSSCConstants.CANCEL_SECURITY_CONTEXT_TOKEN_RESPONSE_ACTION
1127: .equals(action)
1128: || WSSCConstants.CANCEL_SECURITY_CONTEXT_TOKEN_ACTION
1129: .equals(action)) {
1130: return true;
1131: }
1132: return false;
1133: }
1134:
1135: protected boolean isAddressingEnabled() {
1136: return (addVer != null);
1137: }
1138:
1139: protected boolean isTrustMessage(Packet packet) {
1140: if (!isAddressingEnabled()) {
1141: return false;
1142: }
1143: String action = getAction(packet);
1144: if (WSTrustConstants.REQUEST_SECURITY_TOKEN_ISSUE_ACTION
1145: .equals(action)
1146: || WSTrustConstants.REQUEST_SECURITY_TOKEN_RESPONSE_ISSUE_ACTION
1147: .equals(action)) {
1148: return true;
1149: }
1150: return false;
1151:
1152: }
1153:
1154: protected boolean isRMMessage(Packet packet) {
1155: if (!isAddressingEnabled()) {
1156: return false;
1157: }
1158: if (!bindingHasRMPolicy()) {
1159: return false;
1160: }
1161: String action = getAction(packet);
1162: if (RM_CREATE_SEQ.equals(action)
1163: || RM_CREATE_SEQ_RESP.equals(action)
1164: || RM_SEQ_ACK.equals(action)
1165: || RM_TERMINATE_SEQ.equals(action)
1166: || RM_LAST_MESSAGE.equals(action)) {
1167: return true;
1168: }
1169:
1170: return false;
1171: }
1172:
1173: protected String getAction(Packet packet) {
1174: // if ("true".equals(packet.invocationProperties.get(WSTrustConstants.IS_TRUST_MESSAGE))){
1175: // return (String)packet.invocationProperties.get(WSTrustConstants.REQUEST_SECURITY_TOKEN_ISSUE_ACTION);
1176: //}
1177:
1178: HeaderList hl = packet.getMessage().getHeaders();
1179: //String action = hl.getAction(pipeConfig.getBinding().getAddressingVersion(), pipeConfig.getBinding().getSOAPVersion());
1180: String action = hl.getAction(addVer, pipeConfig.getBinding()
1181: .getSOAPVersion());
1182: return action;
1183: }
1184:
1185: protected WSDLBoundOperation getWSDLOpFromAction(Packet packet,
1186: boolean isIncomming) {
1187: String uriValue = getAction(packet);
1188: Set<WSDLBoundOperation> keys = outMessagePolicyMap.keySet();
1189: for (WSDLBoundOperation wbo : keys) {
1190: WSDLOperation wo = wbo.getOperation();
1191: // WsaWSDLOperationExtension extensions = wo.getExtension(WsaWSDLOperationExtension.class);
1192: String action = getAction(wo, isIncomming);
1193: if (action != null && action.equals(uriValue)) {
1194: return wbo;
1195: }
1196: }
1197: return null;
1198: }
1199:
1200: protected void buildProtocolPolicy(Policy endpointPolicy)
1201: throws PolicyException {
1202: if (endpointPolicy == null) {
1203: return;
1204: }
1205: try {
1206: RMPolicyResolver rr = new RMPolicyResolver();
1207: Policy msgLevelPolicy = rr.getOperationLevelPolicy();
1208: PolicyMerger merger = PolicyMerger.getMerger();
1209: ArrayList<Policy> pList = new ArrayList<Policy>(2);
1210: pList.add(endpointPolicy);
1211: pList.add(msgLevelPolicy);
1212: Policy effectivePolicy = merger.merge(pList);
1213: addIncomingProtocolPolicy(effectivePolicy, "RM");
1214: addOutgoingProtocolPolicy(effectivePolicy, "RM");
1215:
1216: pList.remove(msgLevelPolicy);
1217: pList.add(getMessageBootstrapPolicy());
1218: PolicyMerger pm = PolicyMerger.getMerger();
1219: //add secure conversation policy.
1220: Policy ep = pm.merge(pList);
1221: addIncomingProtocolPolicy(ep, "SC");
1222: addOutgoingProtocolPolicy(ep, "SC");
1223: } catch (IOException ie) {
1224: log.log(Level.SEVERE, LogStringsMessages
1225: .WSSPIPE_0008_PROBLEM_BUILDING_PROTOCOL_POLICY(),
1226: ie);
1227: throw new PolicyException(LogStringsMessages
1228: .WSSPIPE_0008_PROBLEM_BUILDING_PROTOCOL_POLICY(),
1229: ie);
1230: }
1231: }
1232:
1233: protected SecurityPolicyHolder constructPolicyHolder(
1234: Policy effectivePolicy, boolean isServer, boolean isIncoming)
1235: throws PolicyException {
1236: return constructPolicyHolder(effectivePolicy, isServer,
1237: isIncoming, false);
1238: }
1239:
1240: protected SecurityPolicyHolder constructPolicyHolder(
1241: Policy effectivePolicy, boolean isServer,
1242: boolean isIncoming, boolean ignoreST)
1243: throws PolicyException {
1244:
1245: XWSSPolicyGenerator xwssPolicyGenerator = new XWSSPolicyGenerator(
1246: effectivePolicy, isServer, isIncoming);
1247: xwssPolicyGenerator.process(ignoreST);
1248: this .bindingLevelAlgSuite = xwssPolicyGenerator
1249: .getBindingLevelAlgSuite();
1250: MessagePolicy messagePolicy = xwssPolicyGenerator
1251: .getXWSSPolicy();
1252:
1253: SecurityPolicyHolder sph = new SecurityPolicyHolder();
1254: sph.setMessagePolicy(messagePolicy);
1255: sph.setBindingLevelAlgSuite(xwssPolicyGenerator
1256: .getBindingLevelAlgSuite());
1257: List<PolicyAssertion> tokenList = getTokens(effectivePolicy);
1258: addConfigAssertions(effectivePolicy, sph);
1259:
1260: for (PolicyAssertion token : tokenList) {
1261: if (PolicyUtil.isSecureConversationToken(token)) {
1262: NestedPolicy bootstrapPolicy = ((SecureConversationToken) token)
1263: .getBootstrapPolicy();
1264: Policy effectiveBP = null;
1265: if (hasTargets(bootstrapPolicy)) {
1266: effectiveBP = bootstrapPolicy;
1267: } else {
1268: effectiveBP = getEffectiveBootstrapPolicy(bootstrapPolicy);
1269: }
1270: xwssPolicyGenerator = new XWSSPolicyGenerator(
1271: effectiveBP, isServer, isIncoming);
1272: xwssPolicyGenerator.process(ignoreST);
1273: MessagePolicy bmp = xwssPolicyGenerator.getXWSSPolicy();
1274:
1275: if (isServer && isIncoming) {
1276: EncryptionPolicy optionalPolicy = new EncryptionPolicy();
1277: EncryptionPolicy.FeatureBinding fb = (EncryptionPolicy.FeatureBinding) optionalPolicy
1278: .getFeatureBinding();
1279: optionalPolicy.newX509CertificateKeyBinding();
1280: EncryptionTarget target = new EncryptionTarget();
1281: target.setQName(new QName(
1282: MessageConstants.SAML_v1_1_NS,
1283: MessageConstants.SAML_ASSERTION_LNAME));
1284: target.setEnforce(false);
1285: fb.addTargetBinding(target);
1286: /*
1287: try {
1288: bmp.prepend(optionalPolicy);
1289: } catch (PolicyGenerationException ex) {
1290: throw new PolicyException(ex);
1291: }*/
1292: }
1293:
1294: PolicyAssertion sct = new SCTokenWrapper(token, bmp);
1295: sph.addSecureConversationToken(sct);
1296: hasSecureConversation = true;
1297:
1298: // if the bootstrap has issued tokens then set hasIssuedTokens=true
1299: List<PolicyAssertion> iList = this
1300: .getIssuedTokenPoliciesFromBootstrapPolicy((Token) sct);
1301: if (!iList.isEmpty()) {
1302: hasIssuedTokens = true;
1303: }
1304:
1305: } else if (PolicyUtil.isIssuedToken(token)) {
1306: sph.addIssuedToken(token);
1307: hasIssuedTokens = true;
1308: }
1309: }
1310: return sph;
1311: }
1312:
1313: // return the callbackhandler if the xwssCallbackHandler was set
1314: // otherwise populate the props and return null.
1315: protected String populateConfigProperties(Set configAssertions,
1316: Properties props) {
1317: if (configAssertions == null) {
1318: return null;
1319: }
1320: Iterator it = configAssertions.iterator();
1321: for (; it.hasNext();) {
1322: PolicyAssertion as = (PolicyAssertion) it.next();
1323: if ("KeyStore".equals(as.getName().getLocalPart())) {
1324: populateKeystoreProps(props, (KeyStore) as);
1325: } else if ("TrustStore".equals(as.getName().getLocalPart())) {
1326: populateTruststoreProps(props, (TrustStore) as);
1327: } else if ("CallbackHandlerConfiguration".equals(as
1328: .getName().getLocalPart())) {
1329: String ret = populateCallbackHandlerProps(props,
1330: (CallbackHandlerConfiguration) as);
1331: if (ret != null) {
1332: return ret;
1333: }
1334: } else if ("ValidatorConfiguration".equals(as.getName()
1335: .getLocalPart())) {
1336: populateValidatorProps(props,
1337: (ValidatorConfiguration) as);
1338: } else if ("CertStore".equals(as.getName().getLocalPart())) {
1339: populateCertStoreProps(props, (CertStoreConfig) as);
1340: }
1341: }
1342: return null;
1343: }
1344:
1345: private void populateKeystoreProps(Properties props, KeyStore store) {
1346: if (store.getLocation() != null) {
1347: props.put(DefaultCallbackHandler.KEYSTORE_URL, store
1348: .getLocation());
1349: } else {
1350: //throw RuntimeException for now
1351: log.log(Level.SEVERE, LogStringsMessages
1352: .WSSPIPE_0014_KEYSTORE_URL_NULL_CONFIG_ASSERTION());
1353: throw new RuntimeException(LogStringsMessages
1354: .WSSPIPE_0014_KEYSTORE_URL_NULL_CONFIG_ASSERTION());
1355: }
1356:
1357: if (store.getType() != null) {
1358: props.put(DefaultCallbackHandler.KEYSTORE_TYPE, store
1359: .getType());
1360: } else {
1361: props.put(DefaultCallbackHandler.KEYSTORE_TYPE, "JKS");
1362: }
1363:
1364: if (store.getPassword() != null) {
1365: props.put(DefaultCallbackHandler.KEYSTORE_PASSWORD,
1366: new String(store.getPassword()));
1367: } else {
1368: log
1369: .log(
1370: Level.SEVERE,
1371: LogStringsMessages
1372: .WSSPIPE_0015_KEYSTORE_PASSWORD_NULL_CONFIG_ASSERTION());
1373: throw new RuntimeException(
1374: LogStringsMessages
1375: .WSSPIPE_0015_KEYSTORE_PASSWORD_NULL_CONFIG_ASSERTION());
1376: }
1377:
1378: if (store.getAlias() != null) {
1379: props
1380: .put(DefaultCallbackHandler.MY_ALIAS, store
1381: .getAlias());
1382: } else {
1383: // use default alias
1384: //throw new RuntimeException("KeyStore Alias was obtained as NULL from ConfigAssertion");
1385: }
1386:
1387: if (store.getKeyPassword() != null) {
1388: props.put(DefaultCallbackHandler.KEY_PASSWORD, store
1389: .getKeyPassword());
1390: }
1391:
1392: if (store.getAliasSelectorClassName() != null) {
1393: props.put(DefaultCallbackHandler.KEYSTORE_CERTSELECTOR,
1394: store.getAliasSelectorClassName());
1395: }
1396: }
1397:
1398: private void populateTruststoreProps(Properties props,
1399: TrustStore store) {
1400: if (store.getLocation() != null) {
1401: props.put(DefaultCallbackHandler.TRUSTSTORE_URL, store
1402: .getLocation());
1403: } else {
1404: //throw RuntimeException for now
1405: log
1406: .log(
1407: Level.SEVERE,
1408: LogStringsMessages
1409: .WSSPIPE_0016_TRUSTSTORE_URL_NULL_CONFIG_ASSERTION());
1410: throw new RuntimeException(
1411: LogStringsMessages
1412: .WSSPIPE_0016_TRUSTSTORE_URL_NULL_CONFIG_ASSERTION());
1413: }
1414:
1415: if (store.getType() != null) {
1416: props.put(DefaultCallbackHandler.TRUSTSTORE_TYPE, store
1417: .getType());
1418: } else {
1419: props.put(DefaultCallbackHandler.TRUSTSTORE_TYPE, "JKS");
1420: }
1421:
1422: if (store.getPassword() != null) {
1423: props.put(DefaultCallbackHandler.TRUSTSTORE_PASSWORD,
1424: new String(store.getPassword()));
1425: } else {
1426: log
1427: .log(
1428: Level.SEVERE,
1429: LogStringsMessages
1430: .WSSPIPE_0017_TRUSTSTORE_PASSWORD_NULL_CONFIG_ASSERTION());
1431: throw new RuntimeException(
1432: LogStringsMessages
1433: .WSSPIPE_0017_TRUSTSTORE_PASSWORD_NULL_CONFIG_ASSERTION());
1434: }
1435:
1436: if (store.getPeerAlias() != null) {
1437: props.put(DefaultCallbackHandler.PEER_ENTITY_ALIAS, store
1438: .getPeerAlias());
1439: }
1440:
1441: if (store.getSTSAlias() != null) {
1442: props.put(DefaultCallbackHandler.STS_ALIAS, store
1443: .getSTSAlias());
1444: }
1445:
1446: if (store.getServiceAlias() != null) {
1447: props.put(DefaultCallbackHandler.SERVICE_ALIAS, store
1448: .getServiceAlias());
1449: }
1450:
1451: if (store.getCertSelectorClassName() != null) {
1452: props.put(DefaultCallbackHandler.TRUSTSTORE_CERTSELECTOR,
1453: store.getCertSelectorClassName());
1454: }
1455: }
1456:
1457: private String populateCallbackHandlerProps(Properties props,
1458: CallbackHandlerConfiguration conf) {
1459: //check if timestamp timeout has been set
1460: if (conf.getTimestampTimeout() != null) {
1461: //in milliseconds
1462: this .timestampTimeOut = Long.parseLong(conf
1463: .getTimestampTimeout()) * 1000;
1464: }
1465: Iterator it = conf.getCallbackHandlers();
1466: for (; it.hasNext();) {
1467: PolicyAssertion p = (PolicyAssertion) it.next();
1468: com.sun.xml.ws.security.impl.policy.CallbackHandler hd = (com.sun.xml.ws.security.impl.policy.CallbackHandler) p;
1469: String name = hd.getHandlerName();
1470: String ret = hd.getHandler();
1471: if ("xwssCallbackHandler".equals(name)) {
1472: if (ret != null && !"".equals(ret)) {
1473: return ret;
1474: } else {
1475: log
1476: .log(
1477: Level.SEVERE,
1478: LogStringsMessages
1479: .WSSPIPE_0018_NULL_OR_EMPTY_XWSS_CALLBACK_HANDLER_CLASSNAME());
1480: throw new RuntimeException(
1481: LogStringsMessages
1482: .WSSPIPE_0018_NULL_OR_EMPTY_XWSS_CALLBACK_HANDLER_CLASSNAME());
1483: }
1484: } else if ("usernameHandler".equals(name)) {
1485: if (ret != null && !"".equals(ret)) {
1486: props.put(DefaultCallbackHandler.USERNAME_CBH, ret);
1487: } else {
1488: QName qname = new QName("default");
1489: String def = hd.getAttributeValue(qname);
1490: if (def != null && !"".equals(def)) {
1491: props.put(DefaultCallbackHandler.MY_USERNAME,
1492: def);
1493: } else {
1494: log
1495: .log(
1496: Level.SEVERE,
1497: LogStringsMessages
1498: .WSSPIPE_0019_NULL_OR_EMPTY_USERNAME_HANDLER_CLASSNAME());
1499: throw new RuntimeException(
1500: LogStringsMessages
1501: .WSSPIPE_0019_NULL_OR_EMPTY_USERNAME_HANDLER_CLASSNAME());
1502: }
1503: }
1504: } else if ("passwordHandler".equals(name)) {
1505: if (ret != null && !"".equals(ret)) {
1506: props.put(DefaultCallbackHandler.PASSWORD_CBH, ret);
1507: } else {
1508: QName qname = new QName("default");
1509: String def = hd.getAttributeValue(qname);
1510: if (def != null && !"".equals(def)) {
1511: props.put(DefaultCallbackHandler.MY_PASSWORD,
1512: def);
1513: } else {
1514: log
1515: .log(
1516: Level.SEVERE,
1517: LogStringsMessages
1518: .WSSPIPE_0020_NULL_OR_EMPTY_PASSWORD_HANDLER_CLASSNAME());
1519: throw new RuntimeException(
1520: LogStringsMessages
1521: .WSSPIPE_0020_NULL_OR_EMPTY_PASSWORD_HANDLER_CLASSNAME());
1522: }
1523: }
1524: } else if ("samlHandler".equals(name)) {
1525: if (ret == null || "".equals(ret)) {
1526: log
1527: .log(
1528: Level.SEVERE,
1529: LogStringsMessages
1530: .WSSPIPE_0021_NULL_OR_EMPTY_SAML_HANDLER_CLASSNAME());
1531: throw new RuntimeException(
1532: LogStringsMessages
1533: .WSSPIPE_0021_NULL_OR_EMPTY_SAML_HANDLER_CLASSNAME());
1534: }
1535: props.put(DefaultCallbackHandler.SAML_CBH, ret);
1536: } else {
1537: log
1538: .log(
1539: Level.SEVERE,
1540: LogStringsMessages
1541: .WSSPIPE_0009_UNSUPPORTED_CALLBACK_TYPE_ENCOUNTERED(name));
1542: throw new RuntimeException(
1543: LogStringsMessages
1544: .WSSPIPE_0009_UNSUPPORTED_CALLBACK_TYPE_ENCOUNTERED(name));
1545: }
1546: }
1547: return null;
1548: }
1549:
1550: private void populateValidatorProps(Properties props,
1551: ValidatorConfiguration conf) {
1552: if (conf.getMaxClockSkew() != null) {
1553: props.put(DefaultCallbackHandler.MAX_CLOCK_SKEW_PROPERTY,
1554: conf.getMaxClockSkew());
1555: }
1556:
1557: if (conf.getTimestampFreshnessLimit() != null) {
1558: props
1559: .put(
1560: DefaultCallbackHandler.TIMESTAMP_FRESHNESS_LIMIT_PROPERTY,
1561: conf.getTimestampFreshnessLimit());
1562: }
1563:
1564: if (conf.getMaxNonceAge() != null) {
1565: props.put(DefaultCallbackHandler.MAX_NONCE_AGE_PROPERTY,
1566: conf.getMaxNonceAge());
1567: }
1568: if (conf.getRevocationEnabled() != null) {
1569: props.put(DefaultCallbackHandler.REVOCATION_ENABLED, conf
1570: .getRevocationEnabled());
1571: }
1572:
1573: Iterator it = conf.getValidators();
1574: for (; it.hasNext();) {
1575: PolicyAssertion p = (PolicyAssertion) it.next();
1576: Validator v = (Validator) p;
1577: String name = v.getValidatorName();
1578: String validator = v.getValidator();
1579: if (validator == null || "".equals(validator)) {
1580: log
1581: .log(
1582: Level.SEVERE,
1583: LogStringsMessages
1584: .WSSPIPE_0022_NULL_OR_EMPTY_VALIDATOR_CLASSNAME(name));
1585: throw new RuntimeException(
1586: LogStringsMessages
1587: .WSSPIPE_0022_NULL_OR_EMPTY_VALIDATOR_CLASSNAME(name));
1588: }
1589:
1590: if ("usernameValidator".equals(name)) {
1591: props.put(DefaultCallbackHandler.USERNAME_VALIDATOR,
1592: validator);
1593: } else if ("timestampValidator".equals(name)) {
1594: props.put(DefaultCallbackHandler.TIMESTAMP_VALIDATOR,
1595: validator);
1596: } else if ("certificateValidator".equals(name)) {
1597: props.put(DefaultCallbackHandler.CERTIFICATE_VALIDATOR,
1598: validator);
1599: } else if ("samlAssertionValidator".equals(name)) {
1600: props.put(DefaultCallbackHandler.SAML_VALIDATOR,
1601: validator);
1602: } else {
1603: log
1604: .log(
1605: Level.SEVERE,
1606: LogStringsMessages
1607: .WSSPIPE_0010_UNKNOWN_VALIDATOR_TYPE_CONFIG(name));
1608: throw new RuntimeException(
1609: LogStringsMessages
1610: .WSSPIPE_0010_UNKNOWN_VALIDATOR_TYPE_CONFIG(name));
1611: }
1612: }
1613: }
1614:
1615: private void populateCertStoreProps(Properties props,
1616: CertStoreConfig certStoreConfig) {
1617: if (certStoreConfig.getCallbackHandlerClassName() != null) {
1618: props.put(DefaultCallbackHandler.CERTSTORE_CBH,
1619: certStoreConfig.getCallbackHandlerClassName());
1620: }
1621: if (certStoreConfig.getCertSelectorClassName() != null) {
1622: props.put(DefaultCallbackHandler.CERTSTORE_CERTSELECTOR,
1623: certStoreConfig.getCertSelectorClassName());
1624: }
1625: if (certStoreConfig.getCRLSelectorClassName() != null) {
1626: props.put(DefaultCallbackHandler.CERTSTORE_CRLSELECTOR,
1627: certStoreConfig.getCRLSelectorClassName());
1628: }
1629: }
1630:
1631: protected Class loadClass(String classname) throws Exception {
1632: if (classname == null) {
1633: return null;
1634: }
1635: Class ret = null;
1636: ClassLoader loader = Thread.currentThread()
1637: .getContextClassLoader();
1638: if (loader != null) {
1639: try {
1640: ret = loader.loadClass(classname);
1641: return ret;
1642: } catch (ClassNotFoundException e) {
1643: // ignore
1644: }
1645: }
1646: // if context classloader didnt work, try this
1647: loader = this .getClass().getClassLoader();
1648: try {
1649: ret = loader.loadClass(classname);
1650: return ret;
1651: } catch (ClassNotFoundException e) {
1652: // ignore
1653: }
1654: log.log(Level.FINE, LogStringsMessages
1655: .WSSPIPE_0011_COULD_NOT_FIND_USER_CLASS(), classname);
1656: throw new XWSSecurityException(LogStringsMessages
1657: .WSSPIPE_0011_COULD_NOT_FIND_USER_CLASS());
1658: }
1659:
1660: protected com.sun.xml.wss.impl.AlgorithmSuite getAlgoSuite(
1661: AlgorithmSuite suite) {
1662: if (suite == null) {
1663: return null;
1664: }
1665: com.sun.xml.wss.impl.AlgorithmSuite als = new com.sun.xml.wss.impl.AlgorithmSuite(
1666: suite.getDigestAlgorithm(), suite
1667: .getEncryptionAlgorithm(), suite
1668: .getSymmetricKeyAlgorithm(), suite
1669: .getAsymmetricKeyAlgorithm());
1670:
1671: return als;
1672: }
1673:
1674: protected com.sun.xml.wss.impl.WSSAssertion getWssAssertion(
1675: WSSAssertion asser) {
1676: com.sun.xml.wss.impl.WSSAssertion assertion = new com.sun.xml.wss.impl.WSSAssertion(
1677: asser.getRequiredProperties(), asser.getType());
1678: return assertion;
1679: }
1680:
1681: //TODO: Duplicate information copied from Pipeline Assembler
1682: private boolean isReliableMessagingEnabled(PolicyMap policyMap,
1683: WSDLPort port) {
1684: if (policyMap == null)
1685: return false;
1686:
1687: try {
1688: PolicyMapKey endpointKey = policyMap
1689: .createWsdlEndpointScopeKey(port.getOwner()
1690: .getName(), port.getName());
1691: Policy policy = policyMap
1692: .getEndpointEffectivePolicy(endpointKey);
1693:
1694: return (policy != null)
1695: && policy.contains(Constants.version);
1696: } catch (PolicyException e) {
1697: log
1698: .log(
1699: Level.SEVERE,
1700: LogStringsMessages
1701: .WSSPIPE_0012_PROBLEM_CHECKING_RELIABLE_MESSAGE_ENABLE(),
1702: e);
1703: throw new WebServiceException(
1704: LogStringsMessages
1705: .WSSPIPE_0012_PROBLEM_CHECKING_RELIABLE_MESSAGE_ENABLE(),
1706: e);
1707: }
1708: }
1709:
1710: protected abstract void addIncomingFaultPolicy(
1711: Policy effectivePolicy, SecurityPolicyHolder sph,
1712: WSDLFault fault) throws PolicyException;
1713:
1714: protected abstract void addOutgoingFaultPolicy(
1715: Policy effectivePolicy, SecurityPolicyHolder sph,
1716: WSDLFault fault) throws PolicyException;
1717:
1718: protected abstract void addIncomingProtocolPolicy(
1719: Policy effectivePolicy, String protocol)
1720: throws PolicyException;
1721:
1722: protected abstract void addOutgoingProtocolPolicy(
1723: Policy effectivePolicy, String protocol)
1724: throws PolicyException;
1725:
1726: protected abstract String getAction(WSDLOperation operation,
1727: boolean isIncomming);
1728:
1729: }
|