001: /*
002: * $Id: ProcessingContext.java,v 1.6 2007/08/24 09:12:50 kumarjayanti Exp $
003: */
004:
005: /*
006: * The contents of this file are subject to the terms
007: * of the Common Development and Distribution License
008: * (the License). You may not use this file except in
009: * compliance with the License.
010: *
011: * You can obtain a copy of the license at
012: * https://glassfish.dev.java.net/public/CDDLv1.0.html.
013: * See the License for the specific language governing
014: * permissions and limitations under the License.
015: *
016: * When distributing Covered Code, include this CDDL
017: * Header Notice in each file and include the License file
018: * at https://glassfish.dev.java.net/public/CDDLv1.0.html.
019: * If applicable, add the following below the CDDL Header,
020: * with the fields enclosed by brackets [] replaced by
021: * you own identifying information:
022: * "Portions Copyrighted [year] [name of copyright owner]"
023: *
024: * Copyright 2006 Sun Microsystems Inc. All Rights Reserved
025: */
026:
027: package com.sun.xml.wss;
028:
029: import com.sun.xml.wss.impl.*;
030: import java.util.Map;
031: import java.util.Random;
032: import java.util.HashMap;
033:
034: import javax.xml.soap.SOAPMessage;
035:
036: import com.sun.xml.wss.impl.policy.SecurityPolicy;
037: import com.sun.xml.wss.impl.policy.StaticPolicyContext;
038:
039: import javax.security.auth.callback.CallbackHandler;
040: import com.sun.xml.wss.impl.misc.*;
041:
042: /**
043: * This class represents a Context that is used by the XWS-Security Runtime to
044: * apply/verify Security Policies on an Outgoing/Incoming SOAP Message.
045: * The context contains among other things
046: * <UL>
047: * <LI>The SOAP Message to be operated upon
048: * <LI>The Message direction (incoming or outgoing)
049: * <LI>The security policy to be applied by XWS-Security on the message
050: * <LI>A randomly generated Message-Identifier that can be used for request-response correlation,
051: * by a CallbackHandler, the handles <code>DynamicPolicyCallback</code>
052: * <LI>A list of properties associated with the calling Application Runtime, that can be used to
053: * make Dynamic Policy decisions.
054: * <LI>A concrete implementation of the SecurityEnvironment interface OR a CallbackHandler
055: * </UL>
056: *
057: */
058: public class ProcessingContext implements SecurityProcessingContext {
059:
060: /*
061: * Example:
062: *
063: * A policy configured as follows:
064: *
065: * <RequireSignature/>
066: * <Encrypt/>
067: *
068: * where, the key used in signature has to be used for response
069: * encryption.
070: *
071: * A callback handler can cache the key information during
072: * signature processing (while handling CertificateValidation)
073: * based on message and policy identifiers, such that encryption
074: * policy handling will cause the cached key to be used.
075: */
076:
077: /*
078: * Unique randomnly generated message identifier. Application
079: * callback handlers can use this for policy correlation on
080: * per message basis.
081: */
082: String messageIdentifier;
083:
084: /*
085: * Policy identification context that is based on information in
086: * configuration files. Truely, security context need not be
087: * identified as static or dynamic - such resolution is required
088: * in view of support for declarative security configuration.
089: *
090: * Application callback handlers can use static context in conjunction
091: * with certain runtime context to make policy resolution decisions.
092: */
093: StaticPolicyContext context;
094:
095: /*
096: * Resolved declarative security policy. The IL (integration layer)
097: * is responsible for resolving configured security policy; alternately
098: * the context can be populated with a policy container and specific
099: * policy identifying context, requiring lazy accurate policy resolution
100: * to happen in Annotator/Recipient.
101: */
102: SecurityPolicy securityPolicy;
103:
104: /*
105: * Context indicating direction of message flow depending upon which
106: * Annotator or Recipient is 'invoked'
107: */
108: boolean inBoundMessage = false;
109:
110: /*
111: * Application security environment callback handler
112: *
113: * @see UsernameCallback (XWSS v1.0)
114: * @see PasswordCallback (XWSS v1.0)
115: * @see SignatureKeyCallback (XWSS v1.0)
116: * @see DecrptionKeyCallback (XWSS v1.0)
117: * @see DynamicPolicyCallback (XWSS v2.0)
118: * @see EncryptionKeyCallback (XWSS v1.0)
119: * @see PasswordValidationCallback (XWSS v1.0)
120: * @see CertificateValidationCallback (XWSS v1.0)
121: * @see SignatureVerificationCallback (XWSS v1.0)
122: */
123: CallbackHandler callbackHandler = null;
124:
125: /*
126: * The SecurityEnvironment handler
127: */
128: SecurityEnvironment environmentHandler = null;
129:
130: /*
131: * XWSS representation for SOAPMessage
132: *
133: * @see SecurableSoapMessage
134: */
135: protected SecurableSoapMessage secureMessage = null;
136:
137: /*
138: * Extraneous property list
139: */
140: protected Map properties = null;
141:
142: // flag to indicate optimized security option
143: // under JAXWS 2.0
144: int configType = MessageConstants.NOT_OPTIMIZED;
145:
146: protected MessageLayout securityHeaderLayout = MessageLayout.Lax;
147:
148: public static final String OPERATION_RESOLVER = "OperationResolver";
149:
150: private boolean retainSecHeader = false;
151:
152: /**
153: *Default constructor
154: */
155: public ProcessingContext() {
156: }
157:
158: /**
159: * Constructor
160: * @param context the static policy context for this request
161: * @param securityPolicy the SecurityPolicy to be applied for this request
162: * @param message the SOAPMessage
163: * @throws XWSSecurityException if there was an error in creating the ProcessingContext
164: */
165: public ProcessingContext(StaticPolicyContext context,
166: SecurityPolicy securityPolicy, SOAPMessage message)
167: throws XWSSecurityException {
168:
169: generateMessageId();
170:
171: setPolicyContext(context);
172:
173: setSecurityPolicy(securityPolicy);
174:
175: setSOAPMessage(message);
176: }
177:
178: /*
179: * Note: Avoiding check on policy types since Annotator/Recipient
180: * w'd do the same. Helps FPC to throw exception if WSSPolicy
181: * instance is not set.
182: */
183:
184: /**
185: * set the SecurityPolicy for the context
186: * @param securityPolicy SecurityPolicy
187: * @throws XWSSecurityException if the securityPolicy is of invalid type
188: */
189: public void setSecurityPolicy(SecurityPolicy securityPolicy)
190: throws XWSSecurityException {
191: this .securityPolicy = securityPolicy;
192: }
193:
194: /**
195: * @return SecurityPolicy for this context
196: */
197: public SecurityPolicy getSecurityPolicy() {
198: return this .securityPolicy;
199: }
200:
201: /**
202: * set the StaticPolicyContext for this ProcessingContext.
203: * @param context StaticPolicyContext for this context
204: */
205: public void setPolicyContext(StaticPolicyContext context) {
206: this .context = context;
207: }
208:
209: /**
210: * @return StaticPolicyContext associated with this ProcessingContext, null otherwise
211: */
212: public StaticPolicyContext getPolicyContext() {
213: return this .context;
214: }
215:
216: /**
217: * set the SOAP Message into the ProcessingContext.
218: * @param message SOAPMessage
219: * @throws XWSSecurityException if there was an error in setting the SOAPMessage
220: */
221: public void setSOAPMessage(SOAPMessage message)
222: throws XWSSecurityException {
223:
224: secureMessage = new SecurableSoapMessage();
225: secureMessage.setSOAPMessage(message);
226: setOptimized();
227: }
228:
229: /**
230: * @return the SOAPMessage from the context
231: */
232: public SOAPMessage getSOAPMessage() {
233: return secureMessage.getSOAPMessage();
234: }
235:
236: /* (non-Javadoc)
237: * @return SecurableSoapMessage
238: public SecurableSoapMessage getSecurableSoapMessage() {
239: return secureMessage;
240: }
241: */
242:
243: /**
244: * set the CallbackHandler for the context
245: * @param handler The CallbackHandler
246: */
247: public void setHandler(CallbackHandler handler) {
248: this .callbackHandler = handler;
249: this .environmentHandler = new DefaultSecurityEnvironmentImpl(
250: handler);
251: }
252:
253: /**
254: * set the SecurityEnvironment Handler for the context
255: * @param handler The SecurityEnvironment Handler
256: */
257: public void setSecurityEnvironment(SecurityEnvironment handler) {
258: this .environmentHandler = handler;
259: }
260:
261: /**
262: * @return the CallbackHandler set for the context
263: */
264: public CallbackHandler getHandler() {
265: return this .callbackHandler;
266: }
267:
268: /**
269: * @return The SecurityEnvironment Handler set for the context
270: */
271: public SecurityEnvironment getSecurityEnvironment() {
272: return this .environmentHandler;
273: }
274:
275: /**
276: * Properties extraneously defined by XWSS runtime - can contain
277: * application's runtime context (like JAXRPCContext etc)
278: *
279: * @return Map of extraneous properties
280: */
281: public Map getExtraneousProperties() {
282: if (properties == null) {
283: properties = new HashMap();
284: }
285: return this .properties;
286: }
287:
288: /**
289: * set the message flow direction (to true if inbound, false if outbound)
290: * @param inBound message flow direction
291: */
292: public void isInboundMessage(boolean inBound) {
293: this .inBoundMessage = inBound;
294: }
295:
296: /**
297: * @return message flow direction, true if incoming, false otherwise
298: */
299: public boolean isInboundMessage() {
300: return this .inBoundMessage;
301: }
302:
303: /**
304: * Allow for message identifier to be generated externally
305: * @param identifier the Message Identifier value
306: */
307: public void setMessageIdentifier(String identifier) {
308: this .messageIdentifier = identifier;
309: }
310:
311: /**
312: * @return message identifier for the Message in the context
313: */
314: public String getMessageIdentifier() {
315: return this .messageIdentifier;
316: }
317:
318: /**
319: * set the extraneous property into the context
320: * Extraneous Properties are properties extraneously defined by XWSS runtime
321: * and can contain application's runtime context (like JAXRPCContext etc)
322: * @param name the property name
323: * @param value the property value
324: */
325: public void setExtraneousProperty(String name, Object value) {
326: getExtraneousProperties().put(name, value);
327: }
328:
329: /**
330: * @return the value for the named extraneous property.
331: */
332: public Object getExtraneousProperty(String name) {
333: return getExtraneousProperties().get(name);
334: }
335:
336: /**
337: * remove the named extraneous property if present
338: * @param name the Extraneous Property to be removed
339: */
340: public void removeExtraneousProperty(String name) {
341: getExtraneousProperties().remove(name);
342: }
343:
344: /*
345: * @param p1
346: * @param p2
347: */
348: public static void copy(Map p1, Map p2) {
349: p1.putAll(p2);
350: }
351:
352: /**
353: * copy operator
354: * @param ctx1 the ProcessingContext to which to copy
355: * @param ctx2 the ProcessingContext from which to copy
356: * @throws XWSSecurityException if there was an error during the copy operation
357: */
358: public void copy(ProcessingContext ctx1, ProcessingContext ctx2)
359: throws XWSSecurityException {
360: if (ctx2 == null)
361: return;
362: ctx1.setHandler(ctx2.getHandler());
363: ctx1.setSecurityEnvironment(ctx2.getSecurityEnvironment());
364: ctx1.setMessageIdentifier(ctx2.getMessageIdentifier());
365: if (ctx2.getSecurityPolicy() != null) {
366: ctx1.setSecurityPolicy(ctx2.getSecurityPolicy());
367: }
368: ctx1.isInboundMessage(ctx2.isInboundMessage());
369: ctx1.setSecureMessage(ctx2.getSecureMessage());
370: //ctx1.getExtraneousProperties().putAll(ctx2.getExtraneousProperties());
371: this .properties = ctx2.getExtraneousProperties();
372: ctx1.setPolicyContext(ctx2.getPolicyContext());
373: ctx1.setConfigType(ctx2.getConfigType());
374: ctx1.retainSecurityHeader(ctx2.retainSecurityHeader());
375: }
376:
377: /*
378: * Internal auto-generating message identifier implementation
379: */
380: private void generateMessageId() {
381: Random rnd = new Random();
382: long longRandom = rnd.nextLong();
383: this .messageIdentifier = String.valueOf(longRandom);
384: }
385:
386: /**
387: * This method is used for internal purposes
388: */
389: public void reset() {
390: }
391:
392: /**
393: * This method is used for internal purposes
394: */
395: public int getConfigType() {
396: return this .configType;
397: }
398:
399: /**
400: * This method is used for internal purposes
401: */
402: public void setConfigType(int type) {
403: this .configType = type;
404: setOptimized();
405: }
406:
407: protected SecurableSoapMessage getSecureMessage() {
408: return secureMessage;
409: }
410:
411: protected void setSecureMessage(SecurableSoapMessage msg) {
412: secureMessage = msg;
413: }
414:
415: private void setOptimized() {
416: if (this .secureMessage != null) {
417: if (this .configType == MessageConstants.NOT_OPTIMIZED) {
418: this .secureMessage.setOptimized(false);
419: } else {
420: this .secureMessage.setOptimized(true);
421: }
422: }
423: }
424:
425: public void copy(SecurityProcessingContext ctx1,
426: SecurityProcessingContext ctx2) throws XWSSecurityException {
427: throw new UnsupportedOperationException("Not yet supported");
428: }
429:
430: public void setSecurityHeaderLayout(MessageLayout layout) {
431: this .securityHeaderLayout = layout;
432: }
433:
434: public MessageLayout getSecurityHeaderLayout() {
435: return this .securityHeaderLayout;
436: }
437:
438: /*
439: *@return the Retain Security Header Config Property
440: */
441: public boolean retainSecurityHeader() {
442: return retainSecHeader;
443: }
444:
445: /*
446: *@param arg, set the retainSecurityHeader flag.
447: */
448: public void retainSecurityHeader(boolean arg) {
449: this.retainSecHeader = arg;
450: }
451: }
|