001: /**
002: * $Id: SecurableSoapMessage.java,v 1.11 2007/08/24 09:12:50 kumarjayanti Exp $
003: */package com.sun.xml.wss.impl;
004:
005: import com.sun.xml.wss.impl.dsig.NamespaceContextImpl;
006: import java.io.IOException;
007: import java.io.OutputStream;
008:
009: import java.util.Random;
010: import java.util.Iterator;
011: import java.util.logging.Level;
012: import java.util.logging.Logger;
013: import javax.xml.namespace.NamespaceContext;
014:
015: import javax.xml.soap.Name;
016: import javax.xml.soap.SOAPHeaderElement;
017: import javax.xml.soap.SOAPPart;
018: import javax.xml.soap.SOAPBody;
019: import javax.xml.soap.SOAPHeader;
020: import javax.xml.soap.MimeHeader;
021: import javax.xml.soap.SOAPMessage;
022: import javax.xml.soap.MimeHeaders;
023: import javax.xml.soap.SOAPElement;
024: import javax.xml.soap.SOAPFactory;
025: import javax.xml.soap.SOAPEnvelope;
026: import javax.xml.soap.SOAPConstants;
027: import javax.xml.soap.SOAPException;
028: import javax.xml.soap.AttachmentPart;
029: import javax.xml.namespace.QName;
030: import javax.activation.DataHandler;
031: import javax.xml.xpath.XPath;
032: import javax.xml.xpath.XPathConstants;
033: import javax.xml.xpath.XPathExpression;
034: import javax.xml.xpath.XPathFactory;
035:
036: import org.w3c.dom.Element;
037: import org.w3c.dom.Document;
038: import org.w3c.dom.NodeList;
039:
040: import com.sun.org.apache.xml.internal.security.Init;
041: import com.sun.xml.wss.impl.policy.mls.Target;
042: import com.sun.xml.wss.swa.MimeConstants;
043:
044: import com.sun.xml.wss.core.SecurityHeader;
045: import com.sun.xml.wss.logging.LogDomainConstants;
046: import org.w3c.dom.Node;
047: import com.sun.xml.wss.*;
048: import com.sun.xml.wss.util.NodeListImpl;
049:
050: public final class SecurableSoapMessage extends SOAPMessage {
051:
052: private NamespaceContext nsContext;
053: Random rnd = new Random();
054: static XPathFactory xpathFactory = null;
055:
056: private SOAPMessage soapMessage;
057: private boolean optimized = false;
058: private SOAPElement wsseSecurity;
059:
060: private static Logger log = Logger.getLogger(
061: LogDomainConstants.WSS_API_DOMAIN,
062: LogDomainConstants.WSS_API_DOMAIN_BUNDLE);
063:
064: static {
065: Init.init();
066: xpathFactory = XPathFactory.newInstance();
067:
068: /**
069: * Work-around for the fact that BC currently doesn't support
070: * the standard JCE name for oaep padding
071: * java.security.Provider bc = java.security.Security.getProvider("BC");
072: * if (bc != null) bc.put("Alg.Alias.Cipher.RSA/ECB/OAEPWithSHA1AndMGF1Padding","RSA/OAEP");
073: */
074: }
075:
076: public SecurableSoapMessage() {
077: }
078:
079: /**
080: * @param soapMessage
081: */
082: public SecurableSoapMessage(SOAPMessage soapMessage)
083: throws XWSSecurityException {
084: init(soapMessage);
085: }
086:
087: public void init(SOAPMessage soapMessage)
088: throws XWSSecurityException {
089: this .soapMessage = soapMessage;
090: if (log.isLoggable(Level.FINEST)) {
091: log.log(Level.FINEST, "WSS0100.createFor.creating.impl",
092: this .getClass().getName());
093: }
094: }
095:
096: public SOAPEnvelope getEnvelope() throws XWSSecurityException {
097: SOAPEnvelope envelope = null;
098:
099: try {
100: envelope = getSOAPPart().getEnvelope();
101: } catch (Exception e) {
102: log.log(Level.SEVERE, "WSS0399.soap.envelope.exception", e);
103: throw new XWSSecurityException(e);
104: }
105:
106: return envelope;
107: }
108:
109: /**
110: * Finds SOAPHeader.
111: *
112: * @param doCreate create one if none exists
113: *
114: * @return the soap Header or null if none and doCreate is false
115: */
116: private SOAPHeader findSoapHeader(boolean doCreate)
117: throws XWSSecurityException {
118:
119: try {
120: SOAPHeader header = getSOAPPart().getEnvelope().getHeader();
121: if (header != null)
122: return header;
123:
124: if (doCreate)
125: return getSOAPPart().getEnvelope().addHeader();
126:
127: } catch (SOAPException e) {
128: log.log(Level.SEVERE, "WSS0369.soap.exception", e
129: .getMessage());
130: throw new XWSSecurityException(e);
131: }
132:
133: return null;
134: }
135:
136: /**
137: * Finds wsse:Security Header Block.
138: *
139: * @param doCreate create one if none exists
140: *
141: * @return wsse:Security header
142: *
143: * @throws XWSSecurityException
144: */
145: public SecurityHeader findWsseSecurityHeaderBlock(boolean doCreate,
146: boolean mustUnderstand) throws XWSSecurityException {
147:
148: if (wsseSecurity != null) {
149: // if security header has been detached from the soap header
150: if (wsseSecurity.getParentNode() == null)
151: wsseSecurity = null;
152: else
153: return (SecurityHeader) wsseSecurity;
154: }
155:
156: SOAPHeader header = findSoapHeader(doCreate);
157: if (null == header)
158: return null;
159:
160: // Putting work-around for Bug Id: 5060366
161: org.w3c.dom.NodeList headerChildNodes = header.getChildNodes();
162: if (headerChildNodes != null) {
163: org.w3c.dom.Node currentNode = null;
164: for (int i = 0; i < headerChildNodes.getLength(); i++) {
165: currentNode = headerChildNodes.item(i);
166: if (MessageConstants.WSSE_SECURITY_LNAME
167: .equals(currentNode.getLocalName())
168: && MessageConstants.WSSE_NS.equals(currentNode
169: .getNamespaceURI())) {
170: wsseSecurity = (SOAPElement) currentNode;
171: break;
172: }
173: }
174: }
175:
176: if (wsseSecurity == null && !doCreate)
177: return null;
178:
179: if (wsseSecurity == null && doCreate) {
180: // Create header block
181: wsseSecurity = (SOAPElement) getSOAPPart().createElementNS(
182: MessageConstants.WSSE_NS,
183: MessageConstants.WSSE_SECURITY_QNAME);
184: wsseSecurity.setAttributeNS(MessageConstants.NAMESPACES_NS,
185: "xmlns:" + MessageConstants.WSSE_PREFIX,
186: MessageConstants.WSSE_NS);
187: if (mustUnderstand) {
188: wsseSecurity.setAttributeNS(getEnvelope()
189: .getNamespaceURI(), getEnvelope().getPrefix()
190: + ":mustUnderstand", "1");
191: }
192: XMLUtil.prependChildElement(header, wsseSecurity,
193: getSOAPPart());
194: }
195:
196: if (wsseSecurity != null) {
197: wsseSecurity = new SecurityHeader(wsseSecurity);
198: } else {
199: throw new XWSSecurityException(
200: "Internal Error: wsse:Security Header found null");
201: }
202:
203: return (SecurityHeader) wsseSecurity;
204: }
205:
206: /**
207: * Finds wsse:Security Header
208: *
209: * @return returns null if wsse:Security header not found
210: *
211: * @throws XWSSecurityException
212: */
213: public SecurityHeader findSecurityHeader()
214: throws XWSSecurityException {
215: return findWsseSecurityHeaderBlock(false, false);
216: }
217:
218: /**
219: * Finds or creates wsse:Security Header
220: *
221: * @return wsse:Security header
222: *
223: * @throws XWSSecurityException
224: */
225: public SecurityHeader findOrCreateSecurityHeader()
226: throws XWSSecurityException {
227: return findWsseSecurityHeaderBlock(true, true);
228: }
229:
230: /**
231: * Delete security header
232: */
233: public void deleteSecurityHeader() {
234: try {
235: findSecurityHeader();
236: if (null != wsseSecurity) {
237: wsseSecurity.detachNode();
238: wsseSecurity = null;
239: }
240: } catch (XWSSecurityException e) {
241: log.log(Level.SEVERE, "WSS0370.error.deleting.secheader", e
242: .getMessage());
243: }
244: }
245:
246: /**
247: * Make Security Header Non-MustUnderstand
248: */
249: public void resetMustUnderstandOnSecHeader() {
250: try {
251: findSecurityHeader();
252: if (null != wsseSecurity) {
253: wsseSecurity.removeAttributeNS(this .getEnvelope()
254: .getNamespaceURI(), "mustUnderstand");
255: }
256: } catch (XWSSecurityException e) {
257: log.log(Level.SEVERE, "WSS0370.error.deleting.secheader", e
258: .getMessage());
259: }
260: }
261:
262: /**
263: * Create and initialize a SecurityHeaderException, and throw a fault based
264: * on it.
265: *
266: * The faultstring for this exception is wsse:InvalidSecurity as per
267: * section 12 on Error Handling of the wss SOAPMessageSecurity spec (draft
268: * 17).
269: *
270: * This fault stands for An error was discovered processing the
271: * wsse:Security header.
272: */
273: public void generateSecurityHeaderException(String exceptionMessage)
274: throws SecurityHeaderException, XWSSecurityException {
275: SecurityHeaderException she = new SecurityHeaderException(
276: exceptionMessage);
277: // an error was discovered processing the header
278: generateFault(newSOAPFaultException(
279: MessageConstants.WSSE_INVALID_SECURITY,
280: "Error while processing Security Header", she));
281: log
282: .log(Level.SEVERE,
283: "WSS0370.error.processing.secheader", she);
284: throw she;
285: }
286:
287: /**
288: * Create and initialize a WssSoapFaultException. This method is used in
289: * conjunction with generateClientFault.
290: */
291: public static WssSoapFaultException newSOAPFaultException(
292: String faultstring, Throwable th) {
293: WssSoapFaultException sfe = new WssSoapFaultException(null,
294: faultstring, null, null);
295: sfe.initCause(th);
296: return sfe;
297: }
298:
299: /**
300: * Create and initialize a WssSoapFaultException. This method is used in
301: * conjunction with generateClientFault.
302: */
303: public static WssSoapFaultException newSOAPFaultException(
304: QName faultCode, String faultstring, Throwable th) {
305:
306: WssSoapFaultException sfe = new WssSoapFaultException(
307: faultCode, faultstring, null, null);
308: sfe.initCause(th);
309: return sfe;
310: }
311:
312: /**
313: * @param sfe
314: * @throws XWSSecurityException
315: */
316: public void generateFault(WssSoapFaultException sfe)
317: throws XWSSecurityException {
318:
319: try {
320: SOAPBody body = soapMessage.getSOAPBody();
321: body.removeContents();
322: QName faultCode = sfe.getFaultCode();
323: Name faultCodeName = null;
324: if (faultCode == null) {
325: faultCodeName = SOAPFactory.newInstance().createName(
326: "Client", null,
327: SOAPConstants.URI_NS_SOAP_ENVELOPE);
328: } else {
329:
330: faultCodeName = SOAPFactory.newInstance().createName(
331: faultCode.getLocalPart(),
332: faultCode.getPrefix(),
333: faultCode.getNamespaceURI());
334: }
335:
336: body.addFault(faultCodeName, sfe.getFaultString());
337: // TODO RFE add "actor" and throwable info to "detail"
338: } catch (SOAPException e) {
339: log.log(Level.SEVERE, "WSS0371.error.generate.fault", e
340: .getMessage());
341: throw new XWSSecurityException(e);
342: }
343:
344: }
345:
346: public SOAPPart getSOAPPart() {
347: return soapMessage.getSOAPPart();
348: }
349:
350: public SOAPBody getSOAPBody() throws SOAPException {
351: try {
352: return soapMessage.getSOAPBody();
353: } catch (Exception e) {
354: log.log(Level.SEVERE, "WSS0398.soap.body.exception", e);
355: throw new SOAPException(e);
356: }
357: }
358:
359: public SOAPMessage getSOAPMessage() {
360: return soapMessage;
361: }
362:
363: public void setSOAPMessage(SOAPMessage soapMsg)
364: throws XWSSecurityException {
365: init(soapMsg);
366: }
367:
368: public void addAttachmentPart(AttachmentPart AttachmentPart) {
369: soapMessage.addAttachmentPart(AttachmentPart);
370: }
371:
372: public int countAttachments() {
373: return soapMessage.countAttachments();
374: }
375:
376: public AttachmentPart createAttachmentPart() {
377: return soapMessage.createAttachmentPart();
378: }
379:
380: public AttachmentPart createAttachmentPart(Object content,
381: String contentType) {
382: return soapMessage.createAttachmentPart(content, contentType);
383: }
384:
385: public AttachmentPart createAttachmentPart(DataHandler dataHandler) {
386: return soapMessage.createAttachmentPart(dataHandler);
387: }
388:
389: public boolean equals(Object obj) {
390: return soapMessage.equals(obj);
391: }
392:
393: public Iterator getAttachments() {
394: return soapMessage.getAttachments();
395: }
396:
397: public Iterator getAttachments(MimeHeaders headers) {
398: return soapMessage.getAttachments(headers);
399: }
400:
401: public String getContentDescription() {
402: return soapMessage.getContentDescription();
403: }
404:
405: public MimeHeaders getMimeHeaders() {
406: return soapMessage.getMimeHeaders();
407: }
408:
409: public Object getProperty(String property) throws SOAPException {
410: return soapMessage.getProperty(property);
411: }
412:
413: public SOAPHeader getSOAPHeader() throws SOAPException {
414: return soapMessage.getSOAPHeader();
415: }
416:
417: public int hashCode() {
418: return soapMessage.hashCode();
419: }
420:
421: public void removeAllAttachments() {
422: soapMessage.removeAllAttachments();
423: }
424:
425: public boolean saveRequired() {
426: return soapMessage.saveRequired();
427: }
428:
429: public void setContentDescription(String description) {
430: soapMessage.setContentDescription(description);
431: }
432:
433: public void setProperty(String property, Object value)
434: throws SOAPException {
435: soapMessage.setProperty(property, value);
436: }
437:
438: public String toString() {
439: return soapMessage.toString();
440: }
441:
442: public void writeTo(OutputStream out) throws SOAPException,
443: IOException {
444: soapMessage.writeTo(out);
445: }
446:
447: public void saveChanges() throws SOAPException {
448: soapMessage.saveChanges();
449: }
450:
451: public NamespaceContext getNamespaceContext()
452: throws XWSSecurityException {
453: if (nsContext == null) {
454: nsContext = new NamespaceContextImpl();
455:
456: ((NamespaceContextImpl) nsContext).add(getEnvelope()
457: .getPrefix(), getEnvelope().getNamespaceURI());
458: if (getEnvelope().getNamespaceURI() == MessageConstants.SOAP_1_2_NS) {
459: ((NamespaceContextImpl) nsContext).add("SOAP-ENV",
460: MessageConstants.SOAP_1_2_NS);
461: ((NamespaceContextImpl) nsContext).add("env",
462: MessageConstants.SOAP_1_2_NS);
463: }
464: }
465: return nsContext;
466: }
467:
468: /**
469: * @return an ID unique w.r.t this SOAPMessage
470: */
471: public String generateId() throws XWSSecurityException {
472:
473: int intRandom = rnd.nextInt();
474: String id = "XWSSGID-"
475: + String.valueOf(System.currentTimeMillis())
476: + String.valueOf(intRandom);
477: return id;
478: }
479:
480: /**
481: * @param element
482: */
483: public void generateWsuId(Element element)
484: throws XWSSecurityException {
485: // assign the wsu:Id to the element
486: element.setAttributeNS(MessageConstants.WSU_NS, "wsu:Id",
487: generateId());
488: }
489:
490: /**
491: * @param element
492: * @param id ID specified should be unique in the message.
493: */
494: public void generateWsuId(Element element, String id)
495: throws XWSSecurityException {
496: // assign the wsu:Id to the element
497: element.setAttributeNS(MessageConstants.WSU_NS, "wsu:Id", id);
498: }
499:
500: /**
501: * @param wsuIdElements
502: * @param id
503: * @return
504: */
505: private boolean wsuIdIsUnique(NodeList wsuIdElements, String id) {
506: boolean result = true;
507:
508: // make sure id is unique
509:
510: if (wsuIdElements == null)
511: return result;
512:
513: for (int i = 0; i < wsuIdElements.getLength(); i++) {
514: if (((Element) wsuIdElements.item(i)).getAttributeNS(
515: MessageConstants.WSU_NS, "Id").equals(id)) {
516: result = false;
517: }
518: }
519:
520: return result;
521: }
522:
523: public SOAPElement getElementByWsuId(String id)
524: throws XWSSecurityException {
525:
526: Element element = getSOAPPart().getElementById(id);
527: if (element != null) {
528: if (MessageConstants.debug) {
529: log.fine("Document.getElementById() returned "
530: + element);
531: }
532:
533: return (SOAPElement) element;
534: }
535:
536: if (MessageConstants.debug) {
537: log.fine("Document.getElementById() FAILED......'" + id
538: + "'");
539: }
540:
541: SOAPElement result = null;
542: String xpath = "//*[@wsu:Id='" + id + "']";
543: try {
544:
545: XPath xPATH = xpathFactory.newXPath();
546: xPATH.setNamespaceContext(getNamespaceContext());
547: XPathExpression xpathExpr = xPATH.compile(xpath);
548: NodeList elements = (NodeList) xpathExpr
549: .evaluate((Object) this .getSOAPPart(),
550: XPathConstants.NODESET);
551:
552: if (elements != null)
553: result = (SOAPElement) elements.item(0);
554: } catch (Exception e) {
555: log.log(Level.SEVERE, "WSS0374.error.apache.xpathAPI",
556: new Object[] { id, e.getMessage() });
557: throw new XWSSecurityException(e);
558: }
559:
560: return result;
561: }
562:
563: /*
564: * Locate an element references using either
565: * 1) Local ID attributes on XML Signature Elements
566: * 2) Local ID attributes on XML Encryption Elements
567: * 3) Global wsu:Id attributes
568: */
569: public Element getElementById(String id)
570: throws XWSSecurityException {
571:
572: if (id.startsWith("#"))
573: id = id.substring(1);
574: Element element = getSOAPPart().getElementById(id);
575: if (element != null) {
576: if (MessageConstants.debug) {
577: log.fine("Document.getElementById() returned "
578: + element);
579: }
580: return element;
581: }
582:
583: if (MessageConstants.debug) {
584: log.fine("Document.getElementById() FAILED......'" + id
585: + "'");
586: }
587:
588: Element result = null;
589: result = getElementByWsuId(id);
590:
591: if (result == null) {
592:
593: Document soapPart = getSOAPPart();
594: NodeList assertions = soapPart.getElementsByTagNameNS(
595: MessageConstants.SAML_v1_0_NS,
596: MessageConstants.SAML_ASSERTION_LNAME);
597: if (assertions.item(0) == null) {
598: assertions = soapPart.getElementsByTagNameNS(
599: MessageConstants.SAML_v2_0_NS,
600: MessageConstants.SAML_ASSERTION_LNAME);
601: }
602:
603: String assertionId = null;
604: int len = assertions.getLength();
605: if (len > 0) {
606: for (int i = 0; i < len; i++) {
607: SOAPElement elem = (SOAPElement) assertions.item(i);
608: if (elem.getAttributeNode("ID") != null) {
609: assertionId = elem
610: .getAttribute(MessageConstants.SAML_ID_LNAME);
611: } else {
612: assertionId = elem
613: .getAttribute(MessageConstants.SAML_ASSERTIONID_LNAME);
614: }
615: if (id.equals(assertionId)) {
616: result = elem;
617: break;
618: }
619: }
620: }
621: }
622:
623: if (result == null) {
624: NodeList elems;
625: String xpath = "//*[@Id='" + id + "']";
626: try {
627: XPath xPATH = xpathFactory.newXPath();
628: xPATH.setNamespaceContext(getNamespaceContext());
629: XPathExpression xpathExpr = xPATH.compile(xpath);
630: elems = (NodeList) xpathExpr.evaluate((Object) this
631: .getSOAPPart(), XPathConstants.NODESET);
632:
633: } catch (Exception e) {
634: log.log(Level.SEVERE, "WSS0375.error.apache.xpathAPI",
635: new Object[] { id, e.getMessage() });
636: throw new XWSSecurityException(e);
637: }
638:
639: if (elems == null || elems.getLength() == 0) {
640: log.log(Level.SEVERE, "WSS0285.error.NoElement");
641: throw new XWSSecurityException(
642: "No elements exist with Id/WsuId: " + id);
643: }
644:
645: for (int i = 0; i < elems.getLength(); i++) {
646: Element elem = (Element) elems.item(i);
647: String namespace = elem.getNamespaceURI();
648: if (namespace.equals(MessageConstants.DSIG_NS)
649: || namespace.equals(MessageConstants.XENC_NS)) {
650: result = elem;
651: break;
652: }
653: }
654:
655: if (elems.getLength() > 1) {
656: log.log(Level.SEVERE, "WSS0286.invalid.NoofElements");
657: throw new XWSSecurityException(
658: "More than one element exists with Id/WsuId: "
659: + id);
660: }
661: }
662:
663: return result;
664: }
665:
666: public AttachmentPart getAttachmentPart(String uri)
667: throws XWSSecurityException {
668: AttachmentPart _part = null;
669: String uri_tmp = uri;
670:
671: try {
672: if (uri.startsWith("cid:")) {
673: // rfc2392
674: uri = "<" + uri.substring("cid:".length()) + ">";
675:
676: MimeHeaders headersToMatch = new MimeHeaders();
677: headersToMatch.addHeader(MimeConstants.CONTENT_ID, uri);
678:
679: Iterator i = this .getAttachments(headersToMatch);
680: _part = (i == null) ? null : (AttachmentPart) i.next();
681: if (_part == null) {
682: uri = uri_tmp;
683: uri = uri.substring("cid:".length());
684: headersToMatch = new MimeHeaders();
685: headersToMatch.addHeader(MimeConstants.CONTENT_ID,
686: uri);
687:
688: i = this .getAttachments(headersToMatch);
689: _part = (i == null) ? null : (AttachmentPart) i
690: .next();
691: }
692: if (_part == null) {
693: throw new XWSSecurityException(
694: "Unable to Locate AttachmentPart for uri "
695: + uri);
696: }
697: } else if (uri.startsWith(MessageConstants.ATTACHMENTREF)) {
698: // auto-generated JAXRPC CID
699: Iterator j = this .getAttachments();
700:
701: while (j.hasNext()) {
702: AttachmentPart p = (AttachmentPart) j.next();
703: String cl = p.getContentId();
704: if (cl != null) {
705: // obtain the partname
706: int eqIndex = cl.indexOf("=");
707: if (eqIndex > -1) {
708: cl = cl.substring(1, eqIndex);
709: if (cl
710: .equalsIgnoreCase(uri
711: .substring(MessageConstants.ATTACHMENTREF
712: .length()))) {
713: _part = p;
714: break;
715: }
716: }
717: }
718: }
719: } else {
720: String clocation = convertAbsolute2Relative(uri);
721:
722: MimeHeaders headersToMatch = new MimeHeaders();
723: headersToMatch.addHeader(
724: MimeConstants.CONTENT_LOCATION, clocation);
725:
726: Iterator i = this .getAttachments(headersToMatch);
727: _part = (i == null) ? null : (AttachmentPart) i.next();
728:
729: if (_part == null /*&& !uriNew.toString().startsWith("thismessage:/")*/) {
730: // log
731: clocation = uri;
732: headersToMatch.removeAllHeaders();
733: headersToMatch.addHeader(
734: MimeConstants.CONTENT_LOCATION, clocation);
735:
736: i = this .getAttachments(headersToMatch);
737: _part = (i == null) ? null : (AttachmentPart) i
738: .next();
739: }
740: }
741:
742: } catch (Exception se) {
743: log.log(Level.SEVERE,
744: "WSS0287.error.extracting.attachmentpart", se);
745: throw new XWSSecurityException(se);
746: }
747:
748: return _part;
749: }
750:
751: private String convertAbsolute2Relative(String clocation) {
752: MimeHeaders mimeHeaders = this .getMimeHeaders();
753:
754: String enclsgClocation = null;
755:
756: if (mimeHeaders != null) {
757: Iterator clocs = mimeHeaders
758: .getMatchingHeaders(new String[] { MimeConstants.CONTENT_LOCATION });
759: if (clocs != null) {
760: MimeHeader mh = (MimeHeader) clocs.next();
761: if (mh != null)
762: enclsgClocation = mh.getValue();
763: }
764: }
765:
766: /* absolute URI can be of the form - http://xxx, thismessage:/xxx, baseUri+xxx */
767: if (enclsgClocation != null
768: && clocation.startsWith(enclsgClocation))
769: clocation = clocation.substring(enclsgClocation.length());
770: else if (clocation.startsWith("thismessage:/"))
771: clocation = clocation.substring("thismessage:/".length());
772:
773: return clocation;
774: }
775:
776: public static String getIdFromFragmentRef(String ref) {
777: char start = ref.charAt(0);
778: if (start == '#') {
779: return ref.substring(1);
780: }
781: return ref;
782: }
783:
784: public Object getMessageParts(Target target)
785: throws XWSSecurityException {
786: Object retValue = null;
787: String type = target.getType();
788: String value = target.getValue();
789: boolean throwFault = false;
790: boolean headersOnly = target.isSOAPHeadersOnly();
791:
792: if (type.equals(Target.TARGET_TYPE_VALUE_QNAME)) {
793:
794: try {
795: if (value == Target.BODY) {
796:
797: final SOAPElement se;
798: // if(!isOptimized()){
799: se = this .getSOAPBody();
800: // }
801: // else{
802: // se = ((com.sun.xml.messaging.saaj.soap.ExpressMessage)soapMessage).getEMBody();
803: // }
804: retValue = new NodeList() {
805: Node node = se;
806:
807: public int getLength() {
808: return 1;
809: }
810:
811: public Node item(int num) {
812: if (num == 0) {
813: return node;
814: } else {
815: return null;
816: }
817: }
818: };
819: } else {
820: QName name = QName.valueOf(value);
821: if (!headersOnly) {
822: if ("".equals(name.getNamespaceURI())) {
823: retValue = this .getSOAPPart()
824: .getElementsByTagNameNS("*",
825: name.getLocalPart());
826: } else {
827: retValue = this .getSOAPPart()
828: .getElementsByTagNameNS(
829: name.getNamespaceURI(),
830: name.getLocalPart());
831: }
832: } else {
833: // process headers of a SOAPMessage
834: retValue = new NodeListImpl();
835: NodeList hdrChilds = this .getSOAPHeader()
836: .getChildNodes();
837: for (int i = 0; i < hdrChilds.getLength(); i++) {
838: Node child = hdrChilds.item(i);
839: if (child.getNodeType() == Node.ELEMENT_NODE) {
840: if ("".equals(name.getNamespaceURI())) {
841: if (name.getLocalPart().equals(
842: child.getLocalName()))
843: ((NodeListImpl) retValue)
844: .add(child);
845: } else {
846: // FIXME: Hack to get addressing members from both namespaces, as microsoft uses both of them in a soap message
847: if (name
848: .getNamespaceURI()
849: .equals(
850: MessageConstants.ADDRESSING_MEMBER_SUBMISSION_NAMESPACE)
851: || name
852: .getNamespaceURI()
853: .equals(
854: MessageConstants.ADDRESSING_W3C_NAMESPACE)) {
855: if ((child
856: .getNamespaceURI()
857: .equals(
858: MessageConstants.ADDRESSING_MEMBER_SUBMISSION_NAMESPACE) || child
859: .getNamespaceURI()
860: .equals(
861: MessageConstants.ADDRESSING_W3C_NAMESPACE))) {
862: if (!"".equals(name
863: .getLocalPart())) {
864: if (name
865: .getLocalPart()
866: .equals(
867: child
868: .getLocalName()))
869: ((NodeListImpl) retValue)
870: .add(child);
871: } else {
872: ((NodeListImpl) retValue)
873: .add(child);
874: }
875: }
876: } else {
877: if (!"".equals(name
878: .getLocalPart())) {
879: if (name
880: .getNamespaceURI()
881: .equals(
882: child
883: .getNamespaceURI())
884: && name
885: .getLocalPart()
886: .equals(
887: child
888: .getLocalName()))
889: ((NodeListImpl) retValue)
890: .add(child);
891: } else {
892: if (name
893: .getNamespaceURI()
894: .equals(
895: child
896: .getNamespaceURI()))
897: ((NodeListImpl) retValue)
898: .add(child);
899: }
900: }
901: }
902: }
903: }
904: }
905: }
906: } catch (Exception e) {
907: log.log(Level.SEVERE,
908: "WSS0288.failed.getMessageParts.Qname", e);
909: throw new XWSSecurityRuntimeException(e);
910: }
911: if (retValue == null
912: || ((NodeList) retValue).getLength() == 0)
913: throwFault = true;
914:
915: } else if (type.equals(Target.TARGET_TYPE_VALUE_XPATH)) {
916: try {
917: XPathFactory xpathFactory = XPathFactory.newInstance();
918: XPath xpath = xpathFactory.newXPath();
919:
920: xpath.setNamespaceContext(getNamespaceContext());
921: // XPathExpression expr = xpath.compile("//*[@wsu:Id]");
922: //XPathExpression expr = xpath.compile("//*");
923: XPathExpression xpathExpr = xpath.compile(value);
924: retValue = (NodeList) xpathExpr.evaluate((Object) this
925: .getSOAPPart(), XPathConstants.NODESET);
926:
927: /* retValue =
928: XPathAPI.selectNodeList(
929: this.getSOAPPart(),
930: value,
931: this.getNSContext());*/
932: } catch (Exception e) {
933: log.log(Level.SEVERE,
934: "WSS0289.failed.getMessageParts.XPath", e);
935: throw new XWSSecurityRuntimeException(e);
936: }
937: if (retValue == null
938: || ((NodeList) retValue).getLength() == 0)
939: throwFault = true;
940: } else if (type.equals(Target.TARGET_TYPE_VALUE_URI)) {
941: try {
942: retValue = this .getElementById(value);
943: } catch (XWSSecurityException xwse) {
944: try {
945: retValue = getAttachmentPart(value);
946: if (retValue == null)
947: throwFault = true;
948: } catch (Exception se) {
949: log.log(Level.SEVERE,
950: "WSS0290.failed.getMessageParts.URI", se);
951: throw new XWSSecurityException(
952: "No message part can be identified by the Target: "
953: + value);
954: }
955: }
956: }
957:
958: if (throwFault) {
959: if (log.isLoggable(Level.FINE)) {
960: log.log(Level.FINE,
961: "No message part can be identified by the Target:"
962: + value);
963: }
964: //throw new XWSSecurityException("No message part can be identified by the Target: " + value);
965: //Do not throw an exception, acc. to WS-SecurityPolicy, it ok if a target is not found in message
966: return null;
967: }
968:
969: return retValue;
970: }
971:
972: public AttachmentPart getAttachment(SOAPElement element)
973: throws SOAPException {
974: log.log(Level.SEVERE,
975: "WSS0291.unsupported.operation.getAttachment");
976: throw new UnsupportedOperationException(
977: "Operation Not Supported");
978: //soapMessage.getAttachment(element);
979: }
980:
981: public void removeAttachments(MimeHeaders hdrs) {
982: log.log(Level.SEVERE,
983: "WSS0292.unsupported.operation.removeAttachment");
984: throw new UnsupportedOperationException(
985: "Operation Not Supported");
986: //soapMessage.removeAttachments(hdrs);
987: }
988:
989: public boolean isOptimized() {
990: return optimized;
991: }
992:
993: public void setOptimized(boolean optimized) {
994: this.optimized = optimized;
995: }
996: }
|