001: /*
002: * $Id: SecurityAnnotator.java,v 1.7 2007/01/08 09:28:50 ashutoshshahi Exp $
003: */
004:
005: /*
006: * The contents of this file are subject to the terms
007: * of the Common Development and Distribution License
008: * (the License). You may not use this file except in
009: * compliance with the License.
010: *
011: * You can obtain a copy of the license at
012: * https://glassfish.dev.java.net/public/CDDLv1.0.html.
013: * See the License for the specific language governing
014: * permissions and limitations under the License.
015: *
016: * When distributing Covered Code, include this CDDL
017: * Header Notice in each file and include the License file
018: * at https://glassfish.dev.java.net/public/CDDLv1.0.html.
019: * If applicable, add the following below the CDDL Header,
020: * with the fields enclosed by brackets [] replaced by
021: * you own identifying information:
022: * "Portions Copyrighted [year] [name of copyright owner]"
023: *
024: * Copyright 2006 Sun Microsystems Inc. All Rights Reserved
025: */
026:
027: package com.sun.xml.wss.impl;
028:
029: import com.sun.xml.ws.security.opt.impl.JAXBFilterProcessingContext;
030: import java.util.Iterator;
031: import java.util.List;
032: import java.util.ArrayList;
033: import java.util.logging.Level;
034: import java.util.logging.Logger;
035:
036: import com.sun.xml.wss.impl.policy.mls.WSSPolicy;
037: import com.sun.xml.wss.impl.policy.SecurityPolicy;
038: import com.sun.xml.wss.impl.policy.StaticPolicyContext;
039: import com.sun.xml.wss.impl.callback.DynamicPolicyCallback;
040: import com.sun.xml.wss.impl.policy.mls.MessagePolicy;
041: import com.sun.xml.wss.impl.configuration.DynamicApplicationContext;
042: import com.sun.xml.wss.impl.filter.DumpFilter;
043: import com.sun.xml.wss.logging.LogDomainConstants;
044: import com.sun.xml.wss.*;
045:
046: /**
047: * This class exports a static Security Service for Securing an Outbound SOAPMessage.
048: * The policy to be applied for Securing the Message and the SOAPMessage itself are
049: * supplied in an instance of a com.sun.xml.wss.ProcessingContext
050: * @see ProcessingContext
051: */
052: public class SecurityAnnotator {
053:
054: private static Logger log = Logger.getLogger(
055: LogDomainConstants.WSS_API_DOMAIN,
056: LogDomainConstants.WSS_API_DOMAIN_BUNDLE);
057:
058: /**
059: * Secure an Outbound SOAP Message.
060: * <P>
061: * Calling code should create a com.sun.xml.wss.ProcessingContext object with
062: * runtime properties. Specifically, it should set SecurityPolicy, application
063: * CallbackHandler Or a SecurityEnvironment and static security policy context.
064: * The SecurityPolicy instance can be of the following types:
065: * <UL>
066: * <LI> A concrete WSSPolicy
067: * <LI> A MessagePolicy
068: * <LI> A DynamicSecurityPolicy
069: * </UL>
070: *
071: * A DynamicSecurityPolicy can inturn resolve to the following:
072: * <UL>
073: * <LI> A concrete WSSPolicy
074: * <LI> A MessagePolicy
075: * </UL>
076: *
077: * @param context an instance of com.sun.xml.wss.ProcessingContext
078: * @throws com.sun.xml.wss.XWSSecurityException if there was an error in securing the Outbound SOAPMessage
079: */
080: public static void secureMessage(ProcessingContext context)
081: throws XWSSecurityException {
082:
083: HarnessUtil.validateContext(context);
084:
085: SecurityPolicy policy = context.getSecurityPolicy();
086: SecurityEnvironment handler = context.getSecurityEnvironment();
087: StaticPolicyContext staticContext = context.getPolicyContext();
088:
089: FilterProcessingContext fpContext = setFilterProcessingContext(context);
090:
091: fpContext.isInboundMessage(false);
092:
093: if (PolicyTypeUtil.messagePolicy(policy)
094: && (((MessagePolicy) policy).enableDynamicPolicy() && ((MessagePolicy) policy)
095: .size() == 0)) {
096: policy = new com.sun.xml.wss.impl.policy.mls.DynamicSecurityPolicy();
097: }
098:
099: if (PolicyTypeUtil.dynamicSecurityPolicy(policy)) {
100:
101: // create dynamic callback context
102: DynamicApplicationContext dynamicContext = new DynamicApplicationContext(
103: staticContext);
104: dynamicContext.setMessageIdentifier(context
105: .getMessageIdentifier());
106: dynamicContext.inBoundMessage(false);
107: ProcessingContext.copy(dynamicContext
108: .getRuntimeProperties(), context
109: .getExtraneousProperties());
110:
111: // make dynamic policy callback
112: DynamicPolicyCallback dpCallback = new DynamicPolicyCallback(
113: policy, dynamicContext);
114: try {
115: HarnessUtil.makeDynamicPolicyCallback(dpCallback,
116: handler.getCallbackHandler());
117:
118: } catch (Exception e) {
119: log.log(Level.SEVERE,
120: "WSS0237.failed.DynamicPolicyCallback", e);
121: throw new XWSSecurityException(e);
122: }
123:
124: SecurityPolicy result = dpCallback.getSecurityPolicy();
125: fpContext.setSecurityPolicy(result);
126:
127: if (PolicyTypeUtil.messagePolicy(result)) {
128: processMessagePolicy(fpContext);
129: } else if (result instanceof WSSPolicy) {
130: HarnessUtil.processWSSPolicy(fpContext);
131: } else if (result != null) {
132: log.log(Level.SEVERE, "WSS0260.invalid.DSP");
133: throw new XWSSecurityException(
134: "Invalid dynamic security policy returned by callback handler");
135: }
136:
137: } else if (PolicyTypeUtil.messagePolicy(policy)) {
138: fpContext
139: .enableDynamicPolicyCallback(((MessagePolicy) policy)
140: .enableDynamicPolicy());
141: processMessagePolicy(fpContext);
142: } else if (policy instanceof WSSPolicy) {
143: HarnessUtil.processWSSPolicy(fpContext);
144: } else {
145: log.log(Level.SEVERE,
146: "WSS0251.invalid.SecurityPolicyInstance");
147: throw new XWSSecurityException(
148: "SecurityPolicy instance should be of type: "
149: + "WSSPolicy OR MessagePolicy OR DynamicSecurityPolicy");
150: }
151: }
152:
153: /*
154: * @param fpContext com.sun.xml.wss.FilterProcessingContext
155: *
156: * @throws com.sun.xml.wss.XWSSecurityException
157: */
158: private static void processMessagePolicy(
159: FilterProcessingContext fpContext)
160: throws XWSSecurityException {
161:
162: MessagePolicy policy = (MessagePolicy) fpContext
163: .getSecurityPolicy();
164:
165: if (policy.enableWSS11Policy()) {
166: // set a property in context to determine if its WSS11
167: fpContext.setExtraneousProperty("EnableWSS11PolicySender",
168: "true");
169: }
170:
171: // DO it always as policy not available in optimized path
172: //if (policy.enableSignatureConfirmation()) {
173: //For SignatureConfirmation
174: //Set a list in extraneous property which will store all the outgoing SignatureValues
175: //If there was no Signature in outgoing message this list will be empty
176: List scList = new ArrayList();
177: fpContext
178: .setExtraneousProperty("SignatureConfirmation", scList);
179: //}
180:
181: Iterator i = policy.iterator();
182:
183: while (i.hasNext()) {
184: SecurityPolicy sPolicy = (SecurityPolicy) i.next();
185: fpContext.setSecurityPolicy(sPolicy);
186: HarnessUtil.processDeep(fpContext);
187: }
188:
189: if (!(fpContext instanceof JAXBFilterProcessingContext)) {
190: if (policy.dumpMessages())
191: DumpFilter.process(fpContext);
192: }
193: }
194:
195: /*
196: * @param context com.sun.xml.wss.Processing Context
197: */
198: public static void handleFault(ProcessingContext context) {
199: /**
200: * TODO:
201: */
202: }
203:
204: public static FilterProcessingContext setFilterProcessingContext(
205: ProcessingContext context) throws XWSSecurityException {
206: if (context instanceof JAXBFilterProcessingContext)
207: return (JAXBFilterProcessingContext) context;
208: return new FilterProcessingContext(context);
209: }
210: }
|