001: /*
002: * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
003: *
004: * Copyright 1997-2007 Sun Microsystems, Inc. All rights reserved.
005: *
006: * The contents of this file are subject to the terms of either the GNU
007: * General Public License Version 2 only ("GPL") or the Common Development
008: * and Distribution License("CDDL") (collectively, the "License"). You
009: * may not use this file except in compliance with the License. You can obtain
010: * a copy of the License at https://glassfish.dev.java.net/public/CDDL+GPL.html
011: * or glassfish/bootstrap/legal/LICENSE.txt. See the License for the specific
012: * language governing permissions and limitations under the License.
013: *
014: * When distributing the software, include this License Header Notice in each
015: * file and include the License file at glassfish/bootstrap/legal/LICENSE.txt.
016: * Sun designates this particular file as subject to the "Classpath" exception
017: * as provided by Sun in the GPL Version 2 section of the License file that
018: * accompanied this code. If applicable, add the following below the License
019: * Header, with the fields enclosed by brackets [] replaced by your own
020: * identifying information: "Portions Copyrighted [year]
021: * [name of copyright owner]"
022: *
023: * Contributor(s):
024: *
025: * If you wish your version of this file to be governed by only the CDDL or
026: * only the GPL Version 2, indicate your decision by adding "[Contributor]
027: * elects to include this software in this distribution under the [CDDL or GPL
028: * Version 2] license." If you don't indicate a single choice of license, a
029: * recipient has the option to distribute your version of this file under
030: * either the CDDL, the GPL Version 2 or to extend the choice of license to
031: * its licensees as provided above. However, if you add GPL Version 2 code
032: * and therefore, elected the GPL Version 2 license, then the option applies
033: * only if the new code is made subject to such option by the copyright
034: * holder.
035: */
036:
037: package com.sun.xml.wss.jaxws.impl;
038:
039: import com.sun.xml.ws.api.message.HeaderList;
040: import com.sun.xml.ws.api.message.Message;
041: import com.sun.xml.ws.api.message.Messages;
042: import com.sun.xml.ws.api.message.Packet;
043: import com.sun.xml.ws.api.model.wsdl.WSDLFault;
044: import com.sun.xml.ws.api.model.wsdl.WSDLOperation;
045: import com.sun.xml.ws.api.model.wsdl.WSDLPort;
046: import com.sun.xml.ws.assembler.PipeConfiguration;
047: import com.sun.xml.ws.policy.PolicyAssertion;
048: import com.sun.xml.ws.security.impl.policyconv.SCTokenWrapper;
049: import com.sun.xml.ws.security.opt.impl.JAXBFilterProcessingContext;
050: import com.sun.xml.ws.security.secconv.WSSCConstants;
051: import com.sun.xml.ws.security.trust.WSTrustConstants;
052: import com.sun.xml.wss.impl.PolicyResolver;
053: import com.sun.xml.wss.impl.policy.mls.MessagePolicy;
054: import com.sun.xml.ws.api.model.wsdl.WSDLBoundPortType;
055: import com.sun.xml.ws.api.model.wsdl.WSDLBoundOperation;
056: import com.sun.xml.ws.security.impl.policyconv.SecurityPolicyHolder;
057: import com.sun.xml.wss.ProcessingContext;
058: import com.sun.xml.wss.impl.MessageConstants;
059: import java.util.Collection;
060: import java.util.Iterator;
061: import java.util.List;
062: import java.util.Set;
063: import javax.xml.namespace.QName;
064: import javax.xml.soap.SOAPBody;
065: import javax.xml.soap.SOAPConstants;
066: import org.w3c.dom.Node;
067: import javax.xml.soap.SOAPMessage;
068: import javax.xml.soap.SOAPException;
069: import java.util.HashMap;
070: import com.sun.xml.wss.impl.misc.PolicyAttributes;
071: import org.w3c.dom.NodeList;
072: import com.sun.xml.ws.security.policy.Token;
073: import com.sun.xml.ws.api.addressing.*;
074:
075: import static com.sun.xml.wss.jaxws.impl.Constants.SUN_WSS_SECURITY_SERVER_POLICY_NS;
076: import static com.sun.xml.wss.jaxws.impl.Constants.SUN_WSS_SECURITY_CLIENT_POLICY_NS;
077: import static com.sun.xml.wss.jaxws.impl.Constants.RM_CREATE_SEQ;
078: import static com.sun.xml.wss.jaxws.impl.Constants.RM_CREATE_SEQ_RESP;
079: import static com.sun.xml.wss.jaxws.impl.Constants.RM_SEQ_ACK;
080: import static com.sun.xml.wss.jaxws.impl.Constants.RM_TERMINATE_SEQ;
081: import static com.sun.xml.wss.jaxws.impl.Constants.RM_LAST_MESSAGE;
082: import static com.sun.xml.wss.jaxws.impl.Constants.SC_ASSERTION;
083: import static com.sun.xml.wss.jaxws.impl.Constants.rstSCTURI;
084: import static com.sun.xml.wss.jaxws.impl.Constants.rstrSCTURI;
085: import static com.sun.xml.wss.jaxws.impl.Constants.JAXWS_21_MESSAGE;
086:
087: /**
088: *
089: * @author Ashutosh.Shahi@sun.com
090: */
091:
092: public class PolicyResolverImpl implements PolicyResolver {
093:
094: private WSDLBoundOperation cachedOperation = null;
095: private HashMap<WSDLBoundOperation, SecurityPolicyHolder> inMessagePolicyMap = null;
096: private HashMap<String, SecurityPolicyHolder> inProtocolPM = null;
097:
098: //private PolicyAttributes pa = null;
099: private AddressingVersion addVer = null;
100: private PipeConfiguration pipeConfig = null;
101: private boolean isClient = false;
102: private boolean isSCMessage = false;
103: //private boolean isTrustOrSCMessage = false;
104: private String action = "";
105:
106: /**
107: * Creates a new instance of OperationResolverImpl
108: */
109:
110: public PolicyResolverImpl(
111: HashMap<WSDLBoundOperation, SecurityPolicyHolder> inMessagePolicyMap,
112: HashMap<String, SecurityPolicyHolder> ip,
113: WSDLBoundOperation cachedOperation,
114: PipeConfiguration pipeConfig, AddressingVersion addVer,
115: boolean isClient) {
116: this .inMessagePolicyMap = inMessagePolicyMap;
117: this .inProtocolPM = ip;
118: this .cachedOperation = cachedOperation;
119: this .pipeConfig = pipeConfig;
120: this .addVer = addVer;
121: this .isClient = isClient;
122: }
123:
124: public MessagePolicy resolvePolicy(ProcessingContext ctx) {
125: Message msg = (Message) ctx
126: .getExtraneousProperty(JAXWS_21_MESSAGE);
127: Packet packet = null;
128: MessagePolicy mp = null;
129: SOAPMessage soapMsg = null;
130: if (msg == null) {
131: if (ctx instanceof JAXBFilterProcessingContext) {
132: msg = ((JAXBFilterProcessingContext) ctx)
133: .getJAXWSMessage();
134: } else {
135: soapMsg = ctx.getSOAPMessage();
136: msg = Messages.create(soapMsg);
137: }
138: ctx.setExtraneousProperty(JAXWS_21_MESSAGE, msg);
139: }
140: action = getAction(msg);
141: if (isRMMessage()) {
142: SecurityPolicyHolder holder = inProtocolPM.get("RM");
143: return holder.getMessagePolicy();
144:
145: }
146:
147: if (isSCCancel()) {
148: SecurityPolicyHolder holder = inProtocolPM.get("SC");
149: return holder.getMessagePolicy();
150: }
151: isSCMessage = isSCMessage();
152: if (isSCMessage) {
153: Token scToken = (Token) getInBoundSCP();
154: return getInboundXWSBootstrapPolicy(scToken);
155: }
156:
157: if (msg.isFault()) {
158: if (soapMsg == null) {
159: try {
160: soapMsg = msg.readAsSOAPMessage();
161: } catch (SOAPException ex) {
162: //ex.printStackTrace();
163: }
164: }
165: mp = getInboundFaultPolicy(soapMsg);
166: } else {
167: mp = getInboundXWSSecurityPolicy(msg);
168: }
169:
170: if (mp == null) {
171: return new MessagePolicy();
172: }
173: return mp;
174: }
175:
176: protected PolicyAssertion getInBoundSCP() {
177:
178: SecurityPolicyHolder sph = null;
179: Collection coll = inMessagePolicyMap.values();
180: Iterator itr = coll.iterator();
181:
182: while (itr.hasNext()) {
183: SecurityPolicyHolder ph = (SecurityPolicyHolder) itr.next();
184: if (ph != null) {
185: sph = ph;
186: break;
187: }
188: }
189: if (sph == null) {
190: return null;
191: }
192: List<PolicyAssertion> policies = sph
193: .getSecureConversationTokens();
194: if (!policies.isEmpty()) {
195: return (PolicyAssertion) policies.get(0);
196: }
197: return null;
198: }
199:
200: private MessagePolicy getInboundXWSSecurityPolicy(Message msg) {
201: MessagePolicy mp = null;
202:
203: //Review : Will this return operation name in all cases , doclit,rpclit, wrap / non wrap ?
204: WSDLBoundOperation operation = null;
205: if (cachedOperation != null) {
206: operation = cachedOperation;
207: } else {
208: operation = msg.getOperation(pipeConfig.getWSDLModel());
209: if (operation == null)
210: operation = getWSDLOpFromAction();
211: }
212:
213: SecurityPolicyHolder sph = (SecurityPolicyHolder) inMessagePolicyMap
214: .get(operation);
215: //TODO: pass isTrustMessage Flag to this method later
216: if (sph == null && (isTrustMessage() || isSCMessage)) {
217: operation = getWSDLOpFromAction();
218: sph = (SecurityPolicyHolder) inMessagePolicyMap
219: .get(operation);
220: }
221: if (sph == null) {
222: return null;
223: }
224:
225: mp = sph.getMessagePolicy();
226:
227: return mp;
228: }
229:
230: private MessagePolicy getInboundFaultPolicy(SOAPMessage msg) {
231: if (cachedOperation != null) {
232: WSDLOperation operation = cachedOperation.getOperation();
233: try {
234: SOAPBody body = msg.getSOAPBody();
235: NodeList nodes = body.getElementsByTagName("detail");
236: if (nodes.getLength() == 0) {
237: nodes = body.getElementsByTagNameNS(
238: SOAPConstants.URI_NS_SOAP_1_2_ENVELOPE,
239: "Detail");
240: }
241: if (nodes.getLength() > 0) {
242: Node node = nodes.item(0);
243: Node faultNode = node.getFirstChild();
244: if (faultNode == null) {
245: return new MessagePolicy();
246: }
247: String uri = faultNode.getNamespaceURI();
248: QName faultDetail = null;
249: if (uri != null && uri.length() > 0) {
250: faultDetail = new QName(faultNode
251: .getNamespaceURI(), faultNode
252: .getNodeName());
253: } else {
254: faultDetail = new QName(faultNode.getNodeName());
255: }
256: WSDLFault fault = operation.getFault(faultDetail);
257: SecurityPolicyHolder sph = inMessagePolicyMap
258: .get(cachedOperation);
259: SecurityPolicyHolder faultPolicyHolder = sph
260: .getFaultPolicy(fault);
261: MessagePolicy faultPolicy = (faultPolicyHolder == null) ? new MessagePolicy()
262: : faultPolicyHolder.getMessagePolicy();
263: return faultPolicy;
264: }
265: } catch (SOAPException sx) {
266: //sx.printStackTrace();
267: //log error
268: }
269: }
270: return new MessagePolicy();
271:
272: }
273:
274: private boolean isTrustMessage() {
275: if (WSTrustConstants.REQUEST_SECURITY_TOKEN_ISSUE_ACTION
276: .equals(action)
277: || WSTrustConstants.REQUEST_SECURITY_TOKEN_RESPONSE_ISSUE_ACTION
278: .equals(action)) {
279: return true;
280: }
281: return false;
282:
283: }
284:
285: private boolean isRMMessage() {
286: if (RM_CREATE_SEQ.equals(action)
287: || RM_CREATE_SEQ_RESP.equals(action)
288: || RM_SEQ_ACK.equals(action)
289: || RM_TERMINATE_SEQ.equals(action)
290: || RM_LAST_MESSAGE.equals(action)) {
291: return true;
292: }
293: return false;
294: }
295:
296: private String getAction(Message msg) {
297: if (addVer != null) {
298: HeaderList hl = msg.getHeaders();
299: String action = hl.getAction(addVer, pipeConfig
300: .getBinding().getSOAPVersion());
301: return action;
302: }
303: return "";
304:
305: }
306:
307: private MessagePolicy getInboundXWSBootstrapPolicy(Token scAssertion) {
308: return ((SCTokenWrapper) scAssertion).getMessagePolicy();
309: }
310:
311: private boolean isSCMessage() {
312: if (rstSCTURI.equals(action) || rstrSCTURI.equals(action)) {
313: return true;
314: }
315: return false;
316: }
317:
318: private boolean isSCCancel() {
319:
320: if (WSSCConstants.CANCEL_SECURITY_CONTEXT_TOKEN_RESPONSE_ACTION
321: .equals(action)
322: || WSSCConstants.CANCEL_SECURITY_CONTEXT_TOKEN_ACTION
323: .equals(action)) {
324: return true;
325: }
326: return false;
327: }
328:
329: private String getAction(WSDLOperation operation) {
330: if (!isClient) {
331: return operation.getInput().getAction();
332: } else {
333: return operation.getOutput().getAction();
334: }
335: }
336:
337: private WSDLBoundOperation getWSDLOpFromAction() {
338: Set<WSDLBoundOperation> keys = inMessagePolicyMap.keySet();
339: for (WSDLBoundOperation wbo : keys) {
340: WSDLOperation wo = wbo.getOperation();
341: // WsaWSDLOperationExtension extensions = wo.getExtension(WsaWSDLOperationExtension.class);
342: String confAction = getAction(wo);
343: if (confAction != null && confAction.equals(action)) {
344: return wbo;
345: }
346: }
347: return null;
348: }
349:
350: }
|