001: /*
002: * The contents of this file are subject to the terms
003: * of the Common Development and Distribution License
004: * (the License). You may not use this file except in
005: * compliance with the License.
006: *
007: * You can obtain a copy of the license at
008: * https://glassfish.dev.java.net/public/CDDLv1.0.html.
009: * See the License for the specific language governing
010: * permissions and limitations under the License.
011: *
012: * When distributing Covered Code, include this CDDL
013: * Header Notice in each file and include the License file
014: * at https://glassfish.dev.java.net/public/CDDLv1.0.html.
015: * If applicable, add the following below the CDDL Header,
016: * with the fields enclosed by brackets [] replaced by
017: * you own identifying information:
018: * "Portions Copyrighted [year] [name of copyright owner]"
019: *
020: * Copyright 2006 Sun Microsystems Inc. All Rights Reserved
021: */
022:
023: package com.sun.xml.wss.impl.misc;
024:
025: import com.sun.xml.wss.ProcessingContext;
026: import com.sun.xml.wss.XWSSProcessor;
027: import java.io.InputStream;
028:
029: import javax.xml.soap.SOAPMessage;
030: import javax.security.auth.callback.CallbackHandler;
031:
032: import com.sun.xml.wss.impl.policy.mls.MessagePolicy;
033: import com.sun.xml.wss.impl.config.DeclarativeSecurityConfiguration;
034: import com.sun.xml.wss.impl.config.SecurityConfigurationXmlReader;
035:
036: import com.sun.xml.wss.impl.SecurityRecipient;
037: import com.sun.xml.wss.impl.SecurityAnnotator;
038: import com.sun.xml.wss.XWSSecurityException;
039: import com.sun.xml.wss.SecurityEnvironment;
040:
041: public class XWSSProcessor2_0Impl implements XWSSProcessor {
042:
043: private DeclarativeSecurityConfiguration declSecConfig = null;
044: private CallbackHandler handler = null;
045: private SecurityEnvironment secEnv = null;
046:
047: protected XWSSProcessor2_0Impl(InputStream securityConfig,
048: CallbackHandler handler) throws XWSSecurityException {
049: try {
050: declSecConfig = SecurityConfigurationXmlReader
051: .createDeclarativeConfiguration(securityConfig);
052: this .handler = handler;
053: secEnv = new DefaultSecurityEnvironmentImpl(this .handler);
054: } catch (Exception e) {
055: // log
056: throw new XWSSecurityException(e);
057: }
058: }
059:
060: protected XWSSProcessor2_0Impl(InputStream securityConfig)
061: throws XWSSecurityException {
062: throw new UnsupportedOperationException(
063: "Operation Not Supported");
064: }
065:
066: public SOAPMessage secureOutboundMessage(ProcessingContext context)
067: throws XWSSecurityException {
068:
069: //resolve the policy first
070: MessagePolicy resolvedPolicy = null;
071:
072: if (declSecConfig != null) {
073: resolvedPolicy = declSecConfig.senderSettings();
074: } else {
075: //log
076: throw new XWSSecurityException("Security Policy Unknown");
077: }
078:
079: if (resolvedPolicy == null) {
080: // log that no outbound security specified ?
081: return context.getSOAPMessage();
082: }
083:
084: if (context.getHandler() == null
085: && context.getSecurityEnvironment() == null) {
086: context.setSecurityEnvironment(secEnv);
087: }
088:
089: context.setSecurityPolicy(resolvedPolicy);
090:
091: try {
092: SecurityAnnotator.secureMessage(context);
093: } catch (Exception e) {
094: throw new XWSSecurityException(e);
095: }
096:
097: try {
098: SOAPMessage msg = context.getSOAPMessage();
099: //System.out.println("\n Secure Message Start .........\n\n");
100: //msg.writeTo(System.out);
101: //System.out.println("\n Secure Message End .........\n\n");
102: return msg;
103: } catch (Exception e) {
104: throw new XWSSecurityException(e);
105: }
106:
107: }
108:
109: public SOAPMessage verifyInboundMessage(ProcessingContext context)
110: throws XWSSecurityException {
111:
112: MessagePolicy resolvedPolicy = null;
113:
114: if (declSecConfig != null) {
115: resolvedPolicy = declSecConfig.receiverSettings();
116: } else {
117: //log
118: throw new XWSSecurityException("Security Policy Unknown");
119: }
120:
121: if (context.getHandler() == null
122: && context.getSecurityEnvironment() == null) {
123: context.setSecurityEnvironment(secEnv);
124: }
125:
126: if (declSecConfig.retainSecurityHeader()) {
127: context.retainSecurityHeader(true);
128: }
129:
130: context.setSecurityPolicy(resolvedPolicy);
131: try {
132: SecurityRecipient.validateMessage(context);
133: } catch (Exception e) {
134: throw new XWSSecurityException(e);
135: }
136:
137: try {
138: SOAPMessage msg = context.getSOAPMessage();
139: //System.out.println("\n Verified Message Start .........\n\n");
140: //msg.writeTo(System.out);
141: //System.out.println("\n Verified Message End .........\n\n");
142: return msg;
143: } catch (Exception e) {
144: throw new XWSSecurityException(e);
145: }
146:
147: }
148:
149: public ProcessingContext createProcessingContext(SOAPMessage msg)
150: throws XWSSecurityException {
151: ProcessingContext cntxt = new ProcessingContext();
152: cntxt.setSOAPMessage(msg);
153: return cntxt;
154: }
155: }
|