Search in sources :

Example 1 with SOAPAuthParam

use of com.sun.enterprise.security.jmac.provider.SOAPAuthParam in project Payara by payara.

the class WebServiceSecurity method secureRequest.

private static void secureRequest(SOAPMessage request, HashMap sharedState, ClientAuthContext cAC, boolean isAppClient) throws AuthException {
    if (_logger.isLoggable(Level.FINE)) {
        _logger.log(Level.FINE, "Container Auth: ClientAuthContext.secureRequest");
    }
    SOAPAuthParam param = new SOAPAuthParam(request, null);
    Subject subject = null;
    if (isAppClient) {
        ClientSecurityContext sc = ClientSecurityContext.getCurrent();
        if (sc != null) {
            subject = sc.getSubject();
        }
    } else {
        SecurityContext sc = SecurityContext.getCurrent();
        if (sc != null && !sc.didServerGenerateCredentials()) {
            // make sure we don't use default unauthenticated subject,
            // so that module cannot change this important (constant)
            // subject.
            subject = sc.getSubject();
        }
    }
    if (subject == null)
        subject = new Subject();
    cAC.secureRequest(param, subject, sharedState);
}
Also used : SOAPAuthParam(com.sun.enterprise.security.jmac.provider.SOAPAuthParam) ClientSecurityContext(com.sun.enterprise.security.common.ClientSecurityContext) ClientSecurityContext(com.sun.enterprise.security.common.ClientSecurityContext) SecurityContext(com.sun.enterprise.security.SecurityContext) Subject(javax.security.auth.Subject)

Example 2 with SOAPAuthParam

use of com.sun.enterprise.security.jmac.provider.SOAPAuthParam in project Payara by payara.

the class WebServiceSecurity method validateRequest.

// when called by jaxrpc SystemHandlerDelegate
public static boolean validateRequest(javax.xml.rpc.handler.soap.SOAPMessageContext context, ServerAuthContext sAC) throws AuthException {
    boolean rvalue = true;
    SOAPAuthParam param = new SOAPAuthParam(context.getMessage(), null);
    // put sharedState in MessageContext for use by secureResponse
    HashMap sharedState = new HashMap();
    context.setProperty(SHARED_SERVER_STATE, sharedState);
    try {
        rvalue = validateRequest(param, sharedState, sAC);
    } catch (PendingException pe) {
        _logger.log(Level.FINE, "Container-auth: wss: Error validating request  ", pe);
        context.setMessage(param.getResponse());
        rvalue = false;
    } catch (FailureException fe) {
        _logger.log(Level.FINE, "Container-auth: wss: Error validating request  ", fe);
        context.setMessage(param.getResponse());
        throw fe;
    }
    return rvalue;
}
Also used : SOAPAuthParam(com.sun.enterprise.security.jmac.provider.SOAPAuthParam) HashMap(java.util.HashMap)

Example 3 with SOAPAuthParam

use of com.sun.enterprise.security.jmac.provider.SOAPAuthParam in project Payara by payara.

the class WebServiceSecurity method secureResponse.

private static void secureResponse(SOAPMessage response, HashMap sharedState, ServerAuthContext sAC) throws AuthException {
    if (_logger.isLoggable(Level.FINE)) {
        _logger.log(Level.FINE, "Container Auth: ServerAuthContext.secureResponse");
    }
    // subject may change if runAs identity differs from caller's.
    // Therefore, session state is saved in sharedState not subject
    SecurityContext sc = SecurityContext.getCurrent();
    Subject subject = sc.getSubject();
    SOAPAuthParam param = new SOAPAuthParam(null, response);
    try {
        sAC.secureResponse((AuthParam) param, subject, sharedState);
    } finally {
        sAC.disposeSubject(subject, sharedState);
    }
    return;
}
Also used : SOAPAuthParam(com.sun.enterprise.security.jmac.provider.SOAPAuthParam) ClientSecurityContext(com.sun.enterprise.security.common.ClientSecurityContext) SecurityContext(com.sun.enterprise.security.SecurityContext) Subject(javax.security.auth.Subject)

Example 4 with SOAPAuthParam

use of com.sun.enterprise.security.jmac.provider.SOAPAuthParam in project Payara by payara.

the class WebServiceSecurity method validateResponse.

private static boolean validateResponse(SOAPMessage response, HashMap sharedState, ClientAuthContext cAC) throws AuthException {
    boolean rvalue = true;
    // get a subject to be filled in with the principals of the responder
    Subject responderSubject = new Subject();
    SOAPAuthParam param = new SOAPAuthParam(null, response);
    try {
        cAC.validateResponse(param, responderSubject, sharedState);
    } catch (AuthException ae) {
        _logger.log(Level.SEVERE, LogUtils.ERROR_RESPONSE_VALIDATION, ae);
        rvalue = false;
        throw ae;
    } finally {
        cAC.disposeSubject(responderSubject, sharedState);
    }
    return rvalue;
}
Also used : SOAPAuthParam(com.sun.enterprise.security.jmac.provider.SOAPAuthParam) Subject(javax.security.auth.Subject)

Aggregations

SOAPAuthParam (com.sun.enterprise.security.jmac.provider.SOAPAuthParam)4 Subject (javax.security.auth.Subject)3 SecurityContext (com.sun.enterprise.security.SecurityContext)2 ClientSecurityContext (com.sun.enterprise.security.common.ClientSecurityContext)2 HashMap (java.util.HashMap)1