Examples with SOAPHeaderElement javax.xml.soap.SOAPHeaderElement used on opensource projects

Example 16 with SOAPHeaderElement

use of javax.xml.soap.SOAPHeaderElement in project jbossws-cxf by jbossws.

the class AuthorizationHandler method handleOutbound.

@Override
protected boolean handleOutbound(SOAPMessageContext msgContext) {
    log.info("handleOutbound");
    try {
        SOAPMessage soapMessage = msgContext.getMessage();
        SOAPHeader soapHeader = soapMessage.getSOAPHeader();
        SOAPBody soapBody = soapMessage.getSOAPBody();
        SOAPFactory soapFactory = SOAPFactory.newInstance();
        Name headerName = soapFactory.createName("AuthorizationHandlerOutbound", "ns1", "http://somens");
        SOAPHeaderElement she = soapHeader.addHeaderElement(headerName);
        she.setValue("true");
        SOAPBodyElement soapBodyElement = (SOAPBodyElement) soapBody.getChildElements().next();
        SOAPElement soapElement = (SOAPElement) soapBodyElement.getChildElements().next();
        String value = soapElement.getValue();
        soapElement.setValue(value + "|AuthOut");
    } catch (SOAPException e) {
        throw new WebServiceException(e);
    }
    return true;
}

Example 17 with SOAPHeaderElement

use of javax.xml.soap.SOAPHeaderElement in project ddf by codice.

the class PaosInInterceptor method handleMessage.

@Override
public void handleMessage(Message message) throws Fault {
    List authHeader = (List) ((Map) message.getExchange().getOutMessage().get(Message.PROTOCOL_HEADERS)).get("Authorization");
    String authorization = null;
    if (authHeader != null && authHeader.size() > 0) {
        authorization = (String) authHeader.get(0);
    }
    InputStream content = message.getContent(InputStream.class);
    String contentType = (String) message.get(Message.CONTENT_TYPE);
    if (contentType == null || !contentType.contains(APPLICATION_VND_PAOS_XML)) {
        return;
    }
    try {
        SOAPPart soapMessage = SamlProtocol.parseSoapMessage(IOUtils.toString(content, StandardCharsets.UTF_8));
        Iterator iterator = soapMessage.getEnvelope().getHeader().examineAllHeaderElements();
        IDPEntry idpEntry = null;
        String relayState = "";
        String responseConsumerURL = "";
        String messageId = "";
        while (iterator.hasNext()) {
            Element soapHeaderElement = (SOAPHeaderElement) iterator.next();
            if (RELAY_STATE.equals(soapHeaderElement.getLocalName())) {
                relayState = DOM2Writer.nodeToString(soapHeaderElement);
            } else if (REQUEST.equals(soapHeaderElement.getLocalName()) && soapHeaderElement.getNamespaceURI().equals(URN_OASIS_NAMES_TC_SAML_2_0_PROFILES_SSO_ECP)) {
                try {
                    soapHeaderElement = SamlProtocol.convertDomImplementation(soapHeaderElement);
                    Request ecpRequest = (Request) OpenSAMLUtil.fromDom(soapHeaderElement);
                    IDPList idpList = ecpRequest.getIDPList();
                    if (idpList == null) {
                        throw new Fault(new AccessDeniedException(IDP_SERVER_FAILURE_MSG));
                    }
                    List<IDPEntry> idpEntrys = idpList.getIDPEntrys();
                    if (idpEntrys == null || idpEntrys.size() == 0) {
                        throw new Fault(new AccessDeniedException(IDP_SERVER_FAILURE_MSG));
                    }
                    // choose the right entry, probably need to do something better than select the first
                    // one
                    // but the spec doesn't specify how this is supposed to be done
                    idpEntry = idpEntrys.get(0);
                } catch (WSSecurityException e) {
                    // TODO figure out IdP alternatively
                    LOGGER.info("Unable to determine IdP appropriately. ECP connection will fail. SP may be incorrectly configured. Contact the administrator for the remote system.");
                }
            } else if (REQUEST.equals(soapHeaderElement.getLocalName()) && soapHeaderElement.getNamespaceURI().equals(URN_LIBERTY_PAOS_2003_08)) {
                responseConsumerURL = soapHeaderElement.getAttribute(RESPONSE_CONSUMER_URL);
                messageId = soapHeaderElement.getAttribute(MESSAGE_ID);
            }
        }
        if (idpEntry == null) {
            throw new Fault(new AccessDeniedException(IDP_SERVER_FAILURE_MSG));
        }
        String token = createToken(authorization);
        checkAuthnRequest(soapMessage);
        Element authnRequestElement = SamlProtocol.getDomElement(soapMessage.getEnvelope().getBody().getFirstChild());
        String loc = idpEntry.getLoc();
        String soapRequest = buildSoapMessage(token, relayState, authnRequestElement, null);
        HttpResponseWrapper httpResponse = getHttpResponse(loc, soapRequest, null);
        InputStream httpResponseContent = httpResponse.content;
        SOAPPart idpSoapResponse = SamlProtocol.parseSoapMessage(IOUtils.toString(httpResponseContent, StandardCharsets.UTF_8));
        Iterator responseHeaderElements = idpSoapResponse.getEnvelope().getHeader().examineAllHeaderElements();
        String newRelayState = "";
        while (responseHeaderElements.hasNext()) {
            SOAPHeaderElement soapHeaderElement = (SOAPHeaderElement) responseHeaderElements.next();
            if (RESPONSE.equals(soapHeaderElement.getLocalName())) {
                String assertionConsumerServiceURL = soapHeaderElement.getAttribute(ASSERTION_CONSUMER_SERVICE_URL);
                if (!responseConsumerURL.equals(assertionConsumerServiceURL)) {
                    String soapFault = buildSoapFault(ECP_RESPONSE, "The responseConsumerURL does not match the assertionConsumerServiceURL.");
                    httpResponse = getHttpResponse(responseConsumerURL, soapFault, null);
                    message.setContent(InputStream.class, httpResponse.content);
                    return;
                }
            } else if (RELAY_STATE.equals(soapHeaderElement.getLocalName())) {
                newRelayState = DOM2Writer.nodeToString(soapHeaderElement);
                if (StringUtils.isNotEmpty(relayState) && !relayState.equals(newRelayState)) {
                    LOGGER.debug("RelayState does not match between ECP request and response");
                }
                if (StringUtils.isNotEmpty(relayState)) {
                    newRelayState = relayState;
                }
            }
        }
        checkSamlpResponse(idpSoapResponse);
        Element samlpResponseElement = SamlProtocol.getDomElement(idpSoapResponse.getEnvelope().getBody().getFirstChild());
        XMLObject paosResponse = null;
        if (StringUtils.isNotEmpty(messageId)) {
            paosResponse = getPaosResponse(messageId);
        }
        String soapResponse = buildSoapMessage(null, newRelayState, samlpResponseElement, paosResponse);
        httpResponse = getHttpResponse(responseConsumerURL, soapResponse, message.getExchange().getOutMessage());
        if (httpResponse.statusCode < 400) {
            httpResponseContent = httpResponse.content;
            message.setContent(InputStream.class, httpResponseContent);
            Map<String, List<String>> headers = new HashMap<>();
            message.put(Message.PROTOCOL_HEADERS, headers);
            httpResponse.headers.forEach((entry) -> headers.put(entry.getKey(), // CXF Expects pairs of <String, List<String>>
            entry.getValue() instanceof List ? ((List<Object>) entry.getValue()).stream().map(String::valueOf).collect(Collectors.toList()) : Lists.newArrayList(String.valueOf(entry.getValue()))));
        } else {
            throw new Fault(new AccessDeniedException("Unable to complete SAML ECP connection due to an error."));
        }
    } catch (IOException e) {
        LOGGER.debug("Error encountered while performing ECP handshake.", e);
    } catch (XMLStreamException | SOAPException e) {
        throw new Fault(new AccessDeniedException("Unable to complete SAML ECP connection. The server's response was not in the correct format."));
    } catch (WSSecurityException e) {
        throw new Fault(new AccessDeniedException("Unable to complete SAML ECP connection. Unable to send SOAP request messages."));
    }
}

Example 18 with SOAPHeaderElement

use of javax.xml.soap.SOAPHeaderElement in project cxf by apache.

the class AbstractModifyRequestInterceptor method handleMessage.

public void handleMessage(SoapMessage mc) throws Fault {
    SOAPMessage saaj = mc.getContent(SOAPMessage.class);
    try {
        Iterator<?> secHeadersIterator = SAAJUtils.getHeader(saaj).getChildElements(SEC_HEADER);
        if (secHeadersIterator.hasNext()) {
            SOAPHeaderElement securityHeader = (SOAPHeaderElement) secHeadersIterator.next();
            modifySecurityHeader(securityHeader);
        }
        modifySOAPBody(SAAJUtils.getBody(saaj));
    } catch (SOAPException ex) {
        throw new Fault(ex);
    }
}

Example 19 with SOAPHeaderElement

use of javax.xml.soap.SOAPHeaderElement in project cxf by apache.

the class SecurityHeaderCacheInterceptor method handleMessage.

public void handleMessage(SoapMessage mc) throws Fault {
    SOAPMessage saaj = mc.getContent(SOAPMessage.class);
    if (cachedSecurityHeader == null) {
        try {
            Iterator<?> cachedHeadersIterator = SAAJUtils.getHeader(saaj).getChildElements(SEC_HEADER);
            if (cachedHeadersIterator.hasNext()) {
                cachedSecurityHeader = (SOAPHeaderElement) cachedHeadersIterator.next();
            }
        } catch (SOAPException e) {
        // Ignore
        }
    } else {
        try {
            saaj.getSOAPHeader().removeContents();
            SOAPHeaderElement secHeaderElement = SAAJUtils.getHeader(saaj).addHeaderElement(SEC_HEADER);
            Iterator<?> cachedHeadersIterator = cachedSecurityHeader.getChildElements();
            while (cachedHeadersIterator.hasNext()) {
                secHeaderElement.addChildElement((SOAPElement) cachedHeadersIterator.next());
            }
        } catch (SOAPException e) {
            e.printStackTrace();
        }
    }
}

Example 20 with SOAPHeaderElement

use of javax.xml.soap.SOAPHeaderElement in project narayana by jbosstm.

the class InstanceIdentifierHandler method handleMessageOutbound.

/**
 * check for an arjuna context attached to the message context and, if found, install its identifier as the value
 * of a soap message header element
 * @param context
 * @return
 * @throws ProtocolException
 */
protected boolean handleMessageOutbound(SOAPMessageContext context) throws ProtocolException {
    try {
        ArjunaContext arjunaContext = ArjunaContext.getCurrentContext(context);
        if (arjunaContext != null) {
            InstanceIdentifier instanceIdentifier = arjunaContext.getInstanceIdentifier();
            // insert a header into the current message containing the instance identifier as a text element
            final SOAPMessage soapMessage = context.getMessage();
            final SOAPEnvelope soapEnvelope = soapMessage.getSOAPPart().getEnvelope();
            SOAPHeader soapHeader = soapEnvelope.getHeader();
            if (soapHeader == null) {
                soapHeader = soapEnvelope.addHeader();
            }
            final SOAPHeaderElement headerElement = soapHeader.addHeaderElement(ArjunaConstants.WSARJ_ELEMENT_INSTANCE_IDENTIFIER_QNAME);
            headerElement.setValue(instanceIdentifier.getInstanceIdentifier());
            headerElement.setMustUnderstand(true);
        }
    } catch (Exception se) {
        throw new ProtocolException(se);
    }
    return true;
}