Search in sources :

Example 56 with WebServiceException

use of javax.xml.ws.WebServiceException in project cxf by apache.

the class HTTPClientPolicyTest method testUsingHTTPClientPolicies.

@Test
public void testUsingHTTPClientPolicies() throws Exception {
    SpringBusFactory bf = new SpringBusFactory();
    bus = bf.createBus(POLICY_ENGINE_ENABLED_CFG);
    BusFactory.setDefaultBus(bus);
    LoggingInInterceptor in = new LoggingInInterceptor();
    bus.getInInterceptors().add(in);
    bus.getInFaultInterceptors().add(in);
    LoggingOutInterceptor out = new LoggingOutInterceptor();
    bus.getOutInterceptors().add(out);
    bus.getOutFaultInterceptors().add(out);
    // use a client wsdl with policies attached to endpoint, operation and message subjects
    URL url = HTTPClientPolicyTest.class.getResource("http_client_greeter.wsdl");
    BasicGreeterService gs = new BasicGreeterService(url, GREETER_QNAME);
    final Greeter greeter = gs.getGreeterPort();
    updateAddressPort(greeter, PORT);
    LOG.fine("Created greeter client.");
    try {
        greeter.sayHi();
        fail("Did not receive expected PolicyException.");
    } catch (WebServiceException wex) {
        PolicyException ex = (PolicyException) wex.getCause();
        assertEquals("INCOMPATIBLE_HTTPCLIENTPOLICY_ASSERTIONS", ex.getCode());
    }
    // greetMeOneWay - no message or operation policies
    greeter.greetMeOneWay("CXF");
    // greetMe - operation policy specifies receive timeout and should cause every
    // other invocation to fail
    assertEquals("CXF", greeter.greetMe("cxf"));
    try {
        greeter.greetMe("cxf");
        fail("Didn't get the exception");
    } catch (Exception ex) {
        // ex.printStackTrace();
        assertTrue(ex.getCause().getClass().getName(), ex.getCause() instanceof SocketTimeoutException);
    }
    try {
        greeter.pingMe();
        fail("Expected PingMeFault not thrown.");
    } catch (PingMeFault ex) {
        assertEquals(2, ex.getFaultInfo().getMajor());
        assertEquals(1, ex.getFaultInfo().getMinor());
    }
    ((Closeable) greeter).close();
}
Also used : PingMeFault(org.apache.cxf.greeter_control.PingMeFault) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) SocketTimeoutException(java.net.SocketTimeoutException) WebServiceException(javax.xml.ws.WebServiceException) PolicyException(org.apache.cxf.ws.policy.PolicyException) LoggingOutInterceptor(org.apache.cxf.ext.logging.LoggingOutInterceptor) Greeter(org.apache.cxf.greeter_control.Greeter) Closeable(java.io.Closeable) LoggingInInterceptor(org.apache.cxf.ext.logging.LoggingInInterceptor) BasicGreeterService(org.apache.cxf.greeter_control.BasicGreeterService) URL(java.net.URL) PolicyException(org.apache.cxf.ws.policy.PolicyException) WebServiceException(javax.xml.ws.WebServiceException) SocketTimeoutException(java.net.SocketTimeoutException) Test(org.junit.Test)

Example 57 with WebServiceException

use of javax.xml.ws.WebServiceException in project Payara by payara.

the class ClientSecurityTube method processResponse.

@Override
public NextAction processResponse(Packet response) {
    try {
        // check for response
        Message m = response.getMessage();
        if (m != null) {
            if (cAC != null) {
                AuthStatus status;
                info.setResponsePacket(response);
                try {
                    status = cAC.validateResponse(info, clientSubject, null);
                } catch (Exception e) {
                    return doThrow(new WebServiceException(localStrings.getLocalString("enterprise.webservice.cantValidateResponse", "Cannot validate response for {0}", new Object[] { helper.getModelName() }), e));
                }
                if (status == AuthStatus.SEND_CONTINUE) {
                    // response = processSecureRequest(info, cAC, clientSubject);
                    return doInvoke(super.next, info.getRequestPacket());
                } else {
                    response = info.getResponsePacket();
                }
            }
        }
        return doReturnWith(response);
    } catch (Throwable t) {
        if (!(t instanceof WebServiceException)) {
            t = new WebServiceException(t);
        }
        return doThrow(t);
    }
}
Also used : Message(com.sun.xml.ws.api.message.Message) WebServiceException(javax.xml.ws.WebServiceException) AuthStatus(javax.security.auth.message.AuthStatus) WSSecureConversationException(com.sun.xml.ws.security.secconv.WSSecureConversationException) WebServiceException(javax.xml.ws.WebServiceException)

Example 58 with WebServiceException

use of javax.xml.ws.WebServiceException in project Payara by payara.

the class CommonServerSecurityPipe method processRequest.

private Packet processRequest(Packet request) throws Exception {
    AuthStatus status = AuthStatus.SUCCESS;
    PacketMessageInfo info = new PacketMapMessageInfo(request, new Packet());
    // XXX at this time, we expect the server subject to be null
    Subject serverSubject = (Subject) request.invocationProperties.get(PipeConstants.SERVER_SUBJECT);
    // could change the request packet
    ServerAuthContext sAC = helper.getServerAuthContext(info, serverSubject);
    Subject clientSubject = getClientSubject(request);
    final Packet validatedRequest;
    try {
        if (sAC != null) {
            // client subject must not be null
            // and when return status is SUCCESS, module
            // must have called handler.handle(CallerPrincipalCallback)
            status = sAC.validateRequest(info, clientSubject, serverSubject);
        }
    } catch (Exception e) {
        _logger.log(Level.SEVERE, LogUtils.ERROR_REQUEST_VALIDATION, e);
        WebServiceException wse = new WebServiceException(localStrings.getLocalString("enterprise.webservice.cantValidateRequest", "Cannot validate request for {0}", new Object[] { helper.getModelName() }), e);
        // set status for audit
        status = AuthStatus.SEND_FAILURE;
        // if unable to determine if two-way will return empty response
        return helper.getFaultResponse(info.getRequestPacket(), info.getResponsePacket(), wse);
    } finally {
        validatedRequest = info.getRequestPacket();
        helper.auditInvocation(validatedRequest, status);
    }
    Packet response = null;
    if (status == AuthStatus.SUCCESS) {
        boolean authorized = false;
        try {
            helper.authorize(validatedRequest);
            authorized = true;
        } catch (Exception e) {
            // not authorized, construct fault and proceded
            response = helper.getFaultResponse(validatedRequest, info.getResponsePacket(), e);
        }
        if (authorized) {
            // only do doAdPriv if SecurityManager is in effect
            if (System.getSecurityManager() == null) {
                try {
                    // proceed to invoke the endpoint
                    response = next.process(validatedRequest);
                } catch (Exception e) {
                    _logger.log(Level.SEVERE, LogUtils.NEXT_PIPE, e);
                    response = helper.getFaultResponse(validatedRequest, info.getResponsePacket(), e);
                }
            } else {
                try {
                    response = (Packet) Subject.doAsPrivileged(clientSubject, new PrivilegedExceptionAction() {

                        @Override
                        public Object run() throws Exception {
                            // proceed to invoke the endpoint
                            return next.process(validatedRequest);
                        }
                    }, null);
                } catch (PrivilegedActionException pae) {
                    Throwable cause = pae.getCause();
                    _logger.log(Level.SEVERE, LogUtils.NEXT_PIPE, cause);
                    response = helper.getFaultResponse(validatedRequest, info.getResponsePacket(), cause);
                }
            }
        }
        // pipes are not supposed to return a null response packet
        if (response == null) {
            WebServiceException wse = new WebServiceException(localStrings.getLocalString("enterprise.webservice.nullResponsePacket", "Invocation of Service {0} returned null response packet", new Object[] { helper.getModelName() }));
            response = helper.getFaultResponse(validatedRequest, info.getResponsePacket(), wse);
            _logger.log(Level.SEVERE, LogUtils.EXCEPTION_THROWN, wse);
        }
        // secure response, including if it is a fault
        if (sAC != null && response.getMessage() != null) {
            info.setResponsePacket(response);
            response = processResponse(info, sAC, serverSubject);
        }
    } else {
        // validateRequest did not return success
        if (_logger.isLoggable(Level.FINE)) {
            _logger.log(Level.FINE, "ws.status_validate_request", status);
        }
        // even for one-way mep, may return response with non-empty message
        response = info.getResponsePacket();
    }
    return response;
}
Also used : Packet(com.sun.xml.ws.api.message.Packet) WebServiceException(javax.xml.ws.WebServiceException) PrivilegedActionException(java.security.PrivilegedActionException) PrivilegedExceptionAction(java.security.PrivilegedExceptionAction) Subject(javax.security.auth.Subject) PrivilegedActionException(java.security.PrivilegedActionException) AuthException(javax.security.auth.message.AuthException) WebServiceException(javax.xml.ws.WebServiceException) PacketMapMessageInfo(com.sun.enterprise.security.jmac.provider.PacketMapMessageInfo) AuthStatus(javax.security.auth.message.AuthStatus) PacketMessageInfo(com.sun.enterprise.security.jmac.provider.PacketMessageInfo)

Example 59 with WebServiceException

use of javax.xml.ws.WebServiceException in project Payara by payara.

the class CommonServerSecurityTube method processResponse.

@Override
public NextAction processResponse(Packet response) {
    try {
        // could be oneway
        if ((response == null) || (response.getMessage() == null)) {
            return doReturnWith(response);
        }
        Packet resp = response;
        // secure response, including if it is a fault
        if (sAC != null && response.getMessage() != null) {
            info.setResponsePacket(response);
            resp = processResponse(info, sAC, serverSubject);
        }
        return doReturnWith(resp);
    } catch (Throwable t) {
        if (!(t instanceof WebServiceException)) {
            t = new WebServiceException(t);
        }
        return doThrow(t);
    }
}
Also used : Packet(com.sun.xml.ws.api.message.Packet) WebServiceException(javax.xml.ws.WebServiceException)

Example 60 with WebServiceException

use of javax.xml.ws.WebServiceException in project Payara by payara.

the class CommonServerSecurityTube method processRequest.

@Override
public NextAction processRequest(Packet request) {
    try {
        if (isHttpBinding) {
            return doInvoke(super.next, request);
        }
        AuthStatus status = AuthStatus.SUCCESS;
        info = new PacketMapMessageInfo(request, new Packet());
        // XXX at this time, we expect the server subject to be null
        serverSubject = (Subject) request.invocationProperties.get(PipeConstants.SERVER_SUBJECT);
        // could change the request packet
        sAC = helper.getServerAuthContext(info, serverSubject);
        Subject clientSubject = getClientSubject(request);
        final Packet validatedRequest;
        try {
            if (sAC != null) {
                // client subject must not be null
                // and when return status is SUCCESS, module
                // must have called handler.handle(CallerPrincipalCallback)
                status = sAC.validateRequest(info, clientSubject, serverSubject);
            }
        } catch (Exception e) {
            _logger.log(Level.SEVERE, LogUtils.ERROR_REQUEST_VALIDATION, e);
            WebServiceException wse = new WebServiceException(localStrings.getLocalString("enterprise.webservice.cantValidateRequest", "Cannot validate request for {0}", new Object[] { helper.getModelName() }), e);
            // set status for audit
            status = AuthStatus.SEND_FAILURE;
            // if unable to determine if two-way will return empty response
            Packet ret = helper.getFaultResponse(info.getRequestPacket(), info.getResponsePacket(), wse);
            return doReturnWith(ret);
        } finally {
            validatedRequest = info.getRequestPacket();
            helper.auditInvocation(validatedRequest, status);
        }
        Packet response = null;
        if (status == AuthStatus.SUCCESS) {
            boolean authorized = false;
            try {
                helper.authorize(validatedRequest);
                authorized = true;
            } catch (Exception e) {
                // not authorized, construct fault and proceded
                response = helper.getFaultResponse(validatedRequest, info.getResponsePacket(), e);
                return doReturnWith(response);
            }
            if (authorized) {
                // only do doAdPriv if SecurityManager is in effect
                if (System.getSecurityManager() == null) {
                    try {
                        // proceed to invoke the endpoint
                        return doInvoke(super.next, validatedRequest);
                    } catch (Exception e) {
                        _logger.log(Level.SEVERE, LogUtils.NEXT_PIPE, e);
                        response = helper.getFaultResponse(validatedRequest, info.getResponsePacket(), e);
                        return doReturnWith(response);
                    }
                } else {
                    try {
                        final Tube next = super.next;
                        NextAction action = (NextAction) Subject.doAsPrivileged(clientSubject, new PrivilegedExceptionAction() {

                            public Object run() throws Exception {
                                // proceed to invoke the endpoint
                                return doInvoke(next, validatedRequest);
                            }
                        }, null);
                        return action;
                    } catch (PrivilegedActionException pae) {
                        Throwable cause = pae.getCause();
                        _logger.log(Level.SEVERE, LogUtils.NEXT_PIPE, cause);
                        response = helper.getFaultResponse(validatedRequest, info.getResponsePacket(), cause);
                        return doReturnWith(response);
                    }
                }
            } else {
                // if not authorized
                // not authorized, construct fault and proceded
                response = helper.getFaultResponse(validatedRequest, info.getResponsePacket(), new Exception("Client Not Authorized"));
                return doReturnWith(response);
            }
        } else {
            // validateRequest did not return success
            if (_logger.isLoggable(Level.FINE)) {
                _logger.log(Level.FINE, "ws.status_validate_request", status);
            }
            // even for one-way mep, may return response with non-empty message
            response = info.getResponsePacket();
            return doReturnWith(response);
        }
    } catch (Throwable t) {
        if (!(t instanceof WebServiceException)) {
            t = new WebServiceException(t);
        }
        return doThrow(t);
    }
}
Also used : Packet(com.sun.xml.ws.api.message.Packet) PacketMapMessageInfo(com.sun.enterprise.security.jmac.provider.PacketMapMessageInfo) Tube(com.sun.xml.ws.api.pipe.Tube) WebServiceException(javax.xml.ws.WebServiceException) AuthStatus(javax.security.auth.message.AuthStatus) PrivilegedActionException(java.security.PrivilegedActionException) PrivilegedExceptionAction(java.security.PrivilegedExceptionAction) NextAction(com.sun.xml.ws.api.pipe.NextAction) Subject(javax.security.auth.Subject) PrivilegedActionException(java.security.PrivilegedActionException) AuthException(javax.security.auth.message.AuthException) WebServiceException(javax.xml.ws.WebServiceException)

Aggregations

WebServiceException (javax.xml.ws.WebServiceException)120 Test (org.junit.Test)50 URL (java.net.URL)37 BindingProvider (javax.xml.ws.BindingProvider)25 Service (javax.xml.ws.Service)22 QName (javax.xml.namespace.QName)14 IOException (java.io.IOException)10 Message (org.apache.cxf.common.i18n.Message)9 JAXBException (javax.xml.bind.JAXBException)8 SOAPFaultException (javax.xml.ws.soap.SOAPFaultException)8 Bus (org.apache.cxf.Bus)7 Packet (com.sun.xml.ws.api.message.Packet)6 AuthStatus (javax.security.auth.message.AuthStatus)6 SOAPException (javax.xml.soap.SOAPException)6 SOAPMessage (javax.xml.soap.SOAPMessage)6 ArrayList (java.util.ArrayList)5 WebService (javax.jws.WebService)5 Subject (javax.security.auth.Subject)5 HttpSession (javax.servlet.http.HttpSession)5 Handler (javax.xml.ws.handler.Handler)5