Examples with CachedContextAndSchemas - org.apache.cxf.common.jaxb.JAXBContextCache.CachedContextAndSchemas

Example 6 with CachedContextAndSchemas

use of org.apache.cxf.common.jaxb.JAXBContextCache.CachedContextAndSchemas in project cxf by apache.

the class JaxbAssertion method getContext.

private synchronized JAXBContext getContext() throws JAXBException {
    if (context == null || classes == null) {
        CachedContextAndSchemas ccs = JAXBContextCache.getCachedContextAndSchemas(data.getClass());
        classes = ccs.getClasses();
        context = ccs.getContext();
    }
    return context;
}

Also used : CachedContextAndSchemas(org.apache.cxf.common.jaxb.JAXBContextCache.CachedContextAndSchemas)

Example 7 with CachedContextAndSchemas

use of org.apache.cxf.common.jaxb.JAXBContextCache.CachedContextAndSchemas in project cxf by apache.

the class JaxbAssertionBuilder method getContext.

private synchronized JAXBContext getContext() throws JAXBException {
    if (context == null || classes == null) {
        CachedContextAndSchemas ccs = JAXBContextCache.getCachedContextAndSchemas(type);
        classes = ccs.getClasses();
        context = ccs.getContext();
    }
    return context;
}

Also used : CachedContextAndSchemas(org.apache.cxf.common.jaxb.JAXBContextCache.CachedContextAndSchemas)

Example 8 with CachedContextAndSchemas

use of org.apache.cxf.common.jaxb.JAXBContextCache.CachedContextAndSchemas in project cxf by apache.

the class UsernameTokenValidator method validateToken.

/**
 * Validate a Token using the given TokenValidatorParameters.
 */
public TokenValidatorResponse validateToken(TokenValidatorParameters tokenParameters) {
    LOG.fine("Validating UsernameToken");
    STSPropertiesMBean stsProperties = tokenParameters.getStsProperties();
    Crypto sigCrypto = stsProperties.getSignatureCrypto();
    CallbackHandler callbackHandler = stsProperties.getCallbackHandler();
    RequestData requestData = new RequestData();
    requestData.setSigVerCrypto(sigCrypto);
    WSSConfig wssConfig = WSSConfig.getNewInstance();
    requestData.setWssConfig(wssConfig);
    requestData.setCallbackHandler(callbackHandler);
    requestData.setMsgContext(tokenParameters.getMessageContext());
    TokenValidatorResponse response = new TokenValidatorResponse();
    ReceivedToken validateTarget = tokenParameters.getToken();
    validateTarget.setState(STATE.INVALID);
    response.setToken(validateTarget);
    if (!validateTarget.isUsernameToken()) {
        return response;
    }
    // 
    // Turn the JAXB UsernameTokenType into a DOM Element for validation
    // 
    UsernameTokenType usernameTokenType = (UsernameTokenType) validateTarget.getToken();
    // Marshall the received JAXB object into a DOM Element
    Element usernameTokenElement = null;
    try {
        Set<Class<?>> classes = new HashSet<>();
        classes.add(ObjectFactory.class);
        classes.add(org.apache.cxf.ws.security.sts.provider.model.wstrust14.ObjectFactory.class);
        CachedContextAndSchemas cache = JAXBContextCache.getCachedContextAndSchemas(classes, null, null, null, false);
        JAXBContext jaxbContext = cache.getContext();
        Marshaller marshaller = jaxbContext.createMarshaller();
        Document doc = DOMUtils.getEmptyDocument();
        Element rootElement = doc.createElement("root-element");
        JAXBElement<UsernameTokenType> tokenType = new JAXBElement<UsernameTokenType>(QNameConstants.USERNAME_TOKEN, UsernameTokenType.class, usernameTokenType);
        marshaller.marshal(tokenType, rootElement);
        usernameTokenElement = (Element) rootElement.getFirstChild();
    } catch (JAXBException ex) {
        LOG.log(Level.WARNING, "", ex);
        return response;
    }
    // 
    try {
        boolean allowNamespaceQualifiedPasswordTypes = requestData.isAllowNamespaceQualifiedPasswordTypes();
        UsernameToken ut = new UsernameToken(usernameTokenElement, allowNamespaceQualifiedPasswordTypes, new BSPEnforcer());
        // The parsed principal is set independent whether validation is successful or not
        response.setPrincipal(new CustomTokenPrincipal(ut.getName()));
        if (ut.getPassword() == null) {
            return response;
        }
        // See if the UsernameToken is stored in the cache
        int hash = ut.hashCode();
        SecurityToken secToken = null;
        if (tokenParameters.getTokenStore() != null) {
            secToken = tokenParameters.getTokenStore().getToken(Integer.toString(hash));
            if (secToken != null && (secToken.getTokenHash() != hash || secToken.isExpired())) {
                secToken = null;
            }
        }
        Principal principal = null;
        if (secToken == null) {
            Credential credential = new Credential();
            credential.setUsernametoken(ut);
            credential = validator.validate(credential, requestData);
            principal = credential.getPrincipal();
            if (credential.getSubject() != null && roleParser != null) {
                // Parse roles from the validated token
                Set<Principal> roles = roleParser.parseRolesFromSubject(principal, credential.getSubject());
                response.setRoles(roles);
            }
        }
        if (principal == null) {
            principal = createPrincipal(ut.getName(), ut.getPassword(), ut.getPasswordType(), ut.getNonce(), ut.getCreated());
        }
        // Get the realm of the UsernameToken
        String tokenRealm = null;
        if (usernameTokenRealmCodec != null) {
            tokenRealm = usernameTokenRealmCodec.getRealmFromToken(ut);
            // verify the realm against the cached token
            if (secToken != null) {
                Map<String, Object> props = secToken.getProperties();
                if (props != null) {
                    String cachedRealm = (String) props.get(STSConstants.TOKEN_REALM);
                    if (!tokenRealm.equals(cachedRealm)) {
                        return response;
                    }
                }
            }
        }
        // Store the successfully validated token in the cache
        if (tokenParameters.getTokenStore() != null && secToken == null) {
            secToken = new SecurityToken(ut.getID());
            secToken.setToken(ut.getElement());
            int hashCode = ut.hashCode();
            String identifier = Integer.toString(hashCode);
            secToken.setTokenHash(hashCode);
            tokenParameters.getTokenStore().add(identifier, secToken);
        }
        response.setPrincipal(principal);
        response.setTokenRealm(tokenRealm);
        validateTarget.setState(STATE.VALID);
        LOG.fine("Username Token successfully validated");
    } catch (WSSecurityException ex) {
        LOG.log(Level.WARNING, "", ex);
    }
    return response;
}

Also used : CallbackHandler(javax.security.auth.callback.CallbackHandler) JAXBElement(javax.xml.bind.JAXBElement) Element(org.w3c.dom.Element) UsernameToken(org.apache.wss4j.dom.message.token.UsernameToken) JAXBContext(javax.xml.bind.JAXBContext) Document(org.w3c.dom.Document) CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal) WSSConfig(org.apache.wss4j.dom.engine.WSSConfig) RequestData(org.apache.wss4j.dom.handler.RequestData) ReceivedToken(org.apache.cxf.sts.request.ReceivedToken) CachedContextAndSchemas(org.apache.cxf.common.jaxb.JAXBContextCache.CachedContextAndSchemas) HashSet(java.util.HashSet) Marshaller(javax.xml.bind.Marshaller) Credential(org.apache.wss4j.dom.validate.Credential) UsernameTokenType(org.apache.cxf.ws.security.sts.provider.model.secext.UsernameTokenType) JAXBException(javax.xml.bind.JAXBException) BSPEnforcer(org.apache.wss4j.common.bsp.BSPEnforcer) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException) JAXBElement(javax.xml.bind.JAXBElement) SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken) Crypto(org.apache.wss4j.common.crypto.Crypto) STSPropertiesMBean(org.apache.cxf.sts.STSPropertiesMBean) CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal) Principal(java.security.Principal)

Example 9 with CachedContextAndSchemas

use of org.apache.cxf.common.jaxb.JAXBContextCache.CachedContextAndSchemas in project cxf by apache.

the class AbstractBeanDefinitionParser method getContext.

private synchronized JAXBContext getContext(Class<?> cls) {
    if (context == null || classes == null || !classes.contains(cls)) {
        try {
            Set<Class<?>> tmp = new HashSet<Class<?>>();
            if (classes != null) {
                tmp.addAll(classes);
            }
            JAXBContextCache.addPackage(tmp, getJaxbPackage(), cls == null ? getClass().getClassLoader() : cls.getClassLoader());
            if (cls != null) {
                boolean hasOf = false;
                for (Class<?> c : tmp) {
                    if (c.getPackage() == cls.getPackage() && "ObjectFactory".equals(c.getSimpleName())) {
                        hasOf = true;
                    }
                }
                if (!hasOf) {
                    tmp.add(cls);
                }
            }
            JAXBContextCache.scanPackages(tmp);
            CachedContextAndSchemas ccs = JAXBContextCache.getCachedContextAndSchemas(tmp, null, null, null, false);
            classes = ccs.getClasses();
            context = ccs.getContext();
        } catch (JAXBException e) {
            throw new RuntimeException(e);
        }
    }
    return context;
}

Also used : JAXBException(javax.xml.bind.JAXBException) CachedContextAndSchemas(org.apache.cxf.common.jaxb.JAXBContextCache.CachedContextAndSchemas) HashSet(java.util.HashSet)

Example 10 with CachedContextAndSchemas

use of org.apache.cxf.common.jaxb.JAXBContextCache.CachedContextAndSchemas in project cxf by apache.

the class ContextUtils method getJAXBContext.

/**
 * Retrieve a JAXBContext for marshalling and unmarshalling JAXB generated
 * types.
 *
 * @return a JAXBContext
 */
public static JAXBContext getJAXBContext() throws JAXBException {
    synchronized (ContextUtils.class) {
        if (jaxbContext == null || jaxbContextClasses == null) {
            Set<Class<?>> tmp = new HashSet<Class<?>>();
            JAXBContextCache.addPackage(tmp, WSA_OBJECT_FACTORY.getClass().getPackage().getName(), WSA_OBJECT_FACTORY.getClass().getClassLoader());
            JAXBContextCache.scanPackages(tmp);
            CachedContextAndSchemas ccs = JAXBContextCache.getCachedContextAndSchemas(tmp, null, null, null, false);
            jaxbContextClasses = ccs.getClasses();
            jaxbContext = ccs.getContext();
        }
    }
    return jaxbContext;
}

Also used : CachedContextAndSchemas(org.apache.cxf.common.jaxb.JAXBContextCache.CachedContextAndSchemas) HashSet(java.util.HashSet)

Aggregations

CachedContextAndSchemas (org.apache.cxf.common.jaxb.JAXBContextCache.CachedContextAndSchemas)10 HashSet (java.util.HashSet)6 JAXBException (javax.xml.bind.JAXBException)6 JAXBContext (javax.xml.bind.JAXBContext)2 IOException (java.io.IOException)1 Principal (java.security.Principal)1 LinkedHashSet (java.util.LinkedHashSet)1 CallbackHandler (javax.security.auth.callback.CallbackHandler)1 JAXBElement (javax.xml.bind.JAXBElement)1 Marshaller (javax.xml.bind.Marshaller)1 DOMResult (javax.xml.transform.dom.DOMResult)1 DOMSource (javax.xml.transform.dom.DOMSource)1 SchemaCollection (org.apache.cxf.common.xmlschema.SchemaCollection)1 TLSClientParametersType (org.apache.cxf.configuration.security.TLSClientParametersType)1 ServiceConstructionException (org.apache.cxf.service.factory.ServiceConstructionException)1 ServiceInfo (org.apache.cxf.service.model.ServiceInfo)1 STSPropertiesMBean (org.apache.cxf.sts.STSPropertiesMBean)1 ReceivedToken (org.apache.cxf.sts.request.ReceivedToken)1 UsernameTokenType (org.apache.cxf.ws.security.sts.provider.model.secext.UsernameTokenType)1 SecurityToken (org.apache.cxf.ws.security.tokenstore.SecurityToken)1