Examples with Fault org.apache.cxf.interceptor.Fault used on opensource projects

Search in sources :

Example 6 with Fault

use of org.apache.cxf.interceptor.Fault in project midpoint by Evolveum.

the class CustomDataWriter method write.

@Override
public void write(Object obj, MessagePartInfo part, XMLStreamWriter output) {
    QName rootElement = part.getElementQName();
    Element serialized;
    try {
        serialized = prismContex.domSerializer().serializeAnyData(obj, rootElement);
        StaxUtils.copy(serialized, output);
    //			output.writeCharacters(serialized);
    } catch (SchemaException | XMLStreamException e) {
        // TODO Auto-generated catch block
        throw new Fault(e);
    }
}
Also used : SchemaException(com.evolveum.midpoint.util.exception.SchemaException) XMLStreamException(javax.xml.stream.XMLStreamException) QName(javax.xml.namespace.QName) Element(org.w3c.dom.Element) Fault(org.apache.cxf.interceptor.Fault)

Example 7 with Fault

use of org.apache.cxf.interceptor.Fault in project midpoint by Evolveum.

the class ReportWebService method evaluateAuditScript.

@Override
public AuditEventRecordListType evaluateAuditScript(String script, RemoteReportParametersType parameters) {
    try {
        Map<QName, Object> params = getParamsMap(parameters);
        Collection<AuditEventRecord> resultList = reportService.evaluateAuditScript(script, params);
        return createAuditEventRecordListType(resultList);
    } catch (SchemaException | ExpressionEvaluationException | ObjectNotFoundException e) {
        // TODO Auto-generated catch block
        throw new Fault(e);
    }
}
Also used : SchemaException(com.evolveum.midpoint.util.exception.SchemaException) ExpressionEvaluationException(com.evolveum.midpoint.util.exception.ExpressionEvaluationException) QName(javax.xml.namespace.QName) ObjectNotFoundException(com.evolveum.midpoint.util.exception.ObjectNotFoundException) PrismObject(com.evolveum.midpoint.prism.PrismObject) Fault(org.apache.cxf.interceptor.Fault) AuditEventRecord(com.evolveum.midpoint.audit.api.AuditEventRecord)

Example 8 with Fault

use of org.apache.cxf.interceptor.Fault in project ddf by codice.

the class AbstractOverrideInterceptor method handleMessage.

/**
     * Adds the policy retrieved from the configured policy loader to this message as the override
     * policy.
     *
     * @param message
     */
@Override
public void handleMessage(Message message) {
    if (policy == null) {
        PolicyBuilder builder = message.getExchange().getBus().getExtension(PolicyBuilder.class);
        try {
            policy = builder.getPolicy(loader.getPolicy().getDocumentElement());
            LOGGER.trace("Read in policy, adding to policy override of message.");
            message.put(PolicyConstants.POLICY_OVERRIDE, policy);
        } catch (Exception e) {
            throw new Fault(e);
        }
    } else {
        message.put(PolicyConstants.POLICY_OVERRIDE, policy);
    }
}
Also used : Fault(org.apache.cxf.interceptor.Fault) PolicyBuilder(org.apache.cxf.ws.policy.PolicyBuilder)

Example 9 with Fault

use of org.apache.cxf.interceptor.Fault in project ddf by codice.

the class GuestInterceptor method internalHandleMessage.

private void internalHandleMessage(SoapMessage message, SOAPMessage soapMessage) throws Fault {
    //Check if security header exists; if not, execute GuestInterceptor logic
    String actor = (String) getOption(WSHandlerConstants.ACTOR);
    if (actor == null) {
        actor = (String) message.getContextualProperty(SecurityConstants.ACTOR);
    }
    Element existingSecurityHeader = null;
    try {
        LOGGER.debug("Checking for security header.");
        existingSecurityHeader = WSSecurityUtil.getSecurityHeader(soapMessage.getSOAPPart(), actor);
    } catch (WSSecurityException e1) {
        LOGGER.debug("Issue with getting security header", e1);
    }
    if (existingSecurityHeader != null) {
        LOGGER.debug("SOAP message contains security header, no action taken by the GuestInterceptor.");
        return;
    }
    LOGGER.debug("Current request has no security header, continuing with GuestInterceptor");
    AssertionInfoMap assertionInfoMap = message.get(AssertionInfoMap.class);
    boolean hasAddressingAssertion = assertionInfoMap.entrySet().stream().flatMap(p -> p.getValue().stream()).filter(info -> MetadataConstants.ADDRESSING_ASSERTION_QNAME.equals(info.getAssertion().getName())).findFirst().isPresent();
    if (hasAddressingAssertion) {
        createAddressing(message, soapMessage);
    }
    LOGGER.debug("Creating guest security token.");
    HttpServletRequest request = (HttpServletRequest) message.get(AbstractHTTPDestination.HTTP_REQUEST);
    SecurityToken securityToken = createSecurityToken(request.getRemoteAddr());
    message.put(SecurityConstants.TOKEN, securityToken);
    if (!MessageUtils.isRequestor(message)) {
        try {
            message.put(Message.REQUESTOR_ROLE, true);
            policyBasedWss4jOutInterceptor.handleMessage(message);
        } finally {
            message.remove(Message.REQUESTOR_ROLE);
        }
    } else {
        policyBasedWss4jOutInterceptor.handleMessage(message);
    }
}
Also used : WSSecurityUtil(org.apache.wss4j.dom.util.WSSecurityUtil) StringUtils(org.apache.commons.lang.StringUtils) EndpointReferenceType(org.apache.cxf.ws.addressing.EndpointReferenceType) MetadataConstants(org.apache.cxf.ws.addressing.policy.MetadataConstants) SOAPException(javax.xml.soap.SOAPException) STSClientConfiguration(ddf.security.sts.client.configuration.STSClientConfiguration) LoggerFactory(org.slf4j.LoggerFactory) XMLUtils(org.codice.ddf.platform.util.XMLUtils) SoapBindingConstants(org.apache.cxf.binding.soap.SoapBindingConstants) AddressingProperties(org.apache.cxf.ws.addressing.AddressingProperties) AbstractHTTPDestination(org.apache.cxf.transport.http.AbstractHTTPDestination) SOAPElement(javax.xml.soap.SOAPElement) HttpServletRequest(javax.servlet.http.HttpServletRequest) WSS4JInInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor) AssertionInfoMap(org.apache.cxf.ws.policy.AssertionInfoMap) Fault(org.apache.cxf.interceptor.Fault) AttributedURIType(org.apache.cxf.ws.addressing.AttributedURIType) PolicyBasedWSS4JInInterceptor(org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException) EncryptionService(ddf.security.encryption.EncryptionService) PrincipalCollection(org.apache.shiro.subject.PrincipalCollection) Phase(org.apache.cxf.phase.Phase) SAAJInInterceptor(org.apache.cxf.binding.soap.saaj.SAAJInInterceptor) ContextPolicyManager(org.codice.ddf.security.policy.context.ContextPolicyManager) PolicyBasedWSS4JOutInterceptor(org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor) SecurityAssertion(ddf.security.assertion.SecurityAssertion) Logger(org.slf4j.Logger) Security(org.codice.ddf.security.common.Security) Message(org.apache.cxf.message.Message) WSHandlerConstants(org.apache.wss4j.dom.handler.WSHandlerConstants) Set(java.util.Set) Subject(ddf.security.Subject) UUID(java.util.UUID) SecurityConstants(org.apache.cxf.ws.security.SecurityConstants) TimeUnit(java.util.concurrent.TimeUnit) SoapMessage(org.apache.cxf.binding.soap.SoapMessage) SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken) Element(org.w3c.dom.Element) MessageUtils(org.apache.cxf.message.MessageUtils) AbstractWSS4JInterceptor(org.apache.cxf.ws.security.wss4j.AbstractWSS4JInterceptor) CacheBuilder(com.google.common.cache.CacheBuilder) SOAPMessage(javax.xml.soap.SOAPMessage) Cache(com.google.common.cache.Cache) SecurityManager(ddf.security.service.SecurityManager) SOAPFactory(javax.xml.soap.SOAPFactory) HttpServletRequest(javax.servlet.http.HttpServletRequest) SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken) SOAPElement(javax.xml.soap.SOAPElement) Element(org.w3c.dom.Element) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException) AssertionInfoMap(org.apache.cxf.ws.policy.AssertionInfoMap)

Example 10 with Fault

use of org.apache.cxf.interceptor.Fault in project ddf by codice.

the class PaosInInterceptor method handleMessage.

@Override
public void handleMessage(Message message) throws Fault {
    List authHeader = (List) ((Map) message.getExchange().getOutMessage().get(Message.PROTOCOL_HEADERS)).get("Authorization");
    String authorization = null;
    if (authHeader != null && authHeader.size() > 0) {
        authorization = (String) authHeader.get(0);
    }
    InputStream content = message.getContent(InputStream.class);
    String contentType = (String) message.get(Message.CONTENT_TYPE);
    if (contentType == null || !contentType.contains(APPLICATION_VND_PAOS_XML)) {
        return;
    }
    try {
        SOAPPart soapMessage = SamlProtocol.parseSoapMessage(IOUtils.toString(content, Charset.forName("UTF-8")));
        Iterator iterator = soapMessage.getEnvelope().getHeader().examineAllHeaderElements();
        IDPEntry idpEntry = null;
        String relayState = "";
        String responseConsumerURL = "";
        String messageId = "";
        while (iterator.hasNext()) {
            Element soapHeaderElement = (SOAPHeaderElement) iterator.next();
            if (RELAY_STATE.equals(soapHeaderElement.getLocalName())) {
                relayState = DOM2Writer.nodeToString(soapHeaderElement);
            } else if (REQUEST.equals(soapHeaderElement.getLocalName()) && soapHeaderElement.getNamespaceURI().equals(URN_OASIS_NAMES_TC_SAML_2_0_PROFILES_SSO_ECP)) {
                try {
                    soapHeaderElement = SamlProtocol.convertDomImplementation(soapHeaderElement);
                    Request ecpRequest = (Request) OpenSAMLUtil.fromDom(soapHeaderElement);
                    IDPList idpList = ecpRequest.getIDPList();
                    if (idpList == null) {
                        throw new Fault(new AccessDeniedException("Unable to complete SAML ECP connection. Unable to determine IdP server."));
                    }
                    List<IDPEntry> idpEntrys = idpList.getIDPEntrys();
                    if (idpEntrys == null || idpEntrys.size() == 0) {
                        throw new Fault(new AccessDeniedException("Unable to complete SAML ECP connection. Unable to determine IdP server."));
                    }
                    //choose the right entry, probably need to do something better than select the first one
                    //but the spec doesn't specify how this is supposed to be done
                    idpEntry = idpEntrys.get(0);
                } catch (WSSecurityException e) {
                    //TODO figure out IdP alternatively
                    LOGGER.info("Unable to determine IdP appropriately. ECP connection will fail. SP may be incorrectly configured. Contact the administrator for the remote system.");
                }
            } else if (REQUEST.equals(soapHeaderElement.getLocalName()) && soapHeaderElement.getNamespaceURI().equals(URN_LIBERTY_PAOS_2003_08)) {
                responseConsumerURL = soapHeaderElement.getAttribute(RESPONSE_CONSUMER_URL);
                messageId = soapHeaderElement.getAttribute(MESSAGE_ID);
            }
        }
        if (idpEntry == null) {
            throw new Fault(new AccessDeniedException("Unable to complete SAML ECP connection. Unable to determine IdP server."));
        }
        String token = createToken(authorization);
        checkAuthnRequest(soapMessage);
        Element authnRequestElement = SamlProtocol.getDomElement(soapMessage.getEnvelope().getBody().getFirstChild());
        String loc = idpEntry.getLoc();
        String soapRequest = buildSoapMessage(token, relayState, authnRequestElement, null);
        HttpResponseWrapper httpResponse = getHttpResponse(loc, soapRequest, null);
        InputStream httpResponseContent = httpResponse.content;
        SOAPPart idpSoapResponse = SamlProtocol.parseSoapMessage(IOUtils.toString(httpResponseContent, Charset.forName("UTF-8")));
        Iterator responseHeaderElements = idpSoapResponse.getEnvelope().getHeader().examineAllHeaderElements();
        String newRelayState = "";
        while (responseHeaderElements.hasNext()) {
            SOAPHeaderElement soapHeaderElement = (SOAPHeaderElement) responseHeaderElements.next();
            if (RESPONSE.equals(soapHeaderElement.getLocalName())) {
                String assertionConsumerServiceURL = soapHeaderElement.getAttribute(ASSERTION_CONSUMER_SERVICE_URL);
                if (!responseConsumerURL.equals(assertionConsumerServiceURL)) {
                    String soapFault = buildSoapFault(ECP_RESPONSE, "The responseConsumerURL does not match the assertionConsumerServiceURL.");
                    httpResponse = getHttpResponse(responseConsumerURL, soapFault, null);
                    message.setContent(InputStream.class, httpResponse.content);
                    return;
                }
            } else if (RELAY_STATE.equals(soapHeaderElement.getLocalName())) {
                newRelayState = DOM2Writer.nodeToString(soapHeaderElement);
                if (StringUtils.isNotEmpty(relayState) && !relayState.equals(newRelayState)) {
                    LOGGER.debug("RelayState does not match between ECP request and response");
                }
                if (StringUtils.isNotEmpty(relayState)) {
                    newRelayState = relayState;
                }
            }
        }
        checkSamlpResponse(idpSoapResponse);
        Element samlpResponseElement = SamlProtocol.getDomElement(idpSoapResponse.getEnvelope().getBody().getFirstChild());
        Response paosResponse = null;
        if (StringUtils.isNotEmpty(messageId)) {
            paosResponse = getPaosResponse(messageId);
        }
        String soapResponse = buildSoapMessage(null, newRelayState, samlpResponseElement, paosResponse);
        httpResponse = getHttpResponse(responseConsumerURL, soapResponse, message.getExchange().getOutMessage());
        if (httpResponse.statusCode < 400) {
            httpResponseContent = httpResponse.content;
            message.setContent(InputStream.class, httpResponseContent);
        } else {
            throw new Fault(new AccessDeniedException("Unable to complete SAML ECP connection due to an error."));
        }
    } catch (IOException e) {
        LOGGER.debug("Error encountered while performing ECP handshake.", e);
    } catch (XMLStreamException | SOAPException e) {
        throw new Fault(new AccessDeniedException("Unable to complete SAML ECP connection. The server's response was not in the correct format."));
    } catch (WSSecurityException e) {
        throw new Fault(new AccessDeniedException("Unable to complete SAML ECP connection. Unable to send SOAP request messages."));
    }
}
Also used : SOAPHeaderElement(javax.xml.soap.SOAPHeaderElement) AccessDeniedException(org.apache.cxf.interceptor.security.AccessDeniedException) ByteArrayInputStream(java.io.ByteArrayInputStream) InputStream(java.io.InputStream) SOAPHeaderElement(javax.xml.soap.SOAPHeaderElement) Element(org.w3c.dom.Element) AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest) HttpRequest(com.google.api.client.http.HttpRequest) Request(org.opensaml.saml.saml2.ecp.Request) IDPList(org.opensaml.saml.saml2.core.IDPList) Fault(org.apache.cxf.interceptor.Fault) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException) IOException(java.io.IOException) HttpResponse(com.google.api.client.http.HttpResponse) Response(ddf.security.liberty.paos.Response) XMLStreamException(javax.xml.stream.XMLStreamException) SOAPException(javax.xml.soap.SOAPException) SOAPPart(javax.xml.soap.SOAPPart) Iterator(java.util.Iterator) IDPList(org.opensaml.saml.saml2.core.IDPList) List(java.util.List) IDPEntry(org.opensaml.saml.saml2.core.IDPEntry)

Aggregations

Fault (org.apache.cxf.interceptor.Fault)19 QName (javax.xml.namespace.QName)6 XMLStreamException (javax.xml.stream.XMLStreamException)6 SchemaException (com.evolveum.midpoint.util.exception.SchemaException)5 ObjectNotFoundException (com.evolveum.midpoint.util.exception.ObjectNotFoundException)4 Message (org.apache.cxf.message.Message)4 WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)4 Element (org.w3c.dom.Element)4 PrismObject (com.evolveum.midpoint.prism.PrismObject)3 ExpressionEvaluationException (com.evolveum.midpoint.util.exception.ExpressionEvaluationException)3 OutputStream (java.io.OutputStream)3 SOAPException (javax.xml.soap.SOAPException)3 Document (org.w3c.dom.Document)3 IOException (java.io.IOException)2 InputStream (java.io.InputStream)2 SOAPMessage (javax.xml.soap.SOAPMessage)2 XMLStreamWriter (javax.xml.stream.XMLStreamWriter)2 AuditEventRecord (com.evolveum.midpoint.audit.api.AuditEventRecord)1 ObjectQuery (com.evolveum.midpoint.prism.query.ObjectQuery)1 ConnectionEnvironment (com.evolveum.midpoint.security.api.ConnectionEnvironment)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial