Example 46 with W3CDOMStreamWriter
use of org.apache.cxf.staxutils.W3CDOMStreamWriter in project cxf by apache.
the class AbstractSTSClient method cancel.
/**
* Make an "Cancel" invocation and return the response as a STSResponse Object
*/
protected STSResponse cancel(SecurityToken token) throws Exception {
createClient();
client.getRequestContext().clear();
client.getRequestContext().putAll(ctx);
client.getRequestContext().put(SecurityConstants.TOKEN, token);
BindingOperationInfo boi = findOperation("/RST/Cancel");
boolean attachTokenDirectly = true;
if (boi == null) {
attachTokenDirectly = false;
boi = findOperation("/RST/Issue");
Policy cancelPolicy = new Policy();
ExactlyOne one = new ExactlyOne();
cancelPolicy.addPolicyComponent(one);
All all = new All();
one.addPolicyComponent(all);
all.addAssertion(getAddressingAssertion());
final SecureConversationToken secureConversationToken = new SecureConversationToken(SPConstants.SPVersion.SP12, SPConstants.IncludeTokenType.INCLUDE_TOKEN_ALWAYS_TO_RECIPIENT, null, null, null, null);
secureConversationToken.setOptional(true);
class InternalProtectionToken extends ProtectionToken {
InternalProtectionToken(SPVersion version, Policy nestedPolicy) {
super(version, nestedPolicy);
super.setToken(secureConversationToken);
}
}
DefaultSymmetricBinding binding = new DefaultSymmetricBinding(SPConstants.SPVersion.SP12, new Policy());
all.addAssertion(binding);
all.addAssertion(getAddressingAssertion());
binding.setProtectionToken(new InternalProtectionToken(SPConstants.SPVersion.SP12, new Policy()));
binding.setIncludeTimestamp(true);
binding.setOnlySignEntireHeadersAndBody(true);
binding.setProtectTokens(false);
String addrNamespace = addressingNamespace;
if (addrNamespace == null) {
addrNamespace = "http://www.w3.org/2005/08/addressing";
}
List<Header> headers = new ArrayList<>();
headers.add(new Header("To", addrNamespace));
headers.add(new Header("From", addrNamespace));
headers.add(new Header("FaultTo", addrNamespace));
headers.add(new Header("ReplyTo", addrNamespace));
headers.add(new Header("Action", addrNamespace));
headers.add(new Header("MessageID", addrNamespace));
headers.add(new Header("RelatesTo", addrNamespace));
SignedParts parts = new SignedParts(SPConstants.SPVersion.SP12, true, null, headers, false);
parts.setOptional(true);
all.addPolicyComponent(parts);
client.getRequestContext().put(PolicyConstants.POLICY_OVERRIDE, cancelPolicy);
}
if (isSecureConv) {
client.getRequestContext().put(SoapBindingConstants.SOAP_ACTION, namespace + "/RST/SCT/Cancel");
} else {
client.getRequestContext().put(SoapBindingConstants.SOAP_ACTION, namespace + "/RST/Cancel");
}
W3CDOMStreamWriter writer = new W3CDOMStreamWriter();
writer.writeStartElement("wst", "RequestSecurityToken", namespace);
writer.writeNamespace("wst", namespace);
writer.writeStartElement("wst", "RequestType", namespace);
writer.writeCharacters(namespace + "/Cancel");
writer.writeEndElement();
writer.writeStartElement("wst", "CancelTarget", namespace);
Element el;
if (attachTokenDirectly) {
el = token.getToken();
} else {
el = token.getUnattachedReference();
if (el == null) {
el = token.getAttachedReference();
}
}
StaxUtils.copy(el, writer);
writer.writeEndElement();
writer.writeEndElement();
Object[] obj = client.invoke(boi, new DOMSource(writer.getDocument().getDocumentElement()));
return new STSResponse((DOMSource) obj[0], null);
}
Also used :
Policy(org.apache.neethi.Policy)
EffectivePolicy(org.apache.cxf.ws.policy.EffectivePolicy)
All(org.apache.neethi.All)
SPVersion(org.apache.wss4j.policy.SPConstants.SPVersion)
W3CDOMStreamWriter(org.apache.cxf.staxutils.W3CDOMStreamWriter)
BindingOperationInfo(org.apache.cxf.service.model.BindingOperationInfo)
DOMSource(javax.xml.transform.dom.DOMSource)
ExtensibilityElement(javax.wsdl.extensions.ExtensibilityElement)
Element(org.w3c.dom.Element)
ArrayList(java.util.ArrayList)
ModCountCopyOnWriteArrayList(org.apache.cxf.common.util.ModCountCopyOnWriteArrayList)
ExactlyOne(org.apache.neethi.ExactlyOne)
SecureConversationToken(org.apache.wss4j.policy.model.SecureConversationToken)
Header(org.apache.wss4j.policy.model.Header)
SignedParts(org.apache.wss4j.policy.model.SignedParts)
ProtectionToken(org.apache.wss4j.policy.model.ProtectionToken)
Example 47 with W3CDOMStreamWriter
use of org.apache.cxf.staxutils.W3CDOMStreamWriter in project cxf by apache.
the class AbstractSTSClient method renew.
/**
* Make an "Renew" invocation and return the response as a STSResponse Object
*/
public STSResponse renew(SecurityToken tok) throws Exception {
createClient();
BindingOperationInfo boi = findOperation("/RST/Renew");
client.getRequestContext().putAll(ctx);
client.getRequestContext().remove(SecurityConstants.TOKEN_ID);
if (isSecureConv) {
client.getRequestContext().put(SoapBindingConstants.SOAP_ACTION, namespace + "/RST/SCT/Renew");
} else {
client.getRequestContext().put(SoapBindingConstants.SOAP_ACTION, namespace + "/RST/Renew");
}
W3CDOMStreamWriter writer = new W3CDOMStreamWriter();
writer.writeStartElement("wst", "RequestSecurityToken", namespace);
writer.writeNamespace("wst", namespace);
if (context != null) {
writer.writeAttribute(null, "Context", context);
}
String sptt = null;
if (template != null && DOMUtils.getFirstElement(template) != null) {
if (this.useSecondaryParameters()) {
writer.writeStartElement("wst", "SecondaryParameters", namespace);
}
Element tl = DOMUtils.getFirstElement(template);
while (tl != null) {
StaxUtils.copy(tl, writer);
if ("TokenType".equals(tl.getLocalName())) {
sptt = DOMUtils.getContent(tl);
}
tl = DOMUtils.getNextElement(tl);
}
if (this.useSecondaryParameters()) {
writer.writeEndElement();
}
}
if (isSpnego) {
tokenType = STSUtils.getTokenTypeSCT(namespace);
}
if (sptt == null) {
addTokenType(writer);
}
addRequestType("/Renew", writer);
if (enableAppliesTo) {
addAppliesTo(writer, tok.getIssuerAddress());
}
if (isSecureConv || enableLifetime) {
addLifetime(writer);
}
writer.writeStartElement("wst", "RenewTarget", namespace);
StaxUtils.copy(tok.getToken(), writer);
writer.writeEndElement();
// Write out renewal semantics
writeRenewalSemantics(writer);
writer.writeEndElement();
Object[] obj = client.invoke(boi, new DOMSource(writer.getDocument().getDocumentElement()));
@SuppressWarnings("unchecked") Collection<Attachment> attachments = (Collection<Attachment>) client.getResponseContext().get(Message.ATTACHMENTS);
return new STSResponse((DOMSource) obj[0], null, null, null, attachments);
}
Also used :
W3CDOMStreamWriter(org.apache.cxf.staxutils.W3CDOMStreamWriter)
BindingOperationInfo(org.apache.cxf.service.model.BindingOperationInfo)
DOMSource(javax.xml.transform.dom.DOMSource)
ExtensibilityElement(javax.wsdl.extensions.ExtensibilityElement)
Element(org.w3c.dom.Element)
Collection(java.util.Collection)
ClaimCollection(org.apache.cxf.rt.security.claims.ClaimCollection)
Attachment(org.apache.cxf.message.Attachment)
Example 48 with W3CDOMStreamWriter
use of org.apache.cxf.staxutils.W3CDOMStreamWriter in project cxf by apache.
the class SoapOutInterceptor method writeSoapEnvelopeStart.
private void writeSoapEnvelopeStart(final SoapMessage message) {
final SoapVersion soapVersion = message.getVersion();
try {
XMLStreamWriter xtw = message.getContent(XMLStreamWriter.class);
String soapPrefix = xtw.getPrefix(soapVersion.getNamespace());
if (StringUtils.isEmpty(soapPrefix)) {
soapPrefix = "soap";
}
if (message.hasAdditionalEnvNs()) {
Map<String, String> nsMap = message.getEnvelopeNs();
for (Map.Entry<String, String> entry : nsMap.entrySet()) {
if (soapVersion.getNamespace().equals(entry.getValue())) {
soapPrefix = entry.getKey();
}
}
xtw.setPrefix(soapPrefix, soapVersion.getNamespace());
xtw.writeStartElement(soapPrefix, soapVersion.getEnvelope().getLocalPart(), soapVersion.getNamespace());
xtw.writeNamespace(soapPrefix, soapVersion.getNamespace());
for (Map.Entry<String, String> entry : nsMap.entrySet()) {
if (!soapVersion.getNamespace().equals(entry.getValue())) {
xtw.writeNamespace(entry.getKey(), entry.getValue());
}
}
} else {
xtw.setPrefix(soapPrefix, soapVersion.getNamespace());
xtw.writeStartElement(soapPrefix, soapVersion.getEnvelope().getLocalPart(), soapVersion.getNamespace());
String s2 = xtw.getPrefix(soapVersion.getNamespace());
if (StringUtils.isEmpty(s2) || soapPrefix.equals(s2)) {
xtw.writeNamespace(soapPrefix, soapVersion.getNamespace());
} else {
soapPrefix = s2;
}
}
boolean preexistingHeaders = message.hasHeaders();
if (preexistingHeaders) {
xtw.writeStartElement(soapPrefix, soapVersion.getHeader().getLocalPart(), soapVersion.getNamespace());
List<Header> hdrList = message.getHeaders();
for (Header header : hdrList) {
XMLStreamWriter writer = xtw;
if (xtw instanceof W3CDOMStreamWriter) {
Element nd = ((W3CDOMStreamWriter) xtw).getCurrentNode();
if (header.getObject() instanceof Element && nd.isSameNode(((Element) header.getObject()).getParentNode())) {
continue;
}
}
if (header instanceof SoapHeader) {
SoapHeader soapHeader = (SoapHeader) header;
writer = new SOAPHeaderWriter(xtw, soapHeader, soapVersion, soapPrefix);
}
DataBinding b = header.getDataBinding();
if (b == null) {
HeaderProcessor hp = bus.getExtension(HeaderManager.class).getHeaderProcessor(header.getName().getNamespaceURI());
if (hp != null) {
b = hp.getDataBinding();
}
}
if (b != null) {
MessagePartInfo part = new MessagePartInfo(header.getName(), null);
part.setConcreteName(header.getName());
b.createWriter(XMLStreamWriter.class).write(header.getObject(), part, writer);
} else {
Element node = (Element) header.getObject();
StaxUtils.copy(node, writer);
}
}
}
boolean endedHeader = handleHeaderPart(preexistingHeaders, message, soapPrefix);
if (preexistingHeaders && !endedHeader) {
xtw.writeEndElement();
}
xtw.writeStartElement(soapPrefix, soapVersion.getBody().getLocalPart(), soapVersion.getNamespace());
// Interceptors followed such as Wrapped/RPC/Doc Interceptor will write SOAP body
} catch (XMLStreamException e) {
throw new SoapFault(new org.apache.cxf.common.i18n.Message("XML_WRITE_EXC", BUNDLE), e, soapVersion.getSender());
}
}
Also used :
W3CDOMStreamWriter(org.apache.cxf.staxutils.W3CDOMStreamWriter)
SoapFault(org.apache.cxf.binding.soap.SoapFault)
Message(org.apache.cxf.message.Message)
SoapMessage(org.apache.cxf.binding.soap.SoapMessage)
HeaderProcessor(org.apache.cxf.headers.HeaderProcessor)
Element(org.w3c.dom.Element)
MessagePartInfo(org.apache.cxf.service.model.MessagePartInfo)
HeaderManager(org.apache.cxf.headers.HeaderManager)
SoapVersion(org.apache.cxf.binding.soap.SoapVersion)
SoapHeader(org.apache.cxf.binding.soap.SoapHeader)
Header(org.apache.cxf.headers.Header)
XMLStreamException(javax.xml.stream.XMLStreamException)
XMLStreamWriter(javax.xml.stream.XMLStreamWriter)
DelegatingXMLStreamWriter(org.apache.cxf.staxutils.DelegatingXMLStreamWriter)
DataBinding(org.apache.cxf.databinding.DataBinding)
SoapHeader(org.apache.cxf.binding.soap.SoapHeader)
Map(java.util.Map)
Example 49 with W3CDOMStreamWriter
use of org.apache.cxf.staxutils.W3CDOMStreamWriter in project cxf by apache.
the class SAAJOutInterceptor method handleMessage.
public void handleMessage(SoapMessage message) throws Fault {
SOAPMessage saaj = message.getContent(SOAPMessage.class);
try {
if (message.hasHeaders() && saaj != null && saaj.getSOAPPart().getEnvelope().getHeader() == null) {
// creating an empty SOAPHeader at this point in the
// pre-existing SOAPMessage avoids the <soap:body> and
// <soap:header> appearing in reverse order when the envolope
// is written to the wire
//
saaj.getSOAPPart().getEnvelope().addHeader();
}
} catch (SOAPException e) {
throw new SoapFault(new Message("SOAPEXCEPTION", BUNDLE, e.getMessage()), e, message.getVersion().getSender());
}
if (saaj == null) {
SoapVersion version = message.getVersion();
try {
MessageFactory factory = getFactory(message);
SOAPMessage soapMessage = factory.createMessage();
SOAPPart soapPart = soapMessage.getSOAPPart();
XMLStreamWriter origWriter = (XMLStreamWriter) message.get(ORIGINAL_XML_WRITER);
if (origWriter == null) {
origWriter = message.getContent(XMLStreamWriter.class);
}
message.put(ORIGINAL_XML_WRITER, origWriter);
W3CDOMStreamWriter writer = new SAAJStreamWriter(soapPart);
// Replace stax writer with DomStreamWriter
message.setContent(XMLStreamWriter.class, writer);
message.setContent(SOAPMessage.class, soapMessage);
message.setContent(Node.class, soapMessage.getSOAPPart());
} catch (SOAPException e) {
throw new SoapFault(new Message("SOAPEXCEPTION", BUNDLE, e.getMessage()), e, version.getSender());
}
} else if (!message.containsKey(ORIGINAL_XML_WRITER)) {
// as the SOAPMessage already has everything in place, we do not need XMLStreamWriter to write
// anything for us, so we just set XMLStreamWriter's output to a dummy output stream.
XMLStreamWriter origWriter = message.getContent(XMLStreamWriter.class);
message.put(ORIGINAL_XML_WRITER, origWriter);
XMLStreamWriter dummyWriter = StaxUtils.createXMLStreamWriter(new OutputStream() {
public void write(int b) throws IOException {
}
public void write(byte[] b, int off, int len) throws IOException {
}
});
message.setContent(XMLStreamWriter.class, dummyWriter);
}
// Add a final interceptor to write the message
message.getInterceptorChain().add(SAAJOutEndingInterceptor.INSTANCE);
}
Also used :
SoapVersion(org.apache.cxf.binding.soap.SoapVersion)
W3CDOMStreamWriter(org.apache.cxf.staxutils.W3CDOMStreamWriter)
SoapFault(org.apache.cxf.binding.soap.SoapFault)
Message(org.apache.cxf.common.i18n.Message)
SoapMessage(org.apache.cxf.binding.soap.SoapMessage)
SOAPMessage(javax.xml.soap.SOAPMessage)
MessageFactory(javax.xml.soap.MessageFactory)
XMLStreamWriter(javax.xml.stream.XMLStreamWriter)
SOAPException(javax.xml.soap.SOAPException)
OutputStream(java.io.OutputStream)
SOAPPart(javax.xml.soap.SOAPPart)
SOAPMessage(javax.xml.soap.SOAPMessage)
Example 50 with W3CDOMStreamWriter
use of org.apache.cxf.staxutils.W3CDOMStreamWriter in project cxf by apache.
the class LogicalHandlerFaultOutInterceptor method handleMessage.
public void handleMessage(Message message) throws Fault {
if (binding.getHandlerChain().isEmpty()) {
return;
}
HandlerChainInvoker invoker = getInvoker(message);
if (invoker.getLogicalHandlers().isEmpty()) {
return;
}
XMLStreamWriter origWriter = message.getContent(XMLStreamWriter.class);
Document doc = DOMUtils.newDocument();
message.setContent(Node.class, doc);
W3CDOMStreamWriter writer = new W3CDOMStreamWriter(doc);
// set up the namespace context
try {
writer.setNamespaceContext(origWriter.getNamespaceContext());
} catch (XMLStreamException ex) {
// don't set the namespaceContext
}
// Replace stax writer with DomStreamWriter
message.setContent(XMLStreamWriter.class, writer);
message.put(ORIGINAL_WRITER, origWriter);
message.getInterceptorChain().add(ending);
}
Also used :
W3CDOMStreamWriter(org.apache.cxf.staxutils.W3CDOMStreamWriter)
HandlerChainInvoker(org.apache.cxf.jaxws.handler.HandlerChainInvoker)
XMLStreamException(javax.xml.stream.XMLStreamException)
XMLStreamWriter(javax.xml.stream.XMLStreamWriter)
Document(org.w3c.dom.Document)
Aggregations
W3CDOMStreamWriter (org.apache.cxf.staxutils.W3CDOMStreamWriter)60
Element (org.w3c.dom.Element)29
DOMSource (javax.xml.transform.dom.DOMSource)24
XMLStreamException (javax.xml.stream.XMLStreamException)15
Document (org.w3c.dom.Document)14
WebClient (org.apache.cxf.jaxrs.client.WebClient)9
Node (org.w3c.dom.Node)9
XMLStreamWriter (javax.xml.stream.XMLStreamWriter)8
Fault (org.apache.cxf.interceptor.Fault)8
XMLStreamReader (javax.xml.stream.XMLStreamReader)7
BindingOperationInfo (org.apache.cxf.service.model.BindingOperationInfo)7
RequestSecurityTokenResponseType (org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType)7
SecurityToken (org.apache.cxf.ws.security.tokenstore.SecurityToken)7
JAXBElement (javax.xml.bind.JAXBElement)6
JAXBException (javax.xml.bind.JAXBException)5
SOAPMessage (javax.xml.soap.SOAPMessage)5
SoapFault (org.apache.cxf.binding.soap.SoapFault)5
SoapMessage (org.apache.cxf.binding.soap.SoapMessage)5
InputStream (java.io.InputStream)4
HashMap (java.util.HashMap)4
