Examples with AssertionInfoMap org.apache.cxf.ws.policy.AssertionInfoMap used on opensource projects

Search in sources :

Example 11 with AssertionInfoMap

use of org.apache.cxf.ws.policy.AssertionInfoMap in project cxf by apache.

the class SecureConversationInInterceptor method handleMessage.

public void handleMessage(SoapMessage message) throws Fault {
    final AssertionInfoMap aim = message.get(AssertionInfoMap.class);
    // extract Assertion information
    if (aim != null) {
        final Collection<AssertionInfo> ais = PolicyUtils.getAllAssertionsByLocalname(aim, SPConstants.SECURE_CONVERSATION_TOKEN);
        if (ais.isEmpty()) {
            return;
        }
        if (isRequestor(message)) {
            // client side should be checked on the way out
            for (AssertionInfo ai : ais) {
                ai.setAsserted(true);
            }
            assertPolicies(aim);
            Object s = message.getContextualProperty(SecurityConstants.STS_TOKEN_DO_CANCEL);
            if (s != null && (Boolean.TRUE.equals(s) || "true".equalsIgnoreCase(s.toString()))) {
                message.getInterceptorChain().add(SecureConversationCancelInterceptor.INSTANCE);
            }
            return;
        }
        String s = (String) message.get(SoapBindingConstants.SOAP_ACTION);
        if (s == null) {
            s = SoapActionInInterceptor.getSoapAction(message);
        }
        if (s != null) {
            handleMessageForAction(message, s, aim, ais);
        } else {
            // could not get an action, we have to delay until after the WS-A headers are read and
            // processed
            AbstractPhaseInterceptor<SoapMessage> post = new AbstractPhaseInterceptor<SoapMessage>(Phase.PRE_PROTOCOL) {

                public void handleMessage(SoapMessage message) throws Fault {
                    String s = (String) message.get(SoapBindingConstants.SOAP_ACTION);
                    if (s == null) {
                        s = SoapActionInInterceptor.getSoapAction(message);
                    }
                    handleMessageForAction(message, s, aim, ais);
                }
            };
            post.addAfter(MAPCodec.class.getName());
            post.addBefore(PolicyBasedWSS4JInInterceptor.class.getName());
            // need to drop to DOM version so we can setup the sec/conv stuff in advance
            message.put(SecurityConstants.ENABLE_STREAMING_SECURITY, Boolean.FALSE);
            message.getInterceptorChain().add(post);
        }
    }
}
Also used : AssertionInfo(org.apache.cxf.ws.policy.AssertionInfo) PolicyBasedWSS4JInInterceptor(org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor) AbstractPhaseInterceptor(org.apache.cxf.phase.AbstractPhaseInterceptor) MAPCodec(org.apache.cxf.ws.addressing.soap.MAPCodec) AssertionInfoMap(org.apache.cxf.ws.policy.AssertionInfoMap) SoapMessage(org.apache.cxf.binding.soap.SoapMessage)

Example 12 with AssertionInfoMap

use of org.apache.cxf.ws.policy.AssertionInfoMap in project cxf by apache.

the class SpnegoContextTokenInInterceptor method handleMessage.

public void handleMessage(SoapMessage message) throws Fault {
    AssertionInfoMap aim = message.get(AssertionInfoMap.class);
    // extract Assertion information
    if (aim != null) {
        Collection<AssertionInfo> ais = PolicyUtils.getAllAssertionsByLocalname(aim, SPConstants.SPNEGO_CONTEXT_TOKEN);
        if (ais.isEmpty()) {
            return;
        }
        if (isRequestor(message)) {
            // client side should be checked on the way out
            for (AssertionInfo ai : ais) {
                ai.setAsserted(true);
            }
            return;
        }
        String s = (String) message.get(SoapBindingConstants.SOAP_ACTION);
        if (s == null) {
            s = SoapActionInInterceptor.getSoapAction(message);
        }
        AddressingProperties inProps = (AddressingProperties) message.getContextualProperty(JAXWSAConstants.ADDRESSING_PROPERTIES_INBOUND);
        if (inProps != null && s == null) {
            // MS/WCF doesn't put a soap action out for this, must check the headers
            s = inProps.getAction().getValue();
        }
        if (s != null && s.contains("/RST/Issue") && (s.startsWith(STSUtils.WST_NS_05_02) || s.startsWith(STSUtils.WST_NS_05_12))) {
            Policy p = new Policy();
            ExactlyOne ea = new ExactlyOne();
            p.addPolicyComponent(ea);
            All all = new All();
            Assertion ass = NegotiationUtils.getAddressingPolicy(aim, false);
            all.addPolicyComponent(ass);
            ea.addPolicyComponent(all);
            // setup endpoint and forward to it.
            unmapSecurityProps(message);
            String ns = STSUtils.WST_NS_05_12;
            if (s.startsWith(STSUtils.WST_NS_05_02)) {
                ns = STSUtils.WST_NS_05_02;
            }
            NegotiationUtils.recalcEffectivePolicy(message, ns, p, new SpnegoSTSInvoker(), false);
        } else {
            message.getInterceptorChain().add(SpnegoContextTokenFinderInterceptor.INSTANCE);
        }
    }
}
Also used : Policy(org.apache.neethi.Policy) All(org.apache.neethi.All) AssertionInfo(org.apache.cxf.ws.policy.AssertionInfo) Assertion(org.apache.neethi.Assertion) AddressingProperties(org.apache.cxf.ws.addressing.AddressingProperties) ExactlyOne(org.apache.neethi.ExactlyOne) AssertionInfoMap(org.apache.cxf.ws.policy.AssertionInfoMap)

Example 13 with AssertionInfoMap

use of org.apache.cxf.ws.policy.AssertionInfoMap in project cxf by apache.

the class SecureConversationOutInterceptor method handleMessage.

public void handleMessage(SoapMessage message) throws Fault {
    AssertionInfoMap aim = message.get(AssertionInfoMap.class);
    // extract Assertion information
    if (aim != null) {
        Collection<AssertionInfo> ais = PolicyUtils.getAllAssertionsByLocalname(aim, SPConstants.SECURE_CONVERSATION_TOKEN);
        if (ais.isEmpty()) {
            return;
        }
        if (isRequestor(message)) {
            SecureConversationToken itok = (SecureConversationToken) ais.iterator().next().getAssertion();
            try {
                SecurityToken tok = (SecurityToken) message.getContextualProperty(SecurityConstants.TOKEN);
                if (tok == null) {
                    String tokId = (String) message.getContextualProperty(SecurityConstants.TOKEN_ID);
                    if (tokId != null) {
                        tok = TokenStoreUtils.getTokenStore(message).getToken(tokId);
                    }
                }
                if (tok == null) {
                    tok = issueToken(message, aim, itok);
                } else {
                    tok = renewToken(message, aim, tok, itok);
                }
                if (tok != null) {
                    for (AssertionInfo ai : ais) {
                        ai.setAsserted(true);
                    }
                    message.getExchange().getEndpoint().put(SecurityConstants.TOKEN, tok);
                    message.getExchange().getEndpoint().put(SecurityConstants.TOKEN_ID, tok.getId());
                    message.getExchange().put(SecurityConstants.TOKEN_ID, tok.getId());
                    message.getExchange().put(SecurityConstants.TOKEN, tok);
                    TokenStoreUtils.getTokenStore(message).add(tok);
                }
                PolicyUtils.assertPolicy(aim, SPConstants.BOOTSTRAP_POLICY);
            } catch (TokenStoreException ex) {
                throw new Fault(ex);
            }
        } else {
            // server side should be checked on the way in
            for (AssertionInfo ai : ais) {
                ai.setAsserted(true);
            }
            PolicyUtils.assertPolicy(aim, SPConstants.BOOTSTRAP_POLICY);
        }
    }
}
Also used : SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken) AssertionInfo(org.apache.cxf.ws.policy.AssertionInfo) TokenStoreException(org.apache.cxf.ws.security.tokenstore.TokenStoreException) Fault(org.apache.cxf.interceptor.Fault) SecureConversationToken(org.apache.wss4j.policy.model.SecureConversationToken) AssertionInfoMap(org.apache.cxf.ws.policy.AssertionInfoMap)

Example 14 with AssertionInfoMap

use of org.apache.cxf.ws.policy.AssertionInfoMap in project cxf by apache.

the class SpnegoContextTokenOutInterceptor method handleMessage.

public void handleMessage(SoapMessage message) throws Fault {
    AssertionInfoMap aim = message.get(AssertionInfoMap.class);
    // extract Assertion information
    if (aim != null) {
        Collection<AssertionInfo> ais = PolicyUtils.getAllAssertionsByLocalname(aim, SPConstants.SPNEGO_CONTEXT_TOKEN);
        if (ais.isEmpty()) {
            return;
        }
        if (isRequestor(message)) {
            String tokId = (String) message.getContextualProperty(SecurityConstants.TOKEN_ID);
            SecurityToken tok = null;
            try {
                if (tokId != null) {
                    tok = TokenStoreUtils.getTokenStore(message).getToken(tokId);
                    if (tok != null && tok.isExpired()) {
                        message.getExchange().getEndpoint().remove(SecurityConstants.TOKEN_ID);
                        message.getExchange().remove(SecurityConstants.TOKEN_ID);
                        TokenStoreUtils.getTokenStore(message).remove(tokId);
                        tok = null;
                    }
                }
                if (tok == null) {
                    tok = issueToken(message, aim);
                }
                for (AssertionInfo ai : ais) {
                    ai.setAsserted(true);
                }
                message.getExchange().getEndpoint().put(SecurityConstants.TOKEN_ID, tok.getId());
                message.getExchange().put(SecurityConstants.TOKEN_ID, tok.getId());
                TokenStoreUtils.getTokenStore(message).add(tok);
            } catch (TokenStoreException ex) {
                throw new Fault(ex);
            }
        } else {
            // server side should be checked on the way in
            for (AssertionInfo ai : ais) {
                ai.setAsserted(true);
            }
        }
    }
}
Also used : SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken) AssertionInfo(org.apache.cxf.ws.policy.AssertionInfo) TokenStoreException(org.apache.cxf.ws.security.tokenstore.TokenStoreException) Fault(org.apache.cxf.interceptor.Fault) AssertionInfoMap(org.apache.cxf.ws.policy.AssertionInfoMap)

Example 15 with AssertionInfoMap

use of org.apache.cxf.ws.policy.AssertionInfoMap in project cxf by apache.

the class PolicyUtilsTest method testAssertPolicyNoop.

void testAssertPolicyNoop(boolean isRequestor) {
    PolicyDataEngine pde = new PolicyDataEngineImpl(null);
    Message message = control.createMock(Message.class);
    EasyMock.expect(message.get(AssertionInfoMap.class)).andReturn(null);
    control.replay();
    pde.assertMessage(message, null, new ClientPolicyCalculator());
    control.verify();
    control.reset();
    Collection<PolicyAssertion> as = new ArrayList<>();
    AssertionInfoMap aim = new AssertionInfoMap(as);
    EasyMock.expect(message.get(AssertionInfoMap.class)).andReturn(aim);
    control.replay();
    if (isRequestor) {
        pde.assertMessage(message, null, new ClientPolicyCalculator());
    } else {
        pde.assertMessage(message, null, new ServerPolicyCalculator());
    }
    control.verify();
}
Also used : PolicyAssertion(org.apache.cxf.ws.policy.PolicyAssertion) Message(org.apache.cxf.message.Message) ArrayList(java.util.ArrayList) PolicyDataEngine(org.apache.cxf.policy.PolicyDataEngine) PolicyDataEngineImpl(org.apache.cxf.ws.policy.PolicyDataEngineImpl) ServerPolicyCalculator(org.apache.cxf.transport.http.policy.impl.ServerPolicyCalculator) ClientPolicyCalculator(org.apache.cxf.transport.http.policy.impl.ClientPolicyCalculator) AssertionInfoMap(org.apache.cxf.ws.policy.AssertionInfoMap)

Aggregations

AssertionInfoMap (org.apache.cxf.ws.policy.AssertionInfoMap)65 AssertionInfo (org.apache.cxf.ws.policy.AssertionInfo)44 QName (javax.xml.namespace.QName)15 SoapMessage (org.apache.cxf.binding.soap.SoapMessage)12 Message (org.apache.cxf.message.Message)10 ArrayList (java.util.ArrayList)9 PolicyException (org.apache.cxf.ws.policy.PolicyException)7 Fault (org.apache.cxf.interceptor.Fault)6 WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)6 Element (org.w3c.dom.Element)6 Exchange (org.apache.cxf.message.Exchange)5 TokenStoreException (org.apache.cxf.ws.security.tokenstore.TokenStoreException)5 Policy (org.apache.neethi.Policy)5 Message (org.apache.cxf.common.i18n.Message)4 SecurityToken (org.apache.cxf.ws.security.tokenstore.SecurityToken)4 SamlAssertionWrapper (org.apache.wss4j.common.saml.SamlAssertionWrapper)4 SOAPException (javax.xml.soap.SOAPException)3 Header (org.apache.cxf.headers.Header)3 PolicyAssertion (org.apache.cxf.ws.policy.PolicyAssertion)3 WSSecUsernameToken (org.apache.wss4j.dom.message.WSSecUsernameToken)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial