Search in sources :

Example 1 with PolicyEnforcer

use of org.apache.wss4j.policy.stax.enforcer.PolicyEnforcer in project cxf by apache.

the class PolicyBasedWSS4JStaxInInterceptor method createPolicyEnforcer.

private PolicyEnforcer createPolicyEnforcer(EndpointInfo endpointInfo, SoapMessage msg) throws WSSPolicyException {
    EffectivePolicy dispatchPolicy = null;
    List<OperationPolicy> operationPolicies = new ArrayList<>();
    Collection<BindingOperationInfo> bindingOperationInfos = endpointInfo.getBinding().getOperations();
    for (Iterator<BindingOperationInfo> bindingOperationInfoIterator = bindingOperationInfos.iterator(); bindingOperationInfoIterator.hasNext(); ) {
        BindingOperationInfo bindingOperationInfo = bindingOperationInfoIterator.next();
        QName operationName = bindingOperationInfo.getName();
        // todo: I'm not sure what the effectivePolicy exactly contains,
        // a) only the operation policy,
        // or b) all policies for the service,
        // or c) all policies which applies for the current operation.
        // c) is that what we need for stax.
        EffectivePolicy policy = (EffectivePolicy) bindingOperationInfo.getProperty("policy-engine-info-serve-request");
        // PolicyEngineImpl.POLICY_INFO_REQUEST_SERVER);
        if (MessageUtils.isRequestor(msg)) {
            policy = (EffectivePolicy) bindingOperationInfo.getProperty("policy-engine-info-client-response");
            // Save the Dispatch Policy as it may be used on another BindingOperationInfo
            if (policy != null && "http://cxf.apache.org/jaxws/dispatch".equals(operationName.getNamespaceURI())) {
                dispatchPolicy = policy;
            }
            if (bindingOperationInfo.getOutput() != null) {
                MessageInfo messageInfo = bindingOperationInfo.getOutput().getMessageInfo();
                operationName = messageInfo.getName();
                if (messageInfo.getMessagePartsNumber() > 0) {
                    QName cn = messageInfo.getFirstMessagePart().getConcreteName();
                    if (cn != null) {
                        operationName = cn;
                    }
                }
            }
        } else {
            if (bindingOperationInfo.getInput() != null) {
                MessageInfo messageInfo = bindingOperationInfo.getInput().getMessageInfo();
                operationName = messageInfo.getName();
                if (messageInfo.getMessagePartsNumber() > 0) {
                    QName cn = messageInfo.getFirstMessagePart().getConcreteName();
                    if (cn != null) {
                        operationName = cn;
                    }
                }
            }
        }
        SoapOperationInfo soapOperationInfo = bindingOperationInfo.getExtensor(SoapOperationInfo.class);
        if (soapOperationInfo != null && policy == null && dispatchPolicy != null) {
            policy = dispatchPolicy;
        }
        if (policy != null && soapOperationInfo != null) {
            String soapNS;
            BindingInfo bindingInfo = bindingOperationInfo.getBinding();
            if (bindingInfo instanceof SoapBindingInfo) {
                soapNS = ((SoapBindingInfo) bindingInfo).getSoapVersion().getNamespace();
            } else {
                // most probably throw an exception:
                throw new IllegalArgumentException("BindingInfo is not an instance of SoapBindingInfo");
            }
            OperationPolicy operationPolicy = new OperationPolicy(operationName);
            operationPolicy.setPolicy(policy.getPolicy());
            operationPolicy.setOperationAction(soapOperationInfo.getAction());
            operationPolicy.setSoapMessageVersionNamespace(soapNS);
            operationPolicies.add(operationPolicy);
        }
    }
    String soapAction = SoapActionInInterceptor.getSoapAction(msg);
    if (soapAction == null) {
        soapAction = "";
    }
    String actor = (String) msg.getContextualProperty(SecurityConstants.ACTOR);
    final Collection<org.apache.cxf.message.Attachment> attachments = msg.getAttachments();
    int attachmentCount = 0;
    if (attachments != null && !attachments.isEmpty()) {
        attachmentCount = attachments.size();
    }
    return new PolicyEnforcer(operationPolicies, soapAction, isRequestor(msg), actor, attachmentCount, new WSS4JPolicyAsserter(msg.get(AssertionInfoMap.class)));
}
Also used : BindingOperationInfo(org.apache.cxf.service.model.BindingOperationInfo) QName(javax.xml.namespace.QName) ArrayList(java.util.ArrayList) Endpoint(org.apache.cxf.endpoint.Endpoint) MessageInfo(org.apache.cxf.service.model.MessageInfo) EffectivePolicy(org.apache.cxf.ws.policy.EffectivePolicy) OperationPolicy(org.apache.wss4j.policy.stax.OperationPolicy) BindingInfo(org.apache.cxf.service.model.BindingInfo) SoapBindingInfo(org.apache.cxf.binding.soap.model.SoapBindingInfo) SoapBindingInfo(org.apache.cxf.binding.soap.model.SoapBindingInfo) SoapOperationInfo(org.apache.cxf.binding.soap.model.SoapOperationInfo) PolicyEnforcer(org.apache.wss4j.policy.stax.enforcer.PolicyEnforcer)

Example 2 with PolicyEnforcer

use of org.apache.wss4j.policy.stax.enforcer.PolicyEnforcer in project cxf by apache.

the class PolicyBasedWSS4JStaxInInterceptor method configureSecurityEventListeners.

@Override
protected List<SecurityEventListener> configureSecurityEventListeners(SoapMessage msg, WSSSecurityProperties securityProperties) throws WSSPolicyException {
    final List<SecurityEventListener> securityEventListeners = new ArrayList<>(2);
    securityEventListeners.addAll(super.configureSecurityEventListeners(msg, securityProperties));
    Endpoint endoint = msg.getExchange().getEndpoint();
    PolicyEnforcer policyEnforcer = createPolicyEnforcer(endoint.getEndpointInfo(), msg);
    securityProperties.addInputProcessor(new PolicyInputProcessor(policyEnforcer, securityProperties));
    securityEventListeners.add(policyEnforcer);
    return securityEventListeners;
}
Also used : PolicyInputProcessor(org.apache.wss4j.policy.stax.enforcer.PolicyInputProcessor) Endpoint(org.apache.cxf.endpoint.Endpoint) ArrayList(java.util.ArrayList) PolicyEnforcer(org.apache.wss4j.policy.stax.enforcer.PolicyEnforcer) SecurityEventListener(org.apache.xml.security.stax.securityEvent.SecurityEventListener)

Aggregations

ArrayList (java.util.ArrayList)2 Endpoint (org.apache.cxf.endpoint.Endpoint)2 PolicyEnforcer (org.apache.wss4j.policy.stax.enforcer.PolicyEnforcer)2 QName (javax.xml.namespace.QName)1 SoapBindingInfo (org.apache.cxf.binding.soap.model.SoapBindingInfo)1 SoapOperationInfo (org.apache.cxf.binding.soap.model.SoapOperationInfo)1 BindingInfo (org.apache.cxf.service.model.BindingInfo)1 BindingOperationInfo (org.apache.cxf.service.model.BindingOperationInfo)1 MessageInfo (org.apache.cxf.service.model.MessageInfo)1 EffectivePolicy (org.apache.cxf.ws.policy.EffectivePolicy)1 OperationPolicy (org.apache.wss4j.policy.stax.OperationPolicy)1 PolicyInputProcessor (org.apache.wss4j.policy.stax.enforcer.PolicyInputProcessor)1 SecurityEventListener (org.apache.xml.security.stax.securityEvent.SecurityEventListener)1