Example 6 with ParserException
use of org.codice.ddf.parser.ParserException in project ddf by codice.
the class XmlParser method marshal.
private void marshal(ParserConfigurator configurator, Consumer<Marshaller> marshallerConsumer) throws ParserException {
JAXBContext jaxbContext = getContext(configurator.getContextPath(), configurator.getClassLoader());
ClassLoader tccl = Thread.currentThread().getContextClassLoader();
try {
Thread.currentThread().setContextClassLoader(configurator.getClassLoader());
Marshaller marshaller = jaxbContext.createMarshaller();
if (configurator.getAdapter() != null) {
marshaller.setAdapter(configurator.getAdapter());
}
if (configurator.getHandler() != null) {
marshaller.setEventHandler(configurator.getHandler());
}
for (Map.Entry<String, Object> propRow : configurator.getProperties().entrySet()) {
marshaller.setProperty(propRow.getKey(), propRow.getValue());
}
marshallerConsumer.accept(marshaller);
} catch (RuntimeException e) {
LOGGER.debug("Error marshalling ", e);
throw new ParserException("Error marshalling ", e);
} catch (JAXBException e) {
LOGGER.debug("Error marshalling ", e);
throw new ParserException("Error marshalling", e);
} finally {
Thread.currentThread().setContextClassLoader(tccl);
}
}
Also used :
ParserException(org.codice.ddf.parser.ParserException)
Marshaller(javax.xml.bind.Marshaller)
JAXBException(javax.xml.bind.JAXBException)
JAXBContext(javax.xml.bind.JAXBContext)
Map(java.util.Map)
Example 7 with ParserException
use of org.codice.ddf.parser.ParserException in project ddf by codice.
the class UPBSTValidator method validateToken.
/**
* Validate a Token using the given TokenValidatorParameters.
*
* @param tokenParameters
* @return TokenValidatorResponse
*/
public TokenValidatorResponse validateToken(TokenValidatorParameters tokenParameters) {
LOGGER.trace("Validating UPBST Token");
if (parser == null) {
throw new IllegalStateException("XMLParser must be configured.");
}
if (failedLoginDelayer == null) {
throw new IllegalStateException("Failed Login Delayer must be configured");
}
STSPropertiesMBean stsProperties = tokenParameters.getStsProperties();
Crypto sigCrypto = stsProperties.getSignatureCrypto();
CallbackHandler callbackHandler = stsProperties.getCallbackHandler();
RequestData requestData = new RequestData();
requestData.setSigVerCrypto(sigCrypto);
requestData.setWssConfig(WSSConfig.getNewInstance());
requestData.setCallbackHandler(callbackHandler);
TokenValidatorResponse response = new TokenValidatorResponse();
ReceivedToken validateTarget = tokenParameters.getToken();
validateTarget.setState(STATE.INVALID);
response.setToken(validateTarget);
if (!validateTarget.isBinarySecurityToken()) {
return response;
}
BinarySecurityTokenType binarySecurityType = (BinarySecurityTokenType) validateTarget.getToken();
// Test the encoding type
String encodingType = binarySecurityType.getEncodingType();
if (!UPAuthenticationToken.BASE64_ENCODING.equals(encodingType)) {
LOGGER.trace("Bad encoding type attribute specified: {}", encodingType);
return response;
}
UPAuthenticationToken usernameToken = getUsernameTokenFromTarget(validateTarget);
if (usernameToken == null) {
return response;
}
UsernameTokenType usernameTokenType = getUsernameTokenType(usernameToken);
// Marshall the received JAXB object into a DOM Element
Element usernameTokenElement = null;
JAXBElement<UsernameTokenType> tokenType = new JAXBElement<>(QNameConstants.USERNAME_TOKEN, UsernameTokenType.class, usernameTokenType);
Document doc = DOMUtils.createDocument();
Element rootElement = doc.createElement("root-element");
List<String> ctxPath = new ArrayList<>(1);
ctxPath.add(UsernameTokenType.class.getPackage().getName());
ParserConfigurator configurator = parser.configureParser(ctxPath, UPBSTValidator.class.getClassLoader());
try {
parser.marshal(configurator, tokenType, rootElement);
} catch (ParserException ex) {
LOGGER.info("Unable to parse username token", ex);
return response;
}
usernameTokenElement = (Element) rootElement.getFirstChild();
//
// Validate the token
//
WSSConfig wssConfig = WSSConfig.getNewInstance();
try {
boolean allowNamespaceQualifiedPasswordTypes = requestData.isAllowNamespaceQualifiedPasswordTypes();
UsernameToken ut = new UsernameToken(usernameTokenElement, allowNamespaceQualifiedPasswordTypes, new BSPEnforcer());
// The parsed principal is set independent whether validation is successful or not
response.setPrincipal(new CustomTokenPrincipal(ut.getName()));
if (ut.getPassword() == null) {
return response;
}
String tokenId = String.format("%s:%s:%s", usernameToken.getUsername(), usernameToken.getPassword(), usernameToken.getRealm());
// See if the UsernameToken is stored in the cache
int hash = tokenId.hashCode();
SecurityToken secToken = null;
if (tokenParameters.getTokenStore() != null) {
secToken = tokenParameters.getTokenStore().getToken(Integer.toString(hash));
if (secToken != null && secToken.getTokenHash() != hash) {
secToken = null;
} else if (secToken != null) {
validateTarget.setState(STATE.VALID);
}
}
if (secToken == null) {
Credential credential = new Credential();
credential.setUsernametoken(ut);
if (usernameToken.getRealm() != null && !"*".equals(usernameToken.getRealm())) {
Validator validator = validators.get(usernameToken.getRealm());
if (validator != null) {
try {
validator.validate(credential, requestData);
validateTarget.setState(STATE.VALID);
LOGGER.debug("Validated user against realm {}", usernameToken.getRealm());
} catch (WSSecurityException ex) {
LOGGER.debug("Not able to validate user against realm {}", usernameToken.getRealm());
}
}
} else {
Set<Map.Entry<String, Validator>> entries = validators.entrySet();
for (Map.Entry<String, Validator> entry : entries) {
try {
entry.getValue().validate(credential, requestData);
validateTarget.setState(STATE.VALID);
LOGGER.debug("Validated user against realm {}", entry.getKey());
break;
} catch (WSSecurityException ex) {
LOGGER.debug("Not able to validate user against realm {}", entry.getKey());
}
}
}
}
Principal principal = createPrincipal(ut.getName(), ut.getPassword(), ut.getPasswordType(), ut.getNonce(), ut.getCreated());
// Store the successfully validated token in the cache
if (tokenParameters.getTokenStore() != null && secToken == null && STATE.VALID.equals(validateTarget.getState())) {
secToken = new SecurityToken(ut.getID());
secToken.setToken(ut.getElement());
int hashCode = tokenId.hashCode();
String identifier = Integer.toString(hashCode);
secToken.setTokenHash(hashCode);
tokenParameters.getTokenStore().add(identifier, secToken);
}
response.setPrincipal(principal);
response.setTokenRealm(null);
validateTarget.setPrincipal(principal);
} catch (WSSecurityException ex) {
LOGGER.debug("Unable to validate token.", ex);
}
if (response.getToken().getState() != STATE.VALID) {
failedLoginDelayer.delay(response.getToken().getPrincipal().getName());
}
return response;
}
Also used :
CallbackHandler(javax.security.auth.callback.CallbackHandler)
JAXBElement(javax.xml.bind.JAXBElement)
Element(org.w3c.dom.Element)
ArrayList(java.util.ArrayList)
UsernameToken(org.apache.wss4j.dom.message.token.UsernameToken)
AttributedString(org.apache.cxf.ws.security.sts.provider.model.secext.AttributedString)
PasswordString(org.apache.cxf.ws.security.sts.provider.model.secext.PasswordString)
Document(org.w3c.dom.Document)
CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal)
BinarySecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.secext.BinarySecurityTokenType)
WSSConfig(org.apache.wss4j.dom.engine.WSSConfig)
RequestData(org.apache.wss4j.dom.handler.RequestData)
UPAuthenticationToken(org.codice.ddf.security.handler.api.UPAuthenticationToken)
ReceivedToken(org.apache.cxf.sts.request.ReceivedToken)
ParserException(org.codice.ddf.parser.ParserException)
Credential(org.apache.wss4j.dom.validate.Credential)
UsernameTokenType(org.apache.cxf.ws.security.sts.provider.model.secext.UsernameTokenType)
BSPEnforcer(org.apache.wss4j.common.bsp.BSPEnforcer)
WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException)
JAXBElement(javax.xml.bind.JAXBElement)
SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken)
ParserConfigurator(org.codice.ddf.parser.ParserConfigurator)
Crypto(org.apache.wss4j.common.crypto.Crypto)
STSPropertiesMBean(org.apache.cxf.sts.STSPropertiesMBean)
TokenValidatorResponse(org.apache.cxf.sts.token.validator.TokenValidatorResponse)
Map(java.util.Map)
ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap)
Validator(org.apache.wss4j.dom.validate.Validator)
JAASUsernameTokenValidator(org.apache.wss4j.dom.validate.JAASUsernameTokenValidator)
TokenValidator(org.apache.cxf.sts.token.validator.TokenValidator)
CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal)
Principal(java.security.Principal)
Example 8 with ParserException
use of org.codice.ddf.parser.ParserException in project ddf by codice.
the class SourceConfigurationHandler method regenerateOneSource.
@Override
public void regenerateOneSource(String registryId) throws FederationAdminException {
try {
List<Metacard> metacards = federationAdminService.getRegistryMetacardsByRegistryIds(Collections.singletonList(registryId));
if (metacards.size() != 1) {
throw new FederationAdminException("Error looking up metacard to regenerate sources. registry-id=" + registryId);
}
deleteRegistryConfigurations(metacards.get(0));
updateRegistryConfigurations(metacards.get(0), true);
} catch (IOException | ParserException | InvalidSyntaxException e) {
throw new FederationAdminException("Error regenerating sources for registry entry " + registryId, e);
}
}
Also used :
FederationAdminException(org.codice.ddf.registry.federationadmin.service.internal.FederationAdminException)
ParserException(org.codice.ddf.parser.ParserException)
Metacard(ddf.catalog.data.Metacard)
InvalidSyntaxException(org.osgi.framework.InvalidSyntaxException)
IOException(java.io.IOException)
Example 9 with ParserException
use of org.codice.ddf.parser.ParserException in project ddf by codice.
the class XacmlClient method unmarshal.
/**
* Unmarshalls the XACML response.
*
* @param xacmlResponse The XACML response with all namespaces and namespace prefixes added.
* @return The XACML response.
* @throws PdpException
*/
@SuppressWarnings("unchecked")
private ResponseType unmarshal(DOMResult xacmlResponse) throws PdpException {
List<String> ctxPath = ImmutableList.of(ResponseType.class.getPackage().getName());
if (null == parser) {
throw new IllegalStateException("XMLParser must be configured.");
}
ParserConfigurator configurator = parser.configureParser(ctxPath, XacmlClient.class.getClassLoader());
try {
JAXBElement<ResponseType> xacmlResponseTypeElement = parser.unmarshal(configurator, JAXBElement.class, xacmlResponse.getNode());
return xacmlResponseTypeElement.getValue();
} catch (ParserException e) {
String message = "Unable to unmarshal XACML response.";
LOGGER.info(message);
throw new PdpException(message, e);
}
}
Also used :
ParserConfigurator(org.codice.ddf.parser.ParserConfigurator)
ParserException(org.codice.ddf.parser.ParserException)
ResponseType(oasis.names.tc.xacml._3_0.core.schema.wd_17.ResponseType)
Example 10 with ParserException
use of org.codice.ddf.parser.ParserException in project ddf by codice.
the class XacmlClient method marshal.
/**
* Marshalls the XACML request to a string.
*
* @param xacmlRequestType The XACML request to marshal.
* @return A string representation of the XACML request.
*/
private String marshal(RequestType xacmlRequestType) throws PdpException {
if (null == parser) {
throw new IllegalStateException("XMLParser must be configured.");
}
String xacmlRequest = null;
try {
List<String> ctxPath = new ArrayList<>(1);
ctxPath.add(ResponseType.class.getPackage().getName());
ParserConfigurator configurator = parser.configureParser(ctxPath, XacmlClient.class.getClassLoader());
configurator.addProperty(Marshaller.JAXB_FORMATTED_OUTPUT, true);
ByteArrayOutputStream os = new ByteArrayOutputStream();
ObjectFactory objectFactory = new ObjectFactory();
parser.marshal(configurator, objectFactory.createRequest(xacmlRequestType), os);
xacmlRequest = os.toString("UTF-8");
} catch (ParserException | UnsupportedEncodingException e) {
String message = "Unable to marshal XACML request.";
LOGGER.info(message, e);
throw new PdpException(message, e);
}
LOGGER.debug("\nXACML 3.0 Request:\n{}", xacmlRequest);
return xacmlRequest;
}
Also used :
ParserConfigurator(org.codice.ddf.parser.ParserConfigurator)
ParserException(org.codice.ddf.parser.ParserException)
ObjectFactory(oasis.names.tc.xacml._3_0.core.schema.wd_17.ObjectFactory)
ArrayList(java.util.ArrayList)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
Aggregations
ParserException (org.codice.ddf.parser.ParserException)17
ArrayList (java.util.ArrayList)7
ParserConfigurator (org.codice.ddf.parser.ParserConfigurator)7
IOException (java.io.IOException)5
Map (java.util.Map)5
ByteArrayOutputStream (java.io.ByteArrayOutputStream)4
JAXBElement (javax.xml.bind.JAXBElement)4
RegistryPackageType (oasis.names.tc.ebxml_regrep.xsd.rim._3.RegistryPackageType)4
InputStream (java.io.InputStream)3
UsernameTokenType (org.apache.cxf.ws.security.sts.provider.model.secext.UsernameTokenType)3
Metacard (ddf.catalog.data.Metacard)2
UnsupportedEncodingException (java.io.UnsupportedEncodingException)2
Principal (java.security.Principal)2
ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)2
CallbackHandler (javax.security.auth.callback.CallbackHandler)2
JAXBContext (javax.xml.bind.JAXBContext)2
ExternalIdentifierType (oasis.names.tc.ebxml_regrep.xsd.rim._3.ExternalIdentifierType)2
STSPropertiesMBean (org.apache.cxf.sts.STSPropertiesMBean)2
ReceivedToken (org.apache.cxf.sts.request.ReceivedToken)2
TokenValidator (org.apache.cxf.sts.token.validator.TokenValidator)2
